Tom's Guide > Forum > Sécurité - Virus > infection par spyxare secure sous vista

infection par spyxare secure sous vista

Forum Sécurité - Virus : infection par spyxare secure sous vista

TomsGuide.com : 800 000 inscrits répondent à toutes vos questions high-tech et informatique. Pour obtenir de l'aide, inscrivez-vous gratuitement !
Créer un nouveau sujet Répondre
Mot :    Pseudo :           
 
tondy   01-08-2007 à 11:00:09

Bonjour a tous,
Je suis nouveau ici mais j'ai un gros probleme. j'ai mon ordinateur portable qui est infeté par spyware secure etc... (cad que des fenetres souvrent lors de ma navigationsur le net).
Apres avoir fouinersur le net pour rechercher des solutions, j'ai trouver d'ou ca provenait (enfin je pense) et ca serait a l'origine : webmediaplayer.
J'ai essayé d'appliquer les solutions de différents forums mais ca ne marche pas (sous vista je pense) donc c'est pour ca que je me permet de demander de l'aide personnalisé.
Merci d'avance.
Sauvez moi j'ai besoin de mon ordi pour le taf et c'est trop chiant ces fenetres.
FLo

Répondre
Liens sponsorisés
Inscrivez-vous ou connectez-vous pour masquer ceci.
chercheur_   01-08-2007 à 11:36:58
- 0 +

Bonjour


Télécharge HijackThis v1.99.1
http://pchelpbordeaux.free.fr/logiciels.html
Tutorial
http://pchelpbordeaux.free.fr/tuto.html
Démo en image
http://perso.orange.fr/rginformati [...] hijack.htm

Fais un scan et poste l'analyse ici.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   01-08-2007 à 14:42:45
- 0 +

Merci chercheur pour la reponse.
Alors jai scané avec hijackthis et voici le rapport :

Logfile of HijackThis v1.99.1
Scan saved at 14:40:49, on 01/08/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Users\TonTy\AppData\Local\Microsoft\dzpfeapfbr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lequipe.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [dzpfeapfbr] c:\users\tonty\appdata\local\microsoft\dzpfeapfbr.exe dzpfeapfbr
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/ [...] rtdgi1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Que doi-je faire maintenant ?
Merci d'avance

Répondre à tondy
chercheur_   01-08-2007 à 14:47:10
- 0 +

On voit des fichiers infectieux, mais Hijackthis ne montre pas tout.

Télécharge SREng (par Smallfrogs) de ce lien:
http://www.kztechs.com/eng/download.html

Extrais tout son contenu sur ton Bureau
Du dossier sreng2 qui se trouve maintenant sur ton Bureau, double clique sur SREng.exe afin de lancer l'outil
Clique sur Smart Scan
Ensuite, clique sur le bouton [Scan]

Lorsque complété, clique sur le bouton [Save Reports]
Sauvegarde le rapport sur ton Bureau
Copie/colle le contenu du fichier SREnglLOG.log dans ta prochaine réponse

Attention, ton rapport sera surement trop long pour un seul message(vive Vista ..) , poste le en plusieurs fois.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   01-08-2007 à 15:51:55
- 0 +

Voila le rapport.
Merci pour ton aide chercheur



[CODE]

2007-08-01,15:31:03

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows Vista Home Premium Edition (Build 6000) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun> [(Verified)Microsoft Windows]
<TOSCDSPD><C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe> [TOSHIBA]
<MsnMsgr><"C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background> [(Verified)Microsoft Corporation]
<BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}><"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"> [(Verified)Nero AG]
<WMPNSCFG><C:\Program Files\Windows Media Player\WMPNSCFG.exe> [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide> [(Verified)Microsoft Windows]
<TPwrMain><%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE> [(Verified)TOSHIBA CORPORATION]
<HSON><%ProgramFiles%\TOSHIBA\TBS\HSON.exe> [(Verified)TOSHIBA CORPORATION]
<SmoothView><%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe> [(Verified)TOSHIBA CORPORATION]
<00TCrdMain><%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe> [(Verified)TOSHIBA CORPORATION]
<NvSvc><RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<RtHDVCpl><RtHDVCpl.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<LtMoh><C:\Program Files\ltmoh\Ltmoh.exe> [Agere Systems]
<NDSTray.exe><NDSTray.exe> [N/A]
<ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation]
<osCheck><"C:\Program Files\Norton Internet Security\osCheck.exe"> [(Verified)Symantec Corporation]
<topi><C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup> [TOSHIBA]
<Symantec PIF AlertEng><"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"> [N/A]
<Lexmark X1100 Series><"C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"> [N/A]
<NeroFilterCheck><C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe> [(Verified)Nero AG]
<dzpfeapfbr><c:\users\tonty\appdata\local\microsoft\dzpfeapfbr.exe dzpfeapfbr> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [N/A]

==================================
Startup Folders
[Lancement rapide d'Adobe Reader]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Microsoft Office]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[Lancement rapide d'Adobe Reader]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk --> C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [Adobe Systems Incorporated]><N>
[Microsoft Office]
<C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>

==================================
Services
[Agere Modem Call Progress Audio / AgereModemAudio][Running/Auto Start]
<C:\Windows\system32\agrsmsvc.exe><Agere Systems>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>
[ConfigFree Service / CFSvcs][Running/Auto Start]
<C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe><TOSHIBA CORPORATION>
[Symantec Lic NetConnect service / CLTNetCnService][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>
[COM Host / comHost][Stopped/Manual Start]
<"C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe"><Symantec Corporation>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Validation de mot de passe Symantec IS / ISPwdSvc][Stopped/Manual Start]
<"C:\Program Files\Norton Internet Security\isPwdSvc.exe"><Symantec Corporation>
[LiveUpdate / LiveUpdate][Stopped/Manual Start]
<"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation>
[LiveUpdate Notice Service Ex / LiveUpdate Notice Ex][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>
[LiveUpdate Notice Service / LiveUpdate Notice Service][Stopped/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"><Symantec Corporation>
[lxbk_device / lxbk_device][Running/Auto Start]
<C:\Windows\system32\lxbkcoms.exe -service><>
[NBService / NBService][Stopped/Manual Start]
<C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe><Nero AG>
[NMIndexingService / NMIndexingService][Running/Manual Start]
<"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"><Nero AG>
[Planificateur LiveUpdate automatique / Planificateur LiveUpdate automatique][Running/Auto Start]
<"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><Symantec Corporation>
[Symantec Core LC / Symantec Core LC][Running/Manual Start]
<"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec Corporation>
[Symantec AppCore Service / SymAppCore][Running/Auto Start]
<"C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"><Symantec Corporation>
[TOSHIBA Optical Disc Drive Service / TODDSrv][Running/Auto Start]
<C:\Windows\system32\TODDSrv.exe><TOSHIBA Corporation>
[TOSHIBA Power Saver / TosCoSrv][Running/Auto Start]
<"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"><TOSHIBA Corporation>
[TOSHIBA Bluetooth Service / TOSHIBA Bluetooth Service][Running/Auto Start]
<c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe><TOSHIBA CORPORATION>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[Windows Live Setup Service / WLSetupSvc][Stopped/Manual Start]
<"C:\Program Files\Windows Live\installer\WLSetupSvc.exe"><>

