Pages pub intempestives
Forum Sécurité - Virus : Pages pub intempestives
j'utilise explorer 8, et depuis quelques temps j'ai des pages de pub qui s'ouvren, non pas en pop-up ou dans un nouvel onglet mais dans une fenetre a part.
A noter que dans la barre des taches, cette fenetre n'a pas le logo internet explorer, mais un logo multicolore a la place.
j'ai fait un scan avec mon anti virus (nod32) mais il a rien trouvé.... que faire!
Un bonjour ?
Télécharge Random's System Information Tool (RSIT) (de random/random) et sauvegarde-le sur le Bureau.
- Double-clique sur RSIT.exe afin de lancer RSIT.
- Clique Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (qui sera affiché)
ainsi que de info.txt (qui sera réduit dans la Barre des Tâches)
- NB : Les rapports sont sauvegardés dans le dossier C:\rsit
- Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
Répondre à Angeldark
dsl, c'est vrai bonjour.
Logfile of random's system information tool 1.06 (written by random/random)
Run by AlexNoteBook at 2009-05-24 14:55:06
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 11 GB (15%) free of 76 GB
Total RAM: 2046 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:55:56, on 24/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\AlexNoteBook\AppData\Local\amagwgo.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\AlexNoteBook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RG4CU41Q\RSIT[1].exe
C:\Program Files\trend micro\AlexNoteBook.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cooxer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Free Download Manager - RCS] C:\Program Files\Free Download Manager\fdmwi.exe -autorun
O4 - HKCU\..\Run: [amagwgo] "c:\users\alexnotebook\appdata\local\amagwgo.exe" amagwgo
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/r [...] &site=home (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/re [...] dfr-fr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.ado [...] nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10749 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
P2P Energy Toolbar - C:\Program Files\P2P_Energy\tbP2P_.dll [2007-12-10 1510424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-29 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-29 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-29 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-29 259696]
{2bae58c2-79f9-45d1-a286-81f911301c3a} - P2P Energy Toolbar - C:\Program Files\P2P_Energy\tbP2P_.dll [2007-12-10 1510424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"HWSetup"=\HWSetup.exe hwSetUP []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"NDSTray.exe"=NDSTray.exe []
"Desktop SMS"=C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-20 1451304]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-01-30 1443072]
"Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"TOSCDSPD"=TOSCDSPD.EXE []
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-15 39408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-18 21633320]
"Free Download Manager - RCS"=C:\Program Files\Free Download Manager\fdmwi.exe -autorun []
"amagwgo"=c:\users\alexnotebook\appdata\local\amagwgo.exe [2009-05-20 279552]
C:\Users\AlexNoteBook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-05-24 14:55:09 ----D---- C:\Program Files\trend micro
2009-05-24 14:55:06 ----D---- C:\rsit
2009-05-20 02:49:33 ----D---- C:\Program Files\Ares
2009-05-15 16:44:39 ----D---- C:\ProgramData\Adobe
2009-05-15 16:44:35 ----D---- C:\Program Files\Common Files\Adobe
2009-05-15 16:39:28 ----D---- C:\ProgramData\NOS
2009-05-15 16:39:27 ----D---- C:\Program Files\NOS
2009-05-06 01:21:44 ----D---- C:\Program Files\P2P_Energy
2009-04-29 15:08:00 ----A---- C:\Windows\system32\mshtmler.dll
2009-04-29 15:08:00 ----A---- C:\Windows\system32\mshtmled.dll
2009-04-29 15:08:00 ----A---- C:\Windows\system32\ieui.dll
2009-04-29 15:08:00 ----A---- C:\Windows\system32\icardie.dll
2009-04-29 15:08:00 ----A---- C:\Windows\system32\admparse.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\msls31.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\jsproxy.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\imgutil.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\iernonce.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\ieakeng.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\dxtmsft.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\corpol.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\occache.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\licmgr10.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\inseng.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\iepeers.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\ieaksie.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\dxtrans.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-04-29 15:07:57 ----A---- C:\Windows\system32\wextract.exe
2009-04-29 15:07:57 ----A---- C:\Windows\system32\webcheck.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\mstime.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\msrating.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\msfeedssync.exe
2009-04-29 15:07:57 ----A---- C:\Windows\system32\iesetup.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\ieakui.dll
2009-04-29 15:07:56 ----A---- C:\Windows\system32\pngfilt.dll
2009-04-29 15:07:56 ----A---- C:\Windows\system32\msfeeds.dll
2009-04-29 15:07:56 ----A---- C:\Windows\system32\ieapfltr.dll
2009-04-29 15:07:56 ----A---- C:\Windows\system32\advpack.dll
2009-04-29 15:07:55 ----A---- C:\Windows\system32\vbscript.dll
2009-04-29 15:07:55 ----A---- C:\Windows\system32\url.dll
2009-04-29 15:07:55 ----A---- C:\Windows\system32\jscript.dll
2009-04-29 15:07:55 ----A---- C:\Windows\system32\iedkcs32.dll
2009-04-29 15:07:54 ----A---- C:\Windows\system32\mshta.exe
2009-04-29 15:07:54 ----A---- C:\Windows\system32\iexpress.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\SetDepNx.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\PDMSetup.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\ieUnatt.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\iesysprep.dll
2009-04-29 15:07:53 ----A---- C:\Windows\system32\iertutil.dll
2009-04-29 15:07:53 ----A---- C:\Windows\system32\ie4uinit.exe
2009-04-29 15:07:52 ----A---- C:\Windows\system32\wininet.dll
2009-04-29 15:07:52 ----A---- C:\Windows\system32\urlmon.dll
2009-04-29 15:07:51 ----A---- C:\Windows\system32\ieframe.dll
2009-04-29 15:07:50 ----A---- C:\Windows\system32\mshtml.dll
======List of files/folders modified in the last 1 months======
2009-05-24 14:55:31 ----D---- C:\Windows\Prefetch
2009-05-24 14:55:23 ----D---- C:\Windows\Temp
2009-05-24 14:55:09 ----RD---- C:\Program Files
2009-05-24 08:09:40 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\skypePM
2009-05-23 16:46:29 ----SHD---- C:\System Volume Information
2009-05-23 14:42:46 ----SHD---- C:\Windows\Installer
2009-05-23 14:42:03 ----D---- C:\Windows\System32
2009-05-23 10:40:50 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\dvdcss
2009-05-16 16:01:32 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\Skype
2009-05-15 17:04:21 ----SD---- C:\Windows\Downloaded Program Files
2009-05-15 17:04:21 ----D---- C:\Windows\inf
2009-05-15 17:04:20 ----D---- C:\Windows\system32\Macromed
2009-05-15 16:44:39 ----HD---- C:\ProgramData
2009-05-15 16:44:35 ----D---- C:\Program Files\Common Files
2009-05-15 16:44:35 ----D---- C:\Program Files\Adobe
2009-05-13 13:52:46 ----D---- C:\Windows\winsxs
2009-05-13 13:43:03 ----D---- C:\Windows\system32\catroot
2009-05-13 13:42:54 ----D---- C:\Program Files\Windows Mail
2009-05-13 12:42:36 ----D---- C:\Windows\system32\catroot2
2009-05-09 14:03:06 ----D---- C:\Windows\Tasks
2009-05-08 13:25:27 ----D---- C:\Program Files\Internet Explorer
2009-05-07 21:39:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-04-29 15:52:03 ----D---- C:\Windows\rescache
2009-04-29 15:11:53 ----D---- C:\Windows\system32\fr-FR
2009-04-29 15:11:44 ----D---- C:\Windows\system32\migration
2009-04-29 15:11:44 ----D---- C:\Windows\system32\en-US
2009-04-29 15:11:44 ----D---- C:\Windows\PolicyDefinitions
2009-04-29 15:07:37 ----D---- C:\Windows
2009-04-28 20:01:14 ----SD---- C:\Users\AlexNoteBook\AppData\Roaming\Microsoft
2009-04-27 17:11:49 ----D---- C:\Windows\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2008-01-30 29704]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-01-30 34312]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2008-01-30 39944]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-20 3077632]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-03-20 208688]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
S3 athr;Pilote de périphérique LAN sans fil extensible Atheros; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug; C:\Windows\System32\Drivers\PMUSB.sys [2004-11-25 18944]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 CplIR;Embedded IR Driver; C:\Windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-09-20 610304]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-01-30 468224]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe [2007-09-21 77824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe []
S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2009-02-03 398848]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-01-30 19200]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2009-05-24 14:56:04
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->C:\Program Files\InstallShield Installation Information\{36C41D70-56F5-4E2B-81DA-6BEB7502D7A1}\setup.exe -runfromtemp -l0x040c -removeonly
-->C:\Program Files\InstallShield Installation Information\{D2A98502-8929-420F-AD48-086B1FD5CDEA}\setup.exe -runfromtemp -l0x040c -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Ares 2.1.1-->"C:\Program Files\Ares\uninstall.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{D3116CC7-24DC-4CA3-9CE1-23FED836E9F2}
AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe"
AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe"
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c
Catalyst Control Center - Branding-->MsiExec.exe /I{22543949-70E8-45D0-A938-F38143EB8BF8}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Desktop SMS-->MsiExec.exe /I{5980B928-1C95-4B3E-957B-B02D8147FF9E}
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c
Emdedded IR Driver-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{A6D4234C-CB02-4048-AC3E-AD09404FA35A}
ESET NOD32 Antivirus-->MsiExec.exe /I{6687EF6D-66D6-4189-89D4-3DB5197BD138}
Favorit-->c:\users\alexnotebook\appdata\local\ewggwoi.bat
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Music Transfer-->C:\Program Files\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe -runfromtemp -l0x040c -removeonly
myphotobook 3.1-->C:\Program Files\myphotobook\uninst.exe
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
P2P Energy Toolbar-->C:\PROGRA~1\P2P_EN~1\UNWISE.EXE C:\PROGRA~1\P2P_EN~1\INSTALL.LOG
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Réducteur de bruit lect. CD/DVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe" -l0x40c
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sony Picture Utility-->C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe -runfromtemp -l0x040c uninstall -removeonly
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x040c
TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x40c
TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}\setup.exe -runfromtemp -l0x040c uninstall
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c
TOSHIBA Flash Cards Support Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{620BBA5E-F848-4D56-8BDA-584E44584C5E}
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1036
TOSHIBA HD DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x040c -ADDREMOVE -removeonly
TOSHIBA Mot de passe responsable-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1036
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x040c
VLC media player 0.9.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
======Security center information======
AV: ESET NOD32 Antivirus 3.0
AS: ESET NOD32 Antivirus 3.0
AS: Windows Defender
======System event log======
Computer Name: Alex-NoteBook
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 129063
Source Name: Tcpip
Time Written: 20090523232615.178600-000
Event Type: Avertissement
User:
Computer Name: Alex-NoteBook
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 129068
Source Name: Tcpip
Time Written: 20090524004219.223600-000
Event Type: Avertissement
User:
Computer Name: Alex-NoteBook
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 129074
Source Name: Tcpip
Time Written: 20090524084642.575600-000
Event Type: Avertissement
User:
Computer Name: Alex-NoteBook
Event Code: 4227
Message: TCP/IP n’a pas pu établir une connexion sortante car le point de terminaison local sélectionné a été récemment utilisé pour se connecter au même point de terminaison distant. Cette erreur se produit généralement lorsque les connexions sortantes sont ouvertes et fermées à un débit élevé, provoquant l’utilisation de tous les ports locaux disponibles et obligeant TCP/IP à réutiliser un port local pour une connexion sortante. Pour réduire le risque d’altération des données, la norme TCP/IP exige qu’un laps de temps minimal s’écoule entre des connexions successives d’un point de terminaison local à un point de terminaison distant.
