Spiderman
2008-02-09, 15:54
Hello,
I was trying Mediacoder ver 0.6.1 build 4048 and one day later avg(free edition) gave me a message that its uninstaller is infected with a virus which I healed. But now I am unable to uninstall the Mediacoder from my PC. I try to download it again from the site to try to reinstall it so that i can uninstall it properly but at the end of the download AVG is detecting a virus in it (which it did not do the first time I downloaded) and now I cannot uninstall it. I tried revouinstaller but was unsuccessfull. I should be grateful if you could help me please.
I believe the program purposely did that, may I have ur opinion also.
Thanking you in advance
Please see attached 7-zip file
Spiderman
2008-02-10, 02:32
Hello,
I was trying Mediacoder ver 0.6.1 build 4048 and one day later avg(free edition) gave me a message that its uninstaller is infected with a virus which I healed. But now I am unable to uninstall the Mediacoder from my PC. I try to download it again from the site to try to reinstall it so that i can uninstall it properly but at the end of the download AVG is detecting a virus in it (which it did not do the first time I downloaded) and now I cannot uninstall it. I tried revouinstaller but was unsuccessfull. I should be grateful if you could help me please.
I believe the program purposely did that, may I have ur opinion also.
Thanking you in advance
Please see attached 7-zip file
I could not paste all log file at one go as its too long but its in the attached file.
Thank you very much and sorry for the misunderstanding.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, February 09, 2008 8:24:57 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 8/02/2008
Kaspersky Anti-Virus database records: 555684
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
Scan Statistics:
Total number of scanned objects: 190172
Number of viruses found: 16
Number of infected objects: 59
Number of suspicious objects: 0
Duration of the scan process: 08:57:27
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\AVG7\Log\emc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Grisoft\Avg7Data\avg7log.log.lck Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf6a4b743eca729a7b999cea417f0e89_23733626-bdf9-4b77-a0ff-ca7f1c8d9074 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\ebda68a45f0a1bdec0aa79c628e25539_23733626-bdf9-4b77-a0ff-ca7f1c8d9074 Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\30\16a3329e-50dc6f6c/BlackBox.class Infected: Trojan.Java.ClassLoader.a skipped
C:\Documents and Settings\Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\30\16a3329e-50dc6f6c/VerifierBug.class Infected: Trojan.Java.ClassLoader.u skipped
C:\Documents and Settings\Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\30\16a3329e-50dc6f6c/Dummy.class Infected: Trojan.Java.Nocheat skipped
C:\Documents and Settings\Propriétaire\Application Data\Sun\Java\Deployment\cache\6.0\30\16a3329e-50dc6f6c ZIP: infected - 3 skipped
C:\Documents and Settings\Propriétaire\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Propriétaire\Mes documents\Mes fichiers reçus\album3n72.zip/album372.JPeG-zaffreen@hotmail.com Infected: Trojan-Downloader.Win32.Banload.gxs skipped
C:\Documents and Settings\Propriétaire\Mes documents\Mes fichiers reçus\album3n72.zip ZIP: infected - 1 skipped
C:\Documents and Settings\Propriétaire\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Propriétaire\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Azureus_old\Shared\Fanaa 2006-MP3-VBR-320Kbps[DJLUV]\00 Fanaa front.jpg Object is locked skipped
C:\Program Files\Azureus_old\Shared\Fanaa 2006-MP3-VBR-320Kbps[DJLUV]\01 - Shaan & Kailash Kher - Chand Sifarish [DJLUV].mp3 Object is locked skipped