==================================
Drivers
[adp94xx / adp94xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[TOSHIBA V92 Software Modem / AgereSoftModem][Running/Manual Start]
<system32\DRIVERS\AGRSM.sys><Agere Systems>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
<\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[amdide / amdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\amdide.sys><Microsoft Corporation>
[arc / arc][Stopped/Disabled]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
<\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[AVG Anti-Rootkit / AVG Anti-Rootkit][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\avgarkt.sys><GRISOFT, s.r.o.>
[Avg Anti-Rootkit Clean Driver / AvgArCln][Running/System Start]
<System32\DRIVERS\AvgArCln.sys><GRISOFT, s.r.o.>
[blbdrive / blbdrive][Stopped/Disabled]
<\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Pilote de carte Intel (R) PRO / E100B][Running/Manual Start]
<system32\DRIVERS\e100b325.sys><Intel Corporation>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
<system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[Symantec Eraser Control driver / eeCtrl][Running/System Start]
<\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>
[elxstor / elxstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[EraserUtilRebootDrv / EraserUtilRebootDrv][Running/Manual Start]
<\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys><Symantec Corporation>
[Carte réseau virtuelle FreeBox USB / fbxusb][Stopped/Manual Start]
<system32\DRIVERS\fbxusb32.sys><FreeBox SA>
[FwLnk Driver / FwLnk][Running/Manual Start]
<system32\DRIVERS\FwLnk.sys><TOSHIBA Corporation>
[HpCISSs / HpCISSs][Stopped/Disabled]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
<\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[Symantec Intrusion Prevention Driver / IDSvix86][Running/System Start]
<\??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20070724.001\IDSvix86.sys><Symantec Corporation>
[iirsp / iirsp][Stopped/Disabled]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RTKVHDA.sys><Realtek Semiconductor Corp.>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[KR10I / KR10I][Stopped/Disabled]
<\SystemRoot\system32\drivers\kr10i.sys><TOSHIBA CORPORATION>
[KR10N / KR10N][Stopped/Disabled]
<\SystemRoot\system32\drivers\kr10n.sys><TOSHIBA CORPORATION>
[LSI_FC / LSI_FC][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[Logitech USB Monitor Filter / LVUSBSta][Stopped/Manual Start]
<system32\drivers\lvusbsta.sys><Logitech Inc.>
[megasas / megasas][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
<\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[NAVENG / NAVENG][Running/Manual Start]
<\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070731.016\NAVENG.SYS><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
<\??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20070731.016\NAVEX15.SYS><Symantec Corporation>
[Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits / NETw3v32][Stopped/Manual Start]
<system32\DRIVERS\NETw3v32.sys><Intel® Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
<\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvlddmkm / nvlddmkm][Running/Manual Start]
<system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
[nvraid / nvraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
<system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
<system32\DRIVERS\nwlnkfwd.sys><N/A>
[Logitech QuickCam Express(PID_0920) / PID_0920][Stopped/Manual Start]
<system32\DRIVERS\LV532AV.SYS><>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[SPBBCDrv / SPBBCDrv][Running/System Start]
<\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[SRTSP / SRTSP][Running/Manual Start]
<System32\Drivers\SRTSP.SYS><Symantec Corporation>
[SRTSPL / SRTSPL][Stopped/Manual Start]
<System32\Drivers\SRTSPL.SYS><Symantec Corporation>
[SRTSPX / SRTSPX][Running/System Start]
<System32\Drivers\SRTSPX.SYS><Symantec Corporation>
[SAMSUNG Mobile USB Device II 1.0 driver (WDM) / ssm_bus][Stopped/Manual Start]
<system32\DRIVERS\ssm_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem II 1.0 Filter / ssm_mdfl][Stopped/Manual Start]
<system32\DRIVERS\ssm_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem II 1.0 Drivers / ssm_mdm][Stopped/Manual Start]
<system32\DRIVERS\ssm_mdm.sys><MCCI>
[Symc8xx / Symc8xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[SYMDNS / SYMDNS][Running/Manual Start]
<\SystemRoot\System32\Drivers\SYMDNS.SYS><Symantec Corporation>
[SymEvent / SymEvent][Running/Manual Start]
<\??\C:\Windows\system32\Drivers\SYMEVENT.SYS><Symantec Corporation>
[SYMFW / SYMFW][Running/Manual Start]
<\SystemRoot\System32\Drivers\SYMFW.SYS><Symantec Corporation>
[SYMIDS / SYMIDS][Running/Manual Start]
<\SystemRoot\System32\Drivers\SYMIDS.SYS><Symantec Corporation>
[SYMNDISV / SYMNDISV][Running/Manual Start]
<\SystemRoot\System32\Drivers\SYMNDISV.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Running/Manual Start]
<\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
<\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[Sym_hi / Sym_hi][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[TOSHIBA Writing Engine Filter Driver / tdcmdpst][Running/Manual Start]
<system32\DRIVERS\tdcmdpst.sys><TOSHIBA Corporation.>
[tifm21 / tifm21][Running/Manual Start]
<system32\drivers\tifm21.sys><Texas Instruments>
[Bluetooth ACPI / tosrfec][Stopped/Manual Start]
<system32\DRIVERS\tosrfec.sys><TOSHIBA Corporation>
[TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver / TVALZ][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\TVALZ_O.SYS><TOSHIBA Corporation>
[uliahci / uliahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
<\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>

