Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

google reste inexorablement en anglais

abraracourcix63
 Partager

Messages recommandés

abraracourcix63 Member

abraracourcix63

Posté(e)
  • Auteur
Posté(e)

Bonjour Thanos

Comme convenu j'ai effectué les deux opérations demandées. De façon aléatoire quand je quitte et que je relance mon navigateur j'obtiens ma page perso et dès fois non....... enfin mystère!!!!!

Voici les deux logs

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4185

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

10/06/2010 14:34:34

mbam-log-2010-06-10 (14-34-34).txt

 

Type d'examen: Examen complet (C:\|D:\|)

Elément(s) analysé(s): 253292

Temps écoulé: 24 minute(s), 54 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Logfile of random's system information tool 1.07 (written by random/random)

Run by patrick at 2010-06-10 14:38:39

Microsoft Windows 7 Édition Familiale Premium Service Pack 2

System drive C: has 399 GB (85%) free of 469 GB

Total RAM: 6135 MB (63% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:39:04, on 10/06/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Secunia\PSI\psi.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Users\patrick\Desktop\RSIT.exe

C:\Program Files (x86)\trend micro\patrick.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

O4 - HKLM\..\Run: [DXlibrary] C:\Windows\system32\d3dlib.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{9709A052-9166-4307-8A65-8207AB2E70D9}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe

O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

--

End of file - 25030 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\GlaryInitialize.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-05 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

Locked

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]

"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888]

"Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280]

"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]

"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192]

"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-09-12 5081912]

"DXlibrary"=C:\Windows\system32\d3dlib.exe [2008-08-01 494813]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-05-18 2942976]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SASCORE]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=

"NoActiveDesktopChanges"=

"ForceActiveDesktopOn"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64\Wat

2010-06-08 19:49:57 ----A---- C:\Windows\ntbtlog.txt

2010-06-08 12:26:42 ----D---- C:\rsit

2010-06-08 12:26:42 ----D---- C:\Program Files (x86)\trend micro

2010-06-05 16:00:16 ----D---- C:\Program Files (x86)\THQ

2010-06-05 14:24:08 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\iTunes

2010-06-05 14:23:29 ----D---- C:\Program Files (x86)\Apple Software Update

2010-06-05 14:23:03 ----D---- C:\Program Files (x86)\Bonjour

2010-06-05 13:09:00 ----D---- C:\Program Files (x86)\QuickTime

2010-06-05 12:05:53 ----D---- C:\ProgramData\Sun

2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files\Java

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaws.exe

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaw.exe

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\java.exe

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\deployJava1.dll

2010-06-05 11:56:06 ----D---- C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com

2010-06-05 11:56:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com

2010-06-05 11:56:05 ----D---- C:\ProgramData\SASCORE

2010-06-05 11:48:10 ----D---- C:\Program Files (x86)\Secunia

2010-06-05 11:04:23 ----D---- C:\Program Files (x86)\Tetris 5000

2010-06-04 21:33:15 ----D---- C:\Program Files (x86)\Steam

2010-06-04 18:20:57 ----D---- C:\ProgramData\NortonInstaller

2010-06-04 18:09:20 ----D---- C:\ProgramData\Norton

2010-06-02 12:39:46 ----D---- C:\Program Files (x86)\DreamCatcher

2010-06-02 10:56:43 ----A---- C:\Windows\unvise32.exe

2010-06-02 10:56:00 ----D---- C:\Program Files (x86)\Pure Pinball 2.0 REDUX

2010-06-02 10:50:19 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI

2010-06-02 10:50:06 ----D---- C:\Windows\SysWOW64\URTTEMP

2010-06-02 10:45:08 ----RHD---- C:\Users\patrick\AppData\Roaming\SecuROM

2010-06-02 10:42:10 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe

2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe

2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\pbsvc.exe

2010-06-01 20:25:34 ----D---- C:\Users\patrick\AppData\Roaming\LockHunter

2010-05-26 17:23:00 ----A---- C:\Windows\SysWOW64\CmdLineExt_x64.dll

2010-05-26 14:52:49 ----A---- C:\Windows\SysWOW64\tzres.dll

2010-05-24 15:12:10 ----D---- C:\RDesc

2010-05-20 17:27:16 ----D---- C:\Downloads

2010-05-20 17:08:49 ----A---- C:\Windows\MegaManager.INI

2010-05-12 07:49:33 ----A---- C:\Windows\SysWOW64\inetcomm.dll

 

======List of files/folders modified in the last 1 months======

 

2010-06-10 14:39:00 ----D---- C:\Windows\Prefetch

2010-06-10 14:38:50 ----D---- C:\Windows\Temp

2010-06-10 14:27:54 ----D---- C:\Windows\tracing

2010-06-10 11:00:27 ----D---- C:\Windows\winsxs

2010-06-10 09:09:14 ----D---- C:\Windows\Tasks

2010-06-09 11:04:10 ----D---- C:\Users\patrick\AppData\Roaming\vlc

2010-06-09 11:03:13 ----D---- C:\Users\patrick\AppData\Roaming\dvdcss

2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64

2010-06-08 21:10:25 ----D---- C:\Windows\System32

2010-06-08 21:10:17 ----SHD---- C:\System Volume Information

2010-06-08 19:54:32 ----D---- C:\Windows\inf

2010-06-08 19:49:57 ----D---- C:\Windows

2010-06-08 19:40:21 ----RD---- C:\Program Files (x86)

2010-06-08 19:40:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2010-06-08 19:40:20 ----SHD---- C:\Windows\Installer

2010-06-08 19:38:37 ----D---- C:\Program Files (x86)\Google

2010-06-08 19:37:00 ----D---- C:\ProgramData\Google

2010-06-07 19:17:04 ----D---- C:\Program Files (x86)\Mozilla Firefox

2010-06-06 17:34:26 ----D---- C:\Windows\debug

2010-06-05 23:13:16 ----D---- C:\Users\patrick\AppData\Roaming\Apple Computer

2010-06-05 23:12:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2010-06-05 16:08:29 ----RSD---- C:\Windows\assembly

