C:\windows\system32\fservices.exe introuvable

azzben Messages postés 34 Statut Membre -  
azzben Messages postés 34 Statut Membre -
Bonjour,


Alors voila après avoir fais un scan avec Avast qui a détecté un torjan il a apparemment supprimé fservices.exe depuis a chaque fois que je démarre mon pc un message d'erreur apparait avec écrit c:\windows\system32\fservices.exe introuvable, que dois-je faire ?

Merci

15 réponses

Réponse 1 / 15
Utilisateur anonyme
 
Bonjour azzben
Télécharges Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

http://images.malwareremoval.com/random/RSIT.exe

Double-cliques sur RSIT.exe.

Cliques sur Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Postes le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

A noter: Les rapports se trouvent également ici: C:\rsit.
A+
1
Réponse 2 / 15
Zaidar Messages postés 47 Statut Membre 2
 
Cette question a deja ete posé alors je te conseille d'aller voir ici :

https://forums.commentcamarche.net/forum/affich-1138667-c-windows-system32-fservice-exe

https://forums.commentcamarche.net/forum/affich-3804398-probleme-avec-fservices-exe

http://www.infos-du-net.com/forum/232594-11-problem-fservices

En esperant que ca peut t'aider. Bonne chance.
0
Réponse 3 / 15
azzben Messages postés 34 Statut Membre 1
 
Alors voila le log :



Logfile of random's system information tool 1.06 (written by random/random)
Run by Nadia at 2009-08-29 14:32:38
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 30 GB (42%) free of 72 GB
Total RAM: 1012 MB (40% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\GlaryInitialize.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Guida per l'accesso a Windows Live - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~2\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"Updat windows"=C:\WINDOWS\system32\Updat windows\Microsoft.exe [2009-08-10 100864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Updat windows"=C:\WINDOWS\system32\Updat windows\Microsoft.exe [2009-08-10 100864]
"DirectX For Microsoft® Windows"=C:\WINDOWS\system32\fservice.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Microsoft"=C:\WINDOWS\system32\Updat windows\Microsoft.exe [2009-08-10 100864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Updat windows"=C:\WINDOWS\system32\Updat windows\Microsoft.exe [2009-08-10 100864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programmi\Microsoft Office\Office12\ONENOTE.EXE"="C:\Programmi\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Programmi\Messenger\msmsgs.exe"="C:\Programmi\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programmi\Windows Live\Messenger\livecall.exe"="C:\Programmi\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\Nadia\Documenti\Téléchargements\WoWq.exe"="C:\Documents and Settings\Nadia\Documenti\Téléchargements\WoWq.exe:*:Enabled:Blizzard Downloader"
"C:\Documents and Settings\Nadia\Documenti\Téléchargements\WoWBC.exe"="C:\Documents and Settings\Nadia\Documenti\Téléchargements\WoWBC.exe:*:Enabled:Blizzard Downloader"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Modulo di esecuzione DLL come applicazioni"
"C:\Documents and Settings\Nadia\Impostazioni locali\Temp\RarSFX0\hl.exe"="C:\Documents and Settings\Nadia\Impostazioni locali\Temp\RarSFX0\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Programmi\VideoLAN\VLC\vlc.exe"="C:\Programmi\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Documents and Settings\All Users\Dati applicazioni\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Dati applicazioni\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"C:\CS1.6 pod-Bot\hl.exe"="C:\CS1.6 pod-Bot\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Programmi\HLSW\hlsw.exe"="C:\Programmi\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\CS1.6 pod-Bot\hltv.exe"="C:\CS1.6 pod-Bot\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Documents and Settings\Nadia\Documenti\Téléchargements\Mess-Mania v3.0\Mess-Mania v3.0.exe"="C:\Documents and Settings\Nadia\Documenti\Téléchargements\Mess-Mania v3.0\Mess-Mania v3.0.exe:*:Enabled:The Ultimate Msn Tool !"
"C:\Documents and Settings\Nadia\Documenti\Téléchargements\Poison Ivy 2.3.2.exe"="C:\Documents and Settings\Nadia\Documenti\Téléchargements\Poison Ivy 2.3.2.exe:*:Enabled:Poison Ivy Remote Administration"
"C:\Documents and Settings\Nadia\desktop\Bifrost.exe"="C:\Documents and Settings\Nadia\desktop\Bifrost.exe:*:Enabled:Bifrost 1.2.1"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe"="C:\Programmi\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Programmi\Windows Live\Messenger\msnmsgr.exe"="C:\Programmi\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programmi\Windows Live\Messenger\livecall.exe"="C:\Programmi\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a77393d-92fd-11de-a989-00242bb94562}]
shell\AutoRun\command - E:\USBAutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d391896-4211-11de-a922-00242bb94562}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d391897-4211-11de-a922-00242bb94562}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5d391899-4211-11de-a922-00242bb94562}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77386032-4ba6-11de-a936-00242bb94562}]
shell\AutoRun\command - E:\VFPcAssistant.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77386033-4ba6-11de-a936-00242bb94562}]
shell\AutoRun\command - wscript.exe .\.vbs
shell\open\command - wscript.exe .\.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77386038-4ba6-11de-a936-00242bb94562}]
shell\AutoRun\command - E:\VFPcAssistant.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{78e2b09c-45dc-11de-a92a-00242bb94562}]
shell\AutoRun\command - E:\VFPcAssistant.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a7243f8-3959-11de-a91c-00242bb94562}]
shell\AutoRun\command - E:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7ae50044-420c-11de-a921-00242bb94562}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7ae50045-420c-11de-a921-00242bb94562}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d3319d9e-396d-11de-a91d-00242bb94562}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d3319da0-396d-11de-a91d-00242bb94562}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d663232a-450d-11de-a928-00242bb94562}]
shell\AutoRun\command - E:\VFPcAssistant.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea1d6dbd-38fb-11de-a919-806d6172696f}]
shell\AutoRun\command - D:\setupSNK.exe