C:\Program Files\Azureus_old\Shared\Fanaa 2006-MP3-VBR-320Kbps[DJLUV]\02 - Sonu Nigam, Sunidhi Chauhan, Aamir Khan, Kajol - Mere Haath Mein [DJLUV].mp3 Object is locked skipped
C:\Program Files\Azureus_old\Shared\Fanaa 2006-MP3-VBR-320Kbps[DJLUV]\03 - Mahalaxmi Iyer - Des Rangila [DJLUV].mp3 Object is locked skipped
C:\Program Files\Azureus_old\Shared\Fanaa 2006-MP3-VBR-320Kbps[DJLUV]\04 - Sonu Nigam, Sunidhi Chauhan - Dekho Na [DJLUV].mp3 Object is locked skipped
C:\Program Files\Azureus_old\Shared\Fanaa 2006-MP3-VBR-320Kbps[DJLUV]\05 - Babul Supriyo, Mahalaxmi Iyer, Master Akshay Bhagwat, Aamir Khan, Kajol - Chanda Chamke [DJLUV].mp3 Object is locked skipped
C:\Program Files\Azureus_old\Shared\Fanaa 2006-MP3-VBR-320Kbps[DJLUV]\06 - Instrumental - Destroyed In Love [Lounge Mix][DJLUV].mp3 Object is locked skipped
C:\Program Files\Azureus_old\Shared\Fanaa 2006-MP3-VBR-320Kbps[DJLUV]\07 - DJ Aqeel - Fanaa For You [Chand Sifarish Club Mix][DJLUV].mp3 Object is locked skipped
C:\Program Files\RAR Password Cracker\rpc.exe Infected: not-a-virus:PSWTool.Win32.RARPassCrack.a skipped
C:\System Volume Information\_restore{1635FFAD-B2E5-4B29-B461-ECA7F325BEB0}\RP181\A0023873.exe Object is locked skipped
C:\System Volume Information\_restore{1635FFAD-B2E5-4B29-B461-ECA7F325BEB0}\RP181\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{AB553F3A-BE44-45AA-82A4-5916C704A6E4}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\For_PC\CloneCDV4\To_be_used\cr-c4319.exe Object is locked skipped
D:\For_PC\Overnet\overnet0.52.exe/data0014/unknown2.bin Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
D:\For_PC\Overnet\overnet0.52.exe/data0014 Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
D:\For_PC\Overnet\overnet0.52.exe NSIS: infected - 2 skipped
D:\For_PC\Overnet\P2P - eDonkey Overnet v052 + Crack + Config ADSL.zip/Overnet_v052 (Setup).exe/data0014/unknown2.bin Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
D:\For_PC\Overnet\P2P - eDonkey Overnet v052 + Crack + Config ADSL.zip/Overnet_v052 (Setup).exe/data0014 Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
D:\For_PC\Overnet\P2P - eDonkey Overnet v052 + Crack + Config ADSL.zip/Overnet_v052 (Setup).exe Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
D:\For_PC\Overnet\P2P - eDonkey Overnet v052 + Crack + Config ADSL.zip ZIP: infected - 3 skipped
D:\For_PC\RAR_password_crackerV412\23.09 RARPasswordCr.rar/rpc.exe Infected: not-a-virus:PSWTool.Win32.RARPassCrack.a skipped
D:\For_PC\RAR_password_crackerV412\23.09 RARPasswordCr.rar RAR: infected - 1 skipped
D:\For_PC\Scansoft\Scansoft PDF Converter 1.0 multilanguage + activationprog\crack\SHKPC10.EXE Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
E:\For_PC\Accent_office_passwd_rec_word_excel_access_v2p10\Maybenot4it\Advanced Password Recovery - (Ace, Excel, Pdf, Zip, Icq, Rar, Access, Office, Outlook).rar/AdvPassw/Advanced Rar Password Recovery v1.11/DISTINCT.RAR/setup.exe/WISE0039.BIN Infected: not-a-virus:PSWTool.Win32.OEPass.b skipped
E:\For_PC\Accent_office_passwd_rec_word_excel_access_v2p10\Maybenot4it\Advanced Password Recovery - (Ace, Excel, Pdf, Zip, Icq, Rar, Access, Office, Outlook).rar/AdvPassw/Advanced Rar Password Recovery v1.11/DISTINCT.RAR/setup.exe Infected: not-a-virus:PSWTool.Win32.OEPass.b skipped
E:\For_PC\Accent_office_passwd_rec_word_excel_access_v2p10\Maybenot4it\Advanced Password Recovery - (Ace, Excel, Pdf, Zip, Icq, Rar, Access, Office, Outlook).rar/AdvPassw/Advanced Rar Password Recovery v1.11/DISTINCT.RAR Infected: not-a-virus:PSWTool.Win32.OEPass.b skipped
E:\For_PC\Accent_office_passwd_rec_word_excel_access_v2p10\Maybenot4it\Advanced Password Recovery - (Ace, Excel, Pdf, Zip, Icq, Rar, Access, Office, Outlook).rar RAR: infected - 3 skipped