2010-06-05 14:25:15 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

2010-06-05 14:24:08 ----RD---- C:\Program Files

2010-06-05 14:24:08 ----HD---- C:\ProgramData

2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\Common Files\Apple

2010-06-05 13:27:45 ----D---- C:\ProgramData\Adobe

2010-06-05 13:27:45 ----D---- C:\Program Files (x86)\Common Files\Adobe

2010-06-05 13:26:44 ----D---- C:\Users\patrick\AppData\Roaming\Adobe

2010-06-05 13:26:41 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR

2010-06-05 13:07:22 ----D---- C:\Program Files (x86)\Adobe

2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files

2010-06-05 09:07:21 ----D---- C:\Program Files (x86)\Glary Utilities

2010-06-05 09:07:19 ----D---- C:\Windows\registration

2010-06-05 09:07:14 ----D---- C:\Windows\AppCompat

2010-06-04 16:46:39 ----D---- C:\ProgramData\Spybot - Search & Destroy

2010-06-04 16:35:17 ----SD---- C:\ProgramData\Microsoft

2010-06-04 13:07:45 ----D---- C:\Users\patrick\AppData\Roaming\Macromedia

2010-06-02 10:50:06 ----D---- C:\Program Files (x86)\Internet Explorer

2010-06-01 17:20:26 ----D---- C:\Windows\SysWOW64\drivers

2010-06-01 17:20:25 ----D---- C:\Users\patrick\AppData\Roaming\PowerCinema

2010-05-31 20:56:19 ----SD---- C:\Users\patrick\AppData\Roaming\Microsoft

2010-05-28 15:05:04 ----D---- C:\Windows\LiveKernelReports

2010-05-27 10:29:01 ----D---- C:\Windows\rescache

2010-05-26 23:29:20 ----D---- C:\Windows\SysWOW64\fr-FR

2010-05-26 14:52:04 ----AD---- C:\ProgramData\Temp

2010-05-21 21:17:07 ----D---- C:\Program Files (x86)\TuneUp Utilities 2010

2010-05-21 10:42:57 ----D---- C:\Program Files (x86)\Mah Jong Adventures

2010-05-21 08:43:08 ----D---- C:\Windows\Logs

2010-05-21 07:40:46 ----D---- C:\tempocapt

2010-05-13 03:01:59 ----D---- C:\Program Files (x86)\Windows Mail

2010-05-13 03:00:42 ----D---- C:\ProgramData\Microsoft Help

2010-05-12 14:56:59 ----D---- C:\Program Files (x86)\a-squared Free

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []

R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []

R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []

R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys []

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys []

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys []

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys []

R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys []

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]

R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]

R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys []

R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []

R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys []

R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys []

R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys []

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys []

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []

R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys []

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []

R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys []

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []

R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []

R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys []

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []

R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys []

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []

S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys []

S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys []

S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys []

S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys []

S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys []

S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []

S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys []

S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []

S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []

S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys []

S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys []

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys []

S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys []

S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys []

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []

S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys []

S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys []

S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys []

S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys []

S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys []

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []

S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys []

S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys []

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []

S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2003-09-19 21248]

S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys []

S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys []

S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys []

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys []

S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys []

S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys []

S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys []

S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-04-07 16392]

S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys []

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []

S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys []

S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 a2free;a-squared Free Service; C:\Program Files (x86)\a-squared Free\a2service.exe [2010-04-15 1872320]

R2 AcrSch2Svc;Service Scheduler2 Acronis; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-09-12 892072]

R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-12 2326920]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-04-08 345376]

R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-06-06 1352320]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-02 66872]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-04-28 120832]

R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-05-07 1403208]

R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 135664]

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe []

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe []

S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256]

S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]

S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-21 607048]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe []

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S4 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -service []

 

-----------------EOF-----------------

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut,

 

 

Dis moi: est ce que tu as coché puis utilisé le bouton Fix Checked avec hijackthis ? les lignes que je te demandais de fixer sont encore présentes.

 

Rend toi à cette adresse => http://www.virustotal.com/

 

Tu as une case nommée "Parcourir": tu cliques dessus et une fenêtre s'ouvre=> copie/colle ceci dans le champs à droite de "Nom du Fichier" en bas de page >> C:\Windows\System32\drivers\discache.sys

 

Clique maintenant sur "ouvrir" en bas de la fenêtre puis sur "Envoyer le fichier". Le scan de ce fichier va débuter. Tu n'as plus qu'à sélectionner puis copier /coller l'analyse dans ton prochain message.

Note: les fichiers uploadés sont mis en attente, car le virusscan est sollicité! patiente (un message t'indique le temps que ca prendra pour faire analyser)

 

Note: il arrive parfois que le fichier ait déjà été analysé. Si c'est le cas, clique sur le bouton Reanalyse file now

abraracourcix63 Member

abraracourcix63

Posté(e)
  • Auteur
Posté(e)

Thanos, je t'envoie le log virustotal. Il tourne encore depuis 5 heures est-ce normal?

 

AVG 9.0.0.787 2010.06.10 -

ClamAV 0.96.0.3-git 2010.06.11 -

DrWeb 5.0.2.03300 2010.06.11 -

eSafe 7.0.17.0 2010.06.10 -

F-Secure 9.0.15370.0 2010.06.11 -

Fortinet 4.1.133.0 2010.06.10 -

GData 21 2010.06.11 -

McAfee-GW-Edition 2010.1 2010.06.10 Heuristic.BehavesLike.Win32.PasswordStealer.H

Microsoft 1.5802 2010.06.10 -

Norman 6.04.12 2010.06.10 -

nProtect 2010-06-10.01 2010.06.10 -

PCTools 7.0.3.5 2010.06.11 -

Sophos 4.54.0 2010.06.11 -

Sunbelt 6433 2010.06.11 -

TheHacker 6.5.2.0.297 2010.06.11 -

VBA32 3.12.12.5 2010.06.10 Trojan-Downloader.Autoit.gen

Information additionnelle

File size: 494813 bytes

MD5...: 781b1f02d9baa7e7f0f70226e3fe72a6

SHA1..: 14add186373846cd10d09bf5b77c9841e23bf9e9

SHA256: 4abcf2a36c5791a7f56a6299fcaadd6391c361ae24946885663d2233d2adfb05

ssdeep: 6144:7wJ8c24eMY8YtcFFWDVN1nJmrlLOQWeA9knyfkJKOqb/XbTzY:7jcxeMzYt

cFERJmrbWeAynyfumjbI

PEiD..: -

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x54d5d

timedatestamp.....: 0x482d38ba (Fri May 16 07:33:14 2008)

machinetype.......: 0x14c (I386)