Record Number: 129076
Source Name: Tcpip
Time Written: 20090524094855.076600-000
Event Type: Avertissement
User:
Computer Name: Alex-NoteBook
Event Code: 4226
Message: TCP/IP a atteint la limite de sécurité imposée sur le nombre de tentatives de connexion TCP simultanées.
Record Number: 129078
Source Name: Tcpip
Time Written: 20090524111200.451600-000
Event Type: Avertissement
User:
=====Application event log=====
Computer Name: Alex-NoteBook
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-2616885699-3000390508-1820529282-1000:
Process 1096 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2616885699-3000390508-1820529282-1000
Record Number: 14349
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090523140821.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: Alex-NoteBook
Event Code: 1530
Message: Windows a détecté que votre fichier de Registre est toujours utilisé par d'autres applications ou services. Le fichier va être déchargé. Les applications ou services qui ont accès à votre Registre risquent de ne pas fonctionner correctement après cela.
DÉTAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-2616885699-3000390508-1820529282-1000_Classes:
Process 1096 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-2616885699-3000390508-1820529282-1000_CLASSES
Record Number: 14350
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090523140822.000000-000
Event Type: Avertissement
User: AUTORITE NT\SYSTEM
Computer Name: Alex-NoteBook
Event Code: 508
Message: wlcomm (4880) C:\Users\AlexNoteBook\AppData\Local\Microsoft\Windows Live Contacts\{04267196-b9e1-40c1-9beb-9072bc520b76}\: Une requête pour lire à partir du fichier "C:\Users\AlexNoteBook\AppData\Local\Microsoft\Windows Live Contacts\{04267196-b9e1-40c1-9beb-9072bc520b76}\DBStore\LogFiles\edb.log" à l'offset 2871808 (0x00000000002bd200) pour 68608 (0x00010c00) octets a réussi mais a pris un temps anormalement long (1155 secondes) pour être traité par le système d'exploitation. Ce problème peut être causé par du matériel défaillant. Contactez le fabricant de votre matériel afin d'obtenir plus d'aide pour diagnostiquer le problème.
Record Number: 14378
Source Name: ESENT
Time Written: 20090523204943.000000-000
Event Type: Avertissement
User:
Computer Name: Alex-NoteBook
Event Code: 1002
Message: Le programme vlc.exe version 0.9.4.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 1650 Heure de début : 01c9dc533b7f2b60 Heure de fin : 12
Record Number: 14386
Source Name: Application Hang
Time Written: 20090524093748.000000-000
Event Type: Erreur
User:
Computer Name: Alex-NoteBook
Event Code: 1002
Message: Le programme vlc.exe version 0.9.4.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 52c Heure de début : 01c9dc5fdc608270 Heure de fin : 15
Record Number: 14387
Source Name: Application Hang
Time Written: 20090524110803.000000-000
Event Type: Erreur
User:
=====Security event log=====
Computer Name: Alex-NoteBook
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 37329
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524125553.545600-000
Event Type: Échec de l'audit
User:
Computer Name: Alex-NoteBook
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 37330
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524125553.653600-000
Event Type: Échec de l'audit
User:
Computer Name: Alex-NoteBook
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 37331
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524125553.741600-000
Event Type: Échec de l'audit
User:
Computer Name: Alex-NoteBook
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 37332
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524125553.840600-000
Event Type: Échec de l'audit
User:
Computer Name: Alex-NoteBook
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 37333
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090524125553.959600-000
Event Type: Échec de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
-----------------EOF-----------------
Re,
Désactive l'UAC (Menu Démarrer \ Panneau de Configuration \ Comptes d'utilisateurs et protection des utilisateurs \ Comptes d'utilisateurs \ Activer ou désactiver le contrôle des comptes d'utilisateurs \ décoche la case Utiliser le contrôle ... et valide par OK , il te sera demandé de redémarrer, fais le)
Télécharge Navilog (de Il-Mafioso)
- Enregistre-le sur ton Bureau.
- Installe-le en double cliquant sur navilog.exe.
- Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau) [Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista)]
- Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2, 3 et 4 sans notre accord !
- Patiente jusqu'à l'apparition de ce message :
*** Analyse Termine le ..... ***
- Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.
- Poste le rapport généré.
Le rapport se trouve ici : C:\fixnavi.txt
Répondre à Angeldark
Search Navipromo version 3.7.7 commencé le 25/05/2009 à 14:08:56,19
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 12.05.2009 à 18h00 par IL-MAFIOSO
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz )
BIOS : Ver 1.00PARTTBL
USER : AlexNoteBook ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:12 Go)
E:\ (Local Disk) - NTFS - Total:73 Go (Free:40 Go)
F:\ (CD or DVD)
Recherche executé en mode normal
*** Recherche dossiers dans "C:\Windows" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***
*** Recherche dossiers dans "C:\ProgramData" ***
*** Recherche dossiers dans "c:\users\alexno~1\appdata\roaming\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "C:\Users\AlexNoteBook\AppData\Local\virtualstore\Program Files" ***
*** Recherche dossiers dans "C:\Users\AlexNoteBook\AppData\Local" ***
*** Recherche dossiers dans "C:\Users\AlexNoteBook\AppData\Roaming" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\Windows\system32" *
* Recherche dans "C:\Users\AlexNoteBook\AppData\Local\Microsoft" *
* Recherche dans "C:\Users\AlexNoteBook\AppData\Local" *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"amagwgo"="\"c:\\users\\alexnotebook\\appdata\\local\\amagwgo.exe\" amagwgo"
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\Windows\system32" :
* Dans "C:\Users\AlexNoteBook\AppData\Local\Microsoft" :
* Dans "C:\Users\AlexNoteBook\AppData\Local" :
amagwgo.exe trouvé !
amagwgo.dat trouvé !
amagwgo_nav.dat trouvé !
amagwgo_navps.dat trouvé !
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche autres dossiers et fichiers connus :
*** Analyse terminée le 25/05/2009 à 14:27:39,91 ***
Re,
- Double clique sur le raccourci de Navilog.
- Choisis l'option 2 puis valide. (Entrée)
- Laisse toi guider.
- Ton ordinateur va redémarrer, sinon fais le manuellement.
- Ton bureau va disparaître.
- Après un certain temps, le Bloc-notes va s'ouvrir.
- Sauvegarde le rapport.
- Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
Démarrer -> panneau de configuration -> options internet
Clique sur l'onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés" :
VIP
Si tu le trouve, fais ceci :
* Sélectionne ce certificat et clique sur exporter. Enregistre --e sur ton bureau.
* Supprime-le dans l'onglet "certificats" des options de ton naviguateur.
Ensuite pour le certificat présent sur ton bureau :
* Va sur le site Web :
http://www.bleepingcomputer.com/su [...] channel=35
* Copie/colle ceci dans la case 'Link to Topic' :
le nom du certificat (Montorgueil ,......)
* Copie/colle ceci dans la case 'Browse to the File' :
Le certificat correspondant que tu avais exportés vers ton bureau
Si c'est fait, supprime enfin le certificat présent sur ton bureau.
Les programmes suivants installent cette infection :
* Go-astro
* GoRecord
* HotTVPlayer
* Live Player
* MailSkinner
* Messenger Skinner
* Instant Access
* InternetGameBox
* sudoplanet
* Webmediaplayer : sauf celui provenant du site suivant > http://www.azertysite.new.fr/
* Sur le site www.games-desktop.com (Ne pas aller dessus!)
- Poste le rapport sauvegardé auparavant (C:\cleannavi.txt) ainsi qu'un nouveau rapport Hijackthis.
Répondre à Angeldark
ok, j'ai pas trouvé le certificat vip, je t'envoie les rapports
Clean Navipromo version 3.7.7 commencé le 25/05/2009 à 20:09:44,37
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 12.05.2009 à 18h00 par IL-MAFIOSO
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5250 @ 1.50GHz )
BIOS : Ver 1.00PARTTBL
USER : AlexNoteBook ( Administrator )
BOOT : Normal boot
Antivirus : ESET NOD32 Antivirus 3.0 3.0 (Activated)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:12 Go)
E:\ (Local Disk) - NTFS - Total:73 Go (Free:40 Go)
F:\ (CD or DVD)
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\Windows\System32" *
* Suppression dans "C:\Users\AlexNoteBook\AppData\Local\Microsoft" *
* Suppression dans "C:\Users\AlexNoteBook\AppData\Local" *
*** Suppression dossiers dans "C:\Windows" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***
*** Suppression dossiers dans "C:\ProgramData" ***
*** Suppression dossiers dans c:\users\alexno~1\appdata\roaming\micros~1\windows\startm~1\programs ***
*** Suppression dossiers dans "C:\Users\AlexNoteBook\AppData\Local\virtualstore\Program Files" ***
*** Suppression dossiers dans "C:\Users\AlexNoteBook\AppData\Local" ***
*** Suppression dossiers dans "C:\Users\AlexNoteBook\AppData\Roaming" ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\ALEXNO~1\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\Windows\system32" *
* Dans "C:\Users\AlexNoteBook\AppData\Local\Microsoft" *
* Dans "C:\Users\AlexNoteBook\AppData\Local" *
amagwgo.exe trouvé !
Copie amagwgo.exe réalisée avec succès !
amagwgo.exe supprimé !
amagwgo.dat trouvé !
Copie amagwgo.dat réalisée avec succès !
amagwgo.dat supprimé !
amagwgo_nav.dat trouvé !
Copie amagwgo_nav.dat réalisée avec succès !
amagwgo_nav.dat supprimé !
amagwgo_navps.dat trouvé !
Copie amagwgo_navps.dat réalisée avec succès !
amagwgo_navps.dat supprimé !
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Recherche autres dossiers et fichiers connus ***
*** Nettoyage terminé le 25/05/2009 à 20:14:54,07 ***
Logfile of random's system information tool 1.06 (written by random/random)
Run by AlexNoteBook at 2009-05-25 20:22:49
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 2046 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:23:10, on 25/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\AlexNoteBook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JICK0069\RSIT[3].exe
C:\Program Files\trend micro\AlexNoteBook.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cooxer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Free Download Manager - RCS] C:\Program Files\Free Download Manager\fdmwi.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/r [...] &site=home (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/re [...] dfr-fr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.ado [...] nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10514 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
P2P Energy Toolbar - C:\Program Files\P2P_Energy\tbP2P_.dll [2007-12-10 1510424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
en revanche pas de rapport info.txt reduit dans la barre des taches cette fois ci
En tout cas plus de pages de pub intempestives, je te remercie beaucoup!
Dans un autre registre j'ai un soucis avec ares galaxy, j'en etais tres content jusqu'a il y a peu, tres souvent il ne reprend pas les telechargements, il reste en mode connexion, et quand par miracle il telecharge, souvent je ne plus naviguer sur le net, in ternet explorer mets une plombe pour par exemple juste afficher la page d'acceuil de google...
