Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

RUN DLL erreurS de chargement RESOLU

as2pic

Par as2pic
dans Analyses et éradication malwares

 Partager

Messages recommandés

as2pic Member

as2pic

Posté(e)
  • Auteur
Posté(e)

Logfile of random's system information tool 1.04 (written by random/random)

Run by JEREMY at 2008-11-29 21:39:05

Microsoft® Windows Vista Édition Familiale Basique

System drive C: has 30 GB (28%) free of 109 GB

Total RAM: 1791 MB (60% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:39:13, on 29/11/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16757)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Windows\System32\mobsync.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Free Easy Burner\FreeEasyBurner.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\JEREMY\Desktop\RSIT.exe

C:\Program Files\Trend Micro\HijackThis\JEREMY.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll

O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\SideBar.exe /autoRun

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O13 - Gopher Prefix:

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

 

--

End of file - 5423 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\1-Click Maintenance.job

C:\Windows\tasks\User_Feed_Synchronization-{C8800DAE-3910-4585-999D-D9393810D7D9}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]

BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

EoBho Class

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\SideBar.exe [2008-05-17 1232896]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=

"NoDrives"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{154c04c0-a12e-11dd-9daa-0013f798b7d9}]

shell\AutoRun\command - J:\setup.exe /init

 

 

======File associations======

 

.scr - open - "C:\Windows\system32\notepad.exe" "%1"

.scr - install -

.scr - config -

 

======List of files/folders created in the last 3 months======

 

2008-11-29 21:39:05 ----D---- C:\rsit

2008-11-29 18:12:44 ----D---- C:\Program Files\CodeStuff

2008-11-29 18:07:08 ----SHD---- C:\Config.Msi

2008-11-29 14:11:40 ----D---- C:\_OTMoveIt

2008-11-27 21:23:49 ----A---- C:\ARKDE5E.tmp

2008-11-26 10:28:44 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2008-11-26 10:28:44 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2008-11-26 10:28:44 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2008-11-26 10:28:43 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2008-11-26 10:28:43 ----A---- C:\Windows\system32\WindowsCodecs.dll

2008-11-26 10:28:43 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2008-11-26 10:28:41 ----A---- C:\Windows\system32\connect.dll