 

( 4 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x65f77 0x66000 6.69 6959f52695d2cb18a828d77441758bbd

.rdata 0x67000 0xe534 0xe600 5.02 ab49e666881dbe6e9d1fe6986c755f00

.data 0x76000 0x16ad8 0x2a00 3.89 3fece893ddc33aedc5ae3e6d7cac9d66

.rsrc 0x8d000 0x3fb 0x400 5.19 c910203b0dc2714f601ff497b5b81c89

 

( 13 imports )

> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

> VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW

> WINMM.dll: waveOutSetVolume, mciSendStringW, timeGetTime

> COMCTL32.dll: ImageList_DragMove, ImageList_EndDrag, ImageList_DragLeave, ImageList_DragEnter, ImageList_BeginDrag, ImageList_SetDragCursorImage, ImageList_Destroy, ImageList_ReplaceIcon, ImageList_Create, InitCommonControlsEx, ImageList_Remove

> MPR.dll: WNetUseConnectionW, WNetGetConnectionW, WNetAddConnection2W, WNetCancelConnection2W

> KERNEL32.dll: UnmapViewOfFile, OpenProcess, CreateFileMappingW, MapViewOfFile, WriteProcessMemory, ReadProcessMemory, CreateFileW, ReadFile, SetFilePointer, SetFileTime, FindResourceW, LoadResource, GetFileAttributesW, LockResource, FindFirstFileW, SizeofResource, FindClose, EnumResourceNamesW, DeleteFileW, FindNextFileW, lstrcmpiW, MoveFileW, OutputDebugStringW, CopyFileW, CreateDirectoryW, RemoveDirectoryW, TerminateProcess, SetSystemPowerState, GetLocalTime, MultiByteToWideChar, WideCharToMultiByte, CompareStringW, InterlockedIncrement, InterlockedDecrement, WriteFile, CreatePipe, GetStdHandle, InterlockedExchange, EnterCriticalSection, TerminateThread, LeaveCriticalSection, DeleteCriticalSection, GetTempPathW, GetTempFileNameW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetDriveTypeW, QueryPerformanceFrequency, GetVolumeInformationW, SetVolumeLabelW, DeviceIoControl, SetErrorMode, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, SetFileAttributesW, WritePrivateProfileSectionW, GetShortPathNameW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetEnvironmentVariableW, GetFileSize, SetEnvironmentVariableW, GlobalFree, GlobalLock, GlobalUnlock, GlobalAlloc, SetProcessWorkingSetSize, GlobalMemoryStatus, Beep, GetComputerNameW, GetWindowsDirectoryW, GetSystemDirectoryW, GetCurrentProcessId, GetCurrentThread, CreateProcessW, SetPriorityClass, VirtualAlloc, LoadLibraryExW, GetModuleHandleA, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter, RaiseException, GetModuleFileNameA, HeapSize, HeapReAlloc, HeapDestroy, HeapCreate, RtlUnwind, QueryPerformanceCounter, GetModuleHandleW, GetSystemInfo, GetVersionExW, GetCurrentThreadId, Sleep, WaitForSingleObject, CreateThread, DuplicateHandle, GetLastError, HeapAlloc, GetProcessHeap, HeapFree, CloseHandle, GetCurrentProcess, LoadLibraryA, GetModuleFileNameW, GetFullPathNameW, SetCurrentDirectoryW, GetConsoleCP, GetConsoleMode, SetHandleCount, GetCurrentDirectoryW, FreeLibrary, InitializeCriticalSection, GetProcAddress, LoadLibraryW, GetStartupInfoW, GetVersionExA, ExitProcess, ExitThread, GetSystemTimeAsFileTime, GetFileType, GetStartupInfoA, SetStdHandle, ResumeThread, FlushFileBuffers, LCMapStringA, LCMapStringW, GetTimeZoneInformation, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetCommandLineW, GetTickCount, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CreateFileA, SetEndOfFile, CompareStringA, GetDiskFreeSpaceW, SetEnvironmentVariableA

> USER32.dll: SetWindowLongW, FlashWindow, GetActiveWindow, InflateRect, CharNextW, DrawFocusRect, wsprintfW, DrawTextW, RedrawWindow, FrameRect, DrawFrameControl, FillRect, DrawMenuBar, PtInRect, DestroyMenu, SetMenu, DestroyAcceleratorTable, CreateAcceleratorTableW, GetWindowTextLengthW, SetCursor, GetWindowDC, TranslateAcceleratorW, GetSystemMetrics, IsDialogMessageW, CreateMenu, IsDlgButtonChecked, GetSysColor, DefDlgProcW, ReleaseCapture, SetCapture, SetActiveWindow, FindWindowExW, EnumThreadWindows, LoadImageW, CreateIconFromResourceEx, mouse_event, SetMenuDefaultItem, InsertMenuItemW, IsMenu, TrackPopupMenuEx, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, IsZoomed, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, DispatchMessageW, GetDC, GetKeyboardLayoutNameA, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, DestroyWindow, GetMenu, GetClientRect, CopyRect, EndPaint, BeginPaint, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, SendMessageTimeoutW, GetFocus, GetWindowTextW, ScreenToClient, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, GetCaretPos, GetSubMenu, GetMenuStringW, IsCharUpperW, IsCharLowerW, IsCharAlphaNumericW, IsCharAlphaW, GetKeyboardLayoutNameW, ClientToScreen, RegisterHotKey, ReleaseDC, SetMenuItemInfoW, GetCursor, PostMessageW, GetWindowRect, MessageBoxW, GetForegroundWindow, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, MessageBoxA, RegisterWindowMessageW, DestroyIcon, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, TranslateMessage, PeekMessageW, WindowFromPoint, SetClipboardData, EmptyClipboard, CountClipboardFormats, SetWindowPos, CopyImage, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, AdjustWindowRectEx, SetRect, CharLowerBuffW, GetMessageW, VkKeyScanA, LockWindowUpdate, UnregisterHotKey, keybd_event, ExitWindowsEx, CharUpperW