======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2009-08-29 14:32:42 ----D---- C:\Programmi\trend micro
2009-08-29 14:32:38 ----D---- C:\rsit
2009-08-29 14:21:25 ----D---- C:\WINDOWS\LastGood
2009-08-28 12:11:33 ----A---- C:\wepkeys.txt
2009-08-27 17:04:47 ----D---- C:\WINDOWS\pss
2009-08-27 16:15:25 ----A---- C:\WINDOWS\zip.exe
2009-08-27 16:15:25 ----A---- C:\WINDOWS\SWSC.exe
2009-08-27 16:15:25 ----A---- C:\WINDOWS\SWREG.exe
2009-08-27 16:15:25 ----A---- C:\WINDOWS\sed.exe
2009-08-27 16:15:25 ----A---- C:\WINDOWS\PEV.exe
2009-08-27 16:15:25 ----A---- C:\WINDOWS\NIRCMD.exe
2009-08-27 16:15:25 ----A---- C:\WINDOWS\grep.exe
2009-08-27 16:15:24 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-08-27 16:15:14 ----D---- C:\WINDOWS\ERDNT
2009-08-27 16:15:13 ----SD---- C:\ComboFix
2009-08-27 16:15:13 ----A---- C:\WINDOWS\system32\CF24134.exe
2009-08-27 16:14:36 ----D---- C:\Qoobox
2009-08-27 13:44:53 ----A---- C:\WINDOWS\system32\tsccvid.dll
2009-08-26 17:54:05 ----D---- C:\Programmi\No-IP
2009-08-25 17:23:01 ----D---- C:\Programmi\ElcomSoft
2009-08-25 17:13:04 ----D---- C:\Programmi\RAR Password Cracker
2009-08-21 20:09:49 ----A---- C:\WINDOWS\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2009-08-21 20:09:27 ----A---- C:\WINDOWS\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
2009-08-21 20:07:49 ----D---- C:\WINDOWS\system32\RsFx
2009-08-21 20:05:24 ----D---- C:\Programmi\MSXML 6.0
2009-08-21 20:05:09 ----D---- C:\WINDOWS\system32\1036
2009-08-21 19:31:16 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2009-08-21 19:30:33 ----D---- C:\Programmi\Microsoft Silverlight
2009-08-21 19:30:16 ----D---- C:\Programmi\Microsoft Synchronization Services
2009-08-21 19:30:14 ----D---- C:\Programmi\Microsoft SQL Server Compact Edition
2009-08-21 19:24:19 ----D---- C:\Programmi\Microsoft Visual Studio 9.0
2009-08-21 19:23:32 ----D---- C:\Programmi\Microsoft SDKs
2009-08-21 19:23:16 ----N---- C:\WINDOWS\system32\spmsg2.dll
2009-08-21 19:23:09 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2009-08-21 19:22:39 ----D---- C:\WINDOWS\system32\fr-FR
2009-08-20 10:08:29 ----D---- C:\Programmi\CamStudio
2009-08-20 10:08:28 ----RSHD---- C:\WINDOWS\system32\Updat windows
2009-08-18 22:50:39 ----D---- C:\Programmi\AxBx
2009-08-17 17:10:58 ----A---- C:\WINDOWS\system32\MRT.exe
2009-08-16 21:10:17 ----D---- C:\WINDOWS\system32\Windows
2009-08-16 21:04:05 ----D---- C:\Programmi\Windows Live Safety Center
2009-08-16 12:11:10 ----SD---- C:\Programmi\HLSW
2009-08-16 12:11:10 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\HLSW
2009-08-14 14:09:34 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\Hamachi
2009-08-14 14:00:30 ----A---- C:\WINDOWS\unvise32.exe
2009-08-14 13:55:37 ----D---- C:\CS1.6 pod-Bot
2009-08-13 23:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-08-13 23:32:11 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-08-13 23:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-08-13 23:31:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-08-13 23:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-08-13 23:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-08-13 23:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-08-13 23:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-08-13 23:31:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-08-13 23:31:04 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-08-10 22:15:54 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-08-10 19:54:30 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\GlarySoft
2009-08-10 19:46:02 ----D---- C:\Programmi\Glary Utilities
2009-08-10 19:23:38 ----A---- C:\WINDOWS\Applian FLV Player Uninstall Log.txt
2009-08-09 20:36:26 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\NexonEU
2009-08-09 19:47:03 ----D---- C:\Download
2009-08-09 19:46:38 ----D---- C:\Nexon
2009-08-09 19:46:37 ----A---- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe
2009-08-09 10:45:30 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\teamspeak2
2009-08-09 10:45:12 ----D---- C:\Programmi\Teamspeak2_RC2
2009-08-08 23:36:32 ----D---- C:\WINDOWS\system32\XPSViewer
2009-08-08 23:36:25 ----D---- C:\Programmi\MSBuild
2009-08-08 23:36:22 ----D---- C:\WINDOWS\system32\en-US
2009-08-08 23:36:13 ----D---- C:\Programmi\Reference Assemblies
2009-08-08 23:35:37 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-08-08 23:35:37 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-08-08 23:35:37 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-08-08 11:01:24 ----D---- C:\Programmi\PacSteamT
2009-08-08 10:53:58 ----D---- C:\PacSteamT
2009-08-05 10:35:20 ----D---- C:\Logs
2009-08-04 18:11:04 ----D---- C:\Programmi\World of Warcraft
2009-08-03 18:28:58 ----D---- C:\Programmi\ConWare
2009-08-03 16:57:25 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-08-02 15:34:20 ----A---- C:\271_icol.dll
2009-08-02 15:06:52 ----A---- C:\WINDOWS\system32\uxtheme.dll.backup
2009-08-02 14:41:14 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\FindeXer
2009-08-02 14:31:04 ----D---- C:\Programmi\RK Launcher
2009-08-02 14:30:57 ----D---- C:\Programmi\CursorXP
2009-08-02 14:26:47 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2009-08-01 22:51:49 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-08-01 22:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-08-01 22:51:10 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2009-08-01 22:51:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-08-01 22:50:41 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-08-01 15:00:48 ----D---- C:\Programmi\IDoser v4
2009-08-01 12:02:43 ----D---- C:\Programmi\PhotoFiltre Studio
2009-07-31 21:25:59 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\WhiteCap (Holiday Edition)
2009-07-31 12:53:41 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Downloaded Installations
2009-07-31 12:48:03 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-07-31 12:47:58 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-07-31 12:47:37 ----D---- C:\Programmi\Windows Media Connect 2
2009-07-31 12:47:24 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-07-31 12:46:27 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-07-31 12:45:33 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-07-31 12:44:38 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Windows Genuine Advantage
2009-07-30 14:25:33 ----D---- C:\Programmi\File comuni\Blizzard Entertainment
2009-07-30 14:14:28 ----D---- C:\WINDOWS\system32\Adobe
2009-07-30 14:07:52 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-07-30 14:07:51 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-07-30 14:07:51 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-07-30 14:07:49 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-07-30 14:07:49 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-07-30 14:07:48 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-07-30 14:07:48 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-07-30 14:07:47 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-07-30 14:07:47 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-07-30 14:07:46 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-07-30 14:07:45 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-07-30 14:07:45 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-07-30 14:07:44 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-07-30 14:07:43 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-07-30 14:07:42 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-07-30 14:07:42 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-07-30 14:07:41 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-07-30 14:07:40 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-07-30 14:07:40 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-07-30 14:07:39 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-07-30 14:07:38 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-07-30 14:07:38 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-07-30 14:07:37 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-07-30 14:07:36 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-07-30 14:07:36 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-07-30 14:07:35 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-07-30 14:07:34 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-07-30 14:07:33 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-07-30 14:07:32 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-07-30 14:07:32 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-07-30 14:07:31 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-07-30 14:07:31 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-07-30 14:07:29 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-07-30 14:07:28 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-07-30 14:07:26 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-07-30 14:07:26 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-07-30 14:07:25 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-07-30 14:07:24 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-07-30 14:07:23 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-07-30 14:07:23 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-07-30 14:07:21 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-07-30 14:07:20 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-07-30 14:07:20 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-07-30 14:07:20 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-07-30 14:07:19 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-07-30 14:07:18 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-07-30 14:07:18 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-07-30 14:07:16 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-07-30 14:07:15 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-07-30 14:07:15 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-07-30 14:07:14 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-07-30 14:07:13 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-07-30 14:07:11 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-07-30 14:07:10 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-07-30 14:07:10 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-07-30 14:07:09 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-07-30 14:07:08 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-07-30 14:07:08 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-07-30 14:07:07 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-07-30 14:07:07 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-07-30 14:07:06 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-07-30 14:07:02 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-07-30 14:07:01 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-07-30 14:07:01 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-07-30 14:07:00 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-07-30 14:06:59 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-07-30 14:06:59 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-07-30 14:06:58 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-07-30 14:06:58 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-07-30 14:06:57 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-07-30 14:06:55 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-07-30 14:04:22 ----D---- C:\WINDOWS\Logs
2009-07-30 14:03:57 ----D---- C:\Programmi\Utherverse Digital Inc

