Shared DLLs
Fermé
Bonjour,
Je vous ecrit car je ne sais plus quoi faire: Bitdefender me trouve des clés de registre posant problemedu genre Shared DLLS, ainsi qu'un virus Savez vous si je peu l'effacer sans problème? Il est vrai que mon ordinateur est de plus en plus lent, j'ai l'ai restauré hier mais je crois qu'il est tres virusé
Sil vous palit aidez vous
Merci bcps!
Je vous ecrit car je ne sais plus quoi faire: Bitdefender me trouve des clés de registre posant problemedu genre Shared DLLS, ainsi qu'un virus Savez vous si je peu l'effacer sans problème? Il est vrai que mon ordinateur est de plus en plus lent, j'ai l'ai restauré hier mais je crois qu'il est tres virusé
Sil vous palit aidez vous
Merci bcps!
A voir également:
- Shareddlls
- Microsoft shared ✓ - Forum Windows 10
- Microsoft shared ✓ - Forum Windows
- Borland shared - Télécharger - Édition & Programmation
- Pre-shared key c'est quoi - Forum Réseaux sociaux
- Asterisk: error while loading shared libraries: libasteriskssl.so.1: cannot open shared object file: no such file or directory - Forum Redhat
21 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
20 janv. 2009 à 13:10
20 janv. 2009 à 13:10
slt colles le rapport
bitdefender
et
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
bitdefender
et
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
20 janv. 2009 à 13:47
20 janv. 2009 à 13:47
pour java:
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
Merci !!
Bon jai retelechargé Java et ça remarche. Jai telechargé Hijackthis et voici el rapport:
info.txt:
info.txt logfile of random's system information tool 1.05 2009-01-20 15:52:57
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS4-->C:\Program Files\Common Files\Adobe\Installers\acce07fd2c8fe7f9e3f26243e626578\Setup.exe --uninstall=1
Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash CS4 Extension - Flash Lite STI fr-->MsiExec.exe /I{BD423B54-8668-44B6-8610-D24514445E88}
Adobe Flash CS4 Professional-->C:\Program Files\Common Files\Adobe\Installers\a68eec966ce913ddaa63251dc82ed31\Setup.exe --uninstall=1
Adobe Flash CS4 STI-fr-->MsiExec.exe /I{48F9998C-3BA0-42D3-82E6-5882441EB8CE}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9}
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}
Adobe Setup-->MsiExec.exe /I{EED50C97-C79E-4149-BD82-7C5A22437708}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BetClic Poker-->C:\PROGRA~1\BETCLI~1\UNWISE.EXE C:\PROGRA~1\BETCLI~1\INSTALL.LOG
BitDefender Total Security 2009-->MsiExec.exe /X{C731ACA8-EEE2-4B5A-9838-41D0AAD080C8}
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c
Catalyst Control Center - Branding-->MsiExec.exe /I{69E5255D-9D43-4CFF-8984-843ABD7753B7}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ITE1HERza.INF
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179\UIU32m.exe -U -ITE1HERzm.INF
HDMI Control Manager-->C:\Program Files\InstallShield Installation Information\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}\setup.exe -runfromtemp -l0x040c -removeonly
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Manuels TOSHIBA-->C:\Program Files\InstallShield Installation Information\{5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}\setup.exe -runfromtemp -l0x040c -removeonly
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
myphotobook 3.6-->C:\Program Files\myphotobook\uninst.exe
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
O2Micro Flash Memory Card Reader Driver (x86)-->MsiExec.exe /X{156E98D0-1AEC-4013-A41A-94A1A01BFD68}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Réducteur de bruit du lecteur de CD/DVD-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x040c -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c
TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x040c -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B}
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B} /l1036
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{491DD193-1B57-4D1C-8B14-18B96992A89F} /l1036
Toshiba TEMPRO-->MsiExec.exe /X{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x040c
TRDCReminder-->C:\Program Files\InstallShield Installation Information\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\setup.exe -runfromtemp -l0x040c
TRORDCLauncher-->C:\Program Files\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe -runfromtemp -l0x040c
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamax Poker (remove only)-->"C:\Program Files\WinamaxPoker\uninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}
======Security center information======
AV: AVG (outdated)
AV: BitDefender Antivirus (outdated)
FW: Pare-feu BitDefender
AS: BitDefender AntiSpam
AS: AVG (disabled) (outdated)
AS: Windows Defender
System event log
Computer Name: PC-de-Hersi
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.