> GDI32.dll: LineTo, AngleArc, MoveToEx, Ellipse, PolyDraw, BeginPath, SetTextColor, GetObjectW, SetBkMode, RoundRect, SetBkColor, CloseFigure, SetPixel, EndPath, StrokePath, StrokeAndFillPath, ExtCreatePen, PolyBezierTo, SetViewportOrgEx, Rectangle, CreatePen, CreateSolidBrush, CreateCompatibleBitmap, GetPixel, DeleteDC, GetDIBits, BitBlt, SelectObject, CreateDIBSection, CreateCompatibleDC, CreateFontW, GetDeviceCaps, GetTextFaceW, GetStockObject, CreateDCW, GetTextExtentPoint32W, DeleteObject

> comdlg32.dll: GetSaveFileNameW, GetOpenFileNameW

> ADVAPI32.dll: RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegSetValueExW, RegCreateKeyExW, GetUserNameW, RegConnectRegistryW, RegEnumKeyExW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, CloseServiceHandle, UnlockServiceDatabase, LockServiceDatabase, OpenSCManagerW, RegCloseKey, RegQueryValueExW, RegOpenKeyExW

> SHELL32.dll: DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHBrowseForFolderW, SHFileOperationW, SHGetPathFromIDListW, SHGetDesktopFolder, SHGetMalloc, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW, DragFinish

> ole32.dll: OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoInitialize, CoUninitialize, CoCreateInstance, CreateStreamOnHGlobal, CoTaskMemAlloc, CoTaskMemFree, IIDFromString, StringFromIID, CLSIDFromString, OleInitialize, CreateBindCtx, CLSIDFromProgID, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket, StringFromCLSID, OleUninitialize

> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

 

( 0 exports )

RDS...: NSRL Reference Data Set

-

pdfid.: -

trid..: Windows Screen Saver (39.4%)

Win32 Executable Generic (25.6%)

Win32 Dynamic Link Library (generic) (22.8%)

Generic Win/DOS Executable (6.0%)

DOS Executable Generic (6.0%)

abraracourcix63 Member

abraracourcix63

Posté(e)
  • Auteur
Posté(e)

Voilà le bon log Virustotal

 

a-squared 5.0.0.26 2010.06.11 -

AhnLab-V3 2010.06.11.00 2010.06.11 -

AntiVir 8.2.2.6 2010.06.11 -

Antiy-AVL 2.0.3.7 2010.06.11 -

Authentium 5.2.0.5 2010.06.11 W32/Worm.AZHW

Avast 4.8.1351.0 2010.06.11 -

Avast5 5.0.332.0 2010.06.11 -

AVG 9.0.0.787 2010.06.11 -

BitDefender 7.2 2010.06.11 -

CAT-QuickHeal 10.00 2010.06.11 -

ClamAV 0.96.0.3-git 2010.06.11 -

Comodo 5059 2010.06.11 Packed.Win32.Klone.~KC

DrWeb 5.0.2.03300 2010.06.11 -

eSafe 7.0.17.0 2010.06.10 -

eTrust-Vet 36.1.7628 2010.06.11 -

F-Prot 4.6.0.103 2010.06.11 W32/Worm.AZHW

F-Secure 9.0.15370.0 2010.06.11 -

Fortinet 4.1.133.0 2010.06.10 -

GData 21 2010.06.11 -

Ikarus T3.1.1.84.0 2010.06.11 -

Jiangmin 13.0.900 2010.06.11 -

Kaspersky 7.0.0.125 2010.06.11 -

McAfee 5.400.0.1158 2010.06.11 -

McAfee-GW-Edition 2010.1 2010.06.11 Heuristic.BehavesLike.Win32.PasswordStealer.H

Microsoft 1.5802 2010.06.11 -

NOD32 5189 2010.06.11 -

Norman 6.04.12 2010.06.11 -

nProtect 2010-06-11.01 2010.06.11 -

Panda 10.0.2.7 2010.06.10 -

PCTools 7.0.3.5 2010.06.11 -

Prevx 3.0 2010.06.11 -

Rising 22.51.04.04 2010.06.11 -

Sophos 4.54.0 2010.06.11 -

Sunbelt 6434 2010.06.11 -

Symantec 20101.1.0.89 2010.06.11 -

TheHacker 6.5.2.0.297 2010.06.11 -

TrendMicro 9.120.0.1004 2010.06.11 -

TrendMicro-HouseCall 9.120.0.1004 2010.06.11 -

VBA32 3.12.12.5 2010.06.11 Trojan-Downloader.Autoit.gen

ViRobot 2010.6.11.3881 2010.06.11 -

VirusBuster 5.0.27.0 2010.06.11 -

Information additionnelle

File size: 494813 bytes

MD5...: 781b1f02d9baa7e7f0f70226e3fe72a6

SHA1..: 14add186373846cd10d09bf5b77c9841e23bf9e9

SHA256: 4abcf2a36c5791a7f56a6299fcaadd6391c361ae24946885663d2233d2adfb05

ssdeep: 6144:7wJ8c24eMY8YtcFFWDVN1nJmrlLOQWeA9knyfkJKOqb/XbTzY:7jcxeMzYt

cFERJmrbWeAynyfumjbI

PEiD..: -

PEInfo: PE Structure information

 

( base data )

entrypointaddress.: 0x54d5d

timedatestamp.....: 0x482d38ba (Fri May 16 07:33:14 2008)

machinetype.......: 0x14c (I386)

 

( 4 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x65f77 0x66000 6.69 6959f52695d2cb18a828d77441758bbd

.rdata 0x67000 0xe534 0xe600 5.02 ab49e666881dbe6e9d1fe6986c755f00

.data 0x76000 0x16ad8 0x2a00 3.89 3fece893ddc33aedc5ae3e6d7cac9d66

.rsrc 0x8d000 0x3fb 0x400 5.19 c910203b0dc2714f601ff497b5b81c89

 

( 13 imports )

> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

> VERSION.dll: GetFileVersionInfoSizeW, GetFileVersionInfoW, VerQueryValueW

> WINMM.dll: waveOutSetVolume, mciSendStringW, timeGetTime

> COMCTL32.dll: ImageList_DragMove, ImageList_EndDrag, ImageList_DragLeave, ImageList_DragEnter, ImageList_BeginDrag, ImageList_SetDragCursorImage, ImageList_Destroy, ImageList_ReplaceIcon, ImageList_Create, InitCommonControlsEx, ImageList_Remove