2008-11-25 19:57:25 ----A---- C:\Windows\system32\isdvayi.txt

2008-11-25 18:54:12 ----D---- C:\ProgramData\FLEXnet

2008-11-25 18:44:00 ----D---- C:\Program Files\Bonjour

2008-11-25 18:35:15 ----D---- C:\Program Files\Common Files\Macrovision Shared

2008-11-25 12:45:14 ----D---- C:\Program Files\PowerISO

2008-11-24 21:34:27 ----D---- C:\Program Files\Marvell

2008-11-24 21:28:11 ----D---- C:\NVIDIA

2008-11-24 20:56:57 ----D---- C:\ProgramData\ma-config.com

2008-11-24 20:56:57 ----D---- C:\Program Files\ma-config.com

2008-11-24 20:22:46 ----D---- C:\Program Files\Lavalys

2008-11-24 18:58:54 ----D---- C:\Program Files\Microsoft Works

2008-11-24 18:57:59 ----D---- C:\Program Files\Microsoft Visual Studio

2008-11-24 18:56:29 ----D---- C:\Windows\PCHEALTH

2008-11-24 18:53:36 ----D---- C:\Program Files\Microsoft Visual Studio 8

2008-11-24 18:53:08 ----D---- C:\Windows\SHELLNEW

2008-11-24 18:51:54 ----RHD---- C:\MSOCache

2008-11-24 18:45:37 ----D---- C:\ProgramData\Avira

2008-11-24 18:45:37 ----D---- C:\Program Files\Avira

2008-11-24 17:28:04 ----D---- C:\Program Files\MSECache

2008-11-24 17:04:34 ----D---- C:\Windows\ERDNT

2008-11-24 16:08:13 ----D---- C:\Program Files\Trend Micro

2008-11-24 15:30:46 ----D---- C:\ProgramData\Microsoft Help

2008-11-23 18:19:55 ----A---- C:\Windows\system32\msshsq.dll

2008-11-14 12:43:19 ----A---- C:\Windows\system32\msxml3r.dll

2008-11-14 12:43:19 ----A---- C:\Windows\system32\msxml3.dll

2008-11-14 12:43:16 ----A---- C:\Windows\system32\msxml6.dll

2008-11-14 12:43:15 ----A---- C:\Windows\system32\msxml6r.dll

2008-11-10 10:02:27 ----D---- C:\Program Files\Ballance

2008-11-10 10:00:45 ----D---- C:\Program Files\DAEMON Tools Lite

2008-11-09 20:49:06 ----D---- C:\Program Files\Common Files\SWF Studio

2008-11-09 18:41:18 ----D---- C:\ProgramData\2DBoy

2008-11-09 11:33:14 ----A---- C:\Windows\system32\TABCTFR.DLL

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudPlayer.dll

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudioVisu.dll

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudioRecord.dll

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudDisplay.dll

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudDesign.dll

2008-11-09 11:33:13 ----A---- C:\Windows\system32\Mscc2fr.dll

2008-11-08 17:05:13 ----D---- C:\Program Files\DVD Shrink

2008-11-08 16:58:49 ----D---- C:\Program Files\EasyDVDShrink

2008-11-08 16:56:00 ----D---- C:\ProgramData\DVD Shrink

2008-11-07 21:49:22 ----A---- C:\Windows\system32\GIF89.DLL

2008-11-07 21:49:19 ----D---- C:\Program Files\Free Easy Burner

2008-11-07 11:00:45 ----D---- C:\Program Files\Dealio

2008-11-03 20:50:44 ----D---- C:\Program Files\icones2

2008-11-03 20:44:23 ----D---- C:\Program Files\icones

2008-11-03 09:43:33 ----D---- C:\ProgramData\NVIDIA

2008-11-02 23:41:05 ----A---- C:\Windows\system32\nvexpbar.dll

2008-11-02 23:41:05 ----A---- C:\Windows\system32\nvcpluir.dll

2008-11-02 23:41:05 ----A---- C:\Windows\system32\nvcplui.exe

2008-11-02 23:41:04 ----A---- C:\Windows\system32\nvuninst.exe

2008-10-31 15:31:05 ----D---- C:\Windows\Minidump

2008-10-31 14:17:20 ----D---- C:\Program Files\WinASPI

2008-10-31 14:17:13 ----D---- C:\Program Files\Morgan

2008-10-31 14:17:05 ----A---- C:\Windows\system32\pthreadGC2.dll

2008-10-31 14:15:56 ----D---- C:\Users\JEREMY\AppData\Roaming\NeoDivX2008

2008-10-29 12:16:24 ----A---- C:\Windows\system32\win32spl.dll

2008-10-29 12:16:24 ----A---- C:\Windows\system32\printcom.dll

2008-10-27 11:15:26 ----D---- C:\Program Files\Alwil Software

2008-10-24 12:13:56 ----D---- C:\Windows\ArchiCAD 12

2008-10-24 12:05:13 ----D---- C:\Program Files\Graphisoft

2008-10-24 12:01:19 ----A---- C:\Windows\system32\netapi32.dll

2008-10-23 19:34:32 ----D---- C:\Downloads

2008-10-23 19:27:18 ----D---- C:\Program Files\BitComet

2008-10-23 19:10:15 ----D---- C:\Users\JEREMY\AppData\Roaming\DAEMON Tools

2008-10-23 18:43:35 ----D---- C:\ProgramData\Adobe

2008-10-23 18:42:38 ----D---- C:\Program Files\Common Files\Adobe

2008-10-23 17:21:00 ----D---- C:\Users\JEREMY\AppData\Roaming\Graphisoft

2008-10-23 17:12:12 ----D---- C:\Program Files\WIBUKEY

2008-10-23 17:10:59 ----D---- C:\Program Files\QuickTime

2008-10-23 17:10:58 ----D---- C:\ProgramData\Apple Computer

2008-10-23 17:09:44 ----D---- C:\ProgramData\Apple

2008-10-23 17:09:44 ----D---- C:\Program Files\Apple Software Update

2008-10-19 15:55:42 ----D---- C:\Users\JEREMY\AppData\Roaming\Microsoft Web Folders

2008-10-19 09:35:00 ----D---- C:\Program Files\CDBurnerXP

2008-10-19 09:29:42 ----D---- C:\Users\JEREMY\AppData\Roaming\Canneverbe_Limited

2008-10-19 09:14:50 ----D---- C:\Users\JEREMY\AppData\Roaming\Malwarebytes

2008-10-19 09:14:44 ----D---- C:\ProgramData\Malwarebytes

2008-10-19 09:14:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-10-19 08:52:44 ----D---- C:\ProgramData\Spybot - Search & Destroy

2008-10-19 08:52:44 ----D---- C:\Program Files\Spybot - Search & Destroy

2008-10-16 00:32:02 ----A---- C:\Windows\system32\mshtml.dll

2008-10-16 00:32:01 ----A---- C:\Windows\system32\ieframe.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\wininet.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\urlmon.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\mshtmled.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\iertutil.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\dxtmsft.dll

2008-10-16 00:31:59 ----A---- C:\Windows\system32\dxtrans.dll

2008-10-16 00:31:58 ----A---- C:\Windows\system32\mstime.dll

2008-10-16 00:31:58 ----A---- C:\Windows\system32\ieui.dll

2008-10-16 00:31:58 ----A---- C:\Windows\system32\ieapfltr.dll

2008-10-16 00:31:58 ----A---- C:\Windows\system32\ie4uinit.exe

2008-10-16 00:31:58 ----A---- C:\Windows\system32\advpack.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\pngfilt.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\jsproxy.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\ieUnatt.exe

2008-10-16 00:31:57 ----A---- C:\Windows\system32\iesetup.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\iernonce.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\icardie.dll

2008-10-16 00:31:30 ----A---- C:\Windows\system32\ntkrnlpa.exe

2008-10-16 00:31:29 ----A---- C:\Windows\system32\ntoskrnl.exe

2008-10-16 00:26:27 ----A---- C:\Windows\system32\newdev.exe

2008-10-16 00:26:27 ----A---- C:\Windows\system32\newdev.dll

2008-10-15 19:09:55 ----D---- C:\Program Files\PhotoFiltre

2008-10-15 13:35:54 ----D---- C:\Program Files\LimeWire

2008-10-07 13:33:00 ----A---- C:\Windows\system32\nvsvsr.dll

2008-10-07 13:33:00 ----A---- C:\Windows\system32\nvsvs.dll

2008-10-07 13:33:00 ----A---- C:\Windows\system32\nvcuda.dll

2008-10-07 13:33:00 ----A---- C:\Windows\system32\nvcod134.dll

2008-10-04 20:36:55 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint

2008-10-04 20:03:17 ----A---- C:\Windows\CDE SX200DEFGIPS.ini

2008-10-04 19:55:27 ----A---- C:\Windows\system32\E_DCINST.DLL

2008-10-04 19:55:23 ----A---- C:\Windows\system32\E_FLBEFE.DLL

2008-10-04 19:55:21 ----A---- C:\Windows\system32\E_FD4BEFE.DLL

2008-10-04 19:53:35 ----A---- C:\Windows\system32\escwiad.dll

2008-10-03 14:36:39 ----A---- C:\Windows\system32\javaws.exe

2008-10-03 14:36:39 ----A---- C:\Windows\system32\javaw.exe

2008-10-03 14:36:39 ----A---- C:\Windows\system32\java.exe

2008-10-03 14:20:29 ----D---- C:\Program Files\Adobe

2008-10-03 14:20:03 ----D---- C:\Program Files\Common Files\Adobe AIR

2008-10-03 14:12:58 ----D---- C:\ProgramData\NOS

2008-10-03 14:12:58 ----D---- C:\Program Files\NOS

2008-09-30 16:43:34 ----A---- C:\Windows\system32\msxml4.dll

2008-09-29 16:53:10 ----AD---- C:\ProgramData\TEMP

2008-09-27 22:11:38 ----D---- C:\Program Files\AskSBar

2008-09-19 09:04:00 ----A---- C:\Windows\system32\ykx32mpcoinst.dll

2008-09-17 09:49:39 ----A---- C:\ProgramData\pskt.ini

2008-09-17 09:49:39 ----A---- C:\ProgramData\BMdb6e8e6d.txt

2008-09-12 17:47:44 ----A---- C:\Windows\system32\uxtuneup.dll

2008-09-12 17:47:44 ----A---- C:\Windows\system32\authuitu.dll

2008-09-11 18:49:42 ----A---- C:\Windows\system32\MRT.INI

2008-09-10 08:05:56 ----A---- C:\Windows\system32\gameux.dll

2008-09-10 08:05:55 ----A---- C:\Windows\system32\Apphlpdm.dll

2008-09-10 08:05:53 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2008-09-10 08:05:30 ----A---- C:\Windows\system32\wmpeffects.dll

