Posez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher Charte Forum Virus-Sécurité

Je pense voir un virus,pouvez vous m'aider?

Dernière réponse le 15 nov 2009 à 17:44:55 tias35, le 13 nov 2009 à 17:33:52

Signaler ce message aux modérateurs

Bonjour,
j'ai suivis tout ce quil fo faire sur ccm pour nettoyer mon pc , mais pouvez vous analyser mes rapports svp car je n'y conprend rien merci d'avance.

voici mes deux rapports RSIT:

le 1er
info.txt logfile of random's system information tool 1.06 2009-11-13 00:14:49

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
3D-Viewer-innoPlus-->MsiExec.exe /X{B96DB037-DBEA-4186-9081-9CBD537F82E8}
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x19 -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x19 -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x19 -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x19 -removeonly
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x9 -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x9 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Agere Systems HDA Modem-->agrsmdel
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Audacity 1.3.8 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
DivX Author 1.5-->C:\Program Files\DivX\DivX Author 1.5\DivXAuthorUninstall.exe /DIVX_AUTHOR
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FinePix Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}\Setup.exe" -l0x9
FinePixViewer Resource-->C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\setup.exe -runfromtemp -l0x040c -removeonly
FinePixViewer Ver.5.5-->C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\setup.exe -runfromtemp -l0x040c -removeonly
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Glary Utilities 2.10.0.622-->"C:\Program Files\Glary Utilities\unins000.exe"
Google Earth Plug-in-->MsiExec.exe /X{FE24D361-A3E8-11DE-88F3-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Encoder (KB929182)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={5406B219-A1AC-4BC4-8695-72292C8195AC} /qb
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI
Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876}
Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}
Mail.Ru ????? 5.3 (?????? 2564, ??? ???? ?????????????)-->C:\Program Files\Mail.Ru\Agent\magentsetup.exe -uninstalllm
Mail.Ru ??????? 2.0-->C:\Program Files\Mail.Ru\Sputnik\SputnikInstaller.exe -uninstall
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - rus-->MsiExec.exe /I{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Russian) 2007-->MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help Îáíîâëåíèå (KB963678)-->msiexec /package {90120000-0016-0419-0000-0000000FF1CE} /uninstall {420938DB-BF97-4664-BE29-0C68B4802C00}
Microsoft Office Excel MUI (Russian) 2007-->MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007-->MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007-->MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (Russian) 2007-->MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook 2007 Help Îáíîâëåíèå (KB963677)-->msiexec /package {90120000-001A-0419-0000-0000000FF1CE} /uninstall {E9D6C0F9-9879-4FC4-8E13-BF0D3953E0E6}
Microsoft Office Outlook MUI (Russian) 2007-->MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help Îáíîâëåíèå (KB963669)-->msiexec /package {90120000-0018-0419-0000-0000000FF1CE} /uninstall {BD1C2AC7-63F3-4C75-8B44-DE3D700B3BC8}
Microsoft Office PowerPoint MUI (Russian) 2007-->MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007-->MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007-->MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007-->MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Publisher MUI (Russian) 2007-->MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007-->MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word 2007 Help Îáíîâëåíèå (KB963665)-->msiexec /package {90120000-001B-0419-0000-0000000FF1CE} /uninstall {D3A002FB-0F62-4840-80AD-2D2C63F83449}
Microsoft Office Word MUI (Russian) 2007-->MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{737E2345-2897-4B75-9C9B-D541F7394D6B}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
PC Wizard 2007.1.73-->"C:\Program Files\PC Wizard 2007\unins000.exe"
Prevent Restore-->C:\PROGRA~1\PREVEN~1\UNWISE.EXE C:\PROGRA~1\PREVEN~1\INSTALL.LOG
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Recuva (remove only)-->"C:\Program Files\Recuva\uninst.exe"
Samsung ML-2010 Series-->C:\Program Files\Samsung\Samsung ML-2010 Series\Install\Setup.exe /R
Secunia PSI-->"C:\Program Files\Secunia\PSI\uninstall.exe"
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Unlocker 1.8.8-->C:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb975960)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1AB1BED-7477-4D5A-BD0C-04C2109459A5}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WindowBlinds-->C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Wipe-->C:\PROGRA~1\Wipe\wipe.exe uninstall
XRECODE-->"C:\Program Files\XRECODE\unins000.exe"
????????? ?????????? Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
???????? ????? Microsoft .NET Framework 3.5 SP1 — RUS-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - rus\setup.exe