======List of files/folders modified in the last 1 months======

2009-08-29 14:32:42 ----D---- C:\Programmi
2009-08-29 14:32:36 ----D---- C:\WINDOWS\Prefetch
2009-08-29 14:30:22 ----AD---- C:\WINDOWS\system32
2009-08-29 14:24:01 ----D---- C:\WINDOWS\Temp
2009-08-29 14:24:00 ----HD---- C:\WINDOWS\inf
2009-08-29 14:22:24 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\vlc
2009-08-29 14:21:25 ----D---- C:\WINDOWS
2009-08-29 14:08:13 ----D---- C:\Programmi\Steam
2009-08-29 13:00:09 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-29 12:08:43 ----D---- C:\Programmi\Mozilla Firefox
2009-08-29 10:31:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-08-28 23:03:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-27 21:24:54 ----D---- C:\WINDOWS\system
2009-08-27 19:29:45 ----D---- C:\WINDOWS\system32\Restore
2009-08-27 16:33:44 ----D---- C:\WINDOWS\Minidump
2009-08-27 16:16:18 ----AD---- C:\WINDOWS\system32\drivers
2009-08-27 16:15:22 ----SHD---- C:\System Volume Information
2009-08-27 14:22:21 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\Sony
2009-08-27 12:45:02 ----RSD---- C:\WINDOWS\Fonts
2009-08-27 12:45:02 ----D---- C:\WINDOWS\system32\usmt
2009-08-27 12:45:02 ----D---- C:\Programmi\Windows NT
2009-08-27 12:45:02 ----D---- C:\Programmi\Windows Media Player
2009-08-27 12:45:02 ----D---- C:\Programmi\Outlook Express
2009-08-27 12:45:02 ----D---- C:\Programmi\Movie Maker
2009-08-27 12:45:02 ----D---- C:\Programmi\Internet Explorer
2009-08-27 12:45:02 ----D---- C:\Programmi\File comuni\System
2009-08-27 12:45:01 ----D---- C:\WINDOWS\srchasst
2009-08-26 14:11:16 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\dvdcss
2009-08-23 11:24:11 ----D---- C:\WINDOWS\Microsoft.NET
2009-08-23 11:24:04 ----RSD---- C:\WINDOWS\assembly
2009-08-22 23:23:56 ----SHD---- C:\WINDOWS\Installer
2009-08-21 20:08:03 ----D---- C:\Programmi\Microsoft SQL Server
2009-08-21 20:05:45 ----D---- C:\Programmi\File comuni\Microsoft Shared
2009-08-21 20:05:10 ----D---- C:\WINDOWS\system32\1033
2009-08-21 20:04:31 ----D---- C:\Programmi\Microsoft.NET
2009-08-21 20:02:45 ----D---- C:\WINDOWS\WinSxS
2009-08-21 19:31:38 ----D---- C:\WINDOWS\system32\mui
2009-08-21 19:31:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-08-21 19:30:25 ----SD---- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft
2009-08-21 19:29:51 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Microsoft Help
2009-08-21 19:28:06 ----SD---- C:\Documents and Settings\Nadia\Dati applicazioni\Microsoft
2009-08-21 19:23:24 ----A---- C:\WINDOWS\imsins.BAK
2009-08-19 23:00:50 ----D---- C:\WINDOWS\system32\CatRoot
2009-08-19 23:00:35 ----D---- C:\WINDOWS\system32\it-it
2009-08-19 19:04:24 ----HD---- C:\Programmi\InstallShield Installation Information
2009-08-19 19:04:21 ----D---- C:\PROGRAM FILES
2009-08-19 19:03:48 ----D---- C:\Programmi\File comuni\InstallShield
2009-08-18 14:57:06 ----SD---- C:\WINDOWS\Tasks
2009-08-17 17:11:01 ----D---- C:\WINDOWS\Debug
2009-08-15 17:33:13 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-08-15 17:20:07 ----A---- C:\WINDOWS\system.ini
2009-08-15 10:32:20 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\Macromedia
2009-08-15 10:29:23 ----D---- C:\WINDOWS\system32\config
2009-08-15 10:20:40 ----D---- C:\Programmi\File comuni\Adobe
2009-08-15 10:20:40 ----D---- C:\Programmi\Adobe
2009-08-15 10:20:35 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Adobe
2009-08-14 16:48:34 ----A---- C:\WINDOWS\system32\uxtheme.dll
2009-08-14 14:08:38 ----D---- C:\temp
2009-08-13 23:31:56 ----HD---- C:\WINDOWS\$hf_mig$
2009-08-11 12:22:53 ----D---- C:\Programmi\Messenger Plus! Live
2009-08-10 19:58:51 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\BitTorrent
2009-08-10 19:58:51 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\espionServerData
2009-08-10 19:50:19 ----D---- C:\Programmi\Google
2009-08-10 19:33:25 ----D---- C:\Programmi\File comuni
2009-08-10 19:31:09 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-08-10 19:29:13 ----D---- C:\Documents and Settings\All Users\Dati applicazioni\Google
2009-08-10 19:25:39 ----D---- C:\Programmi\DAEMON Tools Toolbar
2009-08-10 11:47:10 ----D---- C:\Documents and Settings\Nadia\Dati applicazioni\Google
2009-08-08 23:35:51 ----D---- C:\WINDOWS\system32\spool
2009-08-08 23:35:47 ----D---- C:\i386
2009-08-05 10:59:33 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2009-08-02 15:41:12 ----AD---- C:\WINDOWS\system32\oobe
2009-08-02 14:32:54 ----A---- C:\WINDOWS\BricoPackUninst.txt
2009-08-02 14:32:54 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2009-08-02 14:24:59 ----D---- C:\WINDOWS\BricoPacks
2009-07-31 21:02:40 ----D---- C:\Programmi\Vodafone PC Assistant
2009-07-31 12:47:46 ----A---- C:\WINDOWS\win.ini
2009-07-31 12:47:34 ----D---- C:\WINDOWS\Help
2009-07-31 12:45:43 ----D---- C:\WINDOWS\system32\LogFiles
2009-07-31 12:41:01 ----D---- C:\WINDOWS\RegisteredPackages
2009-07-30 14:07:54 ----D---- C:\WINDOWS\system32\DirectX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 intelppm;Driver processore Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 WmiAcpi;Strumentazione gestione Microsoft Windows per ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-08-20 1318464]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 CmBatt;Driver batteria a metodo di controllo ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Driver bus UAA Microsoft per High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Driver di classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-06 4968448]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2008-09-03 94608]
R3 mouhid;Driver di mouse HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-30 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-08-07 111360]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 usbehci;Driver Miniport controller enhanced host USB 2.0 Microsoft; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Hub abilitato USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Driver Miniport Controller Universal Host USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 catchme;catchme; \??\C:\DOCUME~1\Nadia\IMPOST~1\Temp\catchme.sys []
S3 CCDECODE;Decoder sottotitoli codificati; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ChangeMe;ChangeMe; \??\C:\DOCUME~1\Nadia\IMPOST~1\Temp\ChangeMe.sys []
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-14 25280]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 MobileAdapter;Huawei Mobile Adapter USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\hmvmdm.sys [2007-03-27 88960]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Connesione TV/Video Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Driver principale generico USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Driver archiviazione di massa USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Periferica video USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Codec World Standard Teletext; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 RsFx0102;RsFx0102 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
S4 sr;Driver filtro Ripristino configurazione di sistema; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Programmi\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Programmi\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 ETService;Empowering Technology Service; C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe [2008-07-16 24576]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Programmi\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
R2 SQLBrowser;SQL Server Browser; C:\Programmi\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]
R2 SQLWriter;SQL Server VSS Writer; C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Programmi\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Programmi\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2001-04-02 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Programmi\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Programmi\File comuni\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Programmi\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WLSetupSvc;Windows Live Setup Service; C:\Programmi\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Programmi\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Programmi\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Programmi\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]