2008-09-07 10:36:48 ----D---- C:\Users\JEREMY\AppData\Roaming\FastStone

2008-09-06 17:43:28 ----A---- C:\Windows\system32\ShellManager310E2D762.dll

2008-09-06 17:42:39 ----A---- C:\Windows\Irremote.ini

2008-09-03 08:16:26 ----A---- C:\Windows\system32\wups2.dll

2008-09-03 08:16:26 ----A---- C:\Windows\system32\wucltux.dll

2008-09-03 08:16:26 ----A---- C:\Windows\system32\wuaueng.dll

2008-09-03 08:16:26 ----A---- C:\Windows\system32\wuauclt.exe

2008-09-03 08:16:13 ----A---- C:\Windows\system32\wups.dll

2008-09-03 08:16:13 ----A---- C:\Windows\system32\wudriver.dll

2008-09-03 08:16:13 ----A---- C:\Windows\system32\wuapi.dll

2008-09-03 08:15:59 ----A---- C:\Windows\system32\wuwebv.dll

2008-09-03 08:15:59 ----A---- C:\Windows\system32\wuapp.exe

 

======List of files/folders modified in the last 3 months======

 

2008-11-29 21:39:13 ----D---- C:\Windows\Prefetch

2008-11-29 21:38:44 ----D---- C:\Windows\Temp

2008-11-29 18:16:27 ----SHD---- C:\System Volume Information

2008-11-29 18:12:44 ----RD---- C:\Program Files

2008-11-29 18:07:44 ----HD---- C:\Program Files\InstallShield Installation Information

2008-11-29 18:07:44 ----D---- C:\Windows\System32

2008-11-29 18:07:26 ----SHD---- C:\Windows\Installer

2008-11-29 18:07:21 ----D---- C:\Windows\system32\drivers

2008-11-29 16:39:52 ----D---- C:\Windows\system32\catroot2

2008-11-29 14:27:08 ----D---- C:\Windows\pss

2008-11-29 13:49:52 ----D---- C:\Windows\winsxs

2008-11-29 13:49:50 ----D---- C:\Windows\system32\catroot

2008-11-28 18:34:30 ----D---- C:\Windows\system32\Tasks

2008-11-28 18:34:29 ----D---- C:\Windows\Tasks

2008-11-27 22:11:32 ----D---- C:\Windows

2008-11-27 21:48:22 ----D---- C:\Windows\inf

2008-11-27 21:48:22 ----A---- C:\Windows\system32\PerfStringBackup.INI

2008-11-27 20:34:25 ----SD---- C:\Users\JEREMY\AppData\Roaming\Microsoft

2008-11-25 19:14:43 ----D---- C:\Users\JEREMY\AppData\Roaming\Adobe

2008-11-25 18:54:12 ----HD---- C:\ProgramData

2008-11-25 18:42:28 ----RSD---- C:\Windows\Fonts

2008-11-25 18:35:15 ----D---- C:\Program Files\Common Files

2008-11-24 19:00:50 ----RSD---- C:\Windows\assembly

2008-11-24 18:58:45 ----D---- C:\Program Files\Common Files\microsoft shared

2008-11-24 18:58:33 ----D---- C:\Program Files\MSBuild

2008-11-24 18:58:06 ----D---- C:\Program Files\Microsoft Office

2008-11-24 18:57:57 ----D---- C:\Program Files\Common Files\Designer

2008-11-24 18:56:29 ----SD---- C:\ProgramData\Microsoft

2008-11-24 18:56:29 ----D---- C:\Program Files\Microsoft.NET

2008-11-24 18:53:23 ----A---- C:\Windows\win.ini

2008-11-24 18:53:19 ----D---- C:\Program Files\Common Files\System

2008-11-24 17:55:19 ----D---- C:\Windows\system32\fr-FR

2008-11-24 17:08:49 ----A---- C:\Windows\system.ini

2008-11-24 17:07:45 ----D---- C:\Windows\AppPatch

2008-11-16 20:08:24 ----D---- C:\Program Files\Mozilla Firefox

2008-11-09 12:57:26 ----D---- C:\Users\JEREMY\AppData\Roaming\dvdcss

2008-11-08 17:36:57 ----D---- C:\Users\JEREMY\AppData\Roaming\Nero

2008-11-04 01:10:25 ----A---- C:\Windows\system32\mrt.exe

2008-11-02 23:40:57 ----D---- C:\Windows\Help

2008-10-31 14:17:20 ----D---- C:\Windows\system

2008-10-27 11:13:08 ----D---- C:\Program Files\ESET

2008-10-24 12:25:48 ----D---- C:\Users\JEREMY\AppData\Roaming\LimeWire

2008-10-23 17:11:33 ----D---- C:\Program Files\Internet Explorer

2008-10-19 16:16:21 ----A---- C:\Windows\ODBC.INI

2008-10-19 16:04:46 ----RSD---- C:\Windows\Media

2008-10-16 02:10:26 ----D---- C:\Program Files\Windows Mail

2008-10-16 02:10:24 ----D---- C:\Windows\system32\migration

2008-10-15 13:32:36 ----D---- C:\Users\JEREMY\AppData\Roaming\FrostWire

2008-10-04 21:04:10 ----D---- C:\ProgramData\EPSON

2008-10-04 20:16:00 ----D---- C:\Program Files\EPSON

2008-10-04 19:54:01 ----D---- C:\Windows\twain_32

2008-10-03 14:36:38 ----D---- C:\Program Files\Java

2008-09-25 20:41:47 ----D---- C:\Program Files\WinRAR

2008-09-20 14:40:48 ----D---- C:\Program Files\Nero

2008-09-20 14:40:47 ----D---- C:\ProgramData\Nero

2008-09-20 14:40:47 ----D---- C:\Program Files\Common Files\Nero

2008-09-14 17:34:27 ----D---- C:\Users\JEREMY\AppData\Roaming\FUJIFILM

2008-09-12 19:11:54 ----RD---- C:\Users

2008-09-12 18:09:13 ----SHD---- C:\Boot

2008-09-12 18:09:12 ----D---- C:\Windows\system32\config

2008-09-12 17:48:10 ----D---- C:\Program Files\TuneUp Utilities 2008

2008-09-12 17:47:45 ----A---- C:\Windows\system32\TuneUpDefragService.exe

2008-09-06 17:47:47 ----A---- C:\Windows\system32\MsiExec.exe.log

2008-09-06 17:35:36 ----D---- C:\Program Files\Yahoo!