=====HijackThis Backups=====

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 [2009-11-07]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ru.intl.acer.yahoo.com [2009-11-07]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ru.intl.acer.yahoo.com [2009-11-07]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [2009-11-07]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 [2009-11-07]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = [2009-11-07]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [2009-11-07]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 [2009-11-07]
R3 - URLSearchHook: (no name) - {83821C2B-32A8-4DD7-B6D4-44309A78E668} - C:\Users\Q\AppData\Roaming\Mail.Ru\Agent\Mra\dll\newmrasearch.dll [2009-11-07]
R3 - URLSearchHook: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file) [2009-11-07]
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) [2009-11-07]
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll [2009-11-07]
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-11-07]
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-11-07]
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-11-07]
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) [2009-11-07]
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-11-07]
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-11-07]
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-11-07]
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-11-07]
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\PROGRA~1\Mail.Ru\Sputnik\MAILRU~1.DLL [2009-11-07]
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-07]
O2 - BHO: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file) [2009-11-07]
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-11-07]
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') [2009-11-07]
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') [2009-11-07]
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') [2009-11-07]
O9 - Extra button: ????????? ? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll [2009-11-07]
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file) [2009-11-07]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [2009-11-07]
O9 - Extra 'Tools' menuitem: &????????? ? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll [2009-11-07]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - [2009-11-07]
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/... [2009-11-07]
O13 - Gopher Prefix: [2009-11-07]
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B1D3B24-59E8-4509-A162-63169F2AA06E}: NameServer = 212.27.40.240,212.27.40.241 [2009-11-07]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [2009-11-07]
O23 - Service: @dfsrres.dll,-101 (DFSR) - ?????????? ?????????? - C:\Windows\system32\DFSR.exe [2009-11-07]
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing) [2009-11-07]
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) [2009-11-07]

======Security center information======

AS: ???????? Windows

======System event log======

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ??????????(Installed) ? ????????? ??????????(Installed)
Record Number: 209331
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184744.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ?????????????(Staged) ? ????????? ?????????????(Staged)
Record Number: 209330
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184743.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ?????????????(Staged) ? ????????? ?????????????(Staged)
Record Number: 209329
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184743.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ??????????(Installed) ? ????????? ??????????(Installed)
Record Number: 209328
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184743.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ??????????(Installed) ? ????????? ??????????(Installed)
Record Number: 209327
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184743.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Q-??
Event Code: 1033
Message: ??? ???????? ???????????, ????????? ??? ?????????? ?????? ? ????????? override-only.
????? ???????=(IIS-W3SVC-MaxConcurrentRequests) (Telnet-Client-EnableTelnetClient) (Telnet-Client-EnableTelnetClient_w) (Telnet-Server-EnableTelnetServer) (Telnet-Server-EnableTelnetServer_w)
????????????? ??????????=55c92734-d682-4d71-983e-d6ec3f16059f
????????????? SKU=199086aa-6cb8-4e5b-b698-f2be56f1e8ee
Record Number: 17970
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20080914153639.000000-000
Event Type: ????????
User:

Computer Name: Q-??
Event Code: 0
Message:
Record Number: 17969
Source Name: LiveUpdate Notice Service
Time Written: 20080914153632.000000-000
Event Type: ????????
User:

Computer Name: Q-??
Event Code: 0
Message:
Record Number: 17968
Source Name: LiveUpdate Notice Service
Time Written: 20080914153632.000000-000
Event Type: ????????
User:

Computer Name: Q-??
Event Code: 35
Message:
Record Number: 17967
Source Name: ccSvcHst
Time Written: 20080914153632.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 34
Message:
Record Number: 17966
Source Name: ccSvcHst
Time Written: 20080914153632.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Q-??
Event Code: 4672
Message: ?????? ?????? ????? ????????? ??????????? ??????????.

???????:
?? ????????????: S-1-5-18
??? ??????? ??????: SYSTEM
????? ??????? ??????: NT AUTHORITY
??? ?????: 0x3e7

??????????: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 63007
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055111.691156-000
Event Type: ????? ???????? ???????
User:

Computer Name: Q-??
Event Code: 4624
Message: ???? ? ??????? ??????? ???????? ???????.

???????:
?? ????????????: S-1-5-18
??? ??????? ??????: Q-??$
????? ??????? ??????: WORKGROUP
??? ?????: 0x3e7

??? ?????: 5

????? ????:
?? ????????????: S-1-5-18
??? ??????? ??????: SYSTEM
????? ??????? ??????: NT AUTHORITY
??? ?????: 0x3e7
GUID ?????: {00000000-0000-0000-0000-000000000000}

???????? ? ????????:
????????????? ????????: 0x248
??? ????????: C:\Windows\System32\services.exe

???????? ? ????:
??? ??????? ???????:
??????? ????? ?????????: -
???? ?????????: -

???????? ? ???????? ???????????:
??????? ?????: Advapi
????? ???????? ???????????: Negotiate
????????????? ??????: -
??? ?????? (?????? NTLM): -
????? ?????: 0

?????? ??????? ????????? ??? ???????? ?????? ?????. ??? ????????? ? ???????, ???? ? ??????? ????????.

???? "???????" ????????? ?? ??????? ?????? ????????? ???????, ??????????? ????. ?????? ??? ??????, ???????? ?????? "??????", ??? ????????? ???????, ????? ??? Winlogon.exe ??? Services.exe.

? ???? "??? ?????" ?????? ??? ???????????? ?????. ?????? ????????????????? ???????? ???? 2 (?????????????) ? 3 (???????).

???? "????? ????" ????????? ?? ??????? ??????, ??? ??????? ?????? ????? ????? ?????, ?? ???? ?? ??????? ??????, ? ??????? ???????? ????.