==================================
Browser Add-ons
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[]
{1E8A6170-7264-4D0F-BEAE-D42A53123C75} <C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll, Symantec Corporation>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll, Sun Microsystems, Inc.>
[eBay]
{C08CAF1D-C0A3-40D5-9970-06D067EAC017} <http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR, N/A>
[Show Norton Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} <C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll, Symantec Corporation>
[Module de délivrance de certificat MINEFI]
{04CB5B64-5915-4629-B869-8945CEBADD21} <C:\Windows\Downloaded Program Files\CERTDGI1.dll, Direction Générale des Impôts>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\Windows\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[Java Plug-in 1.6.0]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0]
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[Module de délivrance de certificat MINEFI]
{04CB5B64-5915-4629-B869-8945CEBADD21} <C:\Windows\Downloaded Program Files\CERTDGI1.dll, Direction Générale des Impôts>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\Windows\system32\macromed\Director\SwDir.dll, Adobe Systems, Inc.>
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B} <C:\Windows\system32\icardie.dll, Microsoft Corporation>
[]
{1E8A6170-7264-4D0F-BEAE-D42A53123C75} <C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll, Symantec Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, Microsoft Corporation>
[Shockwave ActiveX Control]
{233C1507-6A77-46A4-9443-F871F945D258} <C:\Windows\System32\Macromed\Director\swdir.dll, Adobe Systems, Inc.>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, N/A>
[Windows Media Services DRM Storage object]
{760C4B83-E211-11D2-BF3E-00805FBE84A6} <C:\Windows\System32\msnetobj.dll, Microsoft Corporation>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0\bin\ssv.dll, Sun Microsystems, Inc.>
[ToshOOBE.OOBE]
{77260B61-737B-41F1-886E-2C9914AE40D9} <c:\windows\system32\toshoobe.ocx, Toshiba Corporation>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, Microsoft Corporation>
[XML DOM Document 4.0]
{88D969C0-F192-11D4-A65F-0040963251E5} <C:\Windows\system32\msxml4.dll, Microsoft Corporation>
[XML HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5} <C:\Windows\system32\msxml4.dll, Microsoft Corporation>
[Java Plug-in 1.6.0]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll, Sun Microsystems, Inc.>
[Show Norton Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} <C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll, Symantec Corporation>
[AUDIO__X_MS_WAX Moniker Class]
{CD3AFA83-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[]
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL, Microsoft Corporation>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, N/A>
[E&xporter vers Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 400 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 528 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 576 / SYSTEM][C:\Windows\system32\wininit.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 584 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 620 / SYSTEM][C:\Windows\system32\services.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 636 / SYSTEM][C:\Windows\system32\lsass.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 644 / SYSTEM][C:\Windows\system32\lsm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 712 / SYSTEM][C:\Windows\system32\winlogon.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 840 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 896 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1028 / SERVICE LOCAL][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\srs_apo_suite_toshiba.dll] [SRS Labs, Inc., 1.2.0.0]
[C:\Windows\system32\com_srs_wowhd.dll] [SRS Labs, Inc., 1.0.6.0]
[C:\Windows\system32\com_srs_trusurroundxt.dll] [SRS Labs, Inc., 3, 1, 2, 0]
[C:\Windows\system32\Com_SRS_CSIIDecoder.dll] [SRS Labs, Inc., 3, 0, 2, 0]
[PID: 1056 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1088 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1220 / SERVICE RÉSEAU][C:\Windows\system32\SLsvc.exe] [Microsoft Corporation, 6.0.6000.16509 (vista_gdr.070620-1500)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1276 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1444 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1576][C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe] [Symantec Corporation, 106.2.0.21]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\NORTON~1\NORTON~1\AVPSVC32.DLL] [Symantec Corporation, 14.1.0.27]
[C:\PROGRA~1\NORTON~1\NORTON~1\AVPSVC32.loc] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Norton Internet Security\Norton AntiVirus\AVSubmit.dll] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Norton Internet Security\Norton AntiVirus\AVSubmit.loc] [Symantec Corporation, 14.1.0.27]
[C:\PROGRA~1\NORTON~1\ISDATASV.DLL] [Symantec Corporation, 10.1.1.1]
[C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\NPCWMIMN.DLL] [Symantec Corporation, 2007.1.02.11]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSVC.DLL] [Symantec Corporation, 7.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\ccL60.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBENG.DLL] [Symantec Corporation, 2.1.0.28]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBRES.loc] [Symantec Corporation, 2.1.0.28]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\TPROCPLG.DLL] [Symantec Corporation, 3.1.1.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSPLUG.DLL] [Symantec Corporation, 7.2.2.3]
[C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\PIFENG.DLL] [Symantec Corporation, 1.2.0.18]
[C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\FIREWALL\FWAGENT.DLL] [Symantec Corporation, 2.1.1.1]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] [Symantec Corporation, 3.1.1.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL] [Symantec Corporation, 10.1.5.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SYMNETI.DLL] [Symantec Corporation, 7.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 106.2.0.21]
[C:\Windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\NORTON~1\ISSVC.DLL] [Symantec Corporation, 10.1.0.26]
[C:\PROGRA~1\NORTON~1\NORTON~1\NAVEVENT.DLL] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\Firewall\FWHelper.dll] [Symantec Corporation, 2.1.1.1]
[C:\Program Files\Norton Internet Security\isDataCl.dll] [Symantec Corporation, 10.1.1.1]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Norton Internet Security\SetEvtHp.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\NcoItf.dll] [Symantec Corporation, 2007.1.3.6]
[C:\Program Files\Norton Internet Security\fwPlugin.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Norton Internet Security\fwEvent.dll] [Symantec Corporation, 10.1.0.38]
[C:\PROGRA~1\COMMON~1\SYMANT~1\OPC\{31011~1\CLTNETCN.DLL] [Symantec Corporation, 7.1.0.136]
[C:\Program Files\Norton Internet Security\IMCfg.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll] [Symantec Corporation, 3.1.1.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\PollMgr.dll] [Symantec Corporation, 1.2.0.18]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SubConn.dll] [Symantec Corporation, 2.1.0.28]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiDt.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\ccALEng.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\SPBBC\ccTrstPc.dll] [Symantec Corporation, 3.1.1.4]
[C:\Program Files\Common Files\Symantec Shared\ccScanw.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] [Symantec Corporation, 61.3.0.17]
[C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll] [Symantec Corporation, 3.2.10.0]
[C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll] [Symantec Corporation, 5.0.071.000]
[PID: 1656][C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe] [Symantec Corporation, 1.1.00.7]
[C:\Windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVScan.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AV.loc] [Symantec Corporation, 1.1.00.29]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\avDefMgr.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\avModule.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\QBackup.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll] [Symantec Corporation, 10.1.5.4]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccScanw.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] [Symantec Corporation, 61.3.0.17]
[C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll] [Symantec Corporation, 5.0.071.000]
[PID: 1776 / SYSTEM][C:\Windows\System32\spoolsv.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\System32\tbtmon.dll] [TOSHIBA CORPORATION., 5, 0, 810, 0]
[C:\Windows\System32\TosBtHcrpAPI.dll] [N/A, ]
[C:\Windows\System32\TosBtAPI.dll] [TOSHIBA CORPORATION., 5.00.6y25.0]
[C:\Windows\System32\TosBdAPI.dll] [TOSHIBA CORPORATION., 4, 1, 419, 0]
[C:\Windows\System32\tbtmon98Language.dll] [TOSHIBA CORPORATION., 5, 0, 724, 0]
[C:\Windows\System32\lxbklmpm.DLL] [ , 99.99.99.99]
[C:\Windows\system32\spool\PRTPROCS\W32X86\lxbkpp5c.dll] [Lexmark International Inc., 1.0.0.0]
[PID: 1800 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1348 / SYSTEM][C:\Windows\system32\agrsmsvc.exe] [Agere Systems, 2.1.73.0]
[PID: 1460 / SYSTEM][C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe] [TOSHIBA CORPORATION, 7, 0, 1, 6]
[C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll] [TOSHIBA CORPORATION, 7, 0, 1, 14]
[C:\Program Files\TOSHIBA\ConfigFree\CFWLAPI.dll] [TOSHIBA CORPORATION, 1, 0, 0, 11]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll] [TOSHIBA CORPORATION, 7, 0, 0, 11]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\MFC80FRA.DLL] [Microsoft Corporation, 8.00.50727.42]
[PID: 1840 / SYSTEM][C:\Windows\system32\lxbkcoms.exe] [ , 99.99.99.99]
[PID: 456][C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe] [Symantec Corporation, 3.2.0.41]
[C:\Program Files\Symantec\LiveUpdate\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Symantec\LiveUpdate\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[PID: 2084 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2104 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2124 / SYSTEM][C:\Windows\system32\TODDSrv.exe] [TOSHIBA Corporation, 1, 0, 0, 3]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2144 / SYSTEM][C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe] [TOSHIBA Corporation, 1.0.0.1]
[C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2180 / SYSTEM][c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe] [TOSHIBA CORPORATION, 1, 0, 1031, 0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2232 / SYSTEM][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 2260 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2288 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2636 / SYSTEM][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2444 / TonTy][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 432 / TonTy][C:\Windows\system32\Dwm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\nvd3dum.dll] [NVidia Corporation, 7.15.10.9746]