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys [1999-09-10 25244]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-25 75072]

R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-12-26 6144]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-20 7468128]

R3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC); C:\Windows\system32\DRIVERS\SMCWGU.sys [2005-12-16 408064]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-09-19 305664]

S3 anzqraoj;anzqraoj; C:\Windows\system32\drivers\anzqraoj.sys []

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-11-17 15360]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]

S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVENG.SYS []

S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVEX15.SYS []

S3 PCAMPR4;PCAMPR4 NDIS Protocol Driver; \??\C:\Windows\system32\PCAMPR4.SYS []

S3 PCANDIS4;PCANDIS4 NDIS Protocol Driver; \??\C:\Windows\system32\PCANDIS4.SYS []

S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-05-18 47360]

S3 USB_RNDIS;Inventel Gateway; C:\Windows\system32\DRIVERS\usb8023.sys [2006-11-02 14848]

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]

R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe [2006-11-25 274520]

R2 CLSched;CyberLink Task Scheduler (CTS); C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe [2006-11-25 118870]

R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-08 45056]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]

R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]

R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-20 118784]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-11-25 262247]

R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]

R2 yksvc;Marvell Yukon Service; ykx32mpcoinst []

S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-04-13 85096]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-25 654848]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-11-17 195752]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2006-12-25 1174152]

S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-09-12 355584]

S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]

 

-----------------EOF-----------------

 

 

info.txt logfile of random's system information tool 1.04 2008-11-29 21:39:15

 

======Uninstall list======

 

-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC4F90EC-B1DA-11D9-9D77-000129760D75}\setup.exe" -uninstall

ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}

Acer eMode Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall

Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly

Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly

Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}

Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}

Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}

Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}

Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}

Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}

Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}

Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe

Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}

Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}

Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}

Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}

Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}

Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe

AutoCAD 2008 - Français-->C:\Program Files\AutoCAD 2008\Setup\Setup.exe /P {5783F2D7-6001-040C-0002-0060B0CE6BBA} /M ACAD

Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}

Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE

Ballance-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42E0783D-3BA4-454B-B58A-BF26E49EB7DE}\setup.exe"

BitComet 1.05-->C:\Program Files\BitComet\uninst.exe

Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42EDF895-158C-484E-A7F2-42B90759F281}\SETUP.EXE" -l0x40c UNINST

CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"

CodeStuff Starter-->"C:\Program Files\CodeStuff\Starter\unStarter.exe"

DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"

EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG

EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}\SETUP.EXE" -l0x40c UNINST

EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{46CBBDF8-55B5-40DB-B459-7B848394309C}\Setup.exe" -l0x40c UNINST

EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u

EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r

EPSON Stylus SX200 Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSEFE.EXE /R /APD /P:"EPSON Stylus SX200 Series"

EPSON Stylus SX200_SX400_TX200_TX400 Manuel-->C:\Program Files\EPSON\TPMANUAL\ES_SX_TX\FRA\USE_G\DOCUNINS.EXE

EVEREST Ultimate Edition v4.60-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"

Favorit-->c:\users\jeremy\appdata\local\cdzupfa.bat

ffdshow [rev 2060] [2008-08-01]-->"C:\Program Files\K-Lite Codec Pack\ffdshow\unins000.exe"

Free Easy Burner V 3.8-->"C:\Program Files\Free Easy Burner\unins000.exe"

FUJIFILM FinePixViewer S Ver.2.1-->C:\Program Files\InstallShield Installation Information\{88B32652-CAE0-4909-A463-5840D2689D93}\setup.exe -runfromtemp -l0x040c -removeonly

Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe

HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Java 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

K-Lite Codec Pack 3.9.0 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"

Ma-Config.com-->MsiExec.exe /X{3A4EE7A4-356E-43B7-A4A3-9C55B22A05B3}

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Marvell Miniport Driver-->C:\Program Files\Marvell\Miniport Driver\Uninst.exe

Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}

Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL

Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}

Microsoft SQL Server 2005 Tools Express Edition-->MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}

Microsoft SQL Server 2005-->"C:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove

Microsoft SQL Server Native Client-->MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}

Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}

Microsoft SQL Server VSS Writer-->MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

Navigateur Orange-->C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl

neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

PhotoFiltre-->"C:\Program Files\PhotoFiltre\Uninst.exe"

PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"

QuickTime-->MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x40c -removeonly

TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}

VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

 

======Security center information======

 

AV: Avira AntiVir PersonalEdition

FW: Norton Internet Security

AS: Windows Defender

AS: Norton Internet Security (outdated)

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\QuickTime\QTSystem

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 79 Stepping 2, AuthenticAMD

"PROCESSOR_REVISION"=4f02

"NUMBER_OF_PROCESSORS"=1

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

 

-----------------EOF-----------------

 

 

c'est bien ce qu'il te fallait???

Lien vers le commentaire
Partager sur d’autres sites

Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Désactive l'UAC-User Account Control -contrôle des comptes utilisateurs (surtout, bien penser à le réactiver après la désinfection).

 

* Démarrer > Panneau de Configuration

* Double clique sur l'icône Comptes d'utilisateurs

* Clique ensuite sur la ligne pour désactiver et valide.