> MPR.dll: WNetUseConnectionW, WNetGetConnectionW, WNetAddConnection2W, WNetCancelConnection2W

> KERNEL32.dll: UnmapViewOfFile, OpenProcess, CreateFileMappingW, MapViewOfFile, WriteProcessMemory, ReadProcessMemory, CreateFileW, ReadFile, SetFilePointer, SetFileTime, FindResourceW, LoadResource, GetFileAttributesW, LockResource, FindFirstFileW, SizeofResource, FindClose, EnumResourceNamesW, DeleteFileW, FindNextFileW, lstrcmpiW, MoveFileW, OutputDebugStringW, CopyFileW, CreateDirectoryW, RemoveDirectoryW, TerminateProcess, SetSystemPowerState, GetLocalTime, MultiByteToWideChar, WideCharToMultiByte, CompareStringW, InterlockedIncrement, InterlockedDecrement, WriteFile, CreatePipe, GetStdHandle, InterlockedExchange, EnterCriticalSection, TerminateThread, LeaveCriticalSection, DeleteCriticalSection, GetTempPathW, GetTempFileNameW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetDriveTypeW, QueryPerformanceFrequency, GetVolumeInformationW, SetVolumeLabelW, DeviceIoControl, SetErrorMode, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, SetFileAttributesW, WritePrivateProfileSectionW, GetShortPathNameW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetEnvironmentVariableW, GetFileSize, SetEnvironmentVariableW, GlobalFree, GlobalLock, GlobalUnlock, GlobalAlloc, SetProcessWorkingSetSize, GlobalMemoryStatus, Beep, GetComputerNameW, GetWindowsDirectoryW, GetSystemDirectoryW, GetCurrentProcessId, GetCurrentThread, CreateProcessW, SetPriorityClass, VirtualAlloc, LoadLibraryExW, GetModuleHandleA, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter, RaiseException, GetModuleFileNameA, HeapSize, HeapReAlloc, HeapDestroy, HeapCreate, RtlUnwind, QueryPerformanceCounter, GetModuleHandleW, GetSystemInfo, GetVersionExW, GetCurrentThreadId, Sleep, WaitForSingleObject, CreateThread, DuplicateHandle, GetLastError, HeapAlloc, GetProcessHeap, HeapFree, CloseHandle, GetCurrentProcess, LoadLibraryA, GetModuleFileNameW, GetFullPathNameW, SetCurrentDirectoryW, GetConsoleCP, GetConsoleMode, SetHandleCount, GetCurrentDirectoryW, FreeLibrary, InitializeCriticalSection, GetProcAddress, LoadLibraryW, GetStartupInfoW, GetVersionExA, ExitProcess, ExitThread, GetSystemTimeAsFileTime, GetFileType, GetStartupInfoA, SetStdHandle, ResumeThread, FlushFileBuffers, LCMapStringA, LCMapStringW, GetTimeZoneInformation, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetCommandLineW, GetTickCount, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CreateFileA, SetEndOfFile, CompareStringA, GetDiskFreeSpaceW, SetEnvironmentVariableA

> USER32.dll: SetWindowLongW, FlashWindow, GetActiveWindow, InflateRect, CharNextW, DrawFocusRect, wsprintfW, DrawTextW, RedrawWindow, FrameRect, DrawFrameControl, FillRect, DrawMenuBar, PtInRect, DestroyMenu, SetMenu, DestroyAcceleratorTable, CreateAcceleratorTableW, GetWindowTextLengthW, SetCursor, GetWindowDC, TranslateAcceleratorW, GetSystemMetrics, IsDialogMessageW, CreateMenu, IsDlgButtonChecked, GetSysColor, DefDlgProcW, ReleaseCapture, SetCapture, SetActiveWindow, FindWindowExW, EnumThreadWindows, LoadImageW, CreateIconFromResourceEx, mouse_event, SetMenuDefaultItem, InsertMenuItemW, IsMenu, TrackPopupMenuEx, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, IsZoomed, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, DispatchMessageW, GetDC, GetKeyboardLayoutNameA, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, DestroyWindow, GetMenu, GetClientRect, CopyRect, EndPaint, BeginPaint, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, SendMessageTimeoutW, GetFocus, GetWindowTextW, ScreenToClient, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, GetCaretPos, GetSubMenu, GetMenuStringW, IsCharUpperW, IsCharLowerW, IsCharAlphaNumericW, IsCharAlphaW, GetKeyboardLayoutNameW, ClientToScreen, RegisterHotKey, ReleaseDC, SetMenuItemInfoW, GetCursor, PostMessageW, GetWindowRect, MessageBoxW, GetForegroundWindow, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, MessageBoxA, RegisterWindowMessageW, DestroyIcon, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, TranslateMessage, PeekMessageW, WindowFromPoint, SetClipboardData, EmptyClipboard, CountClipboardFormats, SetWindowPos, CopyImage, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, AdjustWindowRectEx, SetRect, CharLowerBuffW, GetMessageW, VkKeyScanA, LockWindowUpdate, UnregisterHotKey, keybd_event, ExitWindowsEx, CharUpperW

> GDI32.dll: LineTo, AngleArc, MoveToEx, Ellipse, PolyDraw, BeginPath, SetTextColor, GetObjectW, SetBkMode, RoundRect, SetBkColor, CloseFigure, SetPixel, EndPath, StrokePath, StrokeAndFillPath, ExtCreatePen, PolyBezierTo, SetViewportOrgEx, Rectangle, CreatePen, CreateSolidBrush, CreateCompatibleBitmap, GetPixel, DeleteDC, GetDIBits, BitBlt, SelectObject, CreateDIBSection, CreateCompatibleDC, CreateFontW, GetDeviceCaps, GetTextFaceW, GetStockObject, CreateDCW, GetTextExtentPoint32W, DeleteObject

> comdlg32.dll: GetSaveFileNameW, GetOpenFileNameW

> ADVAPI32.dll: RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegSetValueExW, RegCreateKeyExW, GetUserNameW, RegConnectRegistryW, RegEnumKeyExW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, CloseServiceHandle, UnlockServiceDatabase, LockServiceDatabase, OpenSCManagerW, RegCloseKey, RegQueryValueExW, RegOpenKeyExW

