Sujet Précédent Sujet Suivant

Rapports rsit et mbab svp expliquez moi

Fermé
tias35 Messages postés 32 Date d'inscription dimanche 28 septembre 2008 Statut Membre Dernière intervention 15 novembre 2009 - 13 nov. 2009 à 18:31
tias35 Messages postés 32 Date d'inscription dimanche 28 septembre 2008 Statut Membre Dernière intervention 15 novembre 2009 - 13 nov. 2009 à 19:05
Bonjour,
j'ai suivis tout ce quil fo faire sur ccm pour nettoyer mon pc , mais pouvez vous analyser mes rapports svp car je n'y conprend rien merci d'avance.

voici mes deux rapports RSIT:

le 1er
info.txt logfile of random's system information tool 1.06 2009-11-13 00:14:49

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
3D-Viewer-innoPlus-->MsiExec.exe /X{B96DB037-DBEA-4186-9081-9CBD537F82E8}
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x19 -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x19 -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x19 -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x19 -removeonly
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x9 -removeonly
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x9 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Agere Systems HDA Modem-->agrsmdel
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Audacity 1.3.8 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress
Defraggler (remove only)-->"C:\Program Files\Defraggler\uninst.exe"
DivX Author 1.5-->C:\Program Files\DivX\DivX Author 1.5\DivXAuthorUninstall.exe /DIVX_AUTHOR
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
FinePix Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3B3AB03-8ABC-46CF-8CA9-DB5581E1F368}\Setup.exe" -l0x9
FinePixViewer Resource-->C:\Program Files\InstallShield Installation Information\{B44529FF-501E-47CD-A06D-223C161BE058}\setup.exe -runfromtemp -l0x040c -removeonly
FinePixViewer Ver.5.5-->C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\setup.exe -runfromtemp -l0x040c -removeonly
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
Glary Utilities 2.10.0.622-->"C:\Program Files\Glary Utilities\unins000.exe"
Google Earth Plug-in-->MsiExec.exe /X{FE24D361-A3E8-11DE-88F3-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Encoder (KB929182)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={5406B219-A1AC-4BC4-8695-72292C8195AC} /qb
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI
Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876}
Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}
Mail.Ru ????? 5.3 (?????? 2564, ??? ???? ?????????????)-->C:\Program Files\Mail.Ru\Agent\magentsetup.exe -uninstalllm
Mail.Ru ??????? 2.0-->C:\Program Files\Mail.Ru\Sputnik\SputnikInstaller.exe -uninstall
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - rus-->MsiExec.exe /I{2744791F-4E7C-32F5-AB40-AEC6A6C86DBF}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Russian) 2007-->MsiExec.exe /X{90120000-0015-0419-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel 2007 Help Îáíîâëåíèå (KB963678)-->msiexec /package {90120000-0016-0419-0000-0000000FF1CE} /uninstall {420938DB-BF97-4664-BE29-0C68B4802C00}
Microsoft Office Excel MUI (Russian) 2007-->MsiExec.exe /X{90120000-0016-0419-0000-0000000FF1CE}
Microsoft Office Groove MUI (Russian) 2007-->MsiExec.exe /X{90120000-00BA-0419-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Russian) 2007-->MsiExec.exe /X{90120000-0044-0419-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (Russian) 2007-->MsiExec.exe /X{90120000-00A1-0419-0000-0000000FF1CE}
Microsoft Office Outlook 2007 Help Îáíîâëåíèå (KB963677)-->msiexec /package {90120000-001A-0419-0000-0000000FF1CE} /uninstall {E9D6C0F9-9879-4FC4-8E13-BF0D3953E0E6}
Microsoft Office Outlook MUI (Russian) 2007-->MsiExec.exe /X{90120000-001A-0419-0000-0000000FF1CE}
Microsoft Office Powerpoint 2007 Help Îáíîâëåíèå (KB963669)-->msiexec /package {90120000-0018-0419-0000-0000000FF1CE} /uninstall {BD1C2AC7-63F3-4C75-8B44-DE3D700B3BC8}
Microsoft Office PowerPoint MUI (Russian) 2007-->MsiExec.exe /X{90120000-0018-0419-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Russian) 2007-->MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}
Microsoft Office Proof (Ukrainian) 2007-->MsiExec.exe /X{90120000-001F-0422-0000-0000000FF1CE}
Microsoft Office Proofing (Russian) 2007-->MsiExec.exe /X{90120000-002C-0419-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Publisher MUI (Russian) 2007-->MsiExec.exe /X{90120000-0019-0419-0000-0000000FF1CE}
Microsoft Office Shared MUI (Russian) 2007-->MsiExec.exe /X{90120000-006E-0419-0000-0000000FF1CE}
Microsoft Office Word 2007 Help Îáíîâëåíèå (KB963665)-->msiexec /package {90120000-001B-0419-0000-0000000FF1CE} /uninstall {D3A002FB-0F62-4840-80AD-2D2C63F83449}
Microsoft Office Word MUI (Russian) 2007-->MsiExec.exe /X{90120000-001B-0419-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{737E2345-2897-4B75-9C9B-D541F7394D6B}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
PC Wizard 2007.1.73-->"C:\Program Files\PC Wizard 2007\unins000.exe"
Prevent Restore-->C:\PROGRA~1\PREVEN~1\UNWISE.EXE C:\PROGRA~1\PREVEN~1\INSTALL.LOG
QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Recuva (remove only)-->"C:\Program Files\Recuva\uninst.exe"
Samsung ML-2010 Series-->C:\Program Files\Samsung\Samsung ML-2010 Series\Install\Setup.exe /R
Secunia PSI-->"C:\Program Files\Secunia\PSI\uninstall.exe"
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Unlocker 1.8.8-->C:\Program Files\Unlocker\uninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb975960)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1AB1BED-7477-4D5A-BD0C-04C2109459A5}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
WindowBlinds-->C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Wipe-->C:\PROGRA~1\Wipe\wipe.exe uninstall
XRECODE-->"C:\Program Files\XRECODE\unins000.exe"
????????? ?????????? Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
???????? ????? Microsoft .NET Framework 3.5 SP1 — RUS-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - rus\setup.exe