-----------------EOF-----------------





et l'info :


info.txt logfile of random's system information tool 1.06 2009-08-29 14:32:55

======Uninstall list======

-->"C:\Programmi\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x0010 -removeonly
-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {1E263117-EA60-42D9-A0B1-1A572770F6C1}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {58FC5E37-DD28-4D4A-A549-125744C6763C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {B9896689-DF51-4A16-AAD5-002622D86C72}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0410-0000-0000000FF1CE} /uninstall {741A792D-4ED8-4C66-B32E-A47865FA1163}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Aggiornamento critico per Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956390)-->"C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aggiornamento della protezione per Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aggiornamento per Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB932716-v2)-->"C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB949764)-->"C:\WINDOWS\$NtUninstallKB949764$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Aggiornamento rapido per Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Archiveur WinRAR-->C:\Programmi\WinRAR\uninstall.exe
Assistente per l'accesso a Windows Live-->MsiExec.exe /I{DC7B9AB3-2635-45AA-957D-90FDE7CD51D7}
Atheros for Acer Driver v7.6.0.264_Foxconn Installation Program-->C:\Programmi\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0010 -removeonly
avast! Antivirus-->C:\Programmi\Alwil Software\Avast4\aswRunDll.exe "C:\Programmi\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
CamStudio-->C:\Programmi\CamStudio\uninstall.exe
Clean Virus MSN-->"C:\Programmi\AxBx\Clean Virus MSN\unins000.exe"
Correctif pour Microsoft Visual Basic 2008 Express SP1 - Français (KB945282)-->C:\WINDOWS\system32\msiexec.exe /package {EAF461BE-79BE-340B-AEBA-82D1230EC024} /uninstall /qb+ REBOOTPROMPT=""
Correctif pour Microsoft Visual Basic 2008 Express SP1 - Français (KB946040)-->C:\WINDOWS\system32\msiexec.exe /package {EAF461BE-79BE-340B-AEBA-82D1230EC024} /uninstall /qb+ REBOOTPROMPT=""
Correctif pour Microsoft Visual Basic 2008 Express SP1 - Français (KB946308)-->C:\WINDOWS\system32\msiexec.exe /package {EAF461BE-79BE-340B-AEBA-82D1230EC024} /uninstall /qb+ REBOOTPROMPT=""
Correctif pour Microsoft Visual Basic 2008 Express SP1 - Français (KB946344)-->C:\WINDOWS\system32\msiexec.exe /package {EAF461BE-79BE-340B-AEBA-82D1230EC024} /uninstall /qb+ REBOOTPROMPT=""
Correctif pour Microsoft Visual Basic 2008 Express SP1 - Français (KB947540)-->C:\WINDOWS\system32\msiexec.exe /package {EAF461BE-79BE-340B-AEBA-82D1230EC024} /uninstall /qb+ REBOOTPROMPT=""
Correctif pour Microsoft Visual Basic 2008 Express SP1 - Français (KB947789)-->C:\WINDOWS\system32\msiexec.exe /package {EAF461BE-79BE-340B-AEBA-82D1230EC024} /uninstall /qb+ REBOOTPROMPT=""
Correctif pour Microsoft Visual Basic 2008 Express SP1 - Français (KB948127)-->C:\WINDOWS\system32\msiexec.exe /package {EAF461BE-79BE-340B-AEBA-82D1230EC024} /uninstall /qb+ REBOOTPROMPT=""
Correctif pour Microsoft Visual Basic 2008 Express SP1 - Français (KB951708)-->C:\WINDOWS\system32\msiexec.exe /package {EAF461BE-79BE-340B-AEBA-82D1230EC024} /uninstall /qb+ REBOOTPROMPT=""
Counter Strike 1.6 - By PirocaHP.F!N4LShare-->C:\WINDOWS\unvise32.exe C:\CS1.6 pod-Bot\uninstal_cs.log
Counter Strike 1.6 - Pack 112 Mapas - By PirocaHP F!N4LShare-->C:\WINDOWS\unvise32.exe C:\CS1.6 pod-Bot\uninstal_map.log
Enregistreur VSS Microsoft SQL Server-->MsiExec.exe /I{1F25F81F-AFC4-4A38-9CD0-7F321BFDEDBC}
Fichiers support d'instal. Microsoft SQL Server 2008 (français)-->MsiExec.exe /X{F05F9FC5-A369-4989-8923-33A191F08232}
FL Studio 8-->C:\Programmi\Image-Line\FL Studio 8\uninstall.exe
Glary Utilities Pro 2.15.0.738-->"C:\Programmi\Glary Utilities\unins000.exe"
HLSW v1.3.2.1-->"C:\Programmi\HLSW\unins000.exe"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IL Download Manager-->C:\Programmi\Image-Line\Downloader\uninstall.exe
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
JMicron JMB38X Flash Media Controller-->"C:\Programmi\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\setup.exe" delpkg
Lecteur Windows Media 11-->"C:\Programmi\Windows Media Player\Setup_wm.exe" /Uninstall
Messenger Plus! Live-->"C:\Programmi\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1 Italian Language Pack-->MsiExec.exe /X{F2D2B58B-B2FD-46D1-8319-DCE564079934}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Programmi\File comuni\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Italian) 2007-->MsiExec.exe /X{90120000-00A1-0410-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (Italian)-->MsiExec.exe /X{95120000-00AF-0410-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}
Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}
Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{4A6F34E2-09E5-4616-B227-4A26A488A6F9}
Microsoft SQL Server 2008 Common Files-->MsiExec.exe /I{51DE0B73-7A33-41B8-9183-8321D40815E0}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{23D448C7-7DC7-4C15-B47D-C99364501F07}
Microsoft SQL Server 2008 Database Engine Services-->MsiExec.exe /I{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{F0FD00FD-CE66-474F-A116-72B4880E8B47}
Microsoft SQL Server 2008 Database Engine Shared-->MsiExec.exe /I{F3494AB6-6900-41C6-AF57-823626827ED8}
Microsoft SQL Server 2008 Management Objects-->MsiExec.exe /I{F5E87B12-3C27-452F-8E78-21D42164FD83}
Microsoft SQL Server 2008 RsFx Driver-->MsiExec.exe /I{F1DC7648-8623-442F-92B7-E118DF61872E}
Microsoft SQL Server 2008-->"C:\Programmi\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /x86
Microsoft SQL Server 2008-->"C:\Programmi\Microsoft SQL Server\100\Setup Bootstrap\Release\x86\SetupARP.exe" /X86
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)-->MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft SQL Server 2008 Browser-->MsiExec.exe /X{4401409D-25F1-4E85-8A3C-6BA6FFCFBFED}
Microsoft SQL Server 2008 Native Client-->MsiExec.exe /I{C153249C-DD12-465E-A306-C3B89AB863FB}
Microsoft SQL Server Compact 3.5 SP1 - Français-->MsiExec.exe /I{58FD9176-17BF-4D9A-8773-5ECA2947D391}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual Basic 2008 Express Edition with SP1 - FRA-->MsiExec.exe /X{EAF461BE-79BE-340B-AEBA-82D1230EC024}
Microsoft Visual Basic 2008 Express SP1 - Français-->C:\Programmi\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition with SP1 - FRA\setup.exe
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - fra-->MsiExec.exe /X{484AB636-ADBC-3A85-AB82-41873BDD1083}
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32-->MsiExec.exe /X{044F9133-B8D7-4d11-BF39-803FA20F5C8B}
Microsoft Works-->MsiExec.exe /I{34A08914-7A33-4040-A959-1577BF5AFF8A}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.2)-->C:\Programmi\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{1787603C-E6E3-42D4-8034-55F358486F1D}
No-IP.com DUC (remove only)-->"C:\Programmi\No-IP\DUC20.exe" -uninstall
Outils de conception SQL Server Compact 3.5 SP1 - Français-->MsiExec.exe /X{A5D20C78-D226-4B41-A553-EEEBEB824853}
Pacchetto di compatibilità per Office System 2007-->MsiExec.exe /X{90120000-0020-0410-0000-0000000FF1CE}
Packard Bell Recovery Management-->"C:\Programmi\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x0010 -removeonly
PhotoFiltre Studio-->"C:\Programmi\PhotoFiltre Studio\Uninst.exe"
PoiZone-->C:\Programmi\Image-Line\PoiZone\uninstall.exe
RAR Password Cracker 4.12-->C:\Programmi\RAR Password Cracker\uninstall.exe
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Programmi\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -l0x0010 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\FILECO~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programmi\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x10 -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Setup My PC-->"C:\Programmi\InstallShield Installation Information\{28518520-F25C-48C3-A224-861F331602F4}\setup.exe" -runfromtemp -l0x0010 -removeonly
Sony Media Manager 2.2-->MsiExec.exe /X{878D2EB2-2D55-42A9-955E-1E08F28529FD}
Sony Vegas 7.0-->MsiExec.exe /X{DFB951D6-4270-42D8-B4B7-AA4B01911DC3}
Sql Server Customer Experience Improvement Program-->MsiExec.exe /I{C965F01C-76EA-4BD7-973E-46236AE312D7}
SQL Server System CLR Types-->MsiExec.exe /I{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Strumento di caricamento di Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
TeamSpeak 2 RC2-->C:\Programmi\Teamspeak2_RC2\unins000.exe
Toxic Biohazard-->C:\Programmi\Image-Line\Toxic Biohazard\uninstall.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VLC media player 1.0.0-->C:\Programmi\VideoLAN\VLC\uninstall.exe
WebCam-->C:\Programmi\InstallShield Installation Information\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}\setup.exe -runfromtemp -l0x0010 -removeonly
Windows Driver Package - Option nv (GT72NDISIPXP) Net (02/21/2008 4.0.2.32)-->C:\PROGRA~2\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\gt72ndis_9C819FAADFD67DC65212F3F18DD38807D2E4F6B1\gt72ndis.inf
Windows Driver Package - Option nv (GT72UBUS) USB (02/21/2008 4.0.2.32)-->C:\PROGRA~2\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\gt72ubus_592D33C1784E42E4779B777EB0DFE5C7297511EA\gt72ubus.inf
Windows Driver Package - Option nv (GTPTSER) Modem (02/21/2008 4.0.2.32)-->C:\PROGRA~2\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\gt72mdm_896E1EE0DB9899A833D892FDA2987E02DF0E38BE\gt72mdm.inf
Windows Driver Package - Option nv (GTPTSER) Ports (02/21/2008 4.0.2.32)-->C:\PROGRA~2\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997
0
Réponse 4 / 15
Utilisateur anonyme
 