? ?????, ??????? ????????? ? ????, ?????? ???????? ??????? ?? ????????? ????. ??? ??????? ??????? ???????? ?? ??????, ? ? ????????? ??????? ??? ???? ????? ?????????? ?????????????.

???? ???????? ? ???????? ??????????? ???????? ????????? ?????? ? ?????????? ??????? ?? ????.
- GUID ????? - ??? ?????????? ?????????????, ??????? ????????? ??????????? ?????? ??????? ? ???????? KDC.
- ? ???? "????????????? ??????" ???????, ????? ????????????? ?????? ??????????? ? ?????? ??????? ?? ????.
- ???? "??? ??????" ????????? ?? ???????????, ?????????????? ? ??????????? NTLM.
- ???? "????? ?????" ???????? ????? ?????????? ????? ??????. ??? ???? ????? ????? ???????? "0", ???? ???? ?????? ?? ????????????.
Record Number: 63006
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055111.691156-000
Event Type: ????? ???????? ???????
User:

Computer Name: Q-??
Event Code: 4648
Message: ????????? ??????? ????? ? ??????? ? ????? ????????? ??????? ??????.

???????:
?? ????????????: S-1-5-18
??? ??????? ??????: Q-??$
????? ??????? ??????: WORKGROUP
??? ?????: 0x3e7
GUID ?????: {00000000-0000-0000-0000-000000000000}

???? ???????????? ??????? ?????? ????????? ??????? ??????:
??? ??????? ??????: SYSTEM
????? ??????? ??????: NT AUTHORITY
GUID ?????: {00000000-0000-0000-0000-000000000000}

??????? ??????:
??? ???????? ???????: localhost
?????????????? ????????: localhost

???????? ? ????????:
????????????? ????????: 0x248
??? ????????: C:\Windows\System32\services.exe

???????? ? ????:
??????? ?????: -
????: -

?????? ??????? ?????????, ????? ??????? ???????? ????????? ???? ? ??????? ???????, ???? ?????? ?? ??????? ??????. ??? ?????? ?????????? ??? ????????????? ???????????? ????????? ????, ???????? ??????????? ?????, ??? ?????????? ??????? RUNAS.
Record Number: 63005
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055111.691156-000
Event Type: ????? ???????? ???????
User:

Computer Name: Q-??
Event Code: 5038
Message: ???????? ???????? ??????????? ???? ??????????, ??? ??? ?????? ????? ??????????. ???? ????? ???? ????????? ????? ??? ???????????????????? ?????????, ??? ???????????? ??? ????? ????????? ?? ????????????? ?????? ????????? ??????????.

??? ?????: \Device\HarddiskVolume2\Windows\System32\drivers\SSPORT.SYS
Record Number: 63004
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055110.630356-000
Event Type: ???? ??????
User:

Computer Name: Q-??
Event Code: 5032
Message: ??????????? Windows ?? ??????? ????????? ???????????? ? ???, ??? ????? ???????? ??????? ??????????? ??? ?????????? ????????????.

??? ??????: 2
Record Number: 63003
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055103.906756-000
Event Type: ???? ??????
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 22 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=1601
"NUMBER_OF_PROCESSORS"=1
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

le 2em
Logfile of random's system information tool 1.06 (written by random/random)
Run by Q at 2009-11-13 00:14:24
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 9 GB (28%) free of 33 GB
Total RAM: 1013 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:14:40, on 13.11.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Q\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Q\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Q\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Q\tout\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Q.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R3 - URLSearchHook: ???????@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\PROGRA~1\Mail.Ru\Sputnik\MAILRU~1.DLL
O1 - Hosts: ::1 localhost
O3 - Toolbar: ???????@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\PROGRA~1\Mail.Ru\Sputnik\MAILRU~1.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (file missing)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Q\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU)
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Q\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - ?????????? ?????????? - C:\Windows\system32\DFSR.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: ?????? Google Update (gupdate1ca2bdf91fc8e30) (gupdate1ca2bdf91fc8e30) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 5643 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-326079992-3645070703-3661207174-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-326079992-3645070703-3661207174-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{48122CB1-D985-4060-A15E-750AE22F624D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{09900DE8-1DCA-443F-9243-26FF581438AF} - ???????@Mail.Ru - C:\PROGRA~1\Mail.Ru\Sputnik\MAILRU~1.DLL [2008-10-30 534016]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-05-22 200704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll [2007-03-07 112304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=157

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a15ff1d-e5f5-11dc-9eb1-001b386d47fc}]
shell\Auto\command - G:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\AdobeR.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7874d95c-f9aa-11dc-bab7-001b386d47fc}]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c96c8a0d-5733-11dd-b061-001b386d47fc}]
shell\1\command - F:\.\recycled\info.exe
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\.\recycled\info.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8f43573-fb25-11dc-9d8f-001b386d47fc}]
shell\1\command - G:\.\recycled\info.exe
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\.\recycled\info.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eee74472-c85c-11dc-a9a8-001b386d47fc}]
shell\AUToplay\command - F:\plijku.exe
shell\AutoRun\command - F:\plijku.exe
shell\explore\command - F:\plijku.exe
shell\opeN\command - F:\plijku.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eee745e5-c85c-11dc-a9a8-001b386d47fc}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
shell\Open(0)\command - F:\Recycled\ctfmon.exe