=====HijackThis Backups=====

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp [2009-11-07]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://uk.yahoo.com/ [2009-11-07]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://uk.yahoo.com/ [2009-11-07]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [2009-11-07]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF [2009-11-07]
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = [2009-11-07]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [2009-11-07]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF [2009-11-07]
R3 - URLSearchHook: (no name) - {83821C2B-32A8-4DD7-B6D4-44309A78E668} - C:\Users\Q\AppData\Roaming\Mail.Ru\Agent\Mra\dll\newmrasearch.dll [2009-11-07]
R3 - URLSearchHook: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file) [2009-11-07]
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) [2009-11-07]
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll [2009-11-07]
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-11-07]
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-11-07]
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-11-07]
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) [2009-11-07]
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-11-07]
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-11-07]
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-11-07]
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-11-07]
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - C:\PROGRA~1\Mail.Ru\Sputnik\MAILRU~1.DLL [2009-11-07]
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-07]
O2 - BHO: (no name) - {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} - (no file) [2009-11-07]
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-11-07]
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') [2009-11-07]
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') [2009-11-07]
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') [2009-11-07]
O9 - Extra button: ????????? ? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll [2009-11-07]
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file) [2009-11-07]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL [2009-11-07]
O9 - Extra 'Tools' menuitem: &????????? ? OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll [2009-11-07]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - [2009-11-07]
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/ [2009-11-07]
O13 - Gopher Prefix: [2009-11-07]
O17 - HKLM\System\CCS\Services\Tcpip\..\{9B1D3B24-59E8-4509-A162-63169F2AA06E}: NameServer = 212.27.40.240,212.27.40.241 [2009-11-07]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab [2009-11-07]
O23 - Service: @dfsrres.dll,-101 (DFSR) - ?????????? ?????????? - C:\Windows\system32\DFSR.exe [2009-11-07]
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (file missing) [2009-11-07]
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) [2009-11-07]

======Security center information======

AS: ???????? Windows

======System event log======

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ??????????(Installed) ? ????????? ??????????(Installed)
Record Number: 209331
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184744.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ?????????????(Staged) ? ????????? ?????????????(Staged)
Record Number: 209330
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184743.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ?????????????(Staged) ? ????????? ?????????????(Staged)
Record Number: 209329
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184743.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ??????????(Installed) ? ????????? ??????????(Installed)
Record Number: 209328
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184743.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 4371
Message: ?????? Windows Servicing ?????? ??????? ???????? ?????? KB968537(Security Update)?? ????????? ??????????(Installed) ? ????????? ??????????(Installed)
Record Number: 209327
Source Name: Microsoft-Windows-Servicing
Time Written: 20090804184743.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Q-??
Event Code: 1033
Message: ??? ???????? ???????????, ????????? ??? ?????????? ?????? ? ????????? override-only.
????? ???????=(IIS-W3SVC-MaxConcurrentRequests) (Telnet-Client-EnableTelnetClient) (Telnet-Client-EnableTelnetClient_w) (Telnet-Server-EnableTelnetServer) (Telnet-Server-EnableTelnetServer_w)
????????????? ??????????=55c92734-d682-4d71-983e-d6ec3f16059f
????????????? SKU=199086aa-6cb8-4e5b-b698-f2be56f1e8ee
Record Number: 17970
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20080914153639.000000-000
Event Type: ????????
User:

Computer Name: Q-??
Event Code: 0
Message:
Record Number: 17969
Source Name: LiveUpdate Notice Service
Time Written: 20080914153632.000000-000
Event Type: ????????
User:

Computer Name: Q-??
Event Code: 0
Message:
Record Number: 17968
Source Name: LiveUpdate Notice Service
Time Written: 20080914153632.000000-000
Event Type: ????????
User:

Computer Name: Q-??
Event Code: 35
Message:
Record Number: 17967
Source Name: ccSvcHst
Time Written: 20080914153632.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

Computer Name: Q-??
Event Code: 34
Message:
Record Number: 17966
Source Name: ccSvcHst
Time Written: 20080914153632.000000-000
Event Type: ????????
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Q-??
Event Code: 4672
Message: ?????? ?????? ????? ????????? ??????????? ??????????.