RE
Il manque le rapport HijachThis, ca ressamble a ca: https://forums.commentcamarche.net/forum/affich-14117243-pc-escargot-rapport-hijackthis Regardes dans C:\RSIT fichier log. Si tu le vois, fais juste un copier coller de celui ci.
Sinon, regardes si il n'est pas dans C:\ HijackThis.log
A+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
azzben Messages postés 34 Statut Membre 1
 
Ben je t'ai copié le log et l'info et pour HijackThis.log ton logiciel me l'a pas installé puisque je ne l'ai pas.
0
Réponse 6 / 15
Utilisateur anonyme
 
RE
Si, il doit y etre: 2009-08-29 14:32:42 ----D---- C:\Programmi\trend micro
As tu regarde dans C:\ ou sur le bureau? Regardes aussi dans ce que j'ai mis en gras.
A+
0
Réponse 7 / 15
azzben Messages postés 34 Statut Membre 1
 
Oui t'as raison il été bien la ou tu me l'a indiqué :


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17.51.44, on 29/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmi\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.exe
C:\PROGRA~2\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\Updat windows\Microsoft.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmi\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
C:\Programmi\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmi\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Framework.NotificationCenter.exe
C:\Programmi\Windows Live\Messenger\msnmsgr.exe
C:\Programmi\Teamspeak2_RC2\TeamSpeak.exe
C:\Programmi\Mozilla Firefox\firefox.exe
C:\Programmi\trend micro\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&s=0&o=xph&d=0509&m=doa150
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&s=0&o=xph&d=0509&m=doa150
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&s=0&o=xph&d=0509&m=doa150
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\fservice.exe
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {F880A4A8-C436-4AC4-AFD1-AA0BDC9552DD} - (no file)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~2\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Updat windows] C:\WINDOWS\system32\Updat windows\Microsoft.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft] C:\WINDOWS\system32\Updat windows\Microsoft.exe
O4 - HKLM\..\Policies\Explorer\Run: [Updat windows] C:\WINDOWS\system32\Updat windows\Microsoft.exe
O4 - HKLM\..\Policies\Explorer\Run: [DirectX For Microsoft® Windows] C:\WINDOWS\system32\fservice.exe
O4 - HKCU\..\Policies\Explorer\Run: [Updat windows] C:\WINDOWS\system32\Updat windows\Microsoft.exe
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Programmi\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmi\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmi\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Packard Bell\Packard Bell Recovery Management\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmi\File comuni\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
0
Réponse 8 / 15
Utilisateur anonyme
 
RE
J'ai vu qu'avant hier tu as fais un ComboFix, pourquoi? As tu ete aide pour cela?
As tu toujours le rapport? Si oui, postes le.
Regardes toujours dans C:\ ou dans C:\ComboFix ou dans C:\Qoobox
A+
0
Réponse 9 / 15
azzben Messages postés 34 Statut Membre 1
 