Re,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
- Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
- Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
- Afin de lancer la recherche, clic sur"Rechercher".
- Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.
Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!
Aide :
Répondre à Angeldark
c'est fait, deux elements infectés ont été supprimés, mais pas d'amelioration par rapport a mon pb....
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2183
Windows 6.0.6001 Service Pack 1
27/05/2009 03:46:11
mbam-log-2009-05-27 (03-46-11).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 182810
Temps écoulé: 2 hour(s), 27 minute(s), 7 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\desktop sms (Worm.P2P) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Users\alexnotebook\AppData\Local\Google\Chrome\user data\Default\Cache\f_0056c5 (Adware.Navipromo) -> Quarantined and deleted successfully.
Refais un scan RSIT.
Répondre à Angeldark
Logfile of random's system information tool 1.06 (written by random/random)
Run by AlexNoteBook at 2009-05-28 00:46:38
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 13 GB (17%) free of 76 GB
Total RAM: 2046 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:46:46, on 28/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\AlexNoteBook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JICK0069\RSIT[3].exe
C:\Program Files\trend micro\AlexNoteBook.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cooxer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Free Download Manager - RCS] C:\Program Files\Free Download Manager\fdmwi.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/r [...] &site=home (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/re [...] dfr-fr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.ado [...] nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10585 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
P2P Energy Toolbar - C:\Program Files\P2P_Energy\tbP2P_.dll [2007-12-10 1510424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-29 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-29 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-29 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-29 259696]
{2bae58c2-79f9-45d1-a286-81f911301c3a} - P2P Energy Toolbar - C:\Program Files\P2P_Energy\tbP2P_.dll [2007-12-10 1510424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"HWSetup"=\HWSetup.exe hwSetUP []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"NDSTray.exe"=NDSTray.exe []
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-20 1451304]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-01-30 1443072]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"TOSCDSPD"=TOSCDSPD.EXE []
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-15 39408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-18 21633320]
"Free Download Manager - RCS"=C:\Program Files\Free Download Manager\fdmwi.exe -autorun []
C:\Users\AlexNoteBook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-05-27 01:12:27 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\Malwarebytes
2009-05-27 01:12:21 ----D---- C:\ProgramData\Malwarebytes
2009-05-27 01:12:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-25 14:07:36 ----D---- C:\Program Files\Navilog1
2009-05-24 14:55:09 ----D---- C:\Program Files\trend micro
2009-05-24 14:55:06 ----D---- C:\rsit
2009-05-20 02:49:33 ----D---- C:\Program Files\Ares
2009-05-15 16:44:39 ----D---- C:\ProgramData\Adobe
2009-05-15 16:44:35 ----D---- C:\Program Files\Common Files\Adobe
2009-05-15 16:39:28 ----D---- C:\ProgramData\NOS
2009-05-15 16:39:27 ----D---- C:\Program Files\NOS
2009-05-06 01:21:44 ----D---- C:\Program Files\P2P_Energy
2009-04-29 15:08:00 ----A---- C:\Windows\system32\mshtmler.dll
2009-04-29 15:08:00 ----A---- C:\Windows\system32\mshtmled.dll
2009-04-29 15:08:00 ----A---- C:\Windows\system32\ieui.dll
2009-04-29 15:08:00 ----A---- C:\Windows\system32\icardie.dll
2009-04-29 15:08:00 ----A---- C:\Windows\system32\admparse.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\msls31.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\jsproxy.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\imgutil.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\iernonce.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\ieakeng.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\dxtmsft.dll
2009-04-29 15:07:59 ----A---- C:\Windows\system32\corpol.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\occache.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\licmgr10.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\inseng.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\iepeers.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\ieaksie.dll
2009-04-29 15:07:58 ----A---- C:\Windows\system32\dxtrans.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-04-29 15:07:57 ----A---- C:\Windows\system32\wextract.exe
2009-04-29 15:07:57 ----A---- C:\Windows\system32\webcheck.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\mstime.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\msrating.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\msfeedssync.exe
2009-04-29 15:07:57 ----A---- C:\Windows\system32\iesetup.dll
2009-04-29 15:07:57 ----A---- C:\Windows\system32\ieakui.dll
2009-04-29 15:07:56 ----A---- C:\Windows\system32\pngfilt.dll
2009-04-29 15:07:56 ----A---- C:\Windows\system32\msfeeds.dll
2009-04-29 15:07:56 ----A---- C:\Windows\system32\ieapfltr.dll
2009-04-29 15:07:56 ----A---- C:\Windows\system32\advpack.dll
2009-04-29 15:07:55 ----A---- C:\Windows\system32\vbscript.dll
2009-04-29 15:07:55 ----A---- C:\Windows\system32\url.dll
2009-04-29 15:07:55 ----A---- C:\Windows\system32\jscript.dll
2009-04-29 15:07:55 ----A---- C:\Windows\system32\iedkcs32.dll
2009-04-29 15:07:54 ----A---- C:\Windows\system32\mshta.exe
2009-04-29 15:07:54 ----A---- C:\Windows\system32\iexpress.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\SetDepNx.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\PDMSetup.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\ieUnatt.exe
2009-04-29 15:07:53 ----A---- C:\Windows\system32\iesysprep.dll
2009-04-29 15:07:53 ----A---- C:\Windows\system32\iertutil.dll
2009-04-29 15:07:53 ----A---- C:\Windows\system32\ie4uinit.exe
2009-04-29 15:07:52 ----A---- C:\Windows\system32\wininet.dll
2009-04-29 15:07:52 ----A---- C:\Windows\system32\urlmon.dll
2009-04-29 15:07:51 ----A---- C:\Windows\system32\ieframe.dll
2009-04-29 15:07:50 ----A---- C:\Windows\system32\mshtml.dll
======List of files/folders modified in the last 1 months======
2009-05-28 00:46:46 ----D---- C:\Windows\Prefetch
2009-05-28 00:46:44 ----D---- C:\Windows\Temp
2009-05-28 00:00:16 ----SHD---- C:\System Volume Information
2009-05-28 00:00:03 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\skypePM
2009-05-27 08:55:05 ----D---- C:\Windows\system32\catroot
2009-05-27 08:55:03 ----D---- C:\Windows\winsxs
2009-05-27 03:48:30 ----D---- C:\Windows\system32\drivers
2009-05-27 03:48:30 ----D---- C:\Windows
2009-05-27 01:12:21 ----HD---- C:\ProgramData
2009-05-27 01:12:20 ----RD---- C:\Program Files
2009-05-25 20:35:41 ----HD---- C:\Windows\system32\GroupPolicy
2009-05-25 20:14:53 ----D---- C:\Windows\System32
2009-05-24 23:11:27 ----D---- C:\Windows\inf
2009-05-24 23:11:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-23 14:42:46 ----SHD---- C:\Windows\Installer
2009-05-23 10:40:50 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\dvdcss
2009-05-16 16:01:32 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\Skype
2009-05-15 17:04:21 ----SD---- C:\Windows\Downloaded Program Files
2009-05-15 17:04:20 ----D---- C:\Windows\system32\Macromed
2009-05-15 16:44:35 ----D---- C:\Program Files\Common Files
2009-05-15 16:44:35 ----D---- C:\Program Files\Adobe
2009-05-13 13:42:54 ----D---- C:\Program Files\Windows Mail
2009-05-13 12:42:36 ----D---- C:\Windows\system32\catroot2
2009-05-09 14:03:06 ----D---- C:\Windows\Tasks
2009-05-08 13:25:27 ----D---- C:\Program Files\Internet Explorer
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-04-29 15:52:03 ----D---- C:\Windows\rescache
2009-04-29 15:11:53 ----D---- C:\Windows\system32\fr-FR
2009-04-29 15:11:44 ----D---- C:\Windows\system32\migration
2009-04-29 15:11:44 ----D---- C:\Windows\system32\en-US
2009-04-29 15:11:44 ----D---- C:\Windows\PolicyDefinitions
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2008-01-30 29704]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-01-30 34312]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2008-01-30 39944]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-20 3077632]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-03-20 208688]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
S3 athr;Pilote de périphérique LAN sans fil extensible Atheros; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 catchme;catchme; \??\C:\Users\ALEXNO~1\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug; C:\Windows\System32\Drivers\PMUSB.sys [2004-11-25 18944]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 CplIR;Embedded IR Driver; C:\Windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-09-20 610304]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-01-30 468224]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe [2007-09-21 77824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe []
S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2009-02-03 398848]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-01-30 19200]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
-----------------EOF-----------------
pas de rapport info....
Re,
Télécharge OTMoveIt3 (de OldTimer). Sauvegarde-le sur ton Bureau.
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
:processes :reg :files :commands |
Double clique sur OTMoveIt3.exe afin de le lancer.
Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
Message édité par Angeldark le 29-05-2009 à 17:57:39
Répondre à Angeldark
j'ai fait ce que tu as dit, l'application me marque impossible de supprimer je sais plus quelles clés, tout mon bureau disparait, reste juste les gadgets windows et mon fond d'ecran (meme al barre des taches disparait, ensuite s'ouvre une fentre "l'application ne repond plus', la fenetre de l'application de vien t blancje, rien ne se passe rien repond, donc je clique sur fermer l'application, ensuite toujours rien sur le bureau, pas d'autre choix que d'eteindre mon ordi manuellement (avec le bouton), et de le rallumer...
Que le bureau disparaisse c'est normal. Tu peux recommencer avec le nouveau script que je viens d'éditer ?
Répondre à Angeldark
Bonjour Angeldark, j'ai moi aussi ce probleme, et j'ai installé RSIT, puis naviglog1, en ne selectionnant que l'option 1. Je me suis arreté là car mon antivirus a detecté un virus à la fin de l'analyse de naviglog1. Est-ce vraiment normal ??? Est-ce que ces deux derniers programmes dernièrement installés étaient fiables ??
Merci de m'éclairer
Dom.
Il se peut qu'un antivirus réagisse mal oui. Chacun son sujet merci 
Répondre à Angeldark
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}\\ .
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\\ .
Unable to delete registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2bae58c2-79f9-45d1-a286-81f911301c3a} .
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2bae58c2-79f9-45d1-a286-81f911301c3a}\ .
========== FILES ==========
Folder move failed. C:\Program Files\P2P_Energy scheduled to be moved on reboot.
========== COMMANDS ==========
File delete failed. C:\Users\ALEXNO~1\AppData\Local\Temp\Low\~DF4266.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\ALEXNO~1\AppData\Local\Temp\Low\~DFEC92.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\ALEXNO~1\AppData\Local\Temp\~DFDF6C.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\ALEXNO~1\AppData\Local\Temp\~DFDF71.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\ALEXNO~1\AppData\Local\Temp\~DFDFBC.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\ALEXNO~1\AppData\Local\Temp\~DFDFC1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\ALEXNO~1\AppData\Local\Temp\~DFDFE9.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\ALEXNO~1\AppData\Local\Temp\~DFDFEE.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 06022009_170740
Refais un scan RSIT.