======File associations======

.bat - edit - %SystemRoot%\System32\NOTEPAD.EXE %1"
.ini - open - %SystemRoot%\System32\NOTEPAD.EXE %1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 3 months======

2009-11-13 00:14:24 ----D---- C:\rsit
2009-11-12 13:44:46 ----D---- C:\Program Files\QuickTime
2009-11-12 13:44:46 ----D---- C:\Program Files\Java
2009-11-12 13:44:39 ----D---- C:\ProgramData\Apple Computer
2009-11-12 13:43:32 ----SHD---- C:\Config.Msi
2009-11-12 13:40:31 ----D---- C:\Program Files\Common Files\Apple
2009-11-12 13:40:10 ----D---- C:\Program Files\Apple Software Update
2009-11-12 13:40:09 ----D---- C:\ProgramData\Apple
2009-11-11 22:03:46 ----D---- C:\ProgramData\Avira
2009-11-11 22:03:46 ----D---- C:\Program Files\Avira
2009-11-11 21:31:55 ----D---- C:\Program Files\Secunia
2009-11-11 16:27:54 ----A---- C:\Windows\system32\WSDApi.dll
2009-11-09 16:37:28 ----A---- C:\Windows\system32\wbload.dll
2009-11-09 16:37:27 ----A---- C:\Windows\system32\wbsys.dll
2009-11-09 16:37:25 ----D---- C:\Program Files\Stardock
2009-11-09 16:29:08 ----A---- C:\Windows\system32\XAudio2_5.dll
2009-11-09 16:29:08 ----A---- C:\Windows\system32\xactengine3_5.dll
2009-11-09 16:29:07 ----A---- C:\Windows\system32\d3dx11_42.dll
2009-11-09 16:29:07 ----A---- C:\Windows\system32\d3dx10_42.dll
2009-11-09 16:29:07 ----A---- C:\Windows\system32\d3dcsx_42.dll
2009-11-09 16:29:07 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2009-11-09 16:29:06 ----A---- C:\Windows\system32\D3DX9_42.dll
2009-11-09 16:29:06 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-11-09 16:29:06 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-11-09 16:29:06 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-11-09 16:29:05 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-11-09 16:29:05 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-11-09 16:29:05 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-11-09 16:29:05 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-11-09 16:29:04 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-11-09 16:29:04 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-11-09 16:29:04 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-11-09 16:29:04 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-11-09 16:29:04 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-11-09 16:29:03 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-11-09 16:29:03 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-11-09 16:29:03 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-11-09 16:29:03 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-11-09 16:29:00 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-11-09 16:29:00 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-11-09 16:29:00 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-11-09 16:29:00 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-11-09 16:29:00 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-11-09 16:28:59 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-11-09 16:28:59 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-11-09 16:28:59 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-11-09 16:28:58 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-11-09 16:28:58 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-11-09 16:28:58 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-11-09 16:28:58 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-11-09 16:28:58 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-11-09 16:28:57 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-11-09 16:28:57 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-11-09 16:28:57 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-11-09 16:28:57 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-11-09 16:28:56 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-11-09 16:28:56 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-11-09 16:28:56 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-11-09 16:28:56 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-11-09 16:28:55 ----A---- C:\Windows\system32\xactengine2_9.dll
2009-11-09 16:28:55 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-11-09 16:28:55 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-11-09 16:28:54 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-11-09 16:28:54 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-11-09 16:28:49 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-11-09 16:28:49 ----A---- C:\Windows\system32\d3dx10.dll
2009-11-09 16:28:48 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-11-09 16:28:46 ----A---- C:\Windows\system32\xinput1_2.dll
2009-11-09 16:28:46 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-11-09 16:28:46 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-11-09 16:28:45 ----A---- C:\Windows\system32\xinput1_1.dll