J'ai fait un ComboFix oui, parce que j'ai vu sur un sujet de discutions qu'il fallait en faire un mais je ne sais plus ou.
Je n'ai pas le rapport j'ai cherché dans les endroits indiqué mais je n'ai pas de rapport.
0
Réponse 10 / 15
Utilisateur anonyme
 
RE
Ah, bon. Tu ne m'as pas dit pourquoi? Quels etaient les premieres causes? Alertes Antivirus? regardes dans Avast tu dois avoir un rapport.
Sinon, essayes toujours ca: Vas dans demarrer, rechercher, tapes " ComboFix.txt " Si tu ne l'as pas mis a la poubelle, il y en a forcement un. A moins que l'examen ne se soit pas termine.
A+
0
Réponse 11 / 15
azzben Messages postés 34 Statut Membre 1
 
Et bien j'ai utilisé ComboFix suite a mon problème, j'avais regardé sur un sujet, le gars disait de faire un scan avec.
0
Réponse 12 / 15
Utilisateur anonyme
 
RE
Vas dans demarrer, executer, tapes " Combofix /u " et OK
Ensuite, avec IE7 tu clic droit ICI, tu fais enregistrer sur le bureau, dans la case du nom, tu le changes, tu mets " TUTU.exe "
Fermes toutes les fenetres, desactives Avast (clic droit icones dans la barre des taches, decoches tout) et ensuite tu le lances, acceptes la licence, si la console n'est pas encore installee, tu acceptes l'installation, laisses le travailler sans rien toucher. Le bureau va disparaitre, ce n'est pas grave.
Une fois fini, le rapport devrait s'afficher, sinon il est dans C:\ComboFix.txt, tu fais un copier/coller ci dessous.
A+
Lis ce petit tuto: https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
Réponse 13 / 15
azzben Messages postés 34 Statut Membre 1
 
Voila :




ComboFix 09-08-29.01 - Nadia 30/08/2009 11.50.18.2.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.33.1040.18.1012.641 [GMT 2:00]
Running from: c:\documents and settings\Nadia\Desktop\TUTU.exe.exe
AV: avast! antivirus 4.8.1335 [VPS 090829-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Nadia\Dati applicazioni\addons.dat
c:\windows\ktd32.atm
c:\windows\system32\AVSredirect.dll
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-30 )))))))))))))))))))))))))))))))
.

2009-08-29 12:32 . 2009-08-29 15:51 -------- d-----w- c:\programmi\trend micro
2009-08-29 12:32 . 2009-08-29 12:32 -------- d-----w- C:\rsit
2009-08-27 14:15 . 2009-08-30 09:48 -------- d-s---w- C:\ComboFix
2009-08-27 11:44 . 2005-06-15 01:00 102400 ----a-w- c:\windows\system32\tsccvid.dll
2009-08-26 15:54 . 2009-08-27 14:33 -------- d-----w- c:\programmi\No-IP
2009-08-25 15:23 . 2009-08-29 18:55 -------- d-----w- c:\programmi\ElcomSoft
2009-08-21 18:09 . 2008-07-11 00:28 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2009-08-21 18:09 . 2008-07-11 00:28 79896 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
2009-08-21 18:07 . 2009-08-21 18:07 -------- d-----w- c:\windows\system32\RsFx
2009-08-21 18:05 . 2009-08-21 18:05 -------- d-----w- c:\programmi\MSXML 6.0
2009-08-21 18:05 . 2009-08-21 18:05 -------- d-----w- c:\windows\system32\1036
2009-08-21 17:30 . 2009-08-23 08:01 -------- d-----w- c:\programmi\Microsoft Silverlight
2009-08-21 17:30 . 2009-08-21 17:30 -------- d-----w- c:\programmi\Microsoft Synchronization Services
2009-08-21 17:30 . 2009-08-21 17:30 -------- d-----w- c:\programmi\Microsoft SQL Server Compact Edition
2009-08-21 17:29 . 2009-08-21 17:29 195232 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\VBExpress\9.0\1036\ResourceCache.dll
2009-08-21 17:28 . 2009-08-21 17:28 416 ----a-w- c:\documents and settings\All Users\Dati applicazioni\Microsoft\MSDN\9.0\1036\ResourceCache.dll
2009-08-21 17:24 . 2009-08-21 17:30 -------- d-----w- c:\programmi\Microsoft Visual Studio 9.0
2009-08-21 17:23 . 2009-08-21 17:23 -------- d-----w- c:\programmi\Microsoft SDKs
2009-08-21 17:23 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-08-21 17:22 . 2009-08-21 17:22 -------- d-----w- c:\windows\system32\fr-FR
2009-08-20 08:08 . 2009-08-20 14:43 -------- d-----w- c:\programmi\CamStudio
2009-08-20 08:08 . 2009-08-20 08:08 -------- d-sh--r- c:\windows\system32\Updat windows
2009-08-18 20:50 . 2009-08-18 20:50 -------- d-----w- c:\programmi\AxBx
2009-08-18 13:07 . 2008-04-13 07:34 12047 -c--a-w- c:\windows\system32\dllcache\ati1pdxx.sys
2009-08-18 13:06 . 2001-08-30 21:07 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-08-16 19:10 . 2009-08-16 19:10 -------- d-----w- c:\windows\system32\Windows
2009-08-16 19:10 . 2009-08-16 19:10 -------- d-----w- c:\documents and settings\Nadia\Impostazioni locali\Dati applicazioni\Xenocode
2009-08-16 19:04 . 2009-08-29 12:24 -------- d-----w- c:\programmi\Windows Live Safety Center
2009-08-16 10:11 . 2009-08-18 12:56 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\HLSW
2009-08-16 10:11 . 2009-08-16 10:11 -------- d-s---w- c:\programmi\HLSW
2009-08-14 12:09 . 2009-08-15 07:59 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\Hamachi
2009-08-14 12:09 . 2009-08-14 12:09 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2009-08-14 12:00 . 1999-12-17 08:13 86016 ----a-w- c:\windows\unvise32.exe
2009-08-14 11:55 . 2009-08-18 12:16 -------- d-----w- C:\CS1.6 pod-Bot
2009-08-10 17:54 . 2009-08-10 17:54 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\GlarySoft
2009-08-10 17:46 . 2009-08-18 12:57 -------- d-----w- c:\programmi\Glary Utilities
2009-08-09 18:36 . 2009-08-09 18:36 81920 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\npNxGameeu.dll
2009-08-09 18:36 . 2009-08-09 18:36 98304 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\nxgameeu.dll
2009-08-09 18:36 . 2009-08-09 18:36 331776 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\NGMResource.dll
2009-08-09 18:36 . 2009-08-09 18:36 258352 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\unicows.dll
2009-08-09 18:36 . 2009-08-09 18:36 532480 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\NGMDll.dll
2009-08-09 18:36 . 2009-08-09 18:36 155648 ----a-w- c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\NGM.exe
2009-08-09 18:36 . 2009-08-09 18:36 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\NexonEU
2009-08-09 17:47 . 2009-08-09 18:40 -------- d-----w- C:\Download
2009-08-09 17:46 . 2009-08-10 17:24 -------- d-----w- C:\Nexon
2009-08-09 17:46 . 2009-08-09 17:46 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2009-08-09 08:45 . 2009-08-09 08:45 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\teamspeak2
2009-08-09 08:45 . 2009-08-09 08:46 -------- d-----w- c:\programmi\Teamspeak2_RC2
2009-08-08 21:36 . 2009-08-21 17:22 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-08 21:36 . 2009-08-08 21:36 -------- d-----w- c:\programmi\MSBuild
2009-08-08 21:36 . 2009-08-08 21:36 -------- d-----w- c:\programmi\Reference Assemblies
2009-08-08 21:35 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-08 21:35 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-08 21:35 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-08 21:35 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-08 21:35 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-08 21:35 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-08 21:35 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-08 09:01 . 2009-08-08 09:01 -------- d-----w- c:\programmi\PacSteamT
2009-08-08 08:53 . 2009-08-10 17:33 -------- d-----w- C:\PacSteamT
2009-08-05 08:35 . 2009-08-05 08:35 -------- d-----w- C:\Logs
2009-08-04 16:11 . 2009-08-27 14:42 -------- d-----w- c:\programmi\World of Warcraft
2009-08-03 16:28 . 2009-08-03 16:28 -------- d-----w- c:\programmi\ConWare
2009-08-03 14:57 . 2008-04-13 17:13 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-08-03 14:57 . 2008-04-13 17:13 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-08-03 14:57 . 2001-08-30 18:41 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-08-03 14:57 . 2001-08-30 18:41 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-08-03 14:57 . 2008-04-14 12:00 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-08-03 14:57 . 2008-04-14 12:00 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-08-02 13:34 . 2004-06-18 12:07 656542 ----a-w- C:\271_icol.dll
2009-08-02 12:41 . 2009-08-02 12:41 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\FindeXer
2009-08-02 12:34 . 2009-08-02 12:34 -------- d-----w- c:\documents and settings\Nadia\Impostazioni locali\Dati applicazioni\Stardock
2009-08-02 12:31 . 2009-08-02 12:31 -------- d-----w- c:\programmi\RK Launcher
2009-08-02 12:30 . 2009-08-02 13:34 -------- d-----w- c:\programmi\CursorXP
2009-08-02 12:26 . 2009-08-02 12:32 8232 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2009-08-01 13:00 . 2009-08-10 17:30 -------- d-----w- c:\programmi\IDoser v4
2009-08-01 10:02 . 2009-08-01 10:02 45 ---h--w- c:\windows\ddis7927.dat
2009-08-01 10:02 . 2009-08-01 10:05 -------- d-----w- c:\programmi\PhotoFiltre Studio
2009-07-31 19:25 . 2009-08-21 10:02 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WhiteCap (Holiday Edition)
2009-07-31 10:54 . 2008-04-14 12:00 26624 ----a-w- c:\documents and settings\LocalService\Dati applicazioni\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-07-31 10:53 . 2009-07-31 10:53 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Downloaded Installations
2009-07-31 10:47 . 2009-07-31 10:47 -------- d-----w- c:\programmi\Windows Media Connect 2
2009-07-31 10:45 . 2009-08-10 17:58 -------- d-----w- c:\windows\system32\drivers\UMDF