???????:
?? ????????????: S-1-5-18
??? ??????? ??????: SYSTEM
????? ??????? ??????: NT AUTHORITY
??? ?????: 0x3e7

??????????: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 63007
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055111.691156-000
Event Type: ????? ???????? ???????
User:

Computer Name: Q-??
Event Code: 4624
Message: ???? ? ??????? ??????? ???????? ???????.

???????:
?? ????????????: S-1-5-18
??? ??????? ??????: Q-??$
????? ??????? ??????: WORKGROUP
??? ?????: 0x3e7

??? ?????: 5

????? ????:
?? ????????????: S-1-5-18
??? ??????? ??????: SYSTEM
????? ??????? ??????: NT AUTHORITY
??? ?????: 0x3e7
GUID ?????: {00000000-0000-0000-0000-000000000000}

???????? ? ????????:
????????????? ????????: 0x248
??? ????????: C:\Windows\System32\services.exe

???????? ? ????:
??? ??????? ???????:
??????? ????? ?????????: -
???? ?????????: -

???????? ? ???????? ???????????:
??????? ?????: Advapi
????? ???????? ???????????: Negotiate
????????????? ??????: -
??? ?????? (?????? NTLM): -
????? ?????: 0

?????? ??????? ????????? ??? ???????? ?????? ?????. ??? ????????? ? ???????, ???? ? ??????? ????????.

???? "???????" ????????? ?? ??????? ?????? ????????? ???????, ??????????? ????. ?????? ??? ??????, ???????? ?????? "??????", ??? ????????? ???????, ????? ??? Winlogon.exe ??? Services.exe.

? ???? "??? ?????" ?????? ??? ???????????? ?????. ?????? ????????????????? ???????? ???? 2 (?????????????) ? 3 (???????).

???? "????? ????" ????????? ?? ??????? ??????, ??? ??????? ?????? ????? ????? ?????, ?? ???? ?? ??????? ??????, ? ??????? ???????? ????.

? ?????, ??????? ????????? ? ????, ?????? ???????? ??????? ?? ????????? ????. ??? ??????? ??????? ???????? ?? ??????, ? ? ????????? ??????? ??? ???? ????? ?????????? ?????????????.

???? ???????? ? ???????? ??????????? ???????? ????????? ?????? ? ?????????? ??????? ?? ????.
- GUID ????? - ??? ?????????? ?????????????, ??????? ????????? ??????????? ?????? ??????? ? ???????? KDC.
- ? ???? "????????????? ??????" ???????, ????? ????????????? ?????? ??????????? ? ?????? ??????? ?? ????.
- ???? "??? ??????" ????????? ?? ???????????, ?????????????? ? ??????????? NTLM.
- ???? "????? ?????" ???????? ????? ?????????? ????? ??????. ??? ???? ????? ????? ???????? "0", ???? ???? ?????? ?? ????????????.
Record Number: 63006
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055111.691156-000
Event Type: ????? ???????? ???????
User:

Computer Name: Q-??
Event Code: 4648
Message: ????????? ??????? ????? ? ??????? ? ????? ????????? ??????? ??????.

???????:
?? ????????????: S-1-5-18
??? ??????? ??????: Q-??$
????? ??????? ??????: WORKGROUP
??? ?????: 0x3e7
GUID ?????: {00000000-0000-0000-0000-000000000000}

???? ???????????? ??????? ?????? ????????? ??????? ??????:
??? ??????? ??????: SYSTEM
????? ??????? ??????: NT AUTHORITY
GUID ?????: {00000000-0000-0000-0000-000000000000}

??????? ??????:
??? ???????? ???????: localhost
?????????????? ????????: localhost

???????? ? ????????:
????????????? ????????: 0x248
??? ????????: C:\Windows\System32\services.exe

???????? ? ????:
??????? ?????: -
????: -

?????? ??????? ?????????, ????? ??????? ???????? ????????? ???? ? ??????? ???????, ???? ?????? ?? ??????? ??????. ??? ?????? ?????????? ??? ????????????? ???????????? ????????? ????, ???????? ??????????? ?????, ??? ?????????? ??????? RUNAS.
Record Number: 63005
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055111.691156-000
Event Type: ????? ???????? ???????
User:

Computer Name: Q-??
Event Code: 5038
Message: ???????? ???????? ??????????? ???? ??????????, ??? ??? ?????? ????? ??????????. ???? ????? ???? ????????? ????? ??? ???????????????????? ?????????, ??? ???????????? ??? ????? ????????? ?? ????????????? ?????? ????????? ??????????.

??? ?????: \Device\HarddiskVolume2\Windows\System32\drivers\SSPORT.SYS
Record Number: 63004
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055110.630356-000
Event Type: ???? ??????
User:

Computer Name: Q-??
Event Code: 5032
Message: ??????????? Windows ?? ??????? ????????? ???????????? ? ???, ??? ????? ???????? ??????? ??????????? ??? ?????????? ????????????.