 

  • Ouvre le bloc notes. Copie-colle dedans le contenu de la boite code qui suit, sans ligne blanche vide au début, ça doit commencer par Windows Registry Editor Version 5.00 comme ci dessous :

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.scr]
@="scrfile"

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice]

[HKEY_CLASSES_ROOT\scrfile]
@="Screen Saver"

[HKEY_CLASSES_ROOT\scrfile\shell]

[HKEY_CLASSES_ROOT\scrfile\shell\config]
@="C&onfigure"
"MUIVerb"="@shell32.dll,-10209"

[HKEY_CLASSES_ROOT\scrfile\shell\config\command]
@="\"%1\""

[HKEY_CLASSES_ROOT\scrfile\shell\install]
@="&Install"
"MUIVerb"="@shell32.dll,-10210"

[HKEY_CLASSES_ROOT\scrfile\shell\install\command]
@="rundll32.exe desk.cpl,InstallScreenSaver %l"

[HKEY_CLASSES_ROOT\scrfile\shell\open]
@="T&est"

[HKEY_CLASSES_ROOT\scrfile\shell\open\command]
@="\"%1\" /S"

[HKEY_CLASSES_ROOT\scrfile\shellex]

[HKEY_CLASSES_ROOT\scrfile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

  • Sauvegarde cela sur le bureau en donnant comme nom lib.reg (pas d'extension texte donc).
  • Le fichier va être créé avec une icône de base de registre, double clique dessus et confirme pour l'ajouter au registre.

 

 

Menu démarrer, exécuter, entre la commande ci dessous et valide avec entrée: (ou windows+R pour faire apparaître la boite exécuter) :

sc delete anzqraoj

 

 

Réactive l'UAC.

Lien vers le commentaire
Partager sur d’autres sites
as2pic Member

as2pic

Posté(e)
  • Auteur
Posté(e)

bonjour falkra ça y est j'ai fait exactement ce que tu m'as dit de faire le fichier s'est ajouté à la base de registre et maintenant??

Ca m'embête et en plus je ne vois pas mon pc de lundi à vendredi (déplacement donc si tu n'as plus de réponse à partir de ce soir pas de souci je serai de retour vendredi!!!)

En tout cas merci

Lien vers le commentaire
Partager sur d’autres sites
as2pic Member

as2pic

Posté(e)
  • Auteur
Posté(e)

Logfile of random's system information tool 1.04 (written by random/random)

Run by JEREMY at 2008-11-30 15:41:30

Microsoft® Windows Vista Édition Familiale Basique

System drive C: has 30 GB (27%) free of 109 GB

Total RAM: 1791 MB (65% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 15:41:39, on 30/11/2008

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16757)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\taskeng.exe

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Users\JEREMY\Desktop\exe\RSIT.exe

C:\Program Files\Trend Micro\HijackThis\JEREMY.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\SideBar.exe /autoRun

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O13 - Gopher Prefix:

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: Marvell Yukon Service (yksvc) - Unknown owner - RUNDLL32.EXE (file missing)

 

--

End of file - 5189 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\1-Click Maintenance.job

C:\Windows\tasks\User_Feed_Synchronization-{C8800DAE-3910-4585-999D-D9393810D7D9}.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]

BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll [2008-08-11 656696]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\SideBar.exe [2008-05-17 1232896]

 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=

"NoDrives"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{154c04c0-a12e-11dd-9daa-0013f798b7d9}]

shell\AutoRun\command - J:\setup.exe /init

 

 

======List of files/folders created in the last 3 months======

 

2008-11-30 13:13:37 ----D---- C:\Program Files\Capturino V2

2008-11-30 13:11:44 ----D---- C:\Program Files\FastStone Capture

2008-11-29 21:39:05 ----D---- C:\rsit

2008-11-29 18:12:44 ----D---- C:\Program Files\CodeStuff

2008-11-29 18:07:08 ----SHD---- C:\Config.Msi

2008-11-29 14:11:40 ----D---- C:\_OTMoveIt

2008-11-27 21:23:49 ----A---- C:\ARKDE5E.tmp

2008-11-26 10:28:44 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2008-11-26 10:28:44 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2008-11-26 10:28:44 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2008-11-26 10:28:43 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2008-11-26 10:28:43 ----A---- C:\Windows\system32\WindowsCodecs.dll

2008-11-26 10:28:43 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2008-11-26 10:28:41 ----A---- C:\Windows\system32\connect.dll