[PID: 2892 / TonTy][C:\Windows\Explorer.EXE] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\PROGRA~1\WI4EB4~1\wmpband.dll] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll] [Nero AG, 2, 9, 1, 0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.loc] [N/A, ]
[C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll] [Nero AG, 2, 9, 1, 0]
[C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\nvcpl.dll] [NVIDIA Corporation, 7.15.10.9746]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.10.9746]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.9.2006121800]
[PID: 2828 / TonTy][C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe] [TOSHIBA Corporation, 1.0.0.1]
[C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\TOSHIBA\Power Saver\TCooling.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll] [TOSHIBA Corporation, 1.0.0.1]
[PID: 3220 / TonTy][C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe] [TOSHIBA Corporation, 3, 0, 0, 2]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1128 / TonTy][C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe] [TOSHIBA Corporation, 1.0.0.7]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\6e654624542c6fa0f1bb3f6efdba1640\TCrdMain.ni.exe] [TOSHIBA Corporation, 1.0.0.7]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3b53dcf335a24dff03c7354dfebcb049\WindowsBase.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\05a907016da277d7fbfbb00d347e3d3c\PresentationCore.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\42c74db0a1a5378aab3f28b459240c17\PresentationFramework.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Program Files\TOSHIBA\FlashCards\fr\TCrdMain.resources.dll] [N/A, ]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\70c145ed25af403aa899ffcb633350b1\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\35a9f19f21aac42b979be321f1bb5fd4\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\system32\nvd3dum.dll] [NVidia Corporation, 7.15.10.9746]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96a636ef98d604b3ed8cf8fa80bf41a2\PresentationFramework.Aero.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll] [TOSHIBA Corporation, 1, 0, 0, 4]
[C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll] [TOSHIBA Corporation, 1, 0, 0, 4]
[C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll] [TOSHIBA Corporation, 1, 0, 0, 2]
[C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll] [N/A, ]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnEsc.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\Power Saver\TFunc2.DLL] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll] [TOSHIBA Corporation, 1, 1, 4, 0]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.10.9746]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll] [TOSHIBA Corporation, 1, 0, 0, 2]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll] [TOSHIBA Corporation., 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll] [TOSHIBA Corporation, 1, 1, 1, 0]
[C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll] [N/A, ]
[C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll] [N/A, ]
[C:\Program Files\TOSHIBA\ConfigFree\NotifyCFF.dll] [N/A, ]
[C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\NotifyBT.dll] [TOSHIBA CORPORATION, 5, 0, 0, 1]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll] [, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\Utilities\NotifyX.dll] [TOSHIBA Corp., 1.00.02]
[C:\Program Files\Toshiba\TBS\NotifyTBS.dll] [N/A, ]
[PID: 3520 / TonTy][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 9.1.0 27Oct06]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\SynCOM.dll] [Synaptics, Inc., 9.1.0 27Oct06]
[C:\Windows\system32\SynTPAPI.dll] [Synaptics, Inc., 9.1.0 27Oct06]
[PID: 3152 / TonTy][C:\Windows\RtHDVCpl.exe] [Realtek Semiconductor, 1.0.0.7]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\srs_apo_suite_toshiba.dll] [SRS Labs, Inc., 1.2.0.0]
[C:\Windows\system32\com_srs_wowhd.dll] [SRS Labs, Inc., 1.0.6.0]
[C:\Windows\system32\com_srs_trusurroundxt.dll] [SRS Labs, Inc., 3, 1, 2, 0]
[C:\Windows\system32\Com_SRS_CSIIDecoder.dll] [SRS Labs, Inc., 3, 0, 2, 0]
[C:\Windows\system32\RtkAPO.dll] [Realtek Semiconductor Corp., 11.0.5600.13 built by: WinDDK]
[PID: 440 / TonTy][C:\Program Files\ltmoh\ltmoh.exe] [Agere Systems, 1.76A]
[C:\Program Files\ltmoh\MOHAPI.dll] [Agere Systems, 1.76A]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2972 / TonTy][C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe] [TOSHIBA CORPORATION, 7, 0, 1, 7]
[C:\Program Files\TOSHIBA\ConfigFree\CFUPNP.dll] [TOSHIBA CORPORATION, 7, 0, 0, 1]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\ConfigFree\CFP2API.dll] [TOSHIBA CORPORATION, 7, 0, 0, 1]
[C:\Program Files\TOSHIBA\ConfigFree\OpenProp.dll] [TOSHIBA CORPORATION, 7, 0, 0, 2]
[C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll] [TOSHIBA CORPORATION, 7, 0, 0, 11]
[C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll] [TOSHIBA CORPORATION, 7, 0, 1, 14]
[C:\Program Files\TOSHIBA\ConfigFree\CFWLAPI.dll] [TOSHIBA CORPORATION, 1, 0, 0, 11]
[C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll] [TOSHIBA CORPORATION, 7, 0, 1, 5]
[C:\Program Files\TOSHIBA\ConfigFree\NDSNLS.dll] [TOSHIBA CORPORATION, 7, 0, 0, 3]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\MFC80FRA.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 5.00.6y25.0]
[C:\Windows\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 4, 1, 419, 0]
[PID: 3744][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 106.2.0.21]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\SymNeti.dll] [Symantec Corporation, 7.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.1.00.7]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Norton Internet Security\fwAlert.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Norton Internet Security\fwAlRes.dll] [Symantec Corporation, 10.1.0.38]
[C:\PROGRA~1\NORTON~1\NORTON~1\DEFALERT.DLL] [Symantec Corporation, 14.1.0.27]
[C:\PROGRA~1\NORTON~1\NORTON~1\AVPAPP32.DLL] [Symantec Corporation, 14.1.0.27]
[C:\PROGRA~1\NORTON~1\NISTRAY.DLL] [Symantec Corporation, 10.1.0.26]
[C:\PROGRA~1\NORTON~1\ISLALERT.DLL] [Symantec Corporation, 10.1.0.26]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcTRAY.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll] [Symantec Corporation, 2006.1.01.5]
[C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll] [Symantec Corporation, 1.2.0.18]
[C:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll] [Symantec Corporation, 6,1,1,18]
[C:\PROGRA~1\NORTON~1\AlertRes.dll] [Symantec Corporation, 10.1.0.26]
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\NPC\DataPvdr.dll] [Symantec Corporation, 2007.1.02.11]
[C:\PROGRA~1\NORTON~1\NISTrRes.dll] [Symantec Corporation, 10.1.0.26]
[C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\NORTON~1\NORTON~1\AVPAPP32.loc] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\NPC\NSCHlpr2.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Norton Internet Security\SetEvtHp.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Norton Internet Security\fwEvent.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Norton Internet Security\isDataCl.dll] [Symantec Corporation, 10.1.1.1]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll] [Symantec Corporation, 2007.1.02.11]
[C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll] [Symantec Corporation, 106.1.1.4]
[C:\Program Files\Common Files\Symantec Shared\SymRedir.dll] [Symantec Corporation, 7.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\NPC\uiLicPlg.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiCl.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiDt.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMail.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Norton Internet Security\IMCfg.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Common Files\Symantec Shared\NcoItf.dll] [Symantec Corporation, 2007.1.3.6]
[C:\Program Files\Common Files\Symantec Shared\NPC\PEPEvnt.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll] [Symantec Corporation, 2006.1.01.5]
[C:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll] [Symantec Corporation, 2006.1.01.5]
[C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\AlertUi.dll] [Symantec Corporation, 1.2.0.18]
[PID: 2152 / TonTy][C:\Users\TonTy\AppData\Local\Microsoft\dzpfeapfbr.exe] [N/A, ]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3268 / TonTy][C:\Program Files\Windows Sidebar\sidebar.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3468 / TonTy][C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe] [TOSHIBA, 2.00.01]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3424 / TonTy][C:\Program Files\Windows Live\Messenger\msnmsgr.exe] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Windows Live\Messenger\MSNCore.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Windows Live\Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
[C:\Program Files\Windows Live\Messenger\ContactsUX.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\msgrvsta.thm] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\msgslang.8.5.1238.0601.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\msgsres.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\Windows Live\Messenger\lcres.dll] [Microsoft Corp., 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\Windows Live\Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80]
[C:\Program Files\Windows Live\Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\system32\sirenacm.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\lmcdata.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\contact.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\custsat.dll] [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
[C:\Program Files\Windows Live\Messenger\abssm.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\dfsr.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\Windows Live\Messenger\usnsvcps.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\wmv9vcm.dll] [Microsoft Corporation, 9.0.1.1184]
[PID: 1968 / TonTy][C:\Program Files\Windows Media Player\wmpnscfg.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2016 / TonTy][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\System32\NVSVC.DLL] [NVIDIA Corporation, 7.15.10.9746]
[PID: 3800 / SERVICE RÉSEAU][C:\Program Files\Windows Media Player\wmpnetwk.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[PID: 3916 / TonTy][C:\Windows\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2780 / TonTy][C:\Windows\system32\wbem\unsecapp.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3508 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1712 / TonTy][C:\Program Files\Synaptics\SynTP\SynToshiba.exe] [Synaptics, Inc., 9.1.0 27Oct06]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\SynTPAPI.dll] [Synaptics, Inc., 9.1.0 27Oct06]
[C:\Windows\system32\SynCOM.dll] [Synaptics, Inc., 9.1.0 27Oct06]
[PID: 1456 / SYSTEM][C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe] [Nero AG, 2,0,13,0]
[C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Ahead\Lib\NMIndexingServicePS.dll] [Nero AG, 2,0,13,0]
[C:\Program Files\Common Files\Ahead\Lib\NMLogCxx.dll] [Nero AG, 2,0,