??? ??????: 2
Record Number: 63003
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090713055103.906756-000
Event Type: ???? ??????
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 22 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=1601
"NUMBER_OF_PROCESSORS"=1
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------


le 2em
Logfile of random's system information tool 1.06 (written by random/random)
Run by Q at 2009-11-13 00:14:24
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 9 GB (28%) free of 33 GB
Total RAM: 1013 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:14:40, on 13.11.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Q\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Q\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Q\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Q\tout\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Q.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R3 - URLSearchHook: ???????@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\PROGRA~1\Mail.Ru\Sputnik\MAILRU~1.DLL
O1 - Hosts: ::1 localhost
O3 - Toolbar: ???????@Mail.Ru - {09900DE8-1DCA-443F-9243-26FF581438AF} - C:\PROGRA~1\Mail.Ru\Sputnik\MAILRU~1.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (file missing)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_17.dll (file missing)
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Program Files\Mail.Ru\Agent\magent.exe
O9 - Extra button: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Q\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU)
O9 - Extra 'Tools' menuitem: Mail.Ru ????? - {7558B7E5-7B26-4201-BEDB-00D5FF534523} - C:\Users\Q\AppData\Roaming\Mail.Ru\Agent\magent.exe (HKCU)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/default.aspx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - ?????????? ?????????? - C:\Windows\system32\DFSR.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: ?????? Google Update (gupdate1ca2bdf91fc8e30) (gupdate1ca2bdf91fc8e30) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Stardock WindowBlinds (WindowBlinds) - Stardock Corporation - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
End of file - 5643 bytes



======Scheduled tasks folder======



C:\Windows\tasks\GlaryInitialize.job

C:\Windows\tasks\Google Software Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-326079992-3645070703-3661207174-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-326079992-3645070703-3661207174-1000UA.job

C:\Windows\tasks\User_Feed_Synchronization-{48122CB1-D985-4060-A15E-750AE22F624D}.job



======Registry dump======



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{09900DE8-1DCA-443F-9243-26FF581438AF} - ???????@Mail.Ru - C:\PROGRA~1\Mail.Ru\Sputnik\MAILRU~1.DLL [2008-10-30 534016]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll []



[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2007-05-22 200704]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]

C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll [2007-03-07 112304]



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]



[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0



[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=157



[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=



[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"



[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]

shell\AutoRun\command - G:\LaunchU3.exe -a



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a15ff1d-e5f5-11dc-9eb1-001b386d47fc}]

shell\Auto\command - G:\AdobeR.exe e

shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\AdobeR.exe e



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7874d95c-f9aa-11dc-bab7-001b386d47fc}]

shell\AutoRun\command - G:\LaunchU3.exe -a



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c96c8a0d-5733-11dd-b061-001b386d47fc}]

shell\1\command - F:\.\recycled\info.exe

shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\.\recycled\info.exe



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8f43573-fb25-11dc-9d8f-001b386d47fc}]

shell\1\command - G:\.\recycled\info.exe

shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\.\recycled\info.exe



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eee74472-c85c-11dc-a9a8-001b386d47fc}]

shell\AUToplay\command - F:\plijku.exe

shell\AutoRun\command - F:\plijku.exe

shell\explore\command - F:\plijku.exe

shell\opeN\command - F:\plijku.exe



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eee745e5-c85c-11dc-a9a8-001b386d47fc}]

shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe

shell\Open(0)\command - F:\Recycled\ctfmon.exe





======File associations======



.bat - edit - %SystemRoot%\System32\NOTEPAD.EXE %1"

.ini - open - %SystemRoot%\System32\NOTEPAD.EXE %1"