2009-11-09 16:28:45 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-11-09 16:28:44 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-11-09 16:28:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-11-09 16:28:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-11-09 16:28:28 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-11-09 16:28:26 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-11-09 16:28:25 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-11-09 16:28:23 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-11-09 16:28:21 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-11-09 16:28:16 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-11-09 07:54:03 ----D---- C:\ProgramData\Google Updater
2009-11-08 20:24:38 ----A---- C:\Windows\system32\CmdLineExt.dll
2009-11-08 20:22:38 ----D---- C:\Windows\system32\URTTEMP
2009-11-08 20:16:27 ----D---- C:\Program Files\2K Games
2009-11-08 02:28:02 ----D---- C:\ProgramData\WindowsSearch
2009-11-08 01:36:17 ----SHD---- C:\$RECYCLE.BIN
2009-11-07 23:50:41 ----A---- C:\Windows\system32\javaws.exe
2009-11-07 23:50:41 ----A---- C:\Windows\system32\javaw.exe
2009-11-07 23:50:41 ----A---- C:\Windows\system32\java.exe
2009-11-07 22:00:31 ----D---- C:\Program Files\Trend Micro
2009-11-07 16:59:51 ----A---- C:\Windows\system32\PnkBstrA.exe
2009-11-07 16:58:28 ----A---- C:\Windows\system32\PnkBstrB.exe
2009-11-07 16:57:13 ----RHD---- C:\Users\Q\AppData\Roaming\SecuROM
2009-11-07 16:38:30 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-11-07 16:38:29 ----A---- C:\Windows\system32\d3dx9_34.dll
2009-11-07 16:38:29 ----A---- C:\Windows\system32\d3dx10_34.dll
2009-11-07 16:38:29 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2009-11-07 16:38:28 ----A---- C:\Windows\system32\xinput1_3.dll
2009-11-07 16:38:28 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-11-07 16:38:28 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-11-07 16:38:28 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-11-07 16:38:27 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-11-07 16:38:26 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-11-07 16:38:26 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-11-05 19:06:17 ----D---- C:\Users\Q\AppData\Roaming\Pegasys Inc
2009-11-04 15:35:25 ----A---- C:\Windows\system32\mshtml.dll
2009-10-27 19:20:27 ----A---- C:\Windows\system32\wmp.dll
2009-10-27 19:20:21 ----A---- C:\Windows\system32\unregmp2.exe
2009-10-27 19:19:59 ----A---- C:\Windows\system32\wmploc.DLL
2009-10-20 07:16:07 ----A---- C:\Windows\system32\wups2.dll
2009-10-20 07:16:06 ----A---- C:\Windows\system32\wucltux.dll
2009-10-20 07:16:06 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-20 07:16:06 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-20 07:15:33 ----A---- C:\Windows\system32\wups.dll
2009-10-20 07:15:33 ----A---- C:\Windows\system32\wudriver.dll
2009-10-20 07:15:33 ----A---- C:\Windows\system32\wuapi.dll
2009-10-20 07:15:14 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-20 07:15:14 ----A---- C:\Windows\system32\wuapp.exe
2009-10-15 16:44:28 ----A---- C:\Windows\system32\msasn1.dll
2009-10-15 16:44:16 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-15 16:43:42 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-15 16:43:40 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-15 16:42:48 ----A---- C:\Windows\system32\ieframe.dll
2009-10-15 16:42:46 ----A---- C:\Windows\system32\iertutil.dll
2009-10-15 16:42:45 ----A---- C:\Windows\system32\urlmon.dll
2009-10-15 16:42:44 ----A---- C:\Windows\system32\wininet.dll
2009-10-15 16:42:42 ----A---- C:\Windows\system32\occache.dll
2009-10-15 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-15 16:42:41 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-15 16:42:38 ----A---- C:\Windows\system32\ieui.dll
2009-10-15 16:42:38 ----A---- C:\Windows\system32\iepeers.dll
2009-10-15 16:42:37 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-15 16:42:37 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-15 16:42:37 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-15 16:42:37 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-15 16:42:35 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-15 16:42:35 ----A---- C:\Windows\system32\iesetup.dll
2009-10-15 16:42:35 ----A---- C:\Windows\system32\iernonce.dll
2009-10-15 16:42:35 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-15 16:41:48 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-06 09:16:16 ----D---- C:\Program Files\Common Files\DivX Shared
2009-10-02 18:06:06 ----N---- C:\Windows\system32\MpSigStub.exe
2009-09-19 16:44:01 ----D---- C:\Users\Q\AppData\Roaming\skypePM
2009-09-19 16:40:05 ----D---- C:\Users\Q\AppData\Roaming\Skype
2009-09-19 16:38:01 ----D---- C:\Program Files\Common Files\Skype
2009-09-19 16:38:01 ----A---- C:\Windows\system32\kerberos.dll
2009-09-19 16:37:59 ----A---- C:\Windows\system32\wdigest.dll
2009-09-19 16:37:57 ----RD---- C:\Program Files\Skype
2009-09-19 16:37:56 ----A---- C:\Windows\system32\schannel.dll
2009-09-19 16:37:54 ----A---- C:\Windows\system32\lsasrv.dll
2009-09-19 16:37:50 ----A---- C:\Windows\system32\secur32.dll
2009-09-19 16:37:50 ----A---- C:\Windows\system32\lsass.exe
2009-09-19 16:37:27 ----D---- C:\ProgramData\Skype
2009-09-18 19:26:58 ----A---- C:\Windows\PR1.INI
2009-09-13 11:42:22 ----D---- C:\Program Files\XRECODE