> SHELL32.dll: DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHBrowseForFolderW, SHFileOperationW, SHGetPathFromIDListW, SHGetDesktopFolder, SHGetMalloc, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW, DragFinish

> ole32.dll: OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoInitialize, CoUninitialize, CoCreateInstance, CreateStreamOnHGlobal, CoTaskMemAlloc, CoTaskMemFree, IIDFromString, StringFromIID, CLSIDFromString, OleInitialize, CreateBindCtx, CLSIDFromProgID, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket, StringFromCLSID, OleUninitialize

> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

 

( 0 exports )

RDS...: NSRL Reference Data Set

-

pdfid.: -

sigcheck:

publisher....: n/a

copyright....: n/a

product......: n/a

description..: n/a

original name: n/a

internal name: n/a

file version.: n/a

comments.....: n/a

signers......: -

signing date.: -

verified.....: Unsigned

trid..: Windows Screen Saver (39.4%)

Win32 Executable Generic (25.6%)

Win32 Dynamic Link Library (generic) (22.8%)

Generic Win/DOS Executable (6.0%)

DOS Executable Generic (6.0%)

Thanos Devil Member !

Thanos

Posté(e)
Posté(e)

salut <img src="http://forum.zebulon.fr/public/style_emoticons/<#EMO_DIR#>/icon_wink.gif" style="vertical-align:middle" emoid=":P" border="0" alt="icon_wink.gif" />

 

<!--quoteo--><div class='quotetop'>Citation </div><div class='quotemain'><!--quotec-->Thanos, je t'envoie le log virustotal. Il tourne encore depuis 5 heures est-ce normal?<!--QuoteEnd--></div><!--QuoteEEnd-->

Non! normalement ca prends quelques minutes tout au plus! dommage que tu aies attendu <img src="http://forum.zebulon.fr/style_emoticons/<#EMO_DIR#>/icon_wink.gif"'>http://forum.zebulon.fr/style_emoticons/<#EMO_DIR#>/icon_wink.gif" style="vertical-align:middle" emoid=":P" border="0" alt="icon_wink.gif" /> Il arrive parfois que le site VirusTotal soit surchargé.

 

Le fichier est un malware. On va procéder ainsi =>

 

<b>1°)</b> Télécharge <a href="http://oldtimer.geekstogo.com/OTM.exe" target="_blank"><b><!--coloro:#FF0000--><span style="color:#FF0000"><!--/coloro-->OTM par OldTimer<!--colorc--></span><!--/colorc--></b></a> et enregistre ce fichier sur le <b>Bureau</b>.

<ul><li>Fais un clic droit sur le fichier puis choisis <b>Exécuter en tant qu'administrateur</b></li><li><b>Copie les lignes de la zone "Code" ci-dessous dans le Presse-papiers </b> en les sélectionnant <b>toutes</b> puis en appuyant <b>simultanément sur les touches CTRL et C</b> (ou, après les avoir sélectionnées, en faisant un clic droit puis en choisissant <b>Copier</b>):

:first

:files

C:\Windows\system32\d3dlib.exe

 

:reg

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"DXlibrary"=-

 

:commands

[emptytemp]

Retourne dans la fenêtre de OTMoveIt3, fais un clic droit dans la zone de gauche intitulée <img src="http://apu.mabul.org/up/apu/2008/11/24/img-025804xb055.png" border="0" class="linked-image" /> puis choisis <b>Coller</b>.</li><li>Clique sur le bouton rouge <img src="http://apu.mabul.org/up/apu/2008/11/24/img-025919bxiq4.png" border="0" class="linked-image" /></li><li>Ferme <b>OTM</b></li><li>Poste dans ta prochaine réponse le rapport de OTM (contenu du fichier <b>C:\_OTM\MovedFiles\********_******.log</b> - <i>les *** sont des chiffres représentant la date [moisjourannée] et l'heure</i>)</li></ul><b>Note:</b> Si un fichier ou un dossier ne peut pas être déplacé immédiatement, un redémarrage sera peut-être nécessaire pour permettre de terminer le processus de déplacement. Si le redémarrage de la machine vous est demandé, choisir <b>Oui/Yes.</b>

 

<b>2°)</b> J'aimerai que tu m'expédie un fichier stp >>

<ul><li>Fais un clic droit sur le dossier C:\<b>_OTM</b></li><li>Dans la liste qui se déroule, choisis > <b>Envoyer vers</b> > <i>Dossier compressé</i></li><li>Un fichier nommé <b>_OTM.zip</b> doit apparaitre dans le même répertoire (C:\)</li><li>Rend toi ensuite sur cette page > <a href="http://senduit.com/" target="_blank">http://senduit.com/</a></li><li>Clique sur le bouton "<b>Parcourir</b>": une fenêtre s'ouvre=> copie/colle ceci dans le champs à droite de "<b><i>Nom du Fichier</i></b>" en bas de page >> <!--coloro:#FF0000--><span style="color:#FF0000"><!--/coloro-->C:\_OTM.zip<!--colorc--></span><!--/colorc--></li><li>Clique maintenant sur "<b>ouvrir</b>" en bas de la fenêtre.</li><li>De retour sur la page du site, clique sur la flêche à droite de "<i>Expire in</i>" et sélectionne <b>1 day</b></li><li>Clique enfin sur le bouton <b>Upload</b>.</li><li>Le lien d'upload va s'afficher en bas de page: envoie le moi <b><u>par MP</u></b> stp <img src="http://forum.zebulon.fr/style_emoticons/<#EMO_DIR#>/icon_wink.gif" style="vertical-align:middle" emoid=":P" border="0" alt="icon_wink.gif" /></li></ul>

<b>3°)</b> Démarre Hijackthis, clique sur <b>"Do a system scan only"</b>, et coche les lignes suivantes :

<b>

O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{9709A052-9166-4307-8A65-8207AB2E70D9}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

 

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

</b>

Ferme ton/tes navigateurs puis clique sur<b> "Fix Checked"</b>

 

<b>3°)</b> Redémarre le pc et poste un dernier rapport RSIT stp.

abraracourcix63 Member

abraracourcix63

Posté(e)
  • Auteur
Posté(e)

Bonjour Thanos

Après trois tentatives je t'envoie le log de OTM

En début d'après-midi, je t'enverrai le fichier OTM - peux tu me dire comment on envoie un message privé, je ne suis pas un pro des forums??

merci

Bonne journée

et encore merci pour ton aide précieuse

Abra

 

All processes killed

Error: Unable to interpret <:first> in the current context!