Record Number: 19138
Source Name: Service Control Manager
Time Written: 20090120142938.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 7036
Message: Le service Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration est entré dans l'état : arrêté.
Record Number: 19139
Source Name: Service Control Manager
Time Written: 20090120142941.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 10029
Message: DCOM a démarré le service usnjsvc avec les arguments « » de façon à exécuter le serveur :
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}
Record Number: 19140
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090120143000.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entré dans l'état : en cours d'exécution.
Record Number: 19141
Source Name: Service Control Manager
Time Written: 20090120143000.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté.
Record Number: 19142
Source Name: Service Control Manager
Time Written: 20090120144606.000000-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-Hersi
Event Code: 302
Message: msnmsgr (4032) \\.\C:\Users\Hersi\AppData\Local\Microsoft\Messenger\hersiliarodriguez@hotmail.com\SharingMetadata\Working\database_E638_A82F_38A7_FCA5\dfsr.db: Le moteur de la base de données a terminé les étapes de récupération avec succès.
Record Number: 4120
Source Name: ESENT
Time Written: 20090120143001.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 1001
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés. Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système et les dernières entrées du registre d'aide.
Record Number: 4121
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090120143045.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 1000
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été chargés. Les données d'enregistrement dans la section des données contiennent les nouvelles valeurs d'index assignées à ce service.
Record Number: 4122
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090120143045.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 1000
Message: Application défaillante IEUser.exe, version 6.0.6001.18000, horodatage 0x47918f0e, module défaillant avgoff2k.dll, version 8.0.0.153, horodatage 0x4885e26d, code d’exception 0xc0000005, décalage d’erreur 0x000041e6, ID du processus 0x1610, heure de début de l’application 0x01c97b0afbacb83f.
Record Number: 4123
Source Name: Application Error
Time Written: 20090120143902.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Hersi
Event Code: 1001
Message: Récipient d’erreurs 858587434, type 1
Événement : APPCRASH
Réponse : Aucun
ID de CAB : 0
Signature du problème :
P1 : IEUser.exe
P2 : 6.0.6001.18000
P3 : 47918f0e
P4 : avgoff2k.dll
P5 : 8.0.0.153
P6 : 4885e26d
P7 : c0000005
P8 : 000041e6
P9 :
P10 :
Fichiers joints :
C:\Users\Hersi\AppData\Local\Temp\WER4F96.tmp.version.txt
Ces fichiers sont peut-être disponibles ici :
C:\Users\Hersi\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report107f6a08
Record Number: 4124
Source Name: Windows Error Reporting
Time Written: 20090120143918.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-Hersi
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys
Record Number: 5388
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.726977-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Hersi
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-HERSI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Compte dont les informations d’identification ont été utilisées :
Nom du compte : Hersi
Domaine du compte : PC-de-Hersi
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost
Informations sur le processus :
ID du processus : 0x390
Nom du processus : C:\Windows\System32\winlogon.exe
Informations sur le réseau :
Adresse du réseau : 127.0.0.1
Port : 0
Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 5389
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.867377-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Hersi
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-HERSI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Type d’ouverture de session : 2
Nouvelle ouverture de session :
ID de sécurité : S-1-5-21-3693962522-2374594360-1819107045-1000
Nom du compte : Hersi
Domaine du compte : PC-de-Hersi
ID d’ouverture de session : 0x4dcf6
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x390
Nom du processus : C:\Windows\System32\winlogon.exe
Informations sur le réseau :
Nom de la station de travail : PC-DE-HERSI
Adresse du réseau source : 127.0.0.1
Port source : 0
Informations détaillées sur l’authentification :
Processus d’ouverture de session : User32
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 5390
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.867377-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Hersi
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-HERSI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Type d’ouverture de session : 2
Nouvelle ouverture de session :
ID de sécurité : S-1-5-21-3693962522-2374594360-1819107045-1000
Nom du compte : Hersi
Domaine du compte : PC-de-Hersi
ID d’ouverture de session : 0x4dd13
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x390
Nom du processus : C:\Windows\System32\winlogon.exe
Informations sur le réseau :
Nom de la station de travail : PC-DE-HERSI
Adresse du réseau source : 127.0.0.1
Port source : 0
Informations détaillées sur l’authentification :
Processus d’ouverture de session : User32
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 5391
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.867377-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Hersi
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.