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-30 09:03 . 2001-04-02 23:41 573714 ----a-w- c:\windows\system32\perfh010.dat
2009-08-30 09:03 . 2001-04-02 23:41 117072 ----a-w- c:\windows\system32\perfc010.dat
2009-08-29 21:10 . 2009-07-26 11:30 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\vlc
2009-08-29 18:09 . 2009-07-25 16:58 -------- d-----w- c:\programmi\Steam
2009-08-29 11:44 . 2009-07-28 17:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Messenger Plus!
2009-08-27 12:22 . 2009-07-29 16:56 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\Sony
2009-08-26 12:11 . 2009-07-27 10:51 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\dvdcss
2009-08-21 18:08 . 2009-07-29 16:57 -------- d-----w- c:\programmi\Microsoft SQL Server
2009-08-21 18:04 . 2001-04-02 16:13 -------- d-----w- c:\programmi\Microsoft.NET
2009-08-21 17:29 . 2001-04-02 16:11 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Microsoft Help
2009-08-19 17:04 . 2001-04-02 16:04 -------- d--h--w- c:\programmi\InstallShield Installation Information
2009-08-19 17:03 . 2001-04-02 16:04 -------- d-----w- c:\programmi\File comuni\InstallShield
2009-08-15 15:32 . 2009-05-05 09:57 75864 ----a-w- c:\documents and settings\LocalService\Impostazioni locali\Dati applicazioni\GDIPFONTCACHEV1.DAT
2009-08-15 08:20 . 2001-04-02 16:23 -------- d-----w- c:\programmi\File comuni\Adobe
2009-08-14 14:48 . 2001-04-02 23:41 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-08-11 10:22 . 2009-07-28 09:16 -------- d-----w- c:\programmi\Messenger Plus! Live
2009-08-10 17:58 . 2009-07-19 11:19 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\espionServerData
2009-08-10 17:58 . 2009-05-06 21:22 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\BitTorrent
2009-08-10 17:50 . 2001-04-02 16:27 -------- d-----w- c:\programmi\Google
2009-08-10 17:25 . 2009-07-26 19:41 -------- d-----w- c:\programmi\DAEMON Tools Toolbar
2009-08-05 08:59 . 2001-04-02 23:41 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-05 08:37 . 2009-07-30 12:25 -------- d-----w- c:\programmi\File comuni\Blizzard Entertainment
2009-08-02 12:32 . 2009-07-29 20:19 146345 ----a-w- c:\windows\BricoPackUninst.cmd
2009-07-31 19:02 . 2009-05-28 16:46 -------- d-----w- c:\programmi\Vodafone PC Assistant
2009-07-30 12:03 . 2009-07-30 12:03 -------- d-----w- c:\programmi\Utherverse Digital Inc
2009-07-29 20:32 . 2001-04-02 16:14 -------- d-----w- c:\programmi\Microsoft Works
2009-07-29 17:48 . 2009-07-29 17:37 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\vghd
2009-07-29 17:48 . 2009-07-29 17:40 3 ----a-w- c:\windows\sbacknt.bin
2009-07-29 17:37 . 2009-07-29 17:37 152904 ----a-w- c:\windows\system32\vghd.scr
2009-07-29 17:35 . 2009-07-29 17:35 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\Publish Providers
2009-07-29 16:56 . 2009-07-29 16:54 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Sony
2009-07-29 16:54 . 2009-07-20 06:54 -------- d-----w- c:\programmi\VstPlugins
2009-07-29 16:54 . 2009-07-29 16:53 -------- d-----w- c:\programmi\Sony
2009-07-29 16:52 . 2009-07-29 16:52 -------- d-----w- c:\programmi\Sony Setup
2009-07-28 18:27 . 2009-07-28 18:26 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\Propellerhead Software
2009-07-28 18:26 . 2009-07-28 18:26 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2009-07-28 18:26 . 2009-07-28 18:26 368640 ----a-w- c:\windows\system32\ReWire.dll
2009-07-28 18:26 . 2009-07-28 18:26 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Propellerhead Software
2009-07-28 09:04 . 2001-04-02 16:35 -------- d-----w- c:\programmi\Windows Live
2009-07-28 09:03 . 2009-07-28 09:01 -------- dcsh--w- c:\programmi\File comuni\WindowsLiveInstaller
2009-07-28 09:01 . 2009-07-28 09:01 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\WLInstaller
2009-07-27 07:58 . 2001-04-02 16:40 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Norton
2009-07-26 19:48 . 2009-07-26 19:38 -------- d-----w- c:\documents and settings\Nadia\Dati applicazioni\DAEMON Tools Lite
2009-07-26 19:41 . 2009-07-26 19:41 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DAEMON Tools Lite
2009-07-26 19:38 . 2009-07-26 19:38 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-26 15:18 . 2009-07-26 15:18 -------- d-----w- c:\programmi\File comuni\MAGIX Shared
2009-07-26 11:29 . 2009-07-26 11:29 -------- d-----w- c:\programmi\VideoLAN
2009-07-25 17:04 . 2009-07-25 17:04 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Symantec
2009-07-20 06:54 . 2009-07-20 06:49 -------- d-----w- c:\programmi\Image-Line
2009-07-20 06:52 . 2009-07-20 06:52 -------- d-----w- c:\programmi\Outsim
2009-07-19 20:18 . 2009-07-19 20:18 0 ----a-w- c:\windows\nsreg.dat
2009-07-19 20:03 . 2009-07-19 20:03 -------- d-----w- c:\programmi\Alwil Software
2009-07-19 11:17 . 2009-07-19 11:17 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\FLEXnet
2009-07-17 19:01 . 2001-04-02 23:40 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 2001-04-02 23:41 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-06-29 15:55 . 2001-04-02 23:41 827392 ----a-w- c:\windows\system32\wininet.dll
2009-06-29 15:55 . 2001-04-02 23:40 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-29 15:54 . 2001-04-02 23:40 17408 ----a-w- c:\windows\system32\corpol.dll
2009-06-25 08:25 . 2001-04-02 23:41 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:25 . 2001-04-02 23:41 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:25 . 2001-04-02 23:41 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:25 . 2001-04-02 23:41 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:25 . 2001-04-02 23:41 735744 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:25 . 2001-04-02 23:40 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-24 11:18 . 2001-04-02 23:40 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:36 . 2001-04-02 23:41 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2001-04-02 23:40 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 10:43 . 2001-04-02 23:41 78336 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:13 . 2001-04-02 23:40 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 07:19 . 2001-04-02 14:56 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:14 . 2001-04-02 23:41 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:09 . 2001-04-02 23:41 1296384 ----a-w- c:\windows\system32\quartz.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~2\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Updat windows"="c:\windows\system32\Updat windows\Microsoft.exe" [2009-08-10 100864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Updat windows"="c:\windows\system32\Updat windows\Microsoft.exe" [2009-08-10 100864]