========== FILES ==========

File/Folder C:\Windows\system32\d3dlib.exe not found.

========== REGISTRY ==========

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DXlibrary not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33103 bytes

->Flash cache emptied: 41620 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: patrick

->Temp folder emptied: 1443417 bytes

->Temporary Internet Files folder emptied: 39303858 bytes

->Java cache emptied: 12124138 bytes

->FireFox cache emptied: 37427932 bytes

->Flash cache emptied: 42916 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 429401 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50607 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 87,00 mb

 

 

OTM by OldTimer - Version 3.1.12.2 log created on 06122010_090016

 

Files moved on Reboot...

C:\Users\patrick\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

 

Registry entries deleted on Reboot...

abraracourcix63 Member

abraracourcix63

Posté(e)
  • Auteur
Posté(e)

Je transmets le nouveau Log RSIT mais les lignes de commande 17 et 18 que j'ai cliquées dans hijackthis sont toujours présentes?????

Merci pour l'analyse Thanos

 

Logfile of random's system information tool 1.07 (written by random/random)

Run by patrick at 2010-06-12 12:34:28

Microsoft Windows 7 Édition Familiale Premium Service Pack 2

System drive C: has 400 GB (85%) free of 469 GB

Total RAM: 6135 MB (72% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:35:09, on 12/06/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\Program Files (x86)\Secunia\PSI\psi.exe

C:\Users\patrick\Desktop\RSIT.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files (x86)\trend micro\patrick.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&a...d58k95qg9m3y349

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html

O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{9709A052-9166-4307-8A65-8207AB2E70D9}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB1AC85-CD02-47E7-B89F-8C6DCDDF1F82}: NameServer = 91.188.60.223,8.8.8.8

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Free\a2service.exe

O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

--

End of file - 24968 bytes

 

======Scheduled tasks folder======

 

C:\Windows\tasks\Ad-Aware Update (Weekly).job

C:\Windows\tasks\GlaryInitialize.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-06-05 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

Locked

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]

"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-12 261888]

"Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280]

"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]

"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192]

"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-09-12 5081912]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-05-18 2942976]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SASCORE]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SASCORE]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=

"NoActiveDesktopChanges"=

"ForceActiveDesktopOn"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

 

======File associations======

 

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

 

======List of files/folders created in the last 1 months======

 

2010-06-12 07:50:12 ----D---- C:\_OTM

2010-06-12 07:37:20 ----D---- C:\Windows\Minidump

2010-06-10 15:23:50 ----A---- C:\Windows\SysWOW64\mshtml.dll

2010-06-10 15:23:49 ----A---- C:\Windows\SysWOW64\ieframe.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\wininet.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\urlmon.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\mstime.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll

2010-06-10 15:23:48 ----A---- C:\Windows\SysWOW64\iedkcs32.dll

2010-06-10 15:23:47 ----A---- C:\Windows\SysWOW64\jsproxy.dll

2010-06-10 11:05:50 ----A---- C:\Windows\SysWOW64\asycfilt.dll

2010-06-10 09:43:20 ----A---- C:\Windows\SysWOW64\atmlib.dll

2010-06-10 09:43:20 ----A---- C:\Windows\SysWOW64\atmfd.dll

2010-06-08 21:10:25 ----D---- C:\Windows\SysWOW64\Wat

2010-06-08 19:49:57 ----A---- C:\Windows\ntbtlog.txt

2010-06-08 12:26:42 ----D---- C:\rsit

2010-06-08 12:26:42 ----D---- C:\Program Files (x86)\trend micro

2010-06-05 16:00:16 ----D---- C:\Program Files (x86)\THQ

2010-06-05 14:24:08 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\iTunes

2010-06-05 14:23:29 ----D---- C:\Program Files (x86)\Apple Software Update

2010-06-05 14:23:03 ----D---- C:\Program Files (x86)\Bonjour

2010-06-05 13:09:00 ----D---- C:\Program Files (x86)\QuickTime

2010-06-05 12:05:53 ----D---- C:\ProgramData\Sun

2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files\Java

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaws.exe

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\javaw.exe

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\java.exe

2010-06-05 12:05:40 ----A---- C:\Windows\SysWOW64\deployJava1.dll

2010-06-05 11:56:06 ----D---- C:\Users\patrick\AppData\Roaming\SUPERAntiSpyware.com

2010-06-05 11:56:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com

2010-06-05 11:56:05 ----D---- C:\ProgramData\SASCORE

2010-06-05 11:48:10 ----D---- C:\Program Files (x86)\Secunia

2010-06-05 11:04:23 ----D---- C:\Program Files (x86)\Tetris 5000

2010-06-04 21:33:15 ----D---- C:\Program Files (x86)\Steam

2010-06-04 18:20:57 ----D---- C:\ProgramData\NortonInstaller

2010-06-04 18:09:20 ----D---- C:\ProgramData\Norton

2010-06-02 12:39:46 ----D---- C:\Program Files (x86)\DreamCatcher

2010-06-02 10:56:43 ----A---- C:\Windows\unvise32.exe

2010-06-02 10:56:00 ----D---- C:\Program Files (x86)\Pure Pinball 2.0 REDUX

2010-06-02 10:50:19 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI

2010-06-02 10:50:06 ----D---- C:\Windows\SysWOW64\URTTEMP

2010-06-02 10:45:08 ----RHD---- C:\Users\patrick\AppData\Roaming\SecuROM

2010-06-02 10:42:10 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe

2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe

2010-06-02 10:42:07 ----A---- C:\Windows\SysWOW64\pbsvc.exe

2010-06-01 20:25:34 ----D---- C:\Users\patrick\AppData\Roaming\LockHunter

2010-05-26 17:23:00 ----A---- C:\Windows\SysWOW64\CmdLineExt_x64.dll

2010-05-26 14:52:49 ----A---- C:\Windows\SysWOW64\tzres.dll

2010-05-24 15:12:10 ----D---- C:\RDesc

2010-05-20 17:27:16 ----D---- C:\Downloads

2010-05-20 17:08:49 ----A---- C:\Windows\MegaManager.INI

 

======List of files/folders modified in the last 1 months======

 