Sujet :
ID de sécurité : S-1-5-21-3693962522-2374594360-1819107045-1000
Nom du compte : Hersi
Domaine du compte : PC-de-Hersi
ID d’ouverture de session : 0x4dcf6
Privilèges : SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5392
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.867377-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
-----------------EOF-----------------
ET LOG.TEXT:
Logfile of random's system information tool 1.05 (written by random/random)
Run by Hersi at 2009-01-20 15:52:32
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 76 GB (49%) free of 154 GB
Total RAM: 3066 MB (62% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-29 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-20 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-29 2055960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-20 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-29 2055960]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-11-06 90112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-03 29744]
"Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-04-24 103824]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-12-15 184320]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-03-19 716800]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-04-26 716800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-29 1261336]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-01-06 185872]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2008-10-30 741376]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-10-17 69632]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-20 136600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-21 2153472]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-04-24 430080]
"BitTorrent DNA"=C:\Users\Hersi\Program Files\DNA\btdna.exe [2008-12-21 342848]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"AdobeBridge"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Users\Hersi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9149a920-d75e-11dd-9db2-001e68d0e28a}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\system.exe
shell\Explore\command - D:\system.exe
shell\Open\command - D:\system.exe
======File associations======
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 months======
2009-01-20 15:52:33 ----D---- C:\Program Files\trend micro
2009-01-20 15:52:32 ----D---- C:\rsit
2009-01-20 14:50:20 ----D---- C:\Program Files\Sun
2009-01-20 14:49:45 ----A---- C:\Windows\system32\javaws.exe
2009-01-20 14:49:45 ----A---- C:\Windows\system32\javaw.exe
2009-01-20 14:49:45 ----A---- C:\Windows\system32\java.exe
2009-01-20 14:48:46 ----SHD---- C:\Config.Msi
2009-01-20 08:35:57 ----D---- C:\Users\Hersi\AppData\Roaming\Template
2009-01-19 23:18:26 ----A---- C:\Windows\ntbtlog.txt
2009-01-19 21:05:21 ----A---- C:\Windows\system32\deploytk.dll
2009-01-19 13:05:04 ----D---- C:\Users\Hersi\AppData\Roaming\Malwarebytes
2009-01-19 13:04:51 ----D---- C:\ProgramData\Malwarebytes
2009-01-19 13:04:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 09:03:28 ----D---- C:\Users\Hersi\AppData\Roaming\BitDefender
2009-01-14 09:02:29 ----D---- C:\ProgramData\BitDefender
2009-01-14 09:02:29 ----D---- C:\Program Files\BitDefender
2009-01-14 09:01:37 ----D---- C:\Program Files\Common Files\BitDefender
2009-01-14 08:49:32 ----D---- C:\ProgramData\Norton
2009-01-14 08:41:53 ----D---- C:\ProgramData\NortonInstaller
2009-01-11 09:51:25 ----RSHD---- C:\resycled
2009-01-11 01:41:55 ----A---- C:\Windows\softokn3.dll
2009-01-11 01:41:55 ----A---- C:\Windows\plds4.dll
2009-01-11 01:41:55 ----A---- C:\Windows\plc4.dll
2009-01-11 01:41:55 ----A---- C:\Windows\nss3.dll
2009-01-11 01:41:55 ----A---- C:\Windows\nspr4.dll
2009-01-11 01:29:39 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-01-10 15:24:34 ----D---- C:\ProgramData\FLEXnet
2009-01-10 15:13:27 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-09 13:14:49 ----D---- C:\Users\Hersi\AppData\Roaming\Mozilla