Répondre à Angeldark
Logfile of random's system information tool 1.06 (written by random/random)
Run by AlexNoteBook at 2009-06-04 08:30:02
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 19 GB (25%) free of 76 GB
Total RAM: 2046 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:30:12, on 04/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\AlexNoteBook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0QFR2B56\RSIT[1].exe
C:\Program Files\trend micro\AlexNoteBook.exe
C:\PROGRA~1\Java\jre6\bin\ssvagent.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cooxer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Free Download Manager - RCS] C:\Program Files\Free Download Manager\fdmwi.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/r [...] &site=home (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/re [...] dfr-fr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.ado [...] nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10512 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-18 1082880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2bae58c2-79f9-45d1-a286-81f911301c3a}]
P2P Energy Toolbar - C:\Program Files\P2P_Energy\tbP2P_.dll [2007-12-10 1510424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-29 259696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-04-29 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-04-29 470512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-04-29 259696]
{2bae58c2-79f9-45d1-a286-81f911301c3a} - P2P Energy Toolbar - C:\Program Files\P2P_Energy\tbP2P_.dll [2007-12-10 1510424]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"HWSetup"=\HWSetup.exe hwSetUP []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"NDSTray.exe"=NDSTray.exe []
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-20 1451304]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-01-30 1443072]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"TOSCDSPD"=TOSCDSPD.EXE []
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-15 39408]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-18 21633320]
"Free Download Manager - RCS"=C:\Program Files\Free Download Manager\fdmwi.exe -autorun []
C:\Users\AlexNoteBook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Outil de détection de support Picture Motion Browser.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-06-02 18:30:24 ----D---- C:\Windows\system32\eu-ES
2009-06-02 18:30:24 ----D---- C:\Windows\system32\ca-ES
2009-06-02 18:30:14 ----D---- C:\Windows\system32\vi-VN
2009-06-02 17:53:02 ----D---- C:\Windows\system32\EventProviders
2009-06-02 17:49:06 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-06-02 17:49:02 ----A---- C:\Windows\system32\SLCExt.dll
2009-06-02 17:49:01 ----A---- C:\Windows\system32\SLsvc.exe
2009-06-02 17:48:54 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-06-02 17:48:54 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-06-02 17:48:50 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-06-02 17:48:45 ----A---- C:\Windows\system32\mssrch.dll
2009-06-02 17:48:40 ----A---- C:\Windows\system32\tquery.dll
2009-06-02 17:48:38 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-02 17:48:38 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-02 17:48:37 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-06-02 17:48:36 ----A---- C:\Windows\system32\scavenge.dll
2009-06-02 17:48:36 ----A---- C:\Windows\system32\RMActivate.exe
2009-06-02 17:48:34 ----A---- C:\Windows\system32\msi.dll
2009-06-02 17:48:33 ----A---- C:\Windows\system32\imapi2fs.dll
2009-06-02 17:48:32 ----A---- C:\Windows\system32\secproc_isv.dll
2009-06-02 17:48:31 ----A---- C:\Windows\system32\WscEapPr.dll
2009-06-02 17:48:31 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-06-02 17:48:31 ----A---- C:\Windows\system32\sysmain.dll
2009-06-02 17:48:28 ----A---- C:\Windows\system32\icardagt.exe
2009-06-02 17:48:27 ----A---- C:\Windows\system32\mf.dll
2009-06-02 17:48:26 ----A---- C:\Windows\system32\EhStorShell.dll
2009-06-02 17:48:26 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-06-02 17:48:24 ----A---- C:\Windows\system32\spreview.exe
2009-06-02 17:48:24 ----A---- C:\Windows\system32\spinstall.exe
2009-06-02 17:48:23 ----A---- C:\Windows\system32\drmv2clt.dll
2009-06-02 17:48:21 ----A---- C:\Windows\system32\spwizui.dll
2009-06-02 17:48:21 ----A---- C:\Windows\system32\secproc.dll
2009-06-02 17:48:21 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-06-02 17:48:19 ----A---- C:\Windows\system32\shell32.dll
2009-06-02 17:48:18 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-02 17:48:18 ----A---- C:\Windows\system32\p2psvc.dll
2009-06-02 17:48:17 ----A---- C:\Windows\system32\mssvp.dll
2009-06-02 17:48:16 ----A---- C:\Windows\system32\mscoree.dll
2009-06-02 17:48:16 ----A---- C:\Windows\system32\localspl.dll
2009-06-02 17:48:15 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-02 17:48:15 ----A---- C:\Windows\system32\mssph.dll
2009-06-02 17:48:15 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-06-02 17:48:14 ----A---- C:\Windows\system32\imapi2.dll
2009-06-02 17:48:13 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-02 17:48:12 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-02 17:48:11 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-06-02 17:48:11 ----A---- C:\Windows\system32\esent.dll
2009-06-02 17:48:11 ----A---- C:\Windows\system32\DevicePairing.dll
2009-06-02 17:48:10 ----A---- C:\Windows\system32\sperror.dll
2009-06-02 17:48:10 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-06-02 17:48:10 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-02 17:48:09 ----A---- C:\Windows\system32\wevtsvc.dll
2009-06-02 17:48:09 ----A---- C:\Windows\system32\SLC.dll
2009-06-02 17:48:09 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-02 17:48:09 ----A---- C:\Windows\system32\IasMigReader.exe
2009-06-02 17:48:08 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-06-02 17:48:08 ----A---- C:\Windows\system32\msshsq.dll
2009-06-02 17:48:06 ----A---- C:\Windows\system32\wmp.dll
2009-06-02 17:48:05 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-02 17:48:04 ----A---- C:\Windows\system32\msjet40.dll
2009-06-02 17:48:04 ----A---- C:\Windows\system32\MPSSVC.dll
2009-06-02 17:48:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-02 17:48:02 ----A---- C:\Windows\system32\msxml6.dll
2009-06-02 17:48:01 ----A---- C:\Windows\system32\Query.dll
2009-06-02 17:48:01 ----A---- C:\Windows\system32\qmgr.dll
2009-06-02 17:48:00 ----A---- C:\Windows\system32\msexch40.dll
2009-06-02 17:48:00 ----A---- C:\Windows\system32\diagperf.dll
2009-06-02 17:47:59 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-02 17:47:59 ----A---- C:\Windows\system32\P2PGraph.dll
2009-06-02 17:47:59 ----A---- C:\Windows\system32\ole32.dll
2009-06-02 17:47:59 ----A---- C:\Windows\system32\ntdll.dll
2009-06-02 17:47:58 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-02 17:47:58 ----A---- C:\Windows\system32\msxml3.dll
2009-06-02 17:47:57 ----A---- C:\Windows\system32\winload.exe
2009-06-02 17:47:57 ----A---- C:\Windows\system32\mblctr.exe
2009-06-02 17:47:57 ----A---- C:\Windows\system32\EncDec.dll
2009-06-02 17:47:56 ----A---- C:\Windows\system32\uDWM.dll
2009-06-02 17:47:56 ----A---- C:\Windows\system32\mmc.exe
2009-06-02 17:47:55 ----A---- C:\Windows\system32\riched20.dll
2009-06-02 17:47:55 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-06-02 17:47:55 ----A---- C:\Windows\system32\dfsr.exe
2009-06-02 17:47:54 ----A---- C:\Windows\system32\RacEngn.dll
2009-06-02 17:47:54 ----A---- C:\Windows\system32\fdBth.dll
2009-06-02 17:47:52 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-02 17:47:52 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-02 17:47:52 ----A---- C:\Windows\system32\milcore.dll
2009-06-02 17:47:52 ----A---- C:\Windows\system32\kernel32.dll
2009-06-02 17:47:51 ----A---- C:\Windows\system32\spoolss.dll
2009-06-02 17:47:51 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-06-02 17:47:51 ----A---- C:\Windows\system32\CertEnroll.dll
2009-06-02 17:47:50 ----A---- C:\Windows\system32\schedsvc.dll
2009-06-02 17:47:50 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-06-02 17:47:49 ----A---- C:\Windows\system32\msvcp60.dll
2009-06-02 17:47:49 ----A---- C:\Windows\system32\msjtes40.dll
2009-06-02 17:47:49 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-06-02 17:47:48 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-02 17:47:48 ----A---- C:\Windows\system32\gpedit.dll
2009-06-02 17:47:46 ----A---- C:\Windows\system32\WinSAT.exe
2009-06-02 17:47:46 ----A---- C:\Windows\system32\es.dll
2009-06-02 17:47:45 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-06-02 17:47:45 ----A---- C:\Windows\system32\mstext40.dll
2009-06-02 17:47:45 ----A---- C:\Windows\system32\Magnify.exe
2009-06-02 17:47:45 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-06-02 17:47:38 ----A---- C:\Windows\system32\advapi32.dll
2009-06-02 17:47:36 ----A---- C:\Windows\system32\WMPhoto.dll
2009-06-02 17:47:36 ----A---- C:\Windows\system32\WebClnt.dll
2009-06-02 17:47:35 ----A---- C:\Windows\system32\slwmi.dll
2009-06-02 17:47:35 ----A---- C:\Windows\system32\msxbde40.dll
2009-06-02 17:47:35 ----A---- C:\Windows\system32\msexcl40.dll
2009-06-02 17:47:35 ----A---- C:\Windows\system32\comsvcs.dll
2009-06-02 17:47:34 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-06-02 17:47:34 ----A---- C:\Windows\system32\vssapi.dll
2009-06-02 17:47:33 ----A---- C:\Windows\system32\authui.dll
2009-06-02 17:47:32 ----A---- C:\Windows\system32\NetProjW.dll
2009-06-02 17:47:32 ----A---- C:\Windows\system32\mstscax.dll
2009-06-02 17:47:31 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-02 17:47:31 ----A---- C:\Windows\system32\newdev.dll