2008-11-25 19:57:25 ----A---- C:\Windows\system32\isdvayi.txt

2008-11-25 18:54:12 ----D---- C:\ProgramData\FLEXnet

2008-11-25 18:44:00 ----D---- C:\Program Files\Bonjour

2008-11-25 18:35:15 ----D---- C:\Program Files\Common Files\Macrovision Shared

2008-11-25 12:45:14 ----D---- C:\Program Files\PowerISO

2008-11-24 21:34:27 ----D---- C:\Program Files\Marvell

2008-11-24 21:28:11 ----D---- C:\NVIDIA

2008-11-24 20:56:57 ----D---- C:\ProgramData\ma-config.com

2008-11-24 20:56:57 ----D---- C:\Program Files\ma-config.com

2008-11-24 20:22:46 ----D---- C:\Program Files\Lavalys

2008-11-24 18:58:54 ----D---- C:\Program Files\Microsoft Works

2008-11-24 18:57:59 ----D---- C:\Program Files\Microsoft Visual Studio

2008-11-24 18:56:29 ----D---- C:\Windows\PCHEALTH

2008-11-24 18:53:36 ----D---- C:\Program Files\Microsoft Visual Studio 8

2008-11-24 18:53:08 ----D---- C:\Windows\SHELLNEW

2008-11-24 18:51:54 ----RHD---- C:\MSOCache

2008-11-24 18:45:37 ----D---- C:\ProgramData\Avira

2008-11-24 18:45:37 ----D---- C:\Program Files\Avira

2008-11-24 17:28:04 ----D---- C:\Program Files\MSECache

2008-11-24 17:04:34 ----D---- C:\Windows\ERDNT

2008-11-24 16:08:13 ----D---- C:\Program Files\Trend Micro

2008-11-24 15:30:46 ----D---- C:\ProgramData\Microsoft Help

2008-11-23 18:19:55 ----A---- C:\Windows\system32\msshsq.dll

2008-11-14 12:43:19 ----A---- C:\Windows\system32\msxml3r.dll

2008-11-14 12:43:19 ----A---- C:\Windows\system32\msxml3.dll

2008-11-14 12:43:16 ----A---- C:\Windows\system32\msxml6.dll

2008-11-14 12:43:15 ----A---- C:\Windows\system32\msxml6r.dll

2008-11-10 10:02:27 ----D---- C:\Program Files\Ballance

2008-11-10 10:00:45 ----D---- C:\Program Files\DAEMON Tools Lite

2008-11-09 20:49:06 ----D---- C:\Program Files\Common Files\SWF Studio

2008-11-09 18:41:18 ----D---- C:\ProgramData\2DBoy

2008-11-09 11:33:14 ----A---- C:\Windows\system32\TABCTFR.DLL

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudPlayer.dll

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudioVisu.dll

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudioRecord.dll

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudDisplay.dll

2008-11-09 11:33:14 ----A---- C:\Windows\system32\AudDesign.dll

2008-11-09 11:33:13 ----A---- C:\Windows\system32\Mscc2fr.dll

2008-11-08 17:05:13 ----D---- C:\Program Files\DVD Shrink

2008-11-08 16:58:49 ----D---- C:\Program Files\EasyDVDShrink

2008-11-08 16:56:00 ----D---- C:\ProgramData\DVD Shrink

2008-11-07 21:49:22 ----A---- C:\Windows\system32\GIF89.DLL

2008-11-07 21:49:19 ----D---- C:\Program Files\Free Easy Burner

2008-11-07 11:00:45 ----D---- C:\Program Files\Dealio

2008-11-03 20:50:44 ----D---- C:\Program Files\icones2

2008-11-03 20:44:23 ----D---- C:\Program Files\icones

2008-11-03 09:43:33 ----D---- C:\ProgramData\NVIDIA

2008-11-02 23:41:05 ----A---- C:\Windows\system32\nvexpbar.dll

2008-11-02 23:41:05 ----A---- C:\Windows\system32\nvcpluir.dll

2008-11-02 23:41:05 ----A---- C:\Windows\system32\nvcplui.exe

2008-11-02 23:41:04 ----A---- C:\Windows\system32\nvuninst.exe

2008-10-31 15:31:05 ----D---- C:\Windows\Minidump

2008-10-31 14:17:20 ----D---- C:\Program Files\WinASPI

2008-10-31 14:17:13 ----D---- C:\Program Files\Morgan

2008-10-31 14:17:05 ----A---- C:\Windows\system32\pthreadGC2.dll

2008-10-31 14:15:56 ----D---- C:\Users\JEREMY\AppData\Roaming\NeoDivX2008

2008-10-29 12:16:24 ----A---- C:\Windows\system32\win32spl.dll

2008-10-29 12:16:24 ----A---- C:\Windows\system32\printcom.dll

2008-10-27 11:15:26 ----D---- C:\Program Files\Alwil Software

2008-10-24 12:13:56 ----D---- C:\Windows\ArchiCAD 12

2008-10-24 12:05:13 ----D---- C:\Program Files\Graphisoft

2008-10-24 12:01:19 ----A---- C:\Windows\system32\netapi32.dll

2008-10-23 19:34:32 ----D---- C:\Downloads

2008-10-23 19:27:18 ----D---- C:\Program Files\BitComet

2008-10-23 19:10:15 ----D---- C:\Users\JEREMY\AppData\Roaming\DAEMON Tools

2008-10-23 18:43:35 ----D---- C:\ProgramData\Adobe

2008-10-23 18:42:38 ----D---- C:\Program Files\Common Files\Adobe

2008-10-23 17:21:00 ----D---- C:\Users\JEREMY\AppData\Roaming\Graphisoft

2008-10-23 17:12:12 ----D---- C:\Program Files\WIBUKEY

2008-10-23 17:10:59 ----D---- C:\Program Files\QuickTime

2008-10-23 17:10:58 ----D---- C:\ProgramData\Apple Computer

2008-10-23 17:09:44 ----D---- C:\ProgramData\Apple

2008-10-23 17:09:44 ----D---- C:\Program Files\Apple Software Update

2008-10-19 15:55:42 ----D---- C:\Users\JEREMY\AppData\Roaming\Microsoft Web Folders

2008-10-19 09:35:00 ----D---- C:\Program Files\CDBurnerXP

2008-10-19 09:29:42 ----D---- C:\Users\JEREMY\AppData\Roaming\Canneverbe_Limited

2008-10-19 09:14:50 ----D---- C:\Users\JEREMY\AppData\Roaming\Malwarebytes

2008-10-19 09:14:44 ----D---- C:\ProgramData\Malwarebytes

2008-10-19 09:14:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2008-10-19 08:52:44 ----D---- C:\ProgramData\Spybot - Search & Destroy

2008-10-19 08:52:44 ----D---- C:\Program Files\Spybot - Search & Destroy

2008-10-16 00:32:02 ----A---- C:\Windows\system32\mshtml.dll

2008-10-16 00:32:01 ----A---- C:\Windows\system32\ieframe.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\wininet.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\urlmon.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\mshtmled.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\iertutil.dll

2008-10-16 00:32:00 ----A---- C:\Windows\system32\dxtmsft.dll

2008-10-16 00:31:59 ----A---- C:\Windows\system32\dxtrans.dll

2008-10-16 00:31:58 ----A---- C:\Windows\system32\mstime.dll

2008-10-16 00:31:58 ----A---- C:\Windows\system32\ieui.dll

2008-10-16 00:31:58 ----A---- C:\Windows\system32\ieapfltr.dll

2008-10-16 00:31:58 ----A---- C:\Windows\system32\ie4uinit.exe

2008-10-16 00:31:58 ----A---- C:\Windows\system32\advpack.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\pngfilt.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\jsproxy.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\ieUnatt.exe

2008-10-16 00:31:57 ----A---- C:\Windows\system32\iesetup.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\iernonce.dll