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

.scr - open -

.scr - install -

.scr - config -



======List of files/folders created in the last 3 months======



2009-11-13 00:14:24 ----D---- C:\rsit

2009-11-12 13:44:46 ----D---- C:\Program Files\QuickTime

2009-11-12 13:44:46 ----D---- C:\Program Files\Java

2009-11-12 13:44:39 ----D---- C:\ProgramData\Apple Computer

2009-11-12 13:43:32 ----SHD---- C:\Config.Msi

2009-11-12 13:40:31 ----D---- C:\Program Files\Common Files\Apple

2009-11-12 13:40:10 ----D---- C:\Program Files\Apple Software Update

2009-11-12 13:40:09 ----D---- C:\ProgramData\Apple

2009-11-11 22:03:46 ----D---- C:\ProgramData\Avira

2009-11-11 22:03:46 ----D---- C:\Program Files\Avira

2009-11-11 21:31:55 ----D---- C:\Program Files\Secunia

2009-11-11 16:27:54 ----A---- C:\Windows\system32\WSDApi.dll

2009-11-09 16:37:28 ----A---- C:\Windows\system32\wbload.dll

2009-11-09 16:37:27 ----A---- C:\Windows\system32\wbsys.dll

2009-11-09 16:37:25 ----D---- C:\Program Files\Stardock

2009-11-09 16:29:08 ----A---- C:\Windows\system32\XAudio2_5.dll

2009-11-09 16:29:08 ----A---- C:\Windows\system32\xactengine3_5.dll

2009-11-09 16:29:07 ----A---- C:\Windows\system32\d3dx11_42.dll

2009-11-09 16:29:07 ----A---- C:\Windows\system32\d3dx10_42.dll

2009-11-09 16:29:07 ----A---- C:\Windows\system32\d3dcsx_42.dll

2009-11-09 16:29:07 ----A---- C:\Windows\system32\D3DCompiler_42.dll

2009-11-09 16:29:06 ----A---- C:\Windows\system32\D3DX9_42.dll

2009-11-09 16:29:06 ----A---- C:\Windows\system32\D3DX9_41.dll

2009-11-09 16:29:06 ----A---- C:\Windows\system32\d3dx10_41.dll

2009-11-09 16:29:06 ----A---- C:\Windows\system32\D3DCompiler_41.dll

2009-11-09 16:29:05 ----A---- C:\Windows\system32\XAudio2_4.dll

2009-11-09 16:29:05 ----A---- C:\Windows\system32\XAPOFX1_3.dll

2009-11-09 16:29:05 ----A---- C:\Windows\system32\xactengine3_4.dll

2009-11-09 16:29:05 ----A---- C:\Windows\system32\X3DAudio1_6.dll

2009-11-09 16:29:04 ----A---- C:\Windows\system32\XAudio2_3.dll

2009-11-09 16:29:04 ----A---- C:\Windows\system32\XAPOFX1_2.dll

2009-11-09 16:29:04 ----A---- C:\Windows\system32\D3DX9_40.dll

2009-11-09 16:29:04 ----A---- C:\Windows\system32\d3dx10_40.dll

2009-11-09 16:29:04 ----A---- C:\Windows\system32\D3DCompiler_40.dll

2009-11-09 16:29:03 ----A---- C:\Windows\system32\XAudio2_2.dll

2009-11-09 16:29:03 ----A---- C:\Windows\system32\XAPOFX1_1.dll

2009-11-09 16:29:03 ----A---- C:\Windows\system32\xactengine3_3.dll

2009-11-09 16:29:03 ----A---- C:\Windows\system32\X3DAudio1_5.dll

2009-11-09 16:29:00 ----A---- C:\Windows\system32\XAPOFX1_0.dll

2009-11-09 16:29:00 ----A---- C:\Windows\system32\xactengine3_2.dll

2009-11-09 16:29:00 ----A---- C:\Windows\system32\D3DX9_39.dll

2009-11-09 16:29:00 ----A---- C:\Windows\system32\d3dx10_39.dll

2009-11-09 16:29:00 ----A---- C:\Windows\system32\D3DCompiler_39.dll

2009-11-09 16:28:59 ----A---- C:\Windows\system32\XAudio2_1.dll

2009-11-09 16:28:59 ----A---- C:\Windows\system32\xactengine3_1.dll

2009-11-09 16:28:59 ----A---- C:\Windows\system32\X3DAudio1_4.dll

2009-11-09 16:28:58 ----A---- C:\Windows\system32\XAudio2_0.dll

2009-11-09 16:28:58 ----A---- C:\Windows\system32\xactengine3_0.dll

2009-11-09 16:28:58 ----A---- C:\Windows\system32\D3DX9_38.dll

2009-11-09 16:28:58 ----A---- C:\Windows\system32\d3dx10_38.dll

2009-11-09 16:28:58 ----A---- C:\Windows\system32\D3DCompiler_38.dll

2009-11-09 16:28:57 ----A---- C:\Windows\system32\X3DAudio1_3.dll

2009-11-09 16:28:57 ----A---- C:\Windows\system32\D3DX9_37.dll

2009-11-09 16:28:57 ----A---- C:\Windows\system32\d3dx10_37.dll