2009-06-02 17:47:31 ----A---- C:\Windows\system32\msrepl40.dll
2009-06-02 17:47:30 ----A---- C:\Windows\system32\propsys.dll
2009-06-02 17:47:30 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-02 17:47:30 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-02 17:47:30 ----A---- C:\Windows\system32\gpsvc.dll
2009-06-02 17:47:30 ----A---- C:\Windows\system32\eudcedit.exe
2009-06-02 17:47:29 ----A---- C:\Windows\system32\crypt32.dll
2009-06-02 17:47:29 ----A---- C:\Windows\explorer.exe
2009-06-02 17:47:28 ----A---- C:\Windows\system32\rpcss.dll
2009-06-02 17:47:27 ----A---- C:\Windows\system32\setupapi.dll
2009-06-02 17:47:27 ----A---- C:\Windows\system32\mspbde40.dll
2009-06-02 17:47:26 ----A---- C:\Windows\system32\d3d9.dll
2009-06-02 17:47:25 ----A---- C:\Windows\system32\shlwapi.dll
2009-06-02 17:47:25 ----A---- C:\Windows\system32\msltus40.dll
2009-06-02 17:47:25 ----A---- C:\Windows\system32\mfc42.dll
2009-06-02 17:47:25 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-06-02 17:47:25 ----A---- C:\Windows\system32\davclnt.dll
2009-06-02 17:47:24 ----A---- C:\Windows\system32\msrd3x40.dll
2009-06-02 17:47:24 ----A---- C:\Windows\system32\msdtctm.dll
2009-06-02 17:47:24 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-06-02 17:47:23 ----A---- C:\Windows\system32\wevtapi.dll
2009-06-02 17:47:23 ----A---- C:\Windows\system32\photowiz.dll
2009-06-02 17:47:23 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-02 17:47:23 ----A---- C:\Windows\system32\browseui.dll
2009-06-02 17:47:20 ----A---- C:\Windows\system32\user32.dll
2009-06-02 17:47:20 ----A---- C:\Windows\system32\samsrv.dll
2009-06-02 17:47:20 ----A---- C:\Windows\system32\ci.dll
2009-06-02 17:47:19 ----A---- C:\Windows\system32\win32spl.dll
2009-06-02 17:47:19 ----A---- C:\Windows\system32\quartz.dll
2009-06-02 17:47:18 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-06-02 17:47:18 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-06-02 17:47:18 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-02 17:47:18 ----A---- C:\Windows\system32\oleaut32.dll
2009-06-02 17:47:18 ----A---- C:\Windows\system32\msv1_0.dll
2009-06-02 17:47:18 ----A---- C:\Windows\system32\kerberos.dll
2009-06-02 17:47:18 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-06-02 17:47:17 ----A---- C:\Windows\system32\netshell.dll
2009-06-02 17:47:17 ----A---- C:\Windows\system32\compcln.exe
2009-06-02 17:47:17 ----A---- C:\Windows\system32\apds.dll
2009-06-02 17:47:16 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-02 17:47:16 ----A---- C:\Windows\system32\winhttp.dll
2009-06-02 17:47:16 ----A---- C:\Windows\system32\mswstr10.dll
2009-06-02 17:47:16 ----A---- C:\Windows\system32\audiosrv.dll
2009-06-02 17:47:15 ----A---- C:\Windows\system32\msvcrt.dll
2009-06-02 17:47:15 ----A---- C:\Windows\system32\msctf.dll
2009-06-02 17:47:15 ----A---- C:\Windows\system32\gdi32.dll
2009-06-02 17:47:15 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-02 17:47:14 ----A---- C:\Windows\system32\VSSVC.exe
2009-06-02 17:47:14 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-06-02 17:47:14 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-06-02 17:47:13 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-06-02 17:47:13 ----A---- C:\Windows\system32\SLUI.exe
2009-06-02 17:47:13 ----A---- C:\Windows\system32\msrd2x40.dll
2009-06-02 17:47:13 ----A---- C:\Windows\system32\mfc42u.dll
2009-06-02 17:47:13 ----A---- C:\Windows\system32\eapphost.dll
2009-06-02 17:47:12 ----A---- C:\Windows\system32\odbc32.dll
2009-06-02 17:47:11 ----A---- C:\Windows\system32\winresume.exe
2009-06-02 17:47:11 ----A---- C:\Windows\system32\propdefs.dll
2009-06-02 17:47:10 ----A---- C:\Windows\system32\shdocvw.dll
2009-06-02 17:47:09 ----A---- C:\Windows\system32\wevtutil.exe
2009-06-02 17:47:09 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-02 17:47:09 ----A---- C:\Windows\system32\dbgeng.dll
2009-06-02 17:47:07 ----A---- C:\Windows\system32\WsmSvc.dll
2009-06-02 17:47:06 ----A---- C:\Windows\system32\swprv.dll
2009-06-02 17:47:06 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-06-02 17:47:05 ----A---- C:\Windows\system32\vds.exe
2009-06-02 17:47:05 ----A---- C:\Windows\system32\usp10.dll
2009-06-02 17:47:04 ----A---- C:\Windows\system32\netlogon.dll
2009-06-02 17:47:04 ----A---- C:\Windows\system32\msctfp.dll
2009-06-02 17:47:04 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-06-02 17:47:04 ----A---- C:\Windows\system32\drvinst.exe
2009-06-02 17:47:04 ----A---- C:\Windows\system32\devmgr.dll
2009-06-02 17:47:03 ----A---- C:\Windows\system32\schannel.dll
2009-06-02 17:47:03 ----A---- C:\Windows\system32\msscb.dll
2009-06-02 17:47:03 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-06-02 17:47:03 ----A---- C:\Windows\system32\BFE.DLL
2009-06-02 17:47:03 ----A---- C:\Windows\system32\adsldpc.dll
2009-06-02 17:47:02 ----A---- C:\Windows\system32\Wldap32.dll
2009-06-02 17:47:02 ----A---- C:\Windows\system32\wcnwiz.dll
2009-06-02 17:47:02 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-02 17:47:02 ----A---- C:\Windows\system32\evr.dll
2009-06-02 17:47:01 ----A---- C:\Windows\system32\WSDApi.dll
2009-06-02 17:47:01 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-06-02 17:47:01 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-02 17:47:00 ----A---- C:\Windows\system32\wercon.exe
2009-06-02 17:47:00 ----A---- C:\Windows\system32\services.exe
2009-06-02 17:47:00 ----A---- C:\Windows\system32\comdlg32.dll
2009-06-02 17:47:00 ----A---- C:\Windows\system32\adtschema.dll
2009-06-02 17:46:59 ----A---- C:\Windows\system32\wcncsvc.dll
2009-06-02 17:46:59 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-02 17:46:59 ----A---- C:\Windows\system32\msdrm.dll
2009-06-02 17:46:59 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-02 17:46:59 ----A---- C:\Windows\system32\certcli.dll
2009-06-02 17:46:58 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-06-02 17:46:58 ----A---- C:\Windows\system32\taskeng.exe
2009-06-02 17:46:58 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-02 17:46:58 ----A---- C:\Windows\system32\reg.exe
2009-06-02 17:46:58 ----A---- C:\Windows\system32\mswdat10.dll
2009-06-02 17:46:58 ----A---- C:\Windows\system32\msjter40.dll
2009-06-02 17:46:58 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-02 17:46:58 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-06-02 17:46:58 ----A---- C:\Windows\system32\dnsapi.dll
2009-06-02 17:46:57 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-02 17:46:57 ----A---- C:\Windows\system32\w32time.dll
2009-06-02 17:46:57 ----A---- C:\Windows\system32\certutil.exe
2009-06-02 17:46:56 ----A---- C:\Windows\system32\msshooks.dll
2009-06-02 17:46:56 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-02 17:46:56 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-02 17:46:56 ----A---- C:\Windows\system32\bthserv.dll
2009-06-02 17:46:56 ----A---- C:\Windows\system32\bcrypt.dll
2009-06-02 17:46:55 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-06-02 17:46:55 ----A---- C:\Windows\system32\rsaenh.dll
2009-06-02 17:46:55 ----A---- C:\Windows\system32\msstrc.dll
2009-06-02 17:46:55 ----A---- C:\Windows\system32\msihnd.dll
2009-06-02 17:46:55 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-06-02 17:46:53 ----A---- C:\Windows\system32\netapi32.dll
2009-06-02 17:46:53 ----A---- C:\Windows\system32\mtxclu.dll
2009-06-02 17:46:53 ----A---- C:\Windows\system32\mscories.dll
2009-06-02 17:46:53 ----A---- C:\Windows\system32\inetpp.dll
2009-06-02 17:46:53 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-02 17:46:53 ----A---- C:\Windows\system32\hidserv.dll
2009-06-02 17:46:53 ----A---- C:\Windows\system32\fundisc.dll
2009-06-02 17:46:53 ----A---- C:\Windows\system32\dfshim.dll
2009-06-02 17:46:53 ----A---- C:\Windows\system32\cryptsvc.dll
2009-06-02 17:46:52 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-06-02 17:46:52 ----A---- C:\Windows\system32\profsvc.dll
2009-06-02 17:46:52 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-06-02 17:46:51 ----A---- C:\Windows\system32\termsrv.dll
2009-06-02 17:46:50 ----A---- C:\Windows\system32\gameux.dll
2009-06-02 17:46:49 ----A---- C:\Windows\system32\wdc.dll
2009-06-02 17:46:49 ----A---- C:\Windows\system32\shsvcs.dll
2009-06-02 17:46:49 ----A---- C:\Windows\system32\msiexec.exe
2009-06-02 17:46:49 ----A---- C:\Windows\system32\imapi.dll
2009-06-02 17:46:49 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-02 17:46:48 ----A---- C:\Windows\system32\rasmans.dll
2009-06-02 17:46:48 ----A---- C:\Windows\system32\iassdo.dll
2009-06-02 17:46:47 ----A---- C:\Windows\system32\spoolsv.exe
2009-06-02 17:46:47 ----A---- C:\Windows\system32\pnidui.dll
2009-06-02 17:46:47 ----A---- C:\Windows\system32\icardres.dll
2009-06-02 17:46:47 ----A---- C:\Windows\system32\autofmt.exe
2009-06-02 17:46:46 ----A---- C:\Windows\system32\wersvc.dll
2009-06-02 17:46:46 ----A---- C:\Windows\system32\slmgr.vbs
2009-06-02 17:46:46 ----A---- C:\Windows\system32\scrrun.dll
2009-06-02 17:46:46 ----A---- C:\Windows\system32\PSHED.DLL
2009-06-02 17:46:46 ----A---- C:\Windows\system32\pdh.dll
2009-06-02 17:46:46 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-06-02 17:46:46 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-06-02 17:46:46 ----A---- C:\Windows\system32\azroles.dll
2009-06-02 17:46:45 ----A---- C:\Windows\system32\pidgenx.dll
2009-06-02 17:46:44 ----A---- C:\Windows\system32\wmpmde.dll
2009-06-02 17:46:44 ----A---- C:\Windows\system32\winlogon.exe
2009-06-02 17:46:43 ----A---- C:\Windows\system32\SyncCenter.dll
2009-06-02 17:46:42 ----A---- C:\Windows\system32\SLUINotify.dll
2009-06-02 17:46:42 ----A---- C:\Windows\system32\ncrypt.dll
2009-06-02 17:46:42 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-06-02 17:46:42 ----A---- C:\Windows\system32\kd1394.dll