[HKEY_CURRENT_USER\software\microsoft\windows\Currentversion\policies\explorer\Run]
"Updat windows"="c:\windows\system32\Updat windows\Microsoft.exe" [2009-08-10 100864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"PLFSetL"=c:\windows\PLFSetL.exe
"MSPY2002"=c:\windows\system32\IME\PINTLGNT\ImScInst.exe /SYNC
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
"RTHDCPL"=RTHDCPL.EXE
"Alcmtr"=ALCMTR.EXE
"AzMixerSel"=c:\programmi\Realtek\Audio\Drivers\AzMixerSel.exe
"SynTPEnh"=c:\programmi\Synaptics\SynTP\SynTPEnh.exe
"Adobe Reader Speed Launcher"="c:\programmi\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"IgfxTray"=c:\windows\system32\igfxtray.exe
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"Persistence"=c:\windows\system32\igfxpers.exe
"snp2uvc"=rundll32.exe c:\windows\system32\csnp2uvc.dll,ResetCIDS
"PHIME2002ASync"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
"PHIME2002A"=c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programmi\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Programmi\\Messenger\\msmsgs.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Programmi\\Windows Live\\Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Programmi\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Dati applicazioni\\NexonEU\\NGM\\NGM.exe"=
"c:\\CS1.6 pod-Bot\\hl.exe"=
"c:\\Programmi\\HLSW\\hlsw.exe"=
"c:\\CS1.6 pod-Bot\\hltv.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [19/07/2009 22.04.20 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/07/2009 22.04.20 20560]
R2 ETService;Empowering Technology Service;c:\program files\PACKARD BELL\Packard Bell Recovery Management\Service\ETService.exe [05/05/2009 0.45.57 24576]
S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\programmi\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [11/09/2007 1.45.04 124832]
S3 ChangeMe;ChangeMe;\??\c:\docume~1\Nadia\IMPOST~1\Temp\ChangeMe.sys --> c:\docume~1\Nadia\IMPOST~1\Temp\ChangeMe.sys [?]
S3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [02/04/2001 18.08.50 94608]
S3 MobileAdapter;Huawei Mobile Adapter USB Modem and USB Serial;c:\windows\system32\drivers\hmvmdm.sys [28/05/2009 18.47.48 88960]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\programmi\Microsoft SQL Server\100\Shared\sqladhlp.exe [11/07/2008 2.28.40 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10/07/2008 2.49.14 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\programmi\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11/07/2008 2.28.44 369688]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{DD5A3014-254E-DC58-C431-93175927BB7E}]
c:\documents and settings\Nadia\Dati applicazioni\Windows\iexplorer.exe s

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{LP0MDY0W-V41K-35LO-DN63-4H3C7A4A0UD1}]
c:\windows\system32\Updat windows\Microsoft.exe Restart
.
Contents of the 'Scheduled Tasks' folder

2009-08-30 c:\windows\Tasks\GlaryInitialize.job
- c:\programmi\Glary Utilities\initialize.exe [2009-08-10 14:09]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Explorer_Run-DirectX For Microsoft® Windows - c:\windows\system32\fservice.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0410&s=0&o=xph&d=0509&m=doa150
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Nadia\Dati applicazioni\Mozilla\Firefox\Profiles\b88bt1v8.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/
FF - plugin: c:\documents and settings\All Users\Dati applicazioni\NexonEU\NGM\npNxGameeu.dll
FF - plugin: c:\programmi\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\programmi\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\programmi\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\programmi\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-30 11:56
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(724)
c:\windows\system32\igfxdev.dll
.
Completion time: 2009-08-30 11.58.20
ComboFix-quarantined-files.txt 2009-08-30 09:58

Pre-Run: 31.164.424.192 byte disponibili
Post-Run: 31.680.835.584 byte disponibili

316 --- E O F --- 2009-08-22 21:23
0
Réponse 14 / 15
Utilisateur anonyme
 
RE
*Télécharges et enregistres sur ton bureau SDfix (créé par AndyManchesta)

* Double cliques sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur ton disque C:.

* Démarres en mode sans échec : Avant le logo windows tapotes sur la touche F8 (ou F5), choisis " mode sans echecs " avec les fleches du clavier, appuyes deux fois sur entree, ouvres ta session.

*Fais ce qui suit:
• Ouvres le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double cliques sur RunThis.bat pour lancer le script.
• Appuyes sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuyes sur une touche pour redémarrer le PC.
• Le système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuyes sur une touche pour finir l'exécution du script et charger les icônes du Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copier/coller le contenu du fichier Report.txt dans ta prochaine réponse.
Un tuto a regarder: https://www.malekal.com/slenfbot-still-an-other-irc-bot/
A+
0
Réponse 15 / 15
azzben Messages postés 34 Statut Membre 1
 
Je laisse tomber désolé mais j'ai peur de faire un connerie, mon pc est en italien et j'comprends rien donc j'évite, merci quand même :)
0