2009-11-09 16:28:57 ----A---- C:\Windows\system32\D3DCompiler_37.dll

2009-11-09 16:28:56 ----A---- C:\Windows\system32\xactengine2_10.dll

2009-11-09 16:28:56 ----A---- C:\Windows\system32\d3dx9_36.dll

2009-11-09 16:28:56 ----A---- C:\Windows\system32\d3dx10_36.dll

2009-11-09 16:28:56 ----A---- C:\Windows\system32\D3DCompiler_36.dll

2009-11-09 16:28:55 ----A---- C:\Windows\system32\xactengine2_9.dll

2009-11-09 16:28:55 ----A---- C:\Windows\system32\d3dx10_35.dll

2009-11-09 16:28:55 ----A---- C:\Windows\system32\D3DCompiler_35.dll

2009-11-09 16:28:54 ----A---- C:\Windows\system32\X3DAudio1_2.dll

2009-11-09 16:28:54 ----A---- C:\Windows\system32\d3dx9_35.dll

2009-11-09 16:28:49 ----A---- C:\Windows\system32\xactengine2_5.dll

2009-11-09 16:28:49 ----A---- C:\Windows\system32\d3dx10.dll

2009-11-09 16:28:48 ----A---- C:\Windows\system32\xactengine2_4.dll

2009-11-09 16:28:46 ----A---- C:\Windows\system32\xinput1_2.dll

2009-11-09 16:28:46 ----A---- C:\Windows\system32\xactengine2_3.dll

2009-11-09 16:28:46 ----A---- C:\Windows\system32\d3dx9_31.dll

2009-11-09 16:28:45 ----A---- C:\Windows\system32\xinput1_1.dll

2009-11-09 16:28:45 ----A---- C:\Windows\system32\xactengine2_2.dll

2009-11-09 16:28:44 ----A---- C:\Windows\system32\xactengine2_1.dll

2009-11-09 16:28:28 ----A---- C:\Windows\system32\xactengine2_0.dll

2009-11-09 16:28:28 ----A---- C:\Windows\system32\x3daudio1_0.dll

2009-11-09 16:28:28 ----A---- C:\Windows\system32\d3dx9_30.dll

2009-11-09 16:28:26 ----A---- C:\Windows\system32\d3dx9_29.dll

2009-11-09 16:28:25 ----A---- C:\Windows\system32\d3dx9_28.dll

2009-11-09 16:28:23 ----A---- C:\Windows\system32\d3dx9_27.dll

2009-11-09 16:28:21 ----A---- C:\Windows\system32\d3dx9_26.dll

2009-11-09 16:28:16 ----A---- C:\Windows\system32\d3dx9_24.dll

2009-11-09 07:54:03 ----D---- C:\ProgramData\Google Updater

2009-11-08 20:24:38 ----A---- C:\Windows\system32\CmdLineExt.dll

2009-11-08 20:22:38 ----D---- C:\Windows\system32\URTTEMP

2009-11-08 20:16:27 ----D---- C:\Program Files\2K Games

2009-11-08 02:28:02 ----D---- C:\ProgramData\WindowsSearch

2009-11-08 01:36:17 ----SHD---- C:\$RECYCLE.BIN

2009-11-07 23:50:41 ----A---- C:\Windows\system32\javaws.exe

2009-11-07 23:50:41 ----A---- C:\Windows\system32\javaw.exe

2009-11-07 23:50:41 ----A---- C:\Windows\system32\java.exe

2009-11-07 22:00:31 ----D---- C:\Program Files\Trend Micro

2009-11-07 16:59:51 ----A---- C:\Windows\system32\PnkBstrA.exe

2009-11-07 16:58:28 ----A---- C:\Windows\system32\PnkBstrB.exe

2009-11-07 16:57:13 ----RHD---- C:\Users\Q\AppData\Roaming\SecuROM

2009-11-07 16:38:30 ----A---- C:\Windows\system32\xactengine2_8.dll

2009-11-07 16:38:29 ----A---- C:\Windows\system32\d3dx9_34.dll

2009-11-07 16:38:29 ----A---- C:\Windows\system32\d3dx10_34.dll

2009-11-07 16:38:29 ----A---- C:\Windows\system32\D3DCompiler_34.dll

2009-11-07 16:38:28 ----A---- C:\Windows\system32\xinput1_3.dll

2009-11-07 16:38:28 ----A---- C:\Windows\system32\xactengine2_7.dll

2009-11-07 16:38:28 ----A---- C:\Windows\system32\d3dx10_33.dll

2009-11-07 16:38:28 ----A---- C:\Windows\system32\D3DCompiler_33.dll

2009-11-07 16:38:27 ----A---- C:\Windows\system32\d3dx9_33.dll

2009-11-07 16:38:26 ----A---- C:\Windows\system32\xactengine2_6.dll

2009-11-07 16:38:26 ----A---- C:\Windows\system32\x3daudio1_1.dll

2009-11-05 19:06:17 ----D---- C:\Users\Q\AppData\Roaming\Pegasys Inc

2009-11-04 15:35:25 ----A---- C:\Windows\system32\mshtml.dll

2009-10-27 19:20:27 ----A---- C:\Windows\system32\wmp.dll

2009-10-27 19:20:21 ----A---- C:\Windows\system32\unregmp2.exe

2009-10-27 19:19:59 ----A---- C:\Windows\system32\wmploc.DLL