2009-06-02 17:46:42 ----A---- C:\Windows\system32\comuid.dll
2009-06-02 17:46:42 ----A---- C:\Windows\system32\certmgr.dll
2009-06-02 17:46:41 ----A---- C:\Windows\system32\wisptis.exe
2009-06-02 17:46:41 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-02 17:46:41 ----A---- C:\Windows\system32\untfs.dll
2009-06-02 17:46:41 ----A---- C:\Windows\system32\spp.dll
2009-06-02 17:46:41 ----A---- C:\Windows\system32\sethc.exe
2009-06-02 17:46:41 ----A---- C:\Windows\system32\scrobj.dll
2009-06-02 17:46:41 ----A---- C:\Windows\system32\rtutils.dll
2009-06-02 17:46:41 ----A---- C:\Windows\system32\iassam.dll
2009-06-02 17:46:40 ----A---- C:\Windows\system32\taskcomp.dll
2009-06-02 17:46:40 ----A---- C:\Windows\system32\dwm.exe
2009-06-02 17:46:40 ----A---- C:\Windows\system32\autochk.exe
2009-06-02 17:46:39 ----A---- C:\Windows\system32\printui.dll
2009-06-02 17:46:39 ----A---- C:\Windows\system32\iasnap.dll
2009-06-02 17:46:39 ----A---- C:\Windows\system32\autoconv.exe
2009-06-02 17:46:38 ----A---- C:\Windows\system32\winsrv.dll
2009-06-02 17:46:38 ----A---- C:\Windows\system32\kdcom.dll
2009-06-02 17:46:38 ----A---- C:\Windows\system32\cscript.exe
2009-06-02 17:46:38 ----A---- C:\Windows\system32\basecsp.dll
2009-06-02 17:46:37 ----A---- C:\Windows\system32\wow32.dll
2009-06-02 17:46:37 ----A---- C:\Windows\system32\userenv.dll
2009-06-02 17:46:37 ----A---- C:\Windows\system32\osk.exe
2009-06-02 17:46:37 ----A---- C:\Windows\system32\onex.dll
2009-06-02 17:46:37 ----A---- C:\Windows\system32\mswsock.dll
2009-06-02 17:46:37 ----A---- C:\Windows\system32\audiodg.exe
2009-06-02 17:46:36 ----A---- C:\Windows\system32\spcmsg.dll
2009-06-02 17:46:36 ----A---- C:\Windows\system32\kdusb.dll
2009-06-02 17:46:35 ----A---- C:\Windows\system32\WinSCard.dll
2009-06-02 17:46:35 ----A---- C:\Windows\system32\winmm.dll
2009-06-02 17:46:35 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-06-02 17:46:35 ----A---- C:\Windows\system32\RelMon.dll
2009-06-02 17:46:35 ----A---- C:\Windows\system32\rdpencom.dll
2009-06-02 17:46:35 ----A---- C:\Windows\system32\offfilt.dll
2009-06-02 17:46:35 ----A---- C:\Windows\system32\msftedit.dll
2009-06-02 17:46:35 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-06-02 17:46:33 ----A---- C:\Windows\system32\WerFault.exe
2009-06-02 17:46:33 ----A---- C:\Windows\system32\Utilman.exe
2009-06-02 17:46:33 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-06-02 17:46:33 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-06-02 17:46:32 ----A---- C:\Windows\system32\wsepno.dll
2009-06-02 17:46:32 ----A---- C:\Windows\system32\stobject.dll
2009-06-02 17:46:32 ----A---- C:\Windows\system32\SndVol.exe
2009-06-02 17:46:32 ----A---- C:\Windows\system32\mfplat.dll
2009-06-02 17:46:32 ----A---- C:\Windows\system32\diskraid.exe
2009-06-02 17:46:32 ----A---- C:\Windows\system32\apphelp.dll
2009-06-02 17:46:31 ----A---- C:\Windows\system32\wiaservc.dll
2009-06-02 17:46:31 ----A---- C:\Windows\system32\sysclass.dll
2009-06-02 17:46:31 ----A---- C:\Windows\system32\prnntfy.dll
2009-06-02 17:46:31 ----A---- C:\Windows\system32\msnetobj.dll
2009-06-02 17:46:31 ----A---- C:\Windows\system32\mscms.dll
2009-06-02 17:46:31 ----A---- C:\Windows\system32\mcmde.dll
2009-06-02 17:46:31 ----A---- C:\Windows\system32\adsmsext.dll
2009-06-02 17:46:30 ----A---- C:\Windows\system32\wscript.exe
2009-06-02 17:46:30 ----A---- C:\Windows\system32\ulib.dll
2009-06-02 17:46:30 ----A---- C:\Windows\system32\secur32.dll
2009-06-02 17:46:30 ----A---- C:\Windows\system32\odbccp32.dll
2009-06-02 17:46:30 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-02 17:46:30 ----A---- C:\Windows\system32\dsound.dll
2009-06-02 17:46:29 ----A---- C:\Windows\system32\wscntfy.dll
2009-06-02 17:46:29 ----A---- C:\Windows\system32\wlansvc.dll
2009-06-02 17:46:29 ----A---- C:\Windows\system32\rastapi.dll
2009-06-02 17:46:29 ----A---- C:\Windows\system32\pnpsetup.dll
2009-06-02 17:46:29 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-06-02 17:46:29 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-06-02 17:46:29 ----A---- C:\Windows\system32\fdProxy.dll
2009-06-02 17:46:29 ----A---- C:\Windows\system32\cryptui.dll
2009-06-02 17:46:28 ----A---- C:\Windows\system32\wscsvc.dll
2009-06-02 17:46:28 ----A---- C:\Windows\system32\wlangpui.dll
2009-06-02 17:46:28 ----A---- C:\Windows\system32\vdsdyn.dll
2009-06-02 17:46:28 ----A---- C:\Windows\system32\rastls.dll
2009-06-02 17:46:28 ----A---- C:\Windows\system32\iashlpr.dll
2009-06-02 17:46:28 ----A---- C:\Windows\system32\gpapi.dll
2009-06-02 17:46:28 ----A---- C:\Windows\system32\diskpart.exe
2009-06-02 17:46:28 ----A---- C:\Windows\system32\brcpl.dll
2009-06-02 17:46:27 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-06-02 17:46:27 ----A---- C:\Windows\system32\regsvc.dll
2009-06-02 17:46:27 ----A---- C:\Windows\system32\rasapi32.dll
2009-06-02 17:46:27 ----A---- C:\Windows\system32\ntprint.dll
2009-06-02 17:46:27 ----A---- C:\Windows\system32\netiohlp.dll
2009-06-02 17:46:27 ----A---- C:\Windows\system32\mscorier.dll
2009-06-02 17:46:27 ----A---- C:\Windows\system32\logman.exe
2009-06-02 17:46:26 ----A---- C:\Windows\system32\zipfldr.dll
2009-06-02 17:46:26 ----A---- C:\Windows\system32\wusa.exe
2009-06-02 17:46:26 ----A---- C:\Windows\system32\wshext.dll
2009-06-02 17:46:26 ----A---- C:\Windows\system32\wpccpl.dll
2009-06-02 17:46:26 ----A---- C:\Windows\system32\iasrad.dll
2009-06-02 17:46:26 ----A---- C:\Windows\system32\findstr.exe
2009-06-02 17:46:25 ----A---- C:\Windows\system32\rasdlg.dll
2009-06-02 17:46:25 ----A---- C:\Windows\system32\netcenter.dll
2009-06-02 17:46:24 ----A---- C:\Windows\system32\wsnmp32.dll
2009-06-02 17:46:24 ----A---- C:\Windows\system32\wer.dll
2009-06-02 17:46:24 ----A---- C:\Windows\system32\themecpl.dll
2009-06-02 17:46:24 ----A---- C:\Windows\system32\iassvcs.dll
2009-06-02 17:46:22 ----A---- C:\Windows\system32\uxsms.dll
2009-06-02 17:46:22 ----A---- C:\Windows\system32\tsbyuv.dll
2009-06-02 17:46:22 ----A---- C:\Windows\system32\srvsvc.dll
2009-06-02 17:46:22 ----A---- C:\Windows\system32\scansetting.dll
2009-06-02 17:46:22 ----A---- C:\Windows\system32\ntmarta.dll
2009-06-02 17:46:22 ----A---- C:\Windows\system32\msutb.dll
2009-06-02 17:46:22 ----A---- C:\Windows\system32\mstlsapi.dll
2009-06-02 17:46:22 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-02 17:46:22 ----A---- C:\Windows\system32\iasads.dll
2009-06-02 17:46:21 ----A---- C:\Windows\system32\slcc.dll
2009-06-02 17:46:21 ----A---- C:\Windows\system32\powrprof.dll
2009-06-02 17:46:21 ----A---- C:\Windows\system32\mstsc.exe
2009-06-02 17:46:21 ----A---- C:\Windows\system32\iasacct.dll
2009-06-02 17:46:20 ----A---- C:\Windows\system32\powercpl.dll
2009-06-02 17:46:20 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-06-02 17:46:20 ----A---- C:\Windows\system32\networkmap.dll
2009-06-02 17:46:20 ----A---- C:\Windows\system32\authz.dll
2009-06-02 17:46:19 ----A---- C:\Windows\system32\wlanhlp.dll
2009-06-02 17:46:19 ----A---- C:\Windows\system32\sud.dll
2009-06-02 17:46:19 ----A---- C:\Windows\system32\newdev.exe
2009-06-02 17:46:19 ----A---- C:\Windows\system32\dot3svc.dll
2009-06-02 17:46:19 ----A---- C:\Windows\system32\connect.dll
2009-06-02 17:46:18 ----A---- C:\Windows\system32\themeui.dll
2009-06-02 17:46:18 ----A---- C:\Windows\system32\systemcpl.dll
2009-06-02 17:46:18 ----A---- C:\Windows\system32\pcaui.dll
2009-06-02 17:46:18 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-06-02 17:46:17 ----A---- C:\Windows\system32\usercpl.dll
2009-06-02 17:46:17 ----A---- C:\Windows\system32\samlib.dll
2009-06-02 17:46:17 ----A---- C:\Windows\system32\mmci.dll
2009-06-02 17:46:16 ----A---- C:\Windows\system32\autoplay.dll
2009-06-02 17:46:15 ----A---- C:\Windows\system32\qdvd.dll
2009-06-02 17:46:14 ----A---- C:\Windows\system32\wlanpref.dll
2009-06-02 17:46:14 ----A---- C:\Windows\system32\rpchttp.dll
2009-06-02 17:46:14 ----A---- C:\Windows\system32\regapi.dll
2009-06-02 17:46:13 ----A---- C:\Windows\system32\wpcao.dll
2009-06-02 17:46:13 ----A---- C:\Windows\system32\vdsutil.dll
2009-06-02 17:46:13 ----A---- C:\Windows\system32\tapisrv.dll
2009-06-02 17:46:13 ----A---- C:\Windows\system32\scksp.dll
2009-06-02 17:46:13 ----A---- C:\Windows\system32\msinfo32.exe
2009-06-02 17:46:12 ----A---- C:\Windows\system32\scesrv.dll
2009-06-02 17:46:12 ----A---- C:\Windows\system32\psisdecd.dll
2009-06-02 17:46:12 ----A---- C:\Windows\system32\oleprn.dll
2009-06-02 17:46:12 ----A---- C:\Windows\system32\mpr.dll
2009-06-02 17:46:12 ----A---- C:\Windows\system32\imm32.dll
2009-06-02 17:46:12 ----A---- C:\Windows\system32\feclient.dll
2009-06-02 17:46:12 ----A---- C:\Windows\system32\dot3msm.dll
2009-06-02 17:46:12 ----A---- C:\Windows\system32\AudioSes.dll
2009-06-02 17:46:11 ----A---- C:\Windows\system32\wscisvif.dll
2009-06-02 17:46:11 ----A---- C:\Windows\system32\sdclt.exe
2009-06-02 17:46:11 ----A---- C:\Windows\system32\rekeywiz.exe
2009-06-02 17:46:11 ----A---- C:\Windows\system32\iaspolcy.dll
2009-06-02 17:46:11 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-02 17:46:11 ----A---- C:\Windows\system32\dpapimig.exe
2009-06-02 17:46:11 ----A---- C:\Windows\system32\DeviceEject.exe
2009-06-02 17:46:10 ----A---- C:\Windows\system32\scecli.dll
2009-06-02 17:46:10 ----A---- C:\Windows\system32\rasgcw.dll
2009-06-02 17:46:10 ----A---- C:\Windows\system32\qedit.dll
2009-06-02 17:46:10 ----A---- C:\Windows\system32\pnpui.dll
2009-06-02 17:46:10 ----A---- C:\Windows\system32\perfdisk.dll
2009-06-02 17:46:10 ----A---- C:\Windows\system32\ncryptui.dll
2009-06-02 17:46:10 ----A---- C:\Windows\system32\hdwwiz.exe
2009-06-02 17:46:10 ----A---- C:\Windows\system32\certreq.exe
2009-06-02 17:46:09 ----A---- C:\Windows\system32\TSTheme.exe