Répondre à tondy
chercheur_   01-08-2007 à 16:08:25
- 0 +

Comme prévu, ce rapport n'est pas complet.

Poste la suite à partir de

==================================
Running Processes

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   01-08-2007 à 16:21:55
- 0 +

==================================
Running Processes
[PID: 400 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 528 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 576 / SYSTEM][C:\Windows\system32\wininit.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 584 / SYSTEM][C:\Windows\system32\csrss.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 620 / SYSTEM][C:\Windows\system32\services.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 636 / SYSTEM][C:\Windows\system32\lsass.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 644 / SYSTEM][C:\Windows\system32\lsm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 712 / SYSTEM][C:\Windows\system32\winlogon.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 840 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 896 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1028 / SERVICE LOCAL][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\srs_apo_suite_toshiba.dll] [SRS Labs, Inc., 1.2.0.0]
[C:\Windows\system32\com_srs_wowhd.dll] [SRS Labs, Inc., 1.0.6.0]
[C:\Windows\system32\com_srs_trusurroundxt.dll] [SRS Labs, Inc., 3, 1, 2, 0]
[C:\Windows\system32\Com_SRS_CSIIDecoder.dll] [SRS Labs, Inc., 3, 0, 2, 0]
[PID: 1056 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1088 / SYSTEM][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1220 / SERVICE RÉSEAU][C:\Windows\system32\SLsvc.exe] [Microsoft Corporation, 6.0.6000.16509 (vista_gdr.070620-1500)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1276 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1444 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1576][C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe] [Symantec Corporation, 106.2.0.21]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\NORTON~1\NORTON~1\AVPSVC32.DLL] [Symantec Corporation, 14.1.0.27]
[C:\PROGRA~1\NORTON~1\NORTON~1\AVPSVC32.loc] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Norton Internet Security\Norton AntiVirus\AVSubmit.dll] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Norton Internet Security\Norton AntiVirus\AVSubmit.loc] [Symantec Corporation, 14.1.0.27]
[C:\PROGRA~1\NORTON~1\ISDATASV.DLL] [Symantec Corporation, 10.1.1.1]
[C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\NPCWMIMN.DLL] [Symantec Corporation, 2007.1.02.11]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSVC.DLL] [Symantec Corporation, 7.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\ccL60.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBENG.DLL] [Symantec Corporation, 2.1.0.28]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBRES.loc] [Symantec Corporation, 2.1.0.28]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\TPROCPLG.DLL] [Symantec Corporation, 3.1.1.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSPLUG.DLL] [Symantec Corporation, 7.2.2.3]
[C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\PIFENG.DLL] [Symantec Corporation, 1.2.0.18]
[C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\FIREWALL\FWAGENT.DLL] [Symantec Corporation, 2.1.1.1]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] [Symantec Corporation, 3.1.1.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL] [Symantec Corporation, 10.1.5.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SYMNETI.DLL] [Symantec Corporation, 7.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 106.2.0.21]
[C:\Windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\NORTON~1\ISSVC.DLL] [Symantec Corporation, 10.1.0.26]
[C:\PROGRA~1\NORTON~1\NORTON~1\NAVEVENT.DLL] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\Firewall\FWHelper.dll] [Symantec Corporation, 2.1.1.1]
[C:\Program Files\Norton Internet Security\isDataCl.dll] [Symantec Corporation, 10.1.1.1]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Norton Internet Security\SetEvtHp.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\NcoItf.dll] [Symantec Corporation, 2007.1.3.6]
[C:\Program Files\Norton Internet Security\fwPlugin.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Norton Internet Security\fwEvent.dll] [Symantec Corporation, 10.1.0.38]
[C:\PROGRA~1\COMMON~1\SYMANT~1\OPC\{31011~1\CLTNETCN.DLL] [Symantec Corporation, 7.1.0.136]
[C:\Program Files\Norton Internet Security\IMCfg.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll] [Symantec Corporation, 3.1.1.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\PollMgr.dll] [Symantec Corporation, 1.2.0.18]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SubConn.dll] [Symantec Corporation, 2.1.0.28]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiDt.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\ccALEng.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\SPBBC\ccTrstPc.dll] [Symantec Corporation, 3.1.1.4]
[C:\Program Files\Common Files\Symantec Shared\ccScanw.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] [Symantec Corporation, 61.3.0.17]
[C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll] [Symantec Corporation, 3.2.10.0]
[C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll] [Symantec Corporation, 5.0.071.000]
[PID: 1656][C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe] [Symantec Corporation, 1.1.00.7]
[C:\Windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVScan.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AV.loc] [Symantec Corporation, 1.1.00.29]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\avDefMgr.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\avModule.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\QBackup.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll] [Symantec Corporation, 10.1.5.4]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccScanw.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] [Symantec Corporation, 61.3.0.17]
[C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll] [Symantec Corporation, 5.0.071.000]
[PID: 1776 / SYSTEM][C:\Windows\System32\spoolsv.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\System32\tbtmon.dll] [TOSHIBA CORPORATION., 5, 0, 810, 0]
[C:\Windows\System32\TosBtHcrpAPI.dll] [N/A, ]
[C:\Windows\System32\TosBtAPI.dll] [TOSHIBA CORPORATION., 5.00.6y25.0]
[C:\Windows\System32\TosBdAPI.dll] [TOSHIBA CORPORATION., 4, 1, 419, 0]
[C:\Windows\System32\tbtmon98Language.dll] [TOSHIBA CORPORATION., 5, 0, 724, 0]
[C:\Windows\System32\lxbklmpm.DLL] [ , 99.99.99.99]
[C:\Windows\system32\spool\PRTPROCS\W32X86\lxbkpp5c.dll] [Lexmark International Inc., 1.0.0.0]
[PID: 1800 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1348 / SYSTEM][C:\Windows\system32\agrsmsvc.exe] [Agere Systems, 2.1.73.0]
[PID: 1460 / SYSTEM][C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe] [TOSHIBA CORPORATION, 7, 0, 1, 6]
[C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll] [TOSHIBA CORPORATION, 7, 0, 1, 14]
[C:\Program Files\TOSHIBA\ConfigFree\CFWLAPI.dll] [TOSHIBA CORPORATION, 1, 0, 0, 11]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll] [TOSHIBA CORPORATION, 7, 0, 0, 11]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\MFC80FRA.DLL] [Microsoft Corporation, 8.00.50727.42]
[PID: 1840 / SYSTEM][C:\Windows\system32\lxbkcoms.exe] [ , 99.99.99.99]
[PID: 456][C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe] [Symantec Corporation, 3.2.0.41]
[C:\Program Files\Symantec\LiveUpdate\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Symantec\LiveUpdate\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[PID: 2084 / SERVICE RÉSEAU][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2104 / SERVICE LOCAL][C:\Windows\system32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2124 / SYSTEM][C:\Windows\system32\TODDSrv.exe] [TOSHIBA Corporation, 1, 0, 0, 3]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2144 / SYSTEM][C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe] [TOSHIBA Corporation, 1.0.0.1]
[C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2180 / SYSTEM][c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe] [TOSHIBA CORPORATION, 1, 0, 1031, 0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2232 / SYSTEM][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 2260 / SYSTEM][C:\Windows\System32\svchost.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2288 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2636 / SYSTEM][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2444 / TonTy][C:\Windows\system32\taskeng.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 432 / TonTy][C:\Windows\system32\Dwm.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\nvd3dum.dll] [NVidia Corporation, 7.15.10.9746]
[PID: 2892 / TonTy][C:\Windows\Explorer.EXE] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\PROGRA~1\WI4EB4~1\wmpband.dll] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll] [Nero AG, 2, 9, 1, 0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.loc] [N/A, ]
[C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll] [Nero AG, 2, 9, 1, 0]
[C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\nvcpl.dll] [NVIDIA Corporation, 7.15.10.9746]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.10.9746]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.9.2006121800]
[PID: 2828 / TonTy][C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe] [TOSHIBA Corporation, 1.0.0.1]
[C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\TOSHIBA\Power Saver\TCooling.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll] [TOSHIBA Corporation, 1.0.0.1]
[PID: 3220 / TonTy][C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe] [TOSHIBA Corporation, 3, 0, 0, 2]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 1128 / TonTy][C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe] [TOSHIBA Corporation, 1.0.0.7]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\6e654624542c6fa0f1bb3f6efdba1640\TCrdMain.ni.exe] [TOSHIBA Corporation, 1.0.0.7]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3b53dcf335a24dff03c7354dfebcb049\WindowsBase.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\05a907016da277d7fbfbb00d347e3d3c\PresentationCore.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\42c74db0a1a5378aab3f28b459240c17\PresentationFramework.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Program Files\TOSHIBA\FlashCards\fr\TCrdMain.resources.dll] [N/A, ]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\70c145ed25af403aa899ffcb633350b1\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\35a9f19f21aac42b979be321f1bb5fd4\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\system32\nvd3dum.dll] [NVidia Corporation, 7.15.10.9746]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\96a636ef98d604b3ed8cf8fa80bf41a2\PresentationFramework.Aero.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_fr_b77a5c561934e089\mscorlib.resources.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll] [TOSHIBA Corporation, 1, 0, 0, 4]
[C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll] [TOSHIBA Corporation, 1, 0, 0, 4]
[C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll] [TOSHIBA Corporation, 1, 0, 0, 2]
[C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll] [N/A, ]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnEsc.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\Power Saver\TFunc2.DLL] [TOSHIBA Corporation, 1.0.0.0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll] [TOSHIBA Corporation, 1, 1, 4, 0]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.10.9746]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll] [TOSHIBA Corporation, 1, 0, 0, 2]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll] [TOSHIBA Corporation., 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll] [TOSHIBA Corporation, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll] [TOSHIBA Corporation, 1, 1, 1, 0]
[C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll] [N/A, ]
[C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll] [N/A, ]
[C:\Program Files\TOSHIBA\ConfigFree\NotifyCFF.dll] [N/A, ]
[C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\NotifyBT.dll] [TOSHIBA CORPORATION, 5, 0, 0, 1]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll] [, 1, 0, 0, 0]
[C:\Program Files\TOSHIBA\Utilities\NotifyX.dll] [TOSHIBA Corp., 1.00.02]
[C:\Program Files\Toshiba\TBS\NotifyTBS.dll] [N/A, ]
[PID: 3520 / TonTy][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics, Inc., 9.1.0 27Oct06]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\SynCOM.dll] [Synaptics, Inc., 9.1.0 27Oct06]
[C:\Windows\system32\SynTPAPI.dll] [Synaptics, Inc., 9.1.0 27Oct06]