2009-10-20 07:16:07 ----A---- C:\Windows\system32\wups2.dll

2009-10-20 07:16:06 ----A---- C:\Windows\system32\wucltux.dll

2009-10-20 07:16:06 ----A---- C:\Windows\system32\wuaueng.dll

2009-10-20 07:16:06 ----A---- C:\Windows\system32\wuauclt.exe

2009-10-20 07:15:33 ----A---- C:\Windows\system32\wups.dll

2009-10-20 07:15:33 ----A---- C:\Windows\system32\wudriver.dll

2009-10-20 07:15:33 ----A---- C:\Windows\system32\wuapi.dll

2009-10-20 07:15:14 ----A---- C:\Windows\system32\wuwebv.dll

2009-10-20 07:15:14 ----A---- C:\Windows\system32\wuapp.exe

2009-10-15 16:44:28 ----A---- C:\Windows\system32\msasn1.dll

2009-10-15 16:44:16 ----A---- C:\Windows\system32\msv1_0.dll

2009-10-15 16:43:42 ----A---- C:\Windows\system32\ntoskrnl.exe

2009-10-15 16:43:40 ----A---- C:\Windows\system32\ntkrnlpa.exe

2009-10-15 16:42:48 ----A---- C:\Windows\system32\ieframe.dll

2009-10-15 16:42:46 ----A---- C:\Windows\system32\iertutil.dll

2009-10-15 16:42:45 ----A---- C:\Windows\system32\urlmon.dll

2009-10-15 16:42:44 ----A---- C:\Windows\system32\wininet.dll

2009-10-15 16:42:42 ----A---- C:\Windows\system32\occache.dll

2009-10-15 16:42:42 ----A---- C:\Windows\system32\msfeeds.dll

2009-10-15 16:42:41 ----A---- C:\Windows\system32\iedkcs32.dll

2009-10-15 16:42:38 ----A---- C:\Windows\system32\ieui.dll

2009-10-15 16:42:38 ----A---- C:\Windows\system32\iepeers.dll

2009-10-15 16:42:37 ----A---- C:\Windows\system32\msfeedsbs.dll

2009-10-15 16:42:37 ----A---- C:\Windows\system32\jsproxy.dll

2009-10-15 16:42:37 ----A---- C:\Windows\system32\ieUnatt.exe

2009-10-15 16:42:37 ----A---- C:\Windows\system32\iesysprep.dll

2009-10-15 16:42:35 ----A---- C:\Windows\system32\msfeedssync.exe

2009-10-15 16:42:35 ----A---- C:\Windows\system32\iesetup.dll

2009-10-15 16:42:35 ----A---- C:\Windows\system32\iernonce.dll

2009-10-15 16:42:35 ----A---- C:\Windows\system32\ie4uinit.exe

2009-10-15 16:41:48 ----A---- C:\Windows\system32\WMSPDMOD.DLL

2009-10-06 09:16:16 ----D---- C:\Program Files\Common Files\DivX Shared

2009-10-02 18:06:06 ----N---- C:\Windows\system32\MpSigStub.exe

2009-09-19 16:44:01 ----D---- C:\Users\Q\AppData\Roaming\skypePM

2009-09-19 16:40:05 ----D---- C:\Users\Q\AppData\Roaming\Skype

2009-09-19 16:38:01 ----D---- C:\Program Files\Common Files\Skype

2009-09-19 16:38:01 ----A---- C:\Windows\system32\kerberos.dll

2009-09-19 16:37:59 ----A---- C:\Windows\system32\wdigest.dll

2009-09-19 16:37:57 ----RD---- C:\Program Files\Skype

2009-09-19 16:37:56 ----A---- C:\Windows\system32\schannel.dll

2009-09-19 16:37:54 ----A---- C:\Windows\system32\lsasrv.dll

2009-09-19 16:37:50 ----A---- C:\Windows\system32\secur32.dll

2009-09-19 16:37:50 ----A---- C:\Windows\system32\lsass.exe

2009-09-19 16:37:27 ----D---- C:\ProgramData\Skype

2009-09-18 19:26:58 ----A---- C:\Windows\PR1.INI

2009-09-13 11:42:22 ----D---- C:\Program Files\XRECODE

2009-09-13 11:36:39 ----A---- C:\Windows\system32\WMAFile.dll

2009-09-13 11:36:39 ----A---- C:\Windows\system32\AudPlayer.dll

2009-09-13 11:36:39 ----A---- C:\Windows\system32\AudioVisu.dll

2009-09-13 11:36:39 ----A---- C:\Windows\system32\AudioRecord.dll

2009-09-13 11:36:39 ----A---- C:\Windows\system32\AudioInfos.dll

2009-09-13 11:36:38 ----A---- C:\Windows\system32\AudFile.dll

2009-09-13 11:36:38 ----A---- C:\Windows\system32\AudDisplay.dll

2009-09-13 11:36:38 ----A---- C:\Windows\system32\AudDesign.dll

2009-09-13 11:36:37 ----A---- C:\Windows\system32\TABCTFR.DLL

2009-09-13 11:29:27 ----D---- C:\Users\Q\AppData\Roaming\Audacity

2009-09-13 11:28:51 ----D---- C:\Program Files\Audacity 1.3 Beta (Unicode)