2009-06-02 17:46:09 ----A---- C:\Windows\system32\spwinsat.dll
2009-06-02 17:46:09 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-06-02 17:46:09 ----A---- C:\Windows\system32\rasplap.dll
2009-06-02 17:46:09 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-06-02 17:46:08 ----A---- C:\Windows\system32\whealogr.dll
2009-06-02 17:46:08 ----A---- C:\Windows\system32\tcpmon.dll
2009-06-02 17:46:08 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-06-02 17:46:08 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-06-02 17:46:08 ----A---- C:\Windows\system32\fdWSD.dll
2009-06-02 17:46:08 ----A---- C:\Windows\system32\cmmon32.exe
2009-06-02 17:46:07 ----A---- C:\Windows\system32\srcore.dll
2009-06-02 17:46:07 ----A---- C:\Windows\system32\SnippingTool.exe
2009-06-02 17:46:07 ----A---- C:\Windows\system32\SCardSvr.dll
2009-06-02 17:46:07 ----A---- C:\Windows\system32\raschap.dll
2009-06-02 17:46:07 ----A---- C:\Windows\system32\fontext.dll
2009-06-02 17:46:07 ----A---- C:\Windows\system32\conime.exe
2009-06-02 17:46:07 ----A---- C:\Windows\system32\cmdial32.dll
2009-06-02 17:46:06 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-06-02 17:46:06 ----A---- C:\Windows\system32\wlanui.dll
2009-06-02 17:46:06 ----A---- C:\Windows\system32\wiaaut.dll
2009-06-02 17:46:06 ----A---- C:\Windows\system32\rasppp.dll
2009-06-02 17:46:06 ----A---- C:\Windows\system32\PnPutil.exe
2009-06-02 17:46:06 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-06-02 17:46:06 ----A---- C:\Windows\system32\dsprop.dll
2009-06-02 17:46:05 ----A---- C:\Windows\system32\wlanmsm.dll
2009-06-02 17:46:05 ----A---- C:\Windows\system32\shwebsvc.dll
2009-06-02 17:46:05 ----A---- C:\Windows\system32\oobefldr.dll
2009-06-02 17:46:05 ----A---- C:\Windows\system32\dimsroam.dll
2009-06-02 17:46:04 ----A---- C:\Windows\system32\shsetup.dll
2009-06-02 17:46:04 ----A---- C:\Windows\system32\rasmontr.dll
2009-06-02 17:46:04 ----A---- C:\Windows\system32\mscandui.dll
2009-06-02 17:46:04 ----A---- C:\Windows\system32\modemui.dll
2009-06-02 17:46:03 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-06-02 17:46:03 ----A---- C:\Windows\system32\dataclen.dll
2009-06-02 17:46:03 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-02 17:46:02 ----A---- C:\Windows\system32\WSDMon.dll
2009-06-02 17:46:02 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-06-02 17:46:02 ----A---- C:\Windows\system32\smss.exe
2009-06-02 17:46:02 ----A---- C:\Windows\system32\rdpwsx.dll
2009-06-02 17:46:02 ----A---- C:\Windows\system32\netplwiz.dll
2009-06-02 17:46:02 ----A---- C:\Windows\system32\credui.dll
2009-06-02 17:46:02 ----A---- C:\Windows\system32\blackbox.dll
2009-06-02 17:46:01 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-02 17:46:01 ----A---- C:\Windows\system32\networkexplorer.dll
2009-06-02 17:46:01 ----A---- C:\Windows\system32\certprop.dll
2009-06-02 17:46:00 ----A---- C:\Windows\system32\wscapi.dll
2009-06-02 17:46:00 ----A---- C:\Windows\system32\wpcsvc.dll
2009-06-02 17:46:00 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-02 17:46:00 ----A---- C:\Windows\system32\msscp.dll
2009-06-02 17:46:00 ----A---- C:\Windows\system32\msimtf.dll
2009-06-02 17:46:00 ----A---- C:\Windows\system32\logagent.exe
2009-06-02 17:46:00 ----A---- C:\Windows\system32\InkEd.dll
2009-06-02 17:46:00 ----A---- C:\Windows\system32\ifmon.dll
2009-06-02 17:46:00 ----A---- C:\Windows\system32\gpresult.exe
2009-06-02 17:46:00 ----A---- C:\Windows\system32\cipher.exe
2009-06-02 17:45:59 ----A---- C:\Windows\system32\softkbd.dll
2009-06-02 17:45:59 ----A---- C:\Windows\system32\sendmail.dll
2009-06-02 17:45:58 ----A---- C:\Windows\system32\olepro32.dll
2009-06-02 17:45:58 ----A---- C:\Windows\system32\msctfui.dll
2009-06-02 17:45:58 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-06-02 17:45:58 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-06-02 17:45:58 ----A---- C:\Windows\system32\dmsynth.dll
2009-06-02 17:45:58 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-02 17:45:57 ----A---- C:\Windows\system32\wshbth.dll
2009-06-02 17:45:57 ----A---- C:\Windows\system32\version.dll
2009-06-02 17:45:57 ----A---- C:\Windows\system32\SLLUA.exe
2009-06-02 17:45:57 ----A---- C:\Windows\system32\puiapi.dll
2009-06-02 17:45:57 ----A---- C:\Windows\system32\mprapi.dll
2009-06-02 17:45:57 ----A---- C:\Windows\system32\input.dll
2009-06-02 17:45:57 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-06-02 17:45:57 ----A---- C:\Windows\system32\cdd.dll
2009-06-02 17:45:56 ----A---- C:\Windows\system32\msisip.dll
2009-06-02 17:45:56 ----A---- C:\Windows\system32\fc.exe
2009-06-02 17:45:55 ----A---- C:\Windows\system32\rrinstaller.exe
2009-06-02 17:45:55 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-02 17:45:55 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-06-02 17:45:55 ----A---- C:\Windows\system32\msjint40.dll
2009-06-02 17:45:55 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-06-02 17:45:55 ----A---- C:\Windows\system32\l2nacp.dll
2009-06-02 17:45:55 ----A---- C:\Windows\system32\ftp.exe
2009-06-02 17:45:55 ----A---- C:\Windows\system32\fdSSDP.dll
2009-06-02 17:45:55 ----A---- C:\Windows\system32\eapp3hst.dll
2009-06-02 17:45:55 ----A---- C:\Windows\system32\dmusic.dll
2009-06-02 17:45:55 ----A---- C:\Windows\system32\cscdll.dll
2009-06-02 17:45:55 ----A---- C:\Windows\system32\cscapi.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\wsdchngr.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\Storprop.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\rasdial.exe
2009-06-02 17:45:54 ----A---- C:\Windows\system32\rasdiag.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\ipconfig.exe
2009-06-02 17:45:54 ----A---- C:\Windows\system32\fdWCN.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\eappcfg.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\dot3cfg.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\bthudtask.exe
2009-06-02 17:45:54 ----A---- C:\Windows\system32\bthci.dll
2009-06-02 17:45:54 ----A---- C:\Windows\system32\aaclient.dll
2009-06-02 17:45:53 ----A---- C:\Windows\system32\tscupgrd.exe
2009-06-02 17:45:53 ----A---- C:\Windows\system32\slcinst.dll
2009-06-02 17:45:53 ----A---- C:\Windows\system32\ocsetup.exe
2009-06-02 17:45:53 ----A---- C:\Windows\system32\nslookup.exe
2009-06-02 17:45:53 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-06-02 17:45:53 ----A---- C:\Windows\system32\mfps.dll
2009-06-02 17:45:53 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-06-02 17:45:53 ----A---- C:\Windows\system32\eappgnui.dll
2009-06-02 17:45:53 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-06-02 17:45:52 ----A---- C:\Windows\system32\mmcico.dll
2009-06-02 17:45:52 ----A---- C:\Windows\system32\mfpmp.exe
2009-06-02 17:45:52 ----A---- C:\Windows\system32\hbaapi.dll
2009-06-02 17:45:52 ----A---- C:\Windows\system32\fdeploy.dll
2009-06-02 17:45:51 ----A---- C:\Windows\system32\tsgqec.dll
2009-06-02 17:45:51 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-06-02 17:45:51 ----A---- C:\Windows\system32\gpupdate.exe
2009-06-02 17:45:51 ----A---- C:\Windows\system32\atmlib.dll
2009-06-02 17:45:50 ----A---- C:\Windows\system32\NcdProp.dll
2009-06-02 17:45:50 ----A---- C:\Windows\system32\iscsilog.dll
2009-06-02 17:45:50 ----A---- C:\Windows\system32\csrstub.exe
2009-06-02 17:45:50 ----A---- C:\Windows\system32\cbsra.exe
2009-06-02 17:45:50 ----A---- C:\Windows\system32\bitsigd.dll
2009-06-02 17:45:49 ----A---- C:\Windows\system32\winrnr.dll
2009-06-02 17:45:49 ----A---- C:\Windows\system32\vdmdbg.dll
2009-06-02 17:45:49 ----A---- C:\Windows\system32\slwga.dll
2009-06-02 17:45:49 ----A---- C:\Windows\system32\odbcconf.dll
2009-06-02 17:45:49 ----A---- C:\Windows\system32\midimap.dll
2009-06-02 17:45:49 ----A---- C:\Windows\system32\inetppui.dll
2009-06-02 17:45:49 ----A---- C:\Windows\system32\atmfd.dll
2009-06-02 17:45:47 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-02 17:45:47 ----A---- C:\Windows\system32\spwmp.dll
2009-06-02 17:45:47 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-02 17:45:46 ----A---- C:\Windows\system32\msimsg.dll
2009-06-02 17:45:46 ----A---- C:\Windows\system32\mferror.dll
2009-06-02 17:45:46 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-06-02 17:45:13 ----A---- C:\Windows\system32\SmiEngine.dll
2009-06-02 17:45:11 ----A---- C:\Windows\system32\wdscore.dll
2009-06-02 17:45:11 ----A---- C:\Windows\system32\PkgMgr.exe
2009-06-02 17:45:06 ----A---- C:\Windows\system32\drvstore.dll
2009-05-29 00:50:35 ----D---- C:\_OTMoveIt
2009-05-27 01:12:27 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\Malwarebytes
2009-05-27 01:12:21 ----D---- C:\ProgramData\Malwarebytes
2009-05-27 01:12:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-05-25 14:07:36 ----D---- C:\Program Files\Navilog1
2009-05-24 14:55:09 ----D---- C:\Program Files\trend micro
2009-05-24 14:55:06 ----D---- C:\rsit
2009-05-20 02:49:33 ----D---- C:\Program Files\Ares
2009-05-15 16:44:39 ----D---- C:\ProgramData\Adobe
2009-05-15 16:44:35 ----D---- C:\Program Files\Common Files\Adobe
2009-05-15 16:39:28 ----D---- C:\ProgramData\NOS
2009-05-15 16:39:27 ----D---- C:\Program Files\NOS
2009-05-06 01:21:44 ----D---- C:\Program Files\P2P_Energy
======List of files/folders modified in the last 1 months======
2009-06-04 08:30:11 ----D---- C:\Windows\Temp
2009-06-04 08:30:00 ----D---- C:\Windows\Prefetch
2009-06-04 08:15:37 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\skypePM
2009-06-02 18:58:05 ----D---- C:\Windows\Microsoft.NET
2009-06-02 18:57:30 ----RSD---- C:\Windows\assembly
2009-06-02 18:57:28 ----D---- C:\Windows\rescache
2009-06-02 18:47:55 ----D---- C:\Windows\System32
2009-06-02 18:47:54 ----D---- C:\Windows\inf
2009-06-02 18:47:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-02 18:43:15 ----D---- C:\Windows