[PID: 3152 / TonTy][C:\Windows\RtHDVCpl.exe] [Realtek Semiconductor, 1.0.0.7]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\srs_apo_suite_toshiba.dll] [SRS Labs, Inc., 1.2.0.0]
[C:\Windows\system32\com_srs_wowhd.dll] [SRS Labs, Inc., 1.0.6.0]
[C:\Windows\system32\com_srs_trusurroundxt.dll] [SRS Labs, Inc., 3, 1, 2, 0]
[C:\Windows\system32\Com_SRS_CSIIDecoder.dll] [SRS Labs, Inc., 3, 0, 2, 0]
[C:\Windows\system32\RtkAPO.dll] [Realtek Semiconductor Corp., 11.0.5600.13 built by: WinDDK]
[PID: 440 / TonTy][C:\Program Files\ltmoh\ltmoh.exe] [Agere Systems, 1.76A]
[C:\Program Files\ltmoh\MOHAPI.dll] [Agere Systems, 1.76A]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2972 / TonTy][C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe] [TOSHIBA CORPORATION, 7, 0, 1, 7]
[C:\Program Files\TOSHIBA\ConfigFree\CFUPNP.dll] [TOSHIBA CORPORATION, 7, 0, 0, 1]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\ConfigFree\CFP2API.dll] [TOSHIBA CORPORATION, 7, 0, 0, 1]
[C:\Program Files\TOSHIBA\ConfigFree\OpenProp.dll] [TOSHIBA CORPORATION, 7, 0, 0, 2]
[C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll] [TOSHIBA CORPORATION, 7, 0, 0, 11]
[C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll] [TOSHIBA CORPORATION, 7, 0, 1, 14]
[C:\Program Files\TOSHIBA\ConfigFree\CFWLAPI.dll] [TOSHIBA CORPORATION, 1, 0, 0, 11]
[C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll] [TOSHIBA CORPORATION, 7, 0, 1, 5]
[C:\Program Files\TOSHIBA\ConfigFree\NDSNLS.dll] [TOSHIBA CORPORATION, 7, 0, 0, 3]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\MFC80FRA.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\system32\TosBtAPI.dll] [TOSHIBA CORPORATION., 5.00.6y25.0]
[C:\Windows\system32\TosBdAPI.dll] [TOSHIBA CORPORATION., 4, 1, 419, 0]
[PID: 3744][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 106.2.0.21]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\SymNeti.dll] [Symantec Corporation, 7.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.1.00.7]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Norton Internet Security\fwAlert.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Norton Internet Security\fwAlRes.dll] [Symantec Corporation, 10.1.0.38]
[C:\PROGRA~1\NORTON~1\NORTON~1\DEFALERT.DLL] [Symantec Corporation, 14.1.0.27]
[C:\PROGRA~1\NORTON~1\NORTON~1\AVPAPP32.DLL] [Symantec Corporation, 14.1.0.27]
[C:\PROGRA~1\NORTON~1\NISTRAY.DLL] [Symantec Corporation, 10.1.0.26]
[C:\PROGRA~1\NORTON~1\ISLALERT.DLL] [Symantec Corporation, 10.1.0.26]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcTRAY.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll] [Symantec Corporation, 2006.1.01.5]
[C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll] [Symantec Corporation, 1.2.0.18]
[C:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll] [Symantec Corporation, 6,1,1,18]
[C:\PROGRA~1\NORTON~1\AlertRes.dll] [Symantec Corporation, 10.1.0.26]
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\NPC\DataPvdr.dll] [Symantec Corporation, 2007.1.02.11]
[C:\PROGRA~1\NORTON~1\NISTrRes.dll] [Symantec Corporation, 10.1.0.26]
[C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll] [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\NORTON~1\NORTON~1\AVPAPP32.loc] [Symantec Corporation, 14.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\NPC\NSCHlpr2.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Norton Internet Security\SetEvtHp.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Norton Internet Security\fwEvent.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Norton Internet Security\isDataCl.dll] [Symantec Corporation, 10.1.1.1]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll] [Symantec Corporation, 2007.1.02.11]
[C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll] [Symantec Corporation, 106.1.1.4]
[C:\Program Files\Common Files\Symantec Shared\SymRedir.dll] [Symantec Corporation, 7.1.0.27]
[C:\Program Files\Common Files\Symantec Shared\NPC\uiLicPlg.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiCl.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiDt.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMail.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Norton Internet Security\IMCfg.dll] [Symantec Corporation, 10.1.0.38]
[C:\Program Files\Common Files\Symantec Shared\NcoItf.dll] [Symantec Corporation, 2007.1.3.6]
[C:\Program Files\Common Files\Symantec Shared\NPC\PEPEvnt.dll] [Symantec Corporation, 2007.1.02.11]
[C:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll] [Symantec Corporation, 2006.1.01.5]
[C:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll] [Symantec Corporation, 2006.1.01.5]
[C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\AlertUi.dll] [Symantec Corporation, 1.2.0.18]
[PID: 2152 / TonTy][C:\Users\TonTy\AppData\Local\Microsoft\dzpfeapfbr.exe] [N/A, ]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3268 / TonTy][C:\Program Files\Windows Sidebar\sidebar.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3468 / TonTy][C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe] [TOSHIBA, 2.00.01]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 3424 / TonTy][C:\Program Files\Windows Live\Messenger\msnmsgr.exe] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Windows Live\Messenger\MSNCore.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Windows Live\Messenger\msidcrl40.dll] [Microsoft Corporation, 4.100.313.1]
[C:\Program Files\Windows Live\Messenger\ContactsUX.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\msgrvsta.thm] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\msgslang.8.5.1238.0601.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\msgsres.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\lcapi.dll] [Microsoft Corporation, 1.7.256.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\Windows Live\Messenger\lcres.dll] [Microsoft Corp., 1.7.109.0 (RTC Version 4.3.5371.0) built by: msn8.0(rtbldlab)]
[C:\Program Files\Windows Live\Messenger\RTMPLTFM.dll] [Microsoft Corporation, 3.0.5774.0 built by: media_msn80]
[C:\Program Files\Windows Live\Messenger\MSGSWCAM.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\system32\sirenacm.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\lmcdata.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\contact.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\custsat.dll] [Microsoft Corporation, 9.0.3790.2428 (srv03_sp1_qfe.050422-1043)]
[C:\Program Files\Windows Live\Messenger\abssm.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\dfsr.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\Windows Live\Messenger\usnsvcps.dll] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\wmv9vcm.dll] [Microsoft Corporation, 9.0.1.1184]
[PID: 1968 / TonTy][C:\Program Files\Windows Media Player\wmpnscfg.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2016 / TonTy][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\System32\NVSVC.DLL] [NVIDIA Corporation, 7.15.10.9746]
[PID: 3800 / SERVICE RÉSEAU][C:\Program Files\Windows Media Player\wmpnetwk.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[PID: 3916 / TonTy][C:\Windows\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.374 (winmain(wmbla).070416-2057)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 2780 / TonTy][C:\Windows\system32\wbem\unsecapp.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3508 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1712 / TonTy][C:\Program Files\Synaptics\SynTP\SynToshiba.exe] [Synaptics, Inc., 9.1.0 27Oct06]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\system32\SynTPAPI.dll] [Synaptics, Inc., 9.1.0 27Oct06]
[C:\Windows\system32\SynCOM.dll] [Synaptics, Inc., 9.1.0 27Oct06]
[PID: 1456 / SYSTEM][C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe] [Nero AG, 2,0,13,0]
[C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Ahead\Lib\NMIndexingServicePS.dll] [Nero AG, 2,0,13,0]
[C:\Program Files\Common Files\Ahead\Lib\NMLogCxx.dll] [Nero AG, 2,0,13,0]
[C:\Program Files\Common Files\Ahead\Lib\log4cxx.dll] [Nero AG, 1, 0, 0, 0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Ahead\Lib\NMDataServices.dll] [Nero AG, 2,0,13,0]
[PID: 156 / TonTy][C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe] [TOSHIBA CORPORATION, 7, 0, 1, 7]
[C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll] [TOSHIBA CORPORATION, 7, 0, 1, 14]
[C:\Program Files\TOSHIBA\ConfigFree\CFWLAPI.dll] [TOSHIBA CORPORATION, 1, 0, 0, 11]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2\MFC80.DLL] [Microsoft Corporation, 8.00.50727.42]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll] [TOSHIBA CORPORATION, 7, 0, 0, 11]
[C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll] [TOSHIBA CORPORATION, 7, 0, 1, 5]
[C:\Program Files\TOSHIBA\ConfigFree\NDSNLS.dll] [TOSHIBA CORPORATION, 7, 0, 0, 3]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6\MFC80FRA.DLL] [Microsoft Corporation, 8.00.50727.42]
[PID: 3012 / SERVICE LOCAL][C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7fe79782947b85d961fd55cb5e02a129\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System\fcc712bc5da45a672e7f1ad176dbd5a5\System.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\82c372b324d3bf32dcc488d347c690e5\PresentationFontCache.ni.exe] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\61b951bd03727a096c1c02cb18d5ce30\System.ServiceProcess.ni.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3b53dcf335a24dff03c7354dfebcb049\WindowsBase.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\05a907016da277d7fbfbb00d347e3d3c\PresentationCore.ni.dll] [Microsoft Corporation, 3.0.6913.0 (vista_rtm_wcp.061013-1925)]
[C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_fr_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll] [Microsoft Corporation, 2.0.50727.312 (rtmLHS.050727-3100)]
[PID: 3588 / SYSTEM][C:\Program Files\Windows Live\Messenger\usnsvc.exe] [Microsoft Corporation, 8.5.1238.0601]
[C:\Program Files\Windows Live\Messenger\usnsvcps.dll] [Microsoft Corporation, 8.5.1238.0601]
[PID: 3840 / TonTy][C:\Program Files\Internet Explorer\IEUser.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[PID: 2392 / TonTy][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll] [Microsoft Corporation, 5.2.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Microsoft Office\Office10\msohev.dll] [Microsoft Corporation, 10.0.2609]
[C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll] [Symantec Corporation, 2007.1.3.6]
[C:\Windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHORes.loc] [Symantec Corporation, 2007.1.3.6]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.9.2006121800]
[C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll] [Symantec Corporation, 2007.1.3.6]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.1.00.7]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\BrRules.dll] [Symantec Corporation, 2007.1.3.6]
[C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\BrCore.dll] [Symantec Corporation, 2007.1.3.6]
[C:\Program Files\Common Files\Symantec Shared\coShared\WP\1.0\nppwUI.dll] [Symantec Corporation, 2007.1.3.6]
[C:\Program Files\Common Files\Symantec Shared\coShared\WP\1.0\nppwBHO.dll] [Symantec Corporation, 2006, 1, 0, 50]
[c:\program files\common files\symantec shared\coshared\wp\1.0\nppw.dll] [Symantec Corporation, 2006, 1, 0, 50]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Java\jre1.6.0\bin\ssv.dll] [Sun Microsystems, Inc., 6.0.0.104]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Norton Internet Security\isRes.dll] [Symantec Corporation, 10.1.0.38]
[C:\Windows\system32\nvd3dum.dll] [NVidia Corporation, 7.15.10.9746]
[C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC8~1.DLL] [Microsoft Corporation, 8.5.1238.0601]
[C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.312_none_10b2ee7b9bffc2c7\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.312]
[C:\Windows\system32\Macromed\Flash\Flash9c.ocx] [Adobe Systems, Inc., 9,0,45,0]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Ahead\Lib\AdvrCntr2.dll] [Nero AG, 9,4,2, 10850]
[C:\Windows\system32\Macromed\Common\SwSupport.dll] [Adobe Systems, Inc., 10.2r22]
[PID: 6064][C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe] [Symantec Corporation, 1.9.1.1080]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll] [Symantec Corporation, 1.9.1.1080]
[C:\Windows\system32\MSVCR71.DLL] [Microsoft Corporation, 7.10.3052.4]
[PID: 3824 / TonTy][C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe] [Adobe Systems, Inc., 9,0,45,0]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[PID: 5588 / TonTy][C:\Users\TonTy\Desktop\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\COMCTL32.dll] [Microsoft Corporation, 6.10 (vista_rtm.061101-2205)]
[C:\Users\TonTy\Desktop\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP OK. [%SystemRoot%\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost
::1 localhost