2009-09-13 11:36:39 ----A---- C:\Windows\system32\WMAFile.dll
2009-09-13 11:36:39 ----A---- C:\Windows\system32\AudPlayer.dll
2009-09-13 11:36:39 ----A---- C:\Windows\system32\AudioVisu.dll
2009-09-13 11:36:39 ----A---- C:\Windows\system32\AudioRecord.dll
2009-09-13 11:36:39 ----A---- C:\Windows\system32\AudioInfos.dll
2009-09-13 11:36:38 ----A---- C:\Windows\system32\AudFile.dll
2009-09-13 11:36:38 ----A---- C:\Windows\system32\AudDisplay.dll
2009-09-13 11:36:38 ----A---- C:\Windows\system32\AudDesign.dll
2009-09-13 11:36:37 ----A---- C:\Windows\system32\TABCTFR.DLL
2009-09-13 11:29:27 ----D---- C:\Users\Q\AppData\Roaming\Audacity
2009-09-13 11:28:51 ----D---- C:\Program Files\Audacity 1.3 Beta (Unicode)
2009-09-10 08:29:58 ----A---- C:\Windows\system32\jscript.dll
2009-09-10 08:29:39 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-10 08:29:36 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-10 08:29:36 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-10 08:29:36 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-10 08:29:36 ----A---- C:\Windows\system32\finger.exe
2009-09-10 08:29:36 ----A---- C:\Windows\system32\ARP.EXE
2009-09-10 08:29:35 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-10 08:29:35 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-10 08:29:34 ----A---- C:\Windows\system32\netevent.dll
2009-09-10 08:28:45 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-10 08:28:45 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-10 08:28:44 ----A---- C:\Windows\system32\wlansec.dll
2009-09-10 08:28:43 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-10 08:28:42 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-10 08:28:33 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-10 08:28:32 ----A---- C:\Windows\system32\mf.dll
2009-09-09 09:15:44 ----D---- C:\Program Files\CFWebAdvancedU
2009-09-08 21:20:28 ----D---- C:\Program Files\Common Files\Logitech
2009-09-07 19:10:28 ----D---- C:\Users\Q\AppData\Roaming\Leadertech
2009-09-07 19:10:06 ----A---- C:\Windows\system32\LVUI2RC.dll
2009-09-07 19:10:06 ----A---- C:\Windows\system32\LVUI2.dll
2009-09-07 19:10:06 ----A---- C:\Windows\system32\lvcoinst.ini
2009-09-07 19:10:06 ----A---- C:\Windows\system32\lvcodec2.dll
2009-09-07 19:10:06 ----A---- C:\Windows\system32\lvci11801048.dll
2009-09-07 19:07:56 ----D---- C:\ProgramData\Logishrd
2009-09-07 19:07:55 ----D---- C:\Program Files\Common Files\LogiShrd
2009-09-07 19:07:46 ----D---- C:\ProgramData\Logitech
2009-09-07 19:07:44 ----D---- C:\Program Files\Logitech
2009-09-05 14:47:25 ----A---- C:\Windows\system32\msado15.dll
2009-09-05 14:31:10 ----AS---- C:\Windows\system32\WINSKFR.DLL
2009-09-05 14:31:10 ----AS---- C:\Windows\system32\VB6STKIT.DLL
2009-09-05 14:31:10 ----AS---- C:\Windows\system32\stdftfr.dll
2009-09-05 14:31:10 ----AS---- C:\Windows\system32\shmedia.dll
2009-09-05 14:31:10 ----AS---- C:\Windows\system32\shdoclc.dll
2009-09-05 14:31:05 ----AS---- C:\Windows\system32\msjro.dll
2009-09-05 14:31:04 ----AS---- C:\Windows\system32\MSDBRPTR.DLL
2009-09-05 14:31:04 ----AS---- C:\Windows\system32\MSCC2FR.DLL
2009-09-05 14:31:04 ----AS---- C:\Windows\system32\MSBIND.DLL
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\INETFR.DLL
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\ijl11.dll
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\hxvz.dll
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\hticons.dll
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\glut32.dll
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\ftdbcf.dll
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\FLXGDFR.DLL
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DBRPRFR.DLL
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DBLSTFR.DLL
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DBGRDFR.DLL
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DATRPFR.DLL
2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DATGDFR.DLL
2009-09-05 14:31:02 ----AS---- C:\Windows\system32\CMCTLFR.DLL
2009-09-05 14:31:02 ----AS---- C:\Windows\system32\CMCT3FR.DLL
2009-09-05 14:31:02 ----AS---- C:\Windows\system32\CMCT2FR.DLL
2009-09-05 14:31:02 ----AS---- C:\Windows\system32\cdfview.dll
2009-09-05 14:31:02 ----AS---- C:\Windows\system32\ADODCFR.DLL
2009-09-04 20:22:06 ----D---- C:\Users\Q\AppData\Roaming\Anuman Interactive
2009-09-03 06:33:52 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-03 06:33:50 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-02 18:55:44 ----D---- C:\Users\Q\AppData\Roaming\Scatlaws
2009-09-02 16:09:59 ----D---- C:\Program Files\Google
2009-08-31 22:39:19 ----A---- C:\Windows\system32\MSDBRPT.DLL
2009-08-31 22:39:19 ----A---- C:\Windows\system32\MSCmCFR.dll
2009-08-31 22:39:19 ----A---- C:\Windows\system32\CmDlgFR.dll
2009-08-31 22:39:18 ----A---- C:\Windows\system32\Vb6fr.dll
2009-08-31 22:39:17 ----A---- C:\Windows\system32\TLBINF32.dll
2009-08-30 16:06:09 ----D---- C:\Users\Q\AppData\Roaming\2020 Fusion
2009-08-29 11:14:32 ----A---- C:\Windows\system32\tzres.dll
2009-08-17 22:33:52 ----A---- C:\Windows\system32\FM20.DLL