E:\For_PC\Advanced_Rar_password_recovery\Advance winrar password recovery 1.11+serial\Advanced Winrar password recovery 1.11+serial.zip/Advance winrar password recovery 1.11+serial/setup.exe/WISE0039.BIN Infected: not-a-virus:PSWTool.Win32.OEPass.b skipped
E:\For_PC\Advanced_Rar_password_recovery\Advance winrar password recovery 1.11+serial\Advanced Winrar password recovery 1.11+serial.zip/Advance winrar password recovery 1.11+serial/setup.exe Infected: not-a-virus:PSWTool.Win32.OEPass.b skipped
E:\For_PC\Advanced_Rar_password_recovery\Advance winrar password recovery 1.11+serial\Advanced Winrar password recovery 1.11+serial.zip ZIP: infected - 2 skipped
E:\For_PC\Antivirus\avast! antivirus v4.5 pro + keygen\avast! antivirus v4.5 pro keygen.exe Object is locked skipped
E:\For_PC\AUDIO_Extractor_v5p6p1\ossae.exe/data0002/NHInstall.exe Infected: not-a-virus:AdWare.Win32.NavExcel skipped
E:\For_PC\AUDIO_Extractor_v5p6p1\ossae.exe/data0002/v2.0.2.cab/NHUninstaller.exe Infected: not-a-virus:AdWare.Win32.NavExcel skipped
E:\For_PC\AUDIO_Extractor_v5p6p1\ossae.exe/data0002/v2.0.2.cab/NHUpdater.exe Infected: not-a-virus:AdWare.Win32.NavExcel skipped
E:\For_PC\AUDIO_Extractor_v5p6p1\ossae.exe/data0002/v2.0.2.cab/NHelper.dll Infected: not-a-virus:AdWare.Win32.NavExcel skipped
E:\For_PC\AUDIO_Extractor_v5p6p1\ossae.exe/data0002/v2.0.2.cab Infected: not-a-virus:AdWare.Win32.NavExcel skipped
E:\For_PC\AUDIO_Extractor_v5p6p1\ossae.exe/data0002 Infected: not-a-virus:AdWare.Win32.NavExcel skipped
E:\For_PC\AUDIO_Extractor_v5p6p1\ossae.exe/data0003/data0139 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
E:\For_PC\AUDIO_Extractor_v5p6p1\ossae.exe/data0003 Infected: not-a-virus:AdWare.Win32.HelpExpress skipped
E:\For_PC\AUDIO_Extractor_v5p6p1\ossae.exe Inno: infected - 8 skipped
E:\For_PC\CloneCDV4\To_be_used_old_ver\cr-c4319.exe Object is locked skipped
E:\For_PC\editors\install.exe/data0001.bin/file79 Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
E:\For_PC\editors\install.exe/data0001.bin Infected: not-a-virus:AdTool.Win32.WhenU.a skipped
E:\For_PC\editors\install.exe EmbeddedEXE: infected - 2 skipped
E:\For_PC\Exeem_from_supernov\eXeem0.20.exe/Stream/data0076/stream/data0006 Infected: not-a-virus:AdWare.Win32.SearchIt.p skipped
E:\For_PC\Exeem_from_supernov\eXeem0.20.exe/Stream/data0076/stream Infected: not-a-virus:AdWare.Win32.SearchIt.p skipped
E:\For_PC\Exeem_from_supernov\eXeem0.20.exe/Stream/data0076 Infected: not-a-virus:AdWare.Win32.SearchIt.p skipped
E:\For_PC\Exeem_from_supernov\eXeem0.20.exe/Stream Infected: not-a-virus:AdWare.Win32.SearchIt.p skipped
E:\For_PC\Exeem_from_supernov\eXeem0.20.exe Inno: infected - 4 skipped
E:\For_PC\Overnet\overnet0.52.exe/data0014/unknown2.bin Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
E:\For_PC\Overnet\overnet0.52.exe/data0014 Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
E:\For_PC\Overnet\overnet0.52.exe NSIS: infected - 2 skipped
E:\For_PC\Overnet\P2P - eDonkey Overnet v052 + Crack + Config ADSL.zip/Overnet_v052 (Setup).exe/data0014/unknown2.bin Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
E:\For_PC\Overnet\P2P - eDonkey Overnet v052 + Crack + Config ADSL.zip/Overnet_v052 (Setup).exe/data0014 Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
E:\For_PC\Overnet\P2P - eDonkey Overnet v052 + Crack + Config ADSL.zip/Overnet_v052 (Setup).exe Infected: not-a-virus:AdWare.Win32.Ucmore.e skipped
E:\For_PC\Overnet\P2P - eDonkey Overnet v052 + Crack + Config ADSL.zip ZIP: infected - 3 skipped
E:\For_PC\RAR_password_crackerV412\23.09 RARPasswordCr.rar/rpc.exe Infected: not-a-virus:PSWTool.Win32.RARPassCrack.a skipped
E:\For_PC\RAR_password_crackerV412\23.09 RARPasswordCr.rar RAR: infected - 1 skipped