==================================
Process Privileges Scan
N/A

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


[/CODE]

Répondre à tondy
chercheur_   01-08-2007 à 17:12:24
- 0 +

Oui, j'ai tout.


Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.c [...] MoveIt.exe
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

c:\users\tonty\appdata\local\microsoft\dzpfeapfbr_navps.dat
c:\users\tonty\appdata\local\microsoft\dzpfeapfbr_nav.dat
c:\users\tonty\appdata\local\microsoft\dzpfeapfbr.dat
c:\users\tonty\appdata\local\microsoft\dzpfeapfbr.exe

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression. Si c'est le cas accepte par Yes.


Poste le rapport situé dans C:\_OTMoveIt\MovedFiles avec un nouveau Hijackthis.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   01-08-2007 à 17:35:16
- 0 +

voila j'ai fais ce que tu m'as di. seulement jai pas trouver le rappor apres. Mais jai refais Hijackthis et voici le rapport :

Logfile of HijackThis v1.99.1
Scan saved at 14:40:49, on 01/08/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Users\TonTy\AppData\Local\Microsoft\dzpfeapfbr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lequipe.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [dzpfeapfbr] c:\users\tonty\appdata\local\microsoft\dzpfeapfbr.exe dzpfeapfbr
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/ [...] rtdgi1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Répondre à tondy
chercheur_   01-08-2007 à 17:48:05
- 0 +

Le fichier est toujours là.


On change.


Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.


$$ Télécharge Brute Force Uninstaller (de Merijn)
http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)


$$ FAIS UN CLIC-DROIT sur le lien suivant
http://metallica.geekstogo.com/EGDACCESS.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).


$$ Ouvre le Bloc-note et copie-colle les lignes ci-dessous

RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dzpfeapfbr
RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run|dzpfeapfbr
FileDelete %SYSTEMDRIVE%\users\tonty\appdata\local\microsoft\dzpfeapfbr_navps.dat
FileDelete %SYSTEMDRIVE%\users\tonty\appdata\local\microsoft\dzpfeapfbr_nav.dat
FileDelete %SYSTEMDRIVE%\users\tonty\appdata\local\microsoft\dzpfeapfbr.dat
FileDelete %SYSTEMDRIVE%\users\tonty\appdata\local\microsoft\dzpfeapfbr.exe

SystemEmptyTempFolder
SystemEmptyRecycleBin

FileDelete C:\egd.txt
SystemRun regedit|/e C:\egd.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"|0

Sauvegarde dans le dossier créé (C:\BFU) (Nom du fichier : "Fixme.bfu " -sans inclure les guillemets- ; Type : Tous les fichiers).

$$,Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ou F5; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.


$$ Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)

- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

EGDACCESS.bfu

Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.

--- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :

Fixme.bfu

Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\Fixme.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.