2009-09-10 08:29:58 ----A---- C:\Windows\system32\jscript.dll

2009-09-10 08:29:39 ----A---- C:\Windows\system32\netiohlp.dll

2009-09-10 08:29:36 ----A---- C:\Windows\system32\TCPSVCS.EXE

2009-09-10 08:29:36 ----A---- C:\Windows\system32\NETSTAT.EXE

2009-09-10 08:29:36 ----A---- C:\Windows\system32\HOSTNAME.EXE

2009-09-10 08:29:36 ----A---- C:\Windows\system32\finger.exe

2009-09-10 08:29:36 ----A---- C:\Windows\system32\ARP.EXE

2009-09-10 08:29:35 ----A---- C:\Windows\system32\ROUTE.EXE

2009-09-10 08:29:35 ----A---- C:\Windows\system32\MRINFO.EXE

2009-09-10 08:29:34 ----A---- C:\Windows\system32\netevent.dll

2009-09-10 08:28:45 ----A---- C:\Windows\system32\wlanmsm.dll

2009-09-10 08:28:45 ----A---- C:\Windows\system32\L2SecHC.dll

2009-09-10 08:28:44 ----A---- C:\Windows\system32\wlansec.dll

2009-09-10 08:28:43 ----A---- C:\Windows\system32\wlanapi.dll

2009-09-10 08:28:42 ----A---- C:\Windows\system32\wlansvc.dll

2009-09-10 08:28:33 ----A---- C:\Windows\system32\WMVCORE.DLL

2009-09-10 08:28:32 ----A---- C:\Windows\system32\mf.dll

2009-09-09 09:15:44 ----D---- C:\Program Files\CFWebAdvancedU

2009-09-08 21:20:28 ----D---- C:\Program Files\Common Files\Logitech

2009-09-07 19:10:28 ----D---- C:\Users\Q\AppData\Roaming\Leadertech

2009-09-07 19:10:06 ----A---- C:\Windows\system32\LVUI2RC.dll

2009-09-07 19:10:06 ----A---- C:\Windows\system32\LVUI2.dll

2009-09-07 19:10:06 ----A---- C:\Windows\system32\lvcoinst.ini

2009-09-07 19:10:06 ----A---- C:\Windows\system32\lvcodec2.dll

2009-09-07 19:10:06 ----A---- C:\Windows\system32\lvci11801048.dll

2009-09-07 19:07:56 ----D---- C:\ProgramData\Logishrd

2009-09-07 19:07:55 ----D---- C:\Program Files\Common Files\LogiShrd

2009-09-07 19:07:46 ----D---- C:\ProgramData\Logitech

2009-09-07 19:07:44 ----D---- C:\Program Files\Logitech

2009-09-05 14:47:25 ----A---- C:\Windows\system32\msado15.dll

2009-09-05 14:31:10 ----AS---- C:\Windows\system32\WINSKFR.DLL

2009-09-05 14:31:10 ----AS---- C:\Windows\system32\VB6STKIT.DLL

2009-09-05 14:31:10 ----AS---- C:\Windows\system32\stdftfr.dll

2009-09-05 14:31:10 ----AS---- C:\Windows\system32\shmedia.dll

2009-09-05 14:31:10 ----AS---- C:\Windows\system32\shdoclc.dll

2009-09-05 14:31:05 ----AS---- C:\Windows\system32\msjro.dll

2009-09-05 14:31:04 ----AS---- C:\Windows\system32\MSDBRPTR.DLL

2009-09-05 14:31:04 ----AS---- C:\Windows\system32\MSCC2FR.DLL

2009-09-05 14:31:04 ----AS---- C:\Windows\system32\MSBIND.DLL

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\INETFR.DLL

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\ijl11.dll

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\hxvz.dll

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\hticons.dll

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\glut32.dll

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\ftdbcf.dll

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\FLXGDFR.DLL

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DBRPRFR.DLL

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DBLSTFR.DLL

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DBGRDFR.DLL

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DATRPFR.DLL

2009-09-05 14:31:03 ----AS---- C:\Windows\system32\DATGDFR.DLL

2009-09-05 14:31:02 ----AS---- C:\Windows\system32\CMCTLFR.DLL

2009-09-05 14:31:02 ----AS---- C:\Windows\system32\CMCT3FR.DLL

2009-09-05 14:31:02 ----AS---- C:\Windows\system32\CMCT2FR.DLL

2009-09-05 14:31:02 ----AS---- C:\Windows\system32\cdfview.dll

2009-09-05 14:31:02 ----AS---- C:\Windows\system32\ADODCFR.DLL

2009-09-04 20:22:06 ----D---- C:\Users\Q\AppData\Roaming\Anuman Interactive

2009-09-03 06:33:52 ----A---- C:\Windows\system32\Apphlpdm.dll

2009-09-03 06:33:50 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll

2009-09-02 18:55:44 ----D---- C:\Users\Q\AppData\Roaming\Scatlaws

2009-09-02 16:09:59 ----D---- C:\Program Files\Google

2009-08-31 22:39:19 ----A---- C:\Windows\system32\MSDBRPT.DLL

2009-08-31 22:39:19 ----A---- C:\Windows\system32\MSCmCFR.dll

2009-08-31 22:39:19 ----A---- C:\Windows\system32\CmDlgFR.dll

2009-08-31 22:39:18 ----A---- C:\Windows\system32\Vb6fr.dll

20

2 réponses

Réponse 1 / 2
Dr Mouse Messages postés 363 Date d'inscription dimanche 13 septembre 2009 Statut Membre Dernière intervention 1 février 2011 57
13 nov. 2009 à 18:36
Je viens d'analyser consciencieusement tout ça. Ben t'es mal. Très mal.
0
tias35 Messages postés 32 Date d'inscription dimanche 28 septembre 2008 Statut Membre Dernière intervention 15 novembre 2009
13 nov. 2009 à 18:40
merci de ta reponse mais pourais tu m/en dire plus stp?
0
Réponse 2 / 2
Utilisateur anonyme
13 nov. 2009 à 18:58
Salut

Tu es dans le forum Windows ici, pour les problèmes d'infection il y a un forum Virus/Sécurité

Je vais donc demander qu'on y déplace ta question.

P.s: ça ne sert pas à grand chose de faire des rapports avec quoi que ce soit si on ne les comprend pas. Il vaut mieux attendre l'aide de quelqu'un qui connait (très) bien ce domaine.

Bonne chance pour la suite!
0
tias35 Messages postés 32 Date d'inscription dimanche 28 septembre 2008 Statut Membre Dernière intervention 15 novembre 2009
13 nov. 2009 à 19:05
bonjour et merci scarface72 de ta reponse. Je n'ai fais que suivre les explication dites dans les astuce de CCM c pour cela que je vous presentes mes rapports car mon pc rame enormement et anormalement.
0

Discussions similaires

Moi je fais des petites bulles
sonny21250 -
sonny21250 -

2 réponses
Tous les paragraphes sont considérés comme des titres
FranckS -
romain -

3 réponses
probleme son pas claire??
zizou-pilo -
Julien84 -

1 réponse
Bulle = escroquerie
nat -
maaliine -

115 réponses
question C2I
el_madridista -
orgone -

5 réponses