======List of files/folders modified in the last 3 months======

2009-11-13 00:14:36 ----D---- C:\Windows\Prefetch
2009-11-13 00:14:12 ----D---- C:\Windows\Temp
2009-11-12 22:38:56 ----D---- C:\Windows
2009-11-12 22:37:08 ----SHD---- C:\Windows\Installer
2009-11-12 22:35:55 ----D---- C:\Windows\winsxs
2009-11-12 22:35:16 ----SHD---- C:\System Volume Information
2009-11-12 22:29:12 ----D---- C:\Program Files
2009-11-12 22:28:10 ----D---- C:\ProgramData
2009-11-12 22:27:59 ----D---- C:\Windows\System32
2009-11-12 22:27:40 ----D---- C:\Windows\system32\drivers
2009-11-12 22:27:32 ----D---- C:\Windows\system32\catroot
2009-11-12 22:27:32 ----D---- C:\Windows\inf
2009-11-12 22:21:33 ----D---- C:\Windows\Tasks
2009-11-12 14:22:33 ----D---- C:\Users\Q\AppData\Roaming\Uniblue
2009-11-12 13:51:43 ----SD---- C:\Windows\Downloaded Program Files
2009-11-12 13:51:43 ----D---- C:\Windows\SoftwareDistribution
2009-11-12 13:47:32 ----D---- C:\Windows\system32\Tasks
2009-11-12 13:40:31 ----D---- C:\Program Files\Common Files
2009-11-11 22:12:58 ----D---- C:\Program Files\Mozilla Firefox
2009-11-11 22:12:49 ----D---- C:\Users\Q\AppData\Roaming\Mozilla
2009-11-11 16:39:29 ----D---- C:\Program Files\Windows Mail
2009-11-11 16:36:32 ----D---- C:\ProgramData\Microsoft Help
2009-11-11 16:33:28 ----D---- C:\Windows\Debug
2009-11-11 16:30:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-11 16:30:46 ----RD---- C:\Users
2009-11-11 16:27:44 ----D---- C:\Windows\system32\catroot2
2009-11-09 16:28:44 ----RSD---- C:\Windows\assembly
2009-11-09 16:27:01 ----D---- C:\Windows\Logs
2009-11-08 20:24:17 ----D---- C:\Windows\system32\MUI
2009-11-08 20:22:40 ----D---- C:\Program Files\Internet Explorer
2009-11-08 15:34:04 ----D---- C:\ProgramData\Microsoft
2009-11-08 02:08:31 ----D---- C:\Acer
2009-11-08 01:33:42 ----SHD---- C:\corbeille
2009-11-07 23:29:52 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-11-07 23:29:51 ----D---- C:\Program Files\DivX
2009-11-07 23:26:06 ----D---- C:\Program Files\Apoint2K
2009-11-07 16:54:10 ----D---- C:\Windows\system32\LogFiles
2009-11-05 19:10:30 ----D---- C:\Users\Q\AppData\Roaming\dvdcss
2009-11-05 18:36:21 ----A---- C:\Windows\system32\mrt.exe
2009-10-29 09

Meilleures réponses pour « je pense voir un virus,pouvez vous m'aider? » dans :

Carte Son et virus en prime Voir

BlueSoleiI.exe Virus? comment le virer? (Résolu) Voir

New virus facebook (Résolu) Voir

[Virus] Que faire quand on est infecté ? VoirSi vous savez ou vous pensez être infecté par un virus Si vous savez ou vous pensez être infecté par un virus, il faut s'en occuper le plus rapidement possible car l'infection peut inviter d'autres infections dans votre PC et votre système risque...

[Virus] System Volume Information VoirSommaire Explications Exemple Supprimer un virus logé dans le dossier System Volume Information sous Windows XP Informations supplémentaires Explications Le dossier System Volume Information est utilisé par Windows XP pour...

Quel est le meilleur anti-virus ? VoirC'est une question qui est très souvent posée dans le forum et les débats sont très souvent animés. Certains pensent que les meilleurs anti-virus sont ceux ci-dessous : ANTIVIR AVAST AVG Gdata Bit Defender

Probleme pubs intempestives (Résolu) Voir

Anomalie sur mes saisie au clavier Voir

Redémarrages incontrolés... matos ou virus ? Voir

Posez votre question Répondre

tias35, le 15 nov 2009 à 11:45:59

Re , quand je veut installer java il me dit que je l'ai deja sur mon pc et c varis il et tout les prograne en version 6 update 17 mais il m'est impossible de le desinstaller meme avec javara donc jai peut etre suprimer des fichier important sans le savoir ?non?

Répondre à tias35

Electricien 69, le 15 nov 2009 à 11:48:16

Edit :
il doit être endommagé suite à l'infectiion ou suppression de fichiers,
vire le completement de ton pc avec ceci, puis retélécharges et réinstalles le :
REVO UNINSTALLER DE VS REVO GROUP
http://www.forum-vista.net/...

supprimes le restant de noton de ton pc :

http://service1.symantec.com/...