2010-06-12 12:35:05 ----D---- C:\Windows\Prefetch

2010-06-12 12:34:58 ----D---- C:\Windows\Temp

2010-06-12 12:34:33 ----D---- C:\Windows\Tasks

2010-06-12 09:42:34 ----D---- C:\Windows\tracing

2010-06-12 09:07:11 ----D---- C:\Windows\System32

2010-06-12 09:07:11 ----D---- C:\Windows\inf

2010-06-12 09:05:59 ----D---- C:\Windows\SysWOW64\drivers

2010-06-12 09:05:59 ----D---- C:\Windows\SysWOW64

2010-06-12 07:37:20 ----D---- C:\Windows

2010-06-11 20:45:46 ----D---- C:\Users\patrick\AppData\Roaming\vlc

2010-06-11 20:45:30 ----D---- C:\Users\patrick\AppData\Roaming\dvdcss

2010-06-11 15:15:09 ----SHD---- C:\System Volume Information

2010-06-11 03:28:51 ----D---- C:\Windows\Microsoft.NET

2010-06-11 03:28:48 ----RSD---- C:\Windows\assembly

2010-06-11 03:20:13 ----D---- C:\Windows\winsxs

2010-06-11 03:18:29 ----D---- C:\Windows\SysWOW64\migration

2010-06-11 03:18:29 ----D---- C:\Program Files (x86)\Internet Explorer

2010-06-11 03:02:09 ----D---- C:\Windows\debug

2010-06-11 03:01:59 ----SHD---- C:\Windows\Installer

2010-06-11 03:01:57 ----D---- C:\ProgramData\Microsoft Help

2010-06-08 19:40:21 ----RD---- C:\Program Files (x86)

2010-06-08 19:40:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2010-06-08 19:38:37 ----D---- C:\Program Files (x86)\Google

2010-06-08 19:37:00 ----D---- C:\ProgramData\Google

2010-06-07 19:17:04 ----D---- C:\Program Files (x86)\Mozilla Firefox

2010-06-05 23:13:16 ----D---- C:\Users\patrick\AppData\Roaming\Apple Computer

2010-06-05 23:12:46 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2010-06-05 14:25:15 ----D---- C:\Program Files (x86)\Mozilla Thunderbird

2010-06-05 14:24:08 ----RD---- C:\Program Files

2010-06-05 14:24:08 ----HD---- C:\ProgramData

2010-06-05 14:24:08 ----D---- C:\Program Files (x86)\Common Files\Apple

2010-06-05 13:27:45 ----D---- C:\ProgramData\Adobe

2010-06-05 13:27:45 ----D---- C:\Program Files (x86)\Common Files\Adobe

2010-06-05 13:26:44 ----D---- C:\Users\patrick\AppData\Roaming\Adobe

2010-06-05 13:26:41 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR

2010-06-05 13:07:22 ----D---- C:\Program Files (x86)\Adobe

2010-06-05 12:05:53 ----D---- C:\Program Files (x86)\Common Files

2010-06-05 09:07:21 ----D---- C:\Program Files (x86)\Glary Utilities

2010-06-05 09:07:19 ----D---- C:\Windows\registration

2010-06-05 09:07:14 ----D---- C:\Windows\AppCompat

2010-06-04 16:46:39 ----D---- C:\ProgramData\Spybot - Search & Destroy

2010-06-04 16:35:17 ----SD---- C:\ProgramData\Microsoft

2010-06-04 13:07:45 ----D---- C:\Users\patrick\AppData\Roaming\Macromedia

2010-06-01 17:20:25 ----D---- C:\Users\patrick\AppData\Roaming\PowerCinema

2010-05-31 20:56:19 ----SD---- C:\Users\patrick\AppData\Roaming\Microsoft

2010-05-28 15:05:04 ----D---- C:\Windows\LiveKernelReports

2010-05-27 10:29:01 ----D---- C:\Windows\rescache

2010-05-26 23:29:20 ----D---- C:\Windows\SysWOW64\fr-FR

2010-05-26 14:52:04 ----AD---- C:\ProgramData\Temp

2010-05-21 21:17:07 ----D---- C:\Program Files (x86)\TuneUp Utilities 2010

2010-05-21 10:42:57 ----D---- C:\Program Files (x86)\Mah Jong Adventures

2010-05-21 08:43:08 ----D---- C:\Windows\Logs

2010-05-21 07:40:46 ----D---- C:\tempocapt

2010-05-13 03:01:59 ----D---- C:\Program Files (x86)\Windows Mail

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []

R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []

R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []

R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys []

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys []

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys []

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys []

R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys []

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]

R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]

R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys []

R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []

R3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys []

R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys []

R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys []

R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys []

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []

R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys []

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []

R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys []

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2009-10-14 11856]

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []

R3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []

R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys []

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []

R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys []

R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []

S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys []

S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys []

S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys []

S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys []

S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys []

S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []

S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys []

S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []

S3 BTHPORT;Pilote de port Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []

S3 BTHUSB;Pilote USB radio Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []

S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []

S3 drmkaud;Microsoft Trusted Audio Drivers; C:\Windows\system32\drivers\drmkaud.sys []

S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys []

S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys []

S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys []

S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys []

S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []

S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys []

S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys []

S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys []

S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys []

S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys []

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []

S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys []

S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys []

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []

S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys [2003-09-19 21248]

S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys []

S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys []

S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys []

S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys []

S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys []

S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys []

S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys []

S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys [2009-04-07 16392]

S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys []

S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []

S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys []

S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 a2free;a-squared Free Service; C:\Program Files (x86)\a-squared Free\a2service.exe [2010-04-15 1872320]

R2 AcrSch2Svc;Service Scheduler2 Acronis; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-09-12 892072]

R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-03-12 2326920]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

R2 Bonjour Service;Service Bonjour; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-04-08 345376]

R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-06-06 1352320]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []

R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-02 66872]

R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]

R2 SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2010-04-28 120832]

R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2010-05-07 1403208]

R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]

R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]

R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-13 135664]

S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe []

S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []

S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]

S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe []

S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256]

S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448]

S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]

S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 TuneUp.Defrag;@C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-21 607048]

S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe []

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S4 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -service []

 

-----------------EOF-----------------

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...