E:\For_PC\RealOne\Realplus8_shareaza\ALLPLAYERANDCODECS.rar/--ALL !! PLAYER !! AND CODECS--you need this time ----ZOOM,BS, CORE, GDIVX,REAL8--OGG, DIVX, Xvid, Nimo5_Build_8, Smr, Vcd, Svcd, AVI_released_byC.H.B._GHG_07_2003/GDiVX 1.9.1.exe/data0007/SaveNow.exe Infected: not-a-virus:AdWare.Win32.SaveNow.w skipped
E:\For_PC\RealOne\Realplus8_shareaza\ALLPLAYERANDCODECS.rar/--ALL !! PLAYER !! AND CODECS--you need this time ----ZOOM,BS, CORE, GDIVX,REAL8--OGG, DIVX, Xvid, Nimo5_Build_8, Smr, Vcd, Svcd, AVI_released_byC.H.B._GHG_07_2003/GDiVX 1.9.1.exe/data0007/Uninst.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped
E:\For_PC\RealOne\Realplus8_shareaza\ALLPLAYERANDCODECS.rar/--ALL !! PLAYER !! AND CODECS--you need this time ----ZOOM,BS, CORE, GDIVX,REAL8--OGG, DIVX, Xvid, Nimo5_Build_8, Smr, Vcd, Svcd, AVI_released_byC.H.B._GHG_07_2003/GDiVX 1.9.1.exe/data0007 Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped
E:\For_PC\RealOne\Realplus8_shareaza\ALLPLAYERANDCODECS.rar/--ALL !! PLAYER !! AND CODECS--you need this time ----ZOOM,BS, CORE, GDIVX,REAL8--OGG, DIVX, Xvid, Nimo5_Build_8, Smr, Vcd, Svcd, AVI_released_byC.H.B._GHG_07_2003/GDiVX 1.9.1.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au skipped
E:\For_PC\RealOne\Realplus8_shareaza\ALLPLAYERANDCODECS.rar RAR: infected - 4 skipped
E:\For_PC\Scansoft\Scansoft PDF Converter 1.0 multilanguage + activationprog\crack\SHKPC10.EXE Object is locked skipped
E:\For_PC\Spyware_Adware_related\Spyware_remover_spyblocs_free_scan_only\SpywareVanisher.exe/FreeScanner.exe Infected: not-a-virus:FraudTool.Win32.SpywareVanish.a skipped
E:\For_PC\Spyware_Adware_related\Spyware_remover_spyblocs_free_scan_only\SpywareVanisher.exe SetupFactory: infected - 1 skipped
E:\Mohammad\privaria.exe/data0272 Infected: not-a-virus:RemoteAdmin.Win32.NetCat skipped
E:\Mohammad\privaria.exe/data0310 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.b skipped
E:\Mohammad\privaria.exe Inno: infected - 2 skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
E:\System Volume Information\_restore{1635FFAD-B2E5-4B29-B461-ECA7F325BEB0}\RP181\A0023874.exe Object is locked skipped
E:\System Volume Information\_restore{1635FFAD-B2E5-4B29-B461-ECA7F325BEB0}\RP181\change.log Object is locked skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Spiderman
2008-02-10, 02:33
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:33:07, on 2008-02-09
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe
C:\WINDOWS\System32\WgaTray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\internet explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\internet explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cyme.com/fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxy.biblio.polymtl.ca:8080/biblio
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [CommCtr] C:\PROGRA~1\NET2PH~1\CommCtr.exe -auto
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-842925246-1303643608-725345543-1000\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?824f06aeecd64943a8ddf88a9c2f657d
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?824f06aeecd64943a8ddf88a9c2f657d
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/094c80af0f7d19f01815/netzip/RdxIE601_fr.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://appldnld.apple.com.edgesuite.net/qtinstall.info.apple.com/lupin/us/win/QuickTimeInstaller.exe
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697514} (NsvPlayX Control) - http://www.nullsoft.com/nsv/embed/nsvplayx_vp3_mp3.cab
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} (Java Plug-in 1.5.0_02) -
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} (Java Plug-in 1.5.0_04) -
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://infolot.mrnf.gouv.qc.ca/ACGM/acgm.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vskype - (no CLSID) - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe
--
End of file - 8256 bytes