2008-10-16 00:31:57 ----A---- C:\Windows\system32\icardie.dll

2008-10-16 00:31:30 ----A---- C:\Windows\system32\ntkrnlpa.exe

2008-10-16 00:31:29 ----A---- C:\Windows\system32\ntoskrnl.exe

2008-10-16 00:26:27 ----A---- C:\Windows\system32\newdev.exe

2008-10-16 00:26:27 ----A---- C:\Windows\system32\newdev.dll

2008-10-15 19:09:55 ----D---- C:\Program Files\PhotoFiltre

2008-10-15 13:35:54 ----D---- C:\Program Files\LimeWire

2008-10-07 13:33:00 ----A---- C:\Windows\system32\nvsvsr.dll

2008-10-07 13:33:00 ----A---- C:\Windows\system32\nvsvs.dll

2008-10-07 13:33:00 ----A---- C:\Windows\system32\nvcuda.dll

2008-10-07 13:33:00 ----A---- C:\Windows\system32\nvcod134.dll

2008-10-04 20:36:55 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint

2008-10-04 20:03:17 ----A---- C:\Windows\CDE SX200DEFGIPS.ini

2008-10-04 19:55:27 ----A---- C:\Windows\system32\E_DCINST.DLL

2008-10-04 19:55:23 ----A---- C:\Windows\system32\E_FLBEFE.DLL

2008-10-04 19:55:21 ----A---- C:\Windows\system32\E_FD4BEFE.DLL

2008-10-04 19:53:35 ----A---- C:\Windows\system32\escwiad.dll

2008-10-03 14:36:39 ----A---- C:\Windows\system32\javaws.exe

2008-10-03 14:36:39 ----A---- C:\Windows\system32\javaw.exe

2008-10-03 14:36:39 ----A---- C:\Windows\system32\java.exe

2008-10-03 14:20:29 ----D---- C:\Program Files\Adobe

2008-10-03 14:20:03 ----D---- C:\Program Files\Common Files\Adobe AIR

2008-10-03 14:12:58 ----D---- C:\ProgramData\NOS

2008-10-03 14:12:58 ----D---- C:\Program Files\NOS

2008-09-30 16:43:34 ----A---- C:\Windows\system32\msxml4.dll

2008-09-29 16:53:10 ----AD---- C:\ProgramData\TEMP

2008-09-27 22:11:38 ----D---- C:\Program Files\AskSBar

2008-09-19 09:04:00 ----A---- C:\Windows\system32\ykx32mpcoinst.dll

2008-09-17 09:49:39 ----A---- C:\ProgramData\pskt.ini

2008-09-17 09:49:39 ----A---- C:\ProgramData\BMdb6e8e6d.txt

2008-09-12 17:47:44 ----A---- C:\Windows\system32\uxtuneup.dll

2008-09-12 17:47:44 ----A---- C:\Windows\system32\authuitu.dll

2008-09-11 18:49:42 ----A---- C:\Windows\system32\MRT.INI

2008-09-10 08:05:56 ----A---- C:\Windows\system32\gameux.dll

2008-09-10 08:05:55 ----A---- C:\Windows\system32\Apphlpdm.dll

2008-09-10 08:05:53 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2008-09-10 08:05:30 ----A---- C:\Windows\system32\wmpeffects.dll

2008-09-07 10:36:48 ----D---- C:\Users\JEREMY\AppData\Roaming\FastStone

2008-09-06 17:43:28 ----A---- C:\Windows\system32\ShellManager310E2D762.dll

2008-09-06 17:42:39 ----A---- C:\Windows\Irremote.ini

2008-09-03 08:16:26 ----A---- C:\Windows\system32\wups2.dll

2008-09-03 08:16:26 ----A---- C:\Windows\system32\wucltux.dll

2008-09-03 08:16:26 ----A---- C:\Windows\system32\wuaueng.dll

2008-09-03 08:16:26 ----A---- C:\Windows\system32\wuauclt.exe

2008-09-03 08:16:13 ----A---- C:\Windows\system32\wups.dll

2008-09-03 08:16:13 ----A---- C:\Windows\system32\wudriver.dll

2008-09-03 08:16:13 ----A---- C:\Windows\system32\wuapi.dll

2008-09-03 08:15:59 ----A---- C:\Windows\system32\wuwebv.dll

2008-09-03 08:15:59 ----A---- C:\Windows\system32\wuapp.exe

 

======List of files/folders modified in the last 3 months======

 

2008-11-30 15:41:35 ----D---- C:\Windows\Prefetch

2008-11-30 15:41:27 ----D---- C:\Windows\Temp

2008-11-30 13:28:46 ----D---- C:\Windows\System32

2008-11-30 13:13:37 ----RD---- C:\Program Files

2008-11-30 12:32:00 ----D---- C:\Windows\inf

2008-11-30 12:32:00 ----A---- C:\Windows\system32\PerfStringBackup.INI

2008-11-29 18:16:27 ----SHD---- C:\System Volume Information

2008-11-29 18:07:44 ----HD---- C:\Program Files\InstallShield Installation Information