Un complément
http://www.01net.com/...

Répondre à Electricien 69

tias35, le 15 nov 2009 à 11:58:22

Merci
je venais de le faire avec cleanup utility c bien ou pas?pour java

pour norton je vais essayer merci

Répondre à tias35

Electricien 69, le 15 nov 2009 à 12:02:04

Il y a aussi les traces de bitdefender :-)
utilises cette pase pour les virer :

http://www.commentcamarche.net/...

Répondre à Electricien 69

tias35, le 15 nov 2009 à 12:41:19

Je ne retrouve plus java je pense donc quil et effaver mais pour le reinstaller il me dit toujours : "this software is already in your computer do you want to reinstal this" je dis oui et rien ne se passe je sais plus quoi faire...

Répondre à tias35

tias35, le 15 nov 2009 à 12:53:35

Re je pense ou jai cru comprendre que aero et un fichier "rar" et je ne peut pas ouvrir les fichier "rar" je ne sai pas pourkoi????

Répondre à tias35

tias35, le 15 nov 2009 à 13:13:33

Peut tu me dire stp si je peut suprimer ces programe ci:

MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
microsoft .net framework 1.1
microsoft .net framework 1.1 french language pack
microsoft .net framework 3.5 sp1

etc... yen a plein d'autres mais je ve faire une capture d'ecrans

Répondre à tias35

tias35, le 15 nov 2009 à 13:50:17

http://www.cijoint.fr/cjlink.php?file=cj200911/cijSLOVaSE.jpg

c le lien de ma capture d'image de mes programes peut tu me dire les quel je peut effcer stp '
je t'en remerci d'avance

Répondre à tias35

tias35, le 15 nov 2009 à 14:11:00

http://www.cijoint.fr/cjlink.php?file=cj200911/cijiwpXpUy.jpg
http://www.cijoint.fr/cjlink.php?file=cj200911/cijcPKO5tu.jpg
http://www.cijoint.fr/cjlink.php?file=cj200911/cijxyWiTFC.jpg
http://www.cijoint.fr/cjlink.php?file=cj200911/cijre3B7qJ.jpg
http://www.cijoint.fr/cjlink.php?file=cj200911/cijjylAQIi.jpg

tous ces liens sont des images de mes processus ou autres ???? dont je te parlais tout a l'heure ...
dsl je n'ai pas pu les mettre sur un seul lien

peut tu m'en dire quelle que chose? ca fai beaucoup je trouve non?

Répondre à tias35

Electricien 69, le 15 nov 2009 à 15:00:46

Dans l'ordre :
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
microsoft .net framework 1.1
microsoft .net framework 1.1 french language pack
microsoft .net framework 3.5 sp1

ce sont les mises à jour de ton os, tu ne peux pas les virer .

tu peux supprimer :
Bunty games
remout registry

pour w32time :
http://support.microsoft.com/kb/223184/fr

pour les supprimer, il faut d'abord arreter les processus via le gestionnaire de taches, puis les virer phisiquement du pc, sinon, il vont se relancer de nouveau ou emettre des messages d'erreur au demarrage :-)

Répondre à Electricien 69

tias35, le 15 nov 2009 à 15:32:34

Merci,
dsl de te solicite encore mais il m'es impossible d'ouvrir les fichier ".met" ni les fichier rar serai tu pourquoi?
merci

Répondre à tias35

Electricien 69, le 15 nov 2009 à 15:33:50

Il faut le logiciel de décompressiion, mais je te déconseille de les ouvrir, si tu t'en sers pas de ces fichiers, vires les tout simplment ;-)

Répondre à Electricien 69

tias35, le 15 nov 2009 à 16:03:27

Oui mais c pareil pour le fichier d'aero c un fichier jar et je ne peut pas l'ouvrir non plus comment faire?????

Répondre à tias35

Electricien 69, le 15 nov 2009 à 16:35:34

Insyalles 7 zip, c'est un utilitaire qui permet la décompression des fichiers zipés :
http://www.01net.com/...

Répondre à Electricien 69

tias35, le 15 nov 2009 à 16:58:55

Merci encore mais une fois le fichier aero ouvert je ne sais pas sur quell fichier cliqer

je clique sur install.rdf et impossible d'ouvrir de nouveau. a tu encore une solution????

sinon vraiment merci beaucoup de ton aide.

Répondre à tias35

Electricien 69, le 15 nov 2009 à 17:03:13

Je ne sais pas comment faire mais j'ai trouvé ceci, si ça peut t'aider :
http://www.vulgarisation-informatique.com/activer-aero.php

Répondre à Electricien 69

tias35, le 15 nov 2009 à 17:41:36

Encore une fois merci bcp de ton aide et merci a CCM,

je sais desormais ou te joindre... lol

Répondre à tias35

Electricien 69, le 15 nov 2009 à 17:44:55

Bon surf et bonne soirée ;-)

Répondre à Electricien 69

38 réponses 12

Posez votre question Répondre