Clique Exit pour fermer le programme BFU.


$$ Redémarre normalement

Poste un nouveau hijackthis avec le rapport situé ici C:\egd.txt

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   01-08-2007 à 18:14:32
- 0 +

voila j'ai fais tout ce que tu m'as dis.
Voila le rapport Hijackthis situé ds C:\egd.txt


Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,\
00,69,00,6c,00,65,00,73,00,25,00,5c,00,57,00,69,00,6e,00,64,00,6f,00,77,00,\
73,00,20,00,44,00,65,00,66,00,65,00,6e,00,64,00,65,00,72,00,5c,00,4d,00,53,\
00,41,00,53,00,43,00,75,00,69,00,2e,00,65,00,78,00,65,00,20,00,2d,00,68,00,\
69,00,64,00,65,00,00,00
"TPwrMain"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,\
6c,00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,5c,\
00,50,00,6f,00,77,00,65,00,72,00,20,00,53,00,61,00,76,00,65,00,72,00,5c,00,\
54,00,50,00,77,00,72,00,4d,00,61,00,69,00,6e,00,2e,00,45,00,58,00,45,00,00,\
00
"HSON"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,00,6c,\
00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,5c,00,\
54,00,42,00,53,00,5c,00,48,00,53,00,4f,00,4e,00,2e,00,65,00,78,00,65,00,00,\
00
"SmoothView"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,\
00,6c,00,65,00,73,00,25,00,5c,00,54,00,6f,00,73,00,68,00,69,00,62,00,61,00,\
5c,00,53,00,6d,00,6f,00,6f,00,74,00,68,00,56,00,69,00,65,00,77,00,5c,00,53,\
00,6d,00,6f,00,6f,00,74,00,68,00,56,00,69,00,65,00,77,00,2e,00,65,00,78,00,\
65,00,00,00
"00TCrdMain"=hex(2):25,00,50,00,72,00,6f,00,67,00,72,00,61,00,6d,00,46,00,69,\
00,6c,00,65,00,73,00,25,00,5c,00,54,00,4f,00,53,00,48,00,49,00,42,00,41,00,\
5c,00,46,00,6c,00,61,00,73,00,68,00,43,00,61,00,72,00,64,00,73,00,5c,00,54,\
00,43,00,72,00,64,00,4d,00,61,00,69,00,6e,00,2e,00,65,00,78,00,65,00,00,00
"NvSvc"="RUNDLL32.EXE C:\\Windows\\system32\\nvsvc.dll,nvsvcStart"
"NvCplDaemon"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"LtMoh"="C:\\Program Files\\ltmoh\\Ltmoh.exe"
"NDSTray.exe"="NDSTray.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\Program Files\\Norton Internet Security\\osCheck.exe\""
"topi"="C:\\Program Files\\TOSHIBA\\Toshiba Online Product Information\\topi.exe -startup"
"Symantec PIF AlertEng"="\"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe\" /a /m \"C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\AlertEng.dll\""
"Lexmark X1100 Series"="\"C:\\Program Files\\Lexmark X1100 Series\\lxbkbmgr.exe\""
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

Répondre à tondy
chercheur_   01-08-2007 à 18:22:47
- 0 +

Tu as mis ce rapport C:\egd.txt , mais pas Hijackthis.


Déja plus de signe d'infection dans ce rapport.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   01-08-2007 à 19:28:29
- 0 +

voila je t'ai mis le rapport Hiackthis
Deja bon signe si ya plus rien ds lautre
Merci


Logfile of HijackThis v1.99.1
Scan saved at 14:40:49, on 01/08/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Users\TonTy\AppData\Local\Microsoft\dzpfeapfbr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lequipe.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [dzpfeapfbr] c:\users\tonty\appdata\local\microsoft\dzpfeapfbr.exe dzpfeapfbr
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/ [...] rtdgi1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Répondre à tondy
chercheur_   01-08-2007 à 21:59:59
- 0 +

Je voudrais un NOUVEAU rapport Hijackthis.

Je viens de me rendre compte que tu as mis 3 fois le même.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   02-08-2007 à 00:19:50
- 0 +

Je comprend pas : des ke j'execute Hijackthis et ke je clic sur "faire un scan et sauvegarder le log" , au bout de la 9eme ligne (RO - HKCU etc...) un message d'erreur apparait :
avec un point d'exclamation jaune :
"For some reason your system denied write access to the Hosts file. If any hijacked domains are in this file, HijackThis may NOT be able to fix this.
If that happens, you need to edit the file yourself. To do this, click start, Run and type:
notepad "C:\Windows\System32\drivers\etc\hosts"
and press Enter. Find the line(s) HijackThis reports and delete them. Save the file as "hosts." (with quotes), and reboot."

en bas a droite ya un bouton OK et kan je clik dessus, un autre message d'erreur apparait mais cette fois ci avec une croix rouge. Le message est le suivant :

"An unexpected error has occurred at procedure:
modMain_CheckOther1Item()
Error#75 - Path\File access error
Please email me at merijin@spywareinfo.com, reporting the following:
*What you were trying to fix when the error occured, if applicable
*How you can reproduce the error
*A complete HijackThis scan log, if possible

Windows version: Windows NT 6.00.1904
MSIE version: 7.0.6000.16473
HijackThis version: 1.99.1

This message has been copied to your clipboard.
Click OK to continue the rest of the scan."


Et en bas a droit ya la case OK et si je clik dessus, ca continue le scan et a la fin ca ouvre le bloc note et le rapport kil ya dedans c'est celui ke je tai envoyé.

Voila je sais pas quoi faire, ca m'inquiete. Merci en tout cas de m'aider c simpa

Répondre à tondy
chercheur_   02-08-2007 à 12:05:47
- 0 +

Bonjour


On tente ceci, je ne sais pas s'il fonctionne avec Vista.
Télécharge R-Hosts
http://siri.urz.free.fr/RHosts.php
Installe le sur le Bureau.
Lance le. Clique sur Restaurer.
Confirme.
Ferme le programme.

Recommence Hijackthis.


Si cela recommence, désinstalle et supprime Hijackthis.

Et retélécharge le.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   02-08-2007 à 14:41:25
- 0 +

Salut
Le programme RHosts ne marche pas avec Vista.
J'ai désinstallé et réinstaller Hijackthis et voici le rapport. (ca ma refait les messages d'erreur)

Logfile of HijackThis v1.99.1
Scan saved at 14:39:20, on 02/08/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ltmoh\ltmoh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe
C:\Windows\System32\mobsync.exe
C:\Users\TonTy\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lequipe.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/ [...] rtdgi1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Répondre à tondy
chercheur_   02-08-2007 à 22:49:32
- 0 +

Bien, cette fois ci, Hijackthis est propre.

As tu encore des dysfonctionnements ?

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   03-08-2007 à 01:09:50
- 0 +

Non il n'y a plus les pages qui s'ouvrent sur internet . ca a lair detre Ok. Je trouve juste mon ordinateur un peu plus lent qu'avant... Tu crois que c'est lié?

Répondre à tondy
chercheur_   03-08-2007 à 01:17:44
- 0 +

Re

Si l'infection est supprimée, cela ne joue pas sur la lenteur.
On supprime les outils utilisés.

Lance OTmoveIT.

  • Clique sur CleanUp! (le programme va télécharger un fichier texte qui servira a nettoyer les programmes que l'on a téléchargé).

NOTE : Normalement, ton firewall (parefeu) devrait te demander si OTmoveIT peut accéder a internet, Autorise le.

  • Une liste apparait dans la partie gauche d'OTmoveIT.
  • Un message apparait pour confirmer le nettoyage. Confirme


Et on fait du ménage dans les fichiers temporaires inutiles.
Télécharge CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le.
Décoche pendant l'installation
--- les deux cases "Ajouter l'option ... "
--- Contrôler les mises à jour
--- Ajouter la Barre d'Outils Yahoo! CCleaner

Clique sur Options, Avancé et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures".
Ne touche pas aux autres réglages.

Lance le nettoyage.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
tondy   03-08-2007 à 16:29:07
- 0 +

Quand je lance Otmovelt et ke je klik sur clean Up ca me mets un message d'eereur : file denied access

Répondre à tondy
chercheur_   04-08-2007 à 00:28:32
- 0 +

bonjour

Il faut avoir accès à internet. Et si ton pare feu demande l'autorisation, accepte.

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
fernand584528   11-08-2007 à 16:17:36
- 0 +

Bonjour
j'ai suivi la procédure pour l'ordi de tondy sur mon pc et cela ne change rien

Pouvez vous m'aider svp
merci d'avance

Répondre à fernand584528
chercheur_   11-08-2007 à 16:21:18
- 0 +

Bonjour fernand584528


Il faut créer ton propre post.
http://www.infos-du-net.com/forum/ [...] ire-poster

------------------------------ Le meilleur antivirus, c'est vous
Vous avez un problème ? Créez votre propre post !
 Répondre à chercheur_
Créer un nouveau sujet Répondre
Tom's Guide > Forum > Sécurité - Virus > infection par spyxare secure sous vista
Aller à :

Il y a 2113 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.

Plan du forum
Forum Bestofmedia ©
2000-2009 Bestofmedia Group
Page générée en 0,631 secondes
Attention

Vous allez répondre sur un sujet resté inactif pendant plus de 6 mois.
Assurez-vous d'apporter des éléments nouveaux à la discussion avant de poursuivre.

Répondre Annuler
Liens