2009-06-02 18:43:09 ----D---- C:\Windows\system32\catroot
2009-06-02 18:43:08 ----SHD---- C:\Boot
2009-06-02 18:35:16 ----D---- C:\Program Files\Windows Calendar
2009-06-02 18:35:15 ----D---- C:\Program Files\Windows Mail
2009-06-02 18:35:14 ----D---- C:\Program Files\Movie Maker
2009-06-02 18:35:10 ----D---- C:\Program Files\Windows Sidebar
2009-06-02 18:35:10 ----D---- C:\Program Files\Internet Explorer
2009-06-02 18:35:09 ----D---- C:\Program Files\Windows Media Player
2009-06-02 18:35:08 ----D---- C:\Program Files\Windows Journal
2009-06-02 18:35:08 ----D---- C:\Program Files\Windows Collaboration
2009-06-02 18:35:02 ----D---- C:\Program Files\Common Files\System
2009-06-02 18:35:01 ----D---- C:\Program Files\Windows Photo Gallery
2009-06-02 18:34:36 ----D---- C:\Program Files\Windows Defender
2009-06-02 18:34:35 ----D---- C:\Windows\servicing
2009-06-02 18:34:31 ----D---- C:\Windows\ehome
2009-06-02 18:33:46 ----D---- C:\Windows\system32\lv-LV
2009-06-02 18:33:46 ----D---- C:\Windows\IME
2009-06-02 18:33:45 ----D---- C:\Windows\system32\XPSViewer
2009-06-02 18:33:45 ----D---- C:\Windows\system32\sk-SK
2009-06-02 18:33:45 ----D---- C:\Windows\system32\hr-HR
2009-06-02 18:33:45 ----D---- C:\Windows\system32\et-EE
2009-06-02 18:33:45 ----D---- C:\Windows\system32\da-DK
2009-06-02 18:33:44 ----D---- C:\Windows\system32\ko-KR
2009-06-02 18:33:44 ----D---- C:\Windows\system32\en-US
2009-06-02 18:33:44 ----D---- C:\Windows\system32\de-DE
2009-06-02 18:33:43 ----D---- C:\Windows\system32\oobe
2009-06-02 18:33:43 ----D---- C:\Windows\system32\it-IT
2009-06-02 18:33:43 ----D---- C:\Windows\system32\el-GR
2009-06-02 18:33:42 ----D---- C:\Windows\system32\fr
2009-06-02 18:33:41 ----D---- C:\Windows\system32\migration
2009-06-02 18:33:31 ----D---- C:\Windows\system32\AdvancedInstallers
2009-06-02 18:33:30 ----D---- C:\Windows\system32\ru-RU
2009-06-02 18:33:23 ----D---- C:\Windows\system32\fr-FR
2009-06-02 18:33:14 ----D---- C:\Windows\system32\sv-SE
2009-06-02 18:33:14 ----D---- C:\Windows\system32\he-IL
2009-06-02 18:33:13 ----D---- C:\Windows\system32\setup
2009-06-02 18:33:13 ----D---- C:\Windows\system32\pt-PT
2009-06-02 18:33:13 ----D---- C:\Windows\system32\hu-HU
2009-06-02 18:33:13 ----D---- C:\Windows\system32\fi-FI
2009-06-02 18:33:13 ----D---- C:\Windows\system32\cs-CZ
2009-06-02 18:33:12 ----D---- C:\Windows\system32\SLUI
2009-06-02 18:33:08 ----D---- C:\Windows\system32\zh-CN
2009-06-02 18:33:08 ----D---- C:\Windows\system32\sr-Latn-CS
2009-06-02 18:33:08 ----D---- C:\Windows\system32\manifeststore
2009-06-02 18:33:07 ----D---- C:\Windows\system32\zh-TW
2009-06-02 18:33:07 ----D---- C:\Windows\system32\sl-SI
2009-06-02 18:33:07 ----D---- C:\Windows\system32\es-ES
2009-06-02 18:33:06 ----D---- C:\Windows\system32\uk-UA
2009-06-02 18:33:06 ----D---- C:\Windows\system32\pl-PL
2009-06-02 18:33:06 ----D---- C:\Windows\system32\ja-JP
2009-06-02 18:33:06 ----D---- C:\Windows\system32\bg-BG
2009-06-02 18:33:05 ----D---- C:\Windows\system32\ro-RO
2009-06-02 18:33:04 ----D---- C:\Windows\system32\th-TH
2009-06-02 18:33:03 ----D---- C:\Windows\system32\drivers
2009-06-02 18:32:59 ----D---- C:\Windows\system32\tr-TR
2009-06-02 18:32:56 ----D---- C:\Windows\system32\wbem
2009-06-02 18:32:51 ----D---- C:\Windows\system32\nl-NL
2009-06-02 18:32:51 ----D---- C:\Windows\system32\nb-NO
2009-06-02 18:32:50 ----D---- C:\Windows\system32\lt-LT
2009-06-02 18:32:50 ----D---- C:\Windows\system32\ar-SA
2009-06-02 18:32:48 ----D---- C:\Windows\system32\pt-BR
2009-06-02 18:32:48 ----D---- C:\Windows\system32\migwiz
2009-06-02 18:30:42 ----RSD---- C:\Windows\Fonts
2009-06-02 18:30:41 ----D---- C:\Windows\AppPatch
2009-06-02 18:30:13 ----D---- C:\Windows\system32\Boot
2009-06-02 18:28:47 ----D---- C:\Windows\system32\RTCOM
2009-06-02 18:23:06 ----D---- C:\Windows\winsxs
2009-06-02 18:14:23 ----SHD---- C:\System Volume Information
2009-06-02 17:32:28 ----D---- C:\Windows\system32\catroot2
2009-05-27 01:12:21 ----HD---- C:\ProgramData
2009-05-27 01:12:20 ----RD---- C:\Program Files
2009-05-25 20:35:41 ----HD---- C:\Windows\system32\GroupPolicy
2009-05-23 14:42:46 ----SHD---- C:\Windows\Installer
2009-05-23 10:40:50 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\dvdcss
2009-05-16 16:01:32 ----D---- C:\Users\AlexNoteBook\AppData\Roaming\Skype
2009-05-15 17:04:21 ----SD---- C:\Windows\Downloaded Program Files
2009-05-15 17:04:20 ----D---- C:\Windows\system32\Macromed
2009-05-15 16:44:35 ----D---- C:\Program Files\Common Files
2009-05-15 16:44:35 ----D---- C:\Program Files\Adobe
2009-05-09 14:03:06 ----D---- C:\Windows\Tasks
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2008-01-30 29704]
R1 epfwtdir;epfwtdir; C:\Windows\system32\DRIVERS\epfwtdir.sys [2008-01-30 34312]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2008-01-30 39944]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-20 3077632]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-03-20 208688]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
S3 athr;Pilote de périphérique LAN sans fil extensible Atheros; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 catchme;catchme; \??\C:\Users\ALEXNO~1\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug; C:\Windows\System32\Drivers\PMUSB.sys [2004-11-25 18944]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 CplIR;Embedded IR Driver; C:\Windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-09-20 610304]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-01-30 468224]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe [2007-09-21 77824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe []
S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe [2009-02-03 398848]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-01-30 19200]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
-----------------EOF-----------------
pas de info.txt ...?
On va faire autrement.
Télécharge Hijackthis (de Trend Micro) sur ton Bureau.
- Double clique sur HJTInstall.exe pour lancer l'installation.
- Clique sur Install.
- Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
- Accepte la licence en cliquant sur Yes.
- Clique sur Do a system scan and save a logfile.
- Poste ici le rapport généré.
Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log
Aide : Comment utiliser HijackThis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:32, on 04/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cooxer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Free Download Manager - RCS] C:\Program Files\Free Download Manager\fdmwi.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/r [...] &site=home (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/re [...] dfr-fr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.ado [...] nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10443 bytes
Re,
Choisis do a system scan only, coche ces lignes (si toujours présentes) :
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
|
Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
Puis Fix Checked !
Supprime ce dossier :
C:\Program Files\P2P_Energy
Répondre à Angeldark
j'ai fait tout ce qui a été demandé en revanche impossible de supprimer le dossier P2P_Energy car le fichier tbP2P_.dll serait ouvert dans une autre application. j'ai essayé de redemarrer mon pc, mais rien a faire impossible de le supprimer.
je me rends compte aussi que je n'ai pu supprimer que R3, les autres lignes n'ont pas pu l'etre, j'ai reessayé plusieurs fois mais en vain...
Fais la procédure en mode sans échec alors
Répondre à Angeldark
ca va paraitre bete, mais comment on fait en mode sans echec?
| Citation : Fais redémarrer ton ordinateur en mode sans échec
|
Répondre à Angeldark
c'est fait, j'ai pu supprimer ce que tu m'avais demandé.
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:32, on 04/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cooxer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: P2P Energy Toolbar - {2bae58c2-79f9-45d1-a286-81f911301c3a} - C:\Program Files\P2P_Energy\tbP2P_.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Free Download Manager - RCS] C:\Program Files\Free Download Manager\fdmwi.exe -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/r [...] &site=home (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/re [...] dfr-fr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.ado [...] nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10443 bytes
Pour faire un rapport il faut lancer Hijackthis en faisant clic droit / exécuter en tant qu'admin
Répondre à Angeldark
ok, pardon dsl
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:50:23, on 08/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cooxer.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Free Download Manager - RCS] C:\Program Files\Free Download Manager\fdmwi.exe -autorun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/r [...] &site=home (file missing)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/re [...] dfr-fr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.ado [...] nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 10009 bytes
Encore des soucis ?
Répondre à Angeldark
apparement je peux aller sur ares et naviguer en meme temps, cependant ares ne reprend pas les telechargements et reste en mode connexion...
C'est quoi le rapport avec les virus ? 
Répondre à Angeldark
j'en sais rien???? je suis pas informaticien et y connais pas grand chose, j'ai jamais eu ce genre de soucis auparavant, donc je sais pas de quoi ca vient, et pensais que peut etre toi tu savais?
Aucune idée, pas mon domaine.
Répondre à Angeldark
ok... en tout cas merci pour le reste.
Bonne chance.
Répondre à Angeldark
Il y a 2175 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
Par Sham_Rock il y a 23 jours :