2008-11-29 18:07:26 ----SHD---- C:\Windows\Installer

2008-11-29 18:07:21 ----D---- C:\Windows\system32\drivers

2008-11-29 16:39:52 ----D---- C:\Windows\system32\catroot2

2008-11-29 14:27:08 ----D---- C:\Windows\pss

2008-11-29 13:49:52 ----D---- C:\Windows\winsxs

2008-11-29 13:49:50 ----D---- C:\Windows\system32\catroot

2008-11-28 18:34:30 ----D---- C:\Windows\system32\Tasks

2008-11-28 18:34:29 ----D---- C:\Windows\Tasks

2008-11-27 22:11:32 ----D---- C:\Windows

2008-11-27 20:34:25 ----SD---- C:\Users\JEREMY\AppData\Roaming\Microsoft

2008-11-25 19:14:43 ----D---- C:\Users\JEREMY\AppData\Roaming\Adobe

2008-11-25 18:54:12 ----HD---- C:\ProgramData

2008-11-25 18:42:28 ----RSD---- C:\Windows\Fonts

2008-11-25 18:35:15 ----D---- C:\Program Files\Common Files

2008-11-24 19:00:50 ----RSD---- C:\Windows\assembly

2008-11-24 18:58:45 ----D---- C:\Program Files\Common Files\microsoft shared

2008-11-24 18:58:33 ----D---- C:\Program Files\MSBuild

2008-11-24 18:58:06 ----D---- C:\Program Files\Microsoft Office

2008-11-24 18:57:57 ----D---- C:\Program Files\Common Files\Designer

2008-11-24 18:56:29 ----SD---- C:\ProgramData\Microsoft

2008-11-24 18:56:29 ----D---- C:\Program Files\Microsoft.NET

2008-11-24 18:53:23 ----A---- C:\Windows\win.ini

2008-11-24 18:53:19 ----D---- C:\Program Files\Common Files\System

2008-11-24 17:55:19 ----D---- C:\Windows\system32\fr-FR

2008-11-24 17:08:49 ----A---- C:\Windows\system.ini

2008-11-24 17:07:45 ----D---- C:\Windows\AppPatch

2008-11-16 20:08:24 ----D---- C:\Program Files\Mozilla Firefox

2008-11-09 12:57:26 ----D---- C:\Users\JEREMY\AppData\Roaming\dvdcss

2008-11-08 17:36:57 ----D---- C:\Users\JEREMY\AppData\Roaming\Nero

2008-11-04 01:10:25 ----A---- C:\Windows\system32\mrt.exe

2008-11-02 23:40:57 ----D---- C:\Windows\Help

2008-10-31 14:17:20 ----D---- C:\Windows\system

2008-10-27 11:13:08 ----D---- C:\Program Files\ESET

2008-10-24 12:25:48 ----D---- C:\Users\JEREMY\AppData\Roaming\LimeWire

2008-10-23 17:11:33 ----D---- C:\Program Files\Internet Explorer

2008-10-19 16:16:21 ----A---- C:\Windows\ODBC.INI

2008-10-19 16:04:46 ----RSD---- C:\Windows\Media

2008-10-16 02:10:26 ----D---- C:\Program Files\Windows Mail

2008-10-16 02:10:24 ----D---- C:\Windows\system32\migration

2008-10-15 13:32:36 ----D---- C:\Users\JEREMY\AppData\Roaming\FrostWire

2008-10-04 21:04:10 ----D---- C:\ProgramData\EPSON

2008-10-04 20:16:00 ----D---- C:\Program Files\EPSON

2008-10-04 19:54:01 ----D---- C:\Windows\twain_32

2008-10-03 14:36:38 ----D---- C:\Program Files\Java

2008-09-25 20:41:47 ----D---- C:\Program Files\WinRAR

2008-09-20 14:40:48 ----D---- C:\Program Files\Nero

2008-09-20 14:40:47 ----D---- C:\ProgramData\Nero

2008-09-20 14:40:47 ----D---- C:\Program Files\Common Files\Nero

2008-09-14 17:34:27 ----D---- C:\Users\JEREMY\AppData\Roaming\FUJIFILM

2008-09-12 19:11:54 ----RD---- C:\Users

2008-09-12 18:09:13 ----SHD---- C:\Boot

2008-09-12 18:09:12 ----D---- C:\Windows\system32\config

2008-09-12 17:48:10 ----D---- C:\Program Files\TuneUp Utilities 2008

2008-09-12 17:47:45 ----A---- C:\Windows\system32\TuneUpDefragService.exe

2008-09-06 17:47:47 ----A---- C:\Windows\system32\MsiExec.exe.log

2008-09-06 17:35:36 ----D---- C:\Program Files\Yahoo!

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 Aspi32;Aspi32; C:\Windows\system32\drivers\Aspi32.sys [1999-09-10 25244]

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-25 75072]

R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]

R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]

R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]

R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-12-26 6144]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-20 7468128]

R3 SMCWGU(SMC);SMCWUSB-G 802.11g Wireless USB 2.0 Adapter(SMC); C:\Windows\system32\DRIVERS\SMCWGU.sys [2005-12-16 408064]

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-09-19 305664]

S3 a803zmtp;a803zmtp; C:\Windows\system32\drivers\a803zmtp.sys []

S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []

S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-11-17 15360]

S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]

S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]

S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]

S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVENG.SYS []

S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20061106.064\NAVEX15.SYS []

S3 PCAMPR4;PCAMPR4 NDIS Protocol Driver; \??\C:\Windows\system32\PCAMPR4.SYS []

S3 PCANDIS4;PCANDIS4 NDIS Protocol Driver; \??\C:\Windows\system32\PCANDIS4.SYS []

S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-05-18 47360]

S3 USB_RNDIS;Inventel Gateway; C:\Windows\system32\DRIVERS\usb8023.sys [2006-11-02 14848]

S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]

R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]

R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe [2006-11-25 274520]

R2 CLSched;CyberLink Task Scheduler (CTS); C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe [2006-11-25 118870]

R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-08 45056]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]

R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]

R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-20 118784]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-11-25 262247]

R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2006-11-02 22016]

R2 yksvc;Marvell Yukon Service; ykx32mpcoinst []

S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-04-13 85096]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-25 654848]

S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-11-17 195752]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2006-12-25 1174152]

S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-09-12 355584]

S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]

 

-----------------EOF-----------------

Lien vers le commentaire
Partager sur d’autres sites
as2pic Member

as2pic

Posté(e)
  • Auteur
Posté(e)

à priori c'est nickel je te remercie falkra, et sache au besoin que je suis dessinateur projeteur, ma tasse de thé c'est plutôt autocad / archicad donc si un jour tu as un pb n'hésite pas à poster je vérifie règulièrement si les posts concernent mes 2 logiciels de prédilection...

A bientôt merci

Lien vers le commentaire
Partager sur d’autres sites
Falkra Devil Member !

Falkra

Posté(e)
Posté(e)

Tu peux garder MBAM, il t'a été utile, et c'est un outil tout public, contrairement à certains utilisés pour nettoyer la machine.

Le module résident (qui tourne à l'arrière plan) est payant, mais le programme fonctionne en mode gratuit, ce module ne s'active simplement pas. Du coup dans sa version gratuite il cohabite avec tout, en tant que scanneur à la demande.

 

Désinstalle combofix : entre combofix /u dans la boite exécuter du menu démarrer.

Après cela, efface ces dossiers s'ils existent encore.

C:\QooBox

C:\ComboFix

 

Efface à la main RSIT et OtMoveIt.

Efface ensuite les dossiers :

C:\_OTMoveIt

C:\RSIT

 

 

Voici un peu de lecture, une compilation de conseils pour éviter une réinfection et sécuriser la machine.

 

Un petit point sur les risques du P2P en matière de sécurité logicielle (par Ogu) :

img-103332veltm.jpg

 

N'hésite pas à poser des questions, cette partie est aussi importante que la désinfection.

 

Tu peux marquer résolu dans le titre, (en éditant le premier post, le titre devient modifiable).

 

Il faut bien garder ton système et les logiciels à jour pour éviter les vulnérabilités.

PSI de Secunia peut t'y aider. https://psi.secunia.com/

JavaRa peut t'y aider pour Java : http://raproducts.org/

Il faudra passer au SP1 de Vista. Puis passer par windows updates régulièrement.

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...