2009-01-09 13:14:31 ----D---- C:\Program Files\Mozilla Firefox
2009-01-09 13:10:08 ----D---- C:\Users\Hersi\AppData\Roaming\Notepad++
2009-01-09 13:10:08 ----D---- C:\Program Files\Notepad++
2009-01-07 19:05:11 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-01-07 18:44:32 ----D---- C:\Users\Hersi\AppData\Roaming\Download Manager
2009-01-07 16:55:14 ----D---- C:\ProgramData\Macrovision
2009-01-06 21:13:46 ----D---- C:\Program Files\BetClic Poker
2009-01-06 19:54:01 ----D---- C:\Program Files\Common Files\xing shared
2009-01-06 19:53:55 ----A---- C:\Windows\system32\rmoc3260.dll
2009-01-06 19:53:49 ----A---- C:\Windows\system32\pndx5032.dll
2009-01-06 19:53:49 ----A---- C:\Windows\system32\pndx5016.dll
2009-01-06 19:53:48 ----D---- C:\Program Files\Real
2009-01-06 19:53:48 ----A---- C:\Windows\system32\pncrt.dll
2009-01-06 19:53:46 ----D---- C:\Program Files\Common Files\Real
2009-01-06 19:53:26 ----D---- C:\Users\Hersi\AppData\Roaming\Real
2009-01-02 22:22:20 ----D---- C:\ProgramData\Lavasoft
2009-01-02 22:22:20 ----D---- C:\Program Files\Lavasoft
2008-12-31 12:37:25 ----HD---- C:\$AVG8.VAULT$
2008-12-31 01:05:07 ----D---- C:\Users\Hersi\AppData\Roaming\aAvgApi
2008-12-29 21:53:35 ----D---- C:\Program Files\PokerStars
2008-12-29 18:12:20 ----D---- C:\Users\Hersi\AppData\Roaming\Apple Computer
2008-12-29 18:12:08 ----DC---- C:\Windows\system32\DRVSTORE
2008-12-29 18:12:08 ----A---- C:\Windows\system32\GEARAspi.dll
2008-12-29 18:12:00 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-29 18:12:00 ----D---- C:\Program Files\iPod
2008-12-29 18:11:59 ----D---- C:\Program Files\iTunes
2008-12-29 18:11:23 ----D---- C:\Program Files\Bonjour
2008-12-29 18:10:50 ----D---- C:\ProgramData\Apple Computer
2008-12-29 18:10:50 ----D---- C:\Program Files\QuickTime
2008-12-29 18:10:30 ----D---- C:\Program Files\Apple Software Update
2008-12-29 18:09:56 ----D---- C:\ProgramData\Apple
2008-12-29 18:09:56 ----D---- C:\Program Files\Common Files\Apple
2008-12-29 12:05:51 ----A---- C:\Windows\system32\avgrsstx.dll
2008-12-29 12:05:25 ----D---- C:\Program Files\AVG
2008-12-29 12:05:24 ----D---- C:\ProgramData\avg8
2008-12-23 14:03:30 ----D---- C:\Users\Hersi\AppData\Roaming\myphotobook
2008-12-23 13:30:56 ----D---- C:\ProgramData\WinZip
2008-12-23 13:30:52 ----D---- C:\Program Files\WinZip
2008-12-22 23:15:48 ----D---- C:\ProgramData\IsolatedStorage
2008-12-22 15:33:45 ----D---- C:\Users\Hersi\AppData\Roaming\dvdcss
2008-12-22 15:04:27 ----D---- C:\Program Files\WinamaxPoker
2008-12-22 11:45:40 ----D---- C:\Program Files\MSN Messenger
2008-12-22 10:57:03 ----D---- C:\Users\Hersi\AppData\Roaming\Adobe
2008-12-22 00:48:16 ----D---- C:\Users\Hersi\AppData\Roaming\vlc
2008-12-22 00:47:45 ----D---- C:\Program Files\VideoLAN
2008-12-21 23:49:13 ----D---- C:\Users\Hersi\AppData\Roaming\Macromedia
2008-12-21 20:47:06 ----A---- C:\Windows\system32\mshtml.dll
2008-12-21 20:43:07 ----A---- C:\Windows\system32\msshooks.dll
2008-12-21 20:43:02 ----A---- C:\Windows\system32\msscb.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-12-21 20:42:51 ----A---- C:\Windows\system32\propsys.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\propdefs.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\msstrc.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\mssprxy.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\mssitlb.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\msshsq.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\wsepno.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\thawbrkr.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\srchadmin.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\rtffilt.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\mimefilt.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\korwbrkr.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\xmlfilter.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\offfilt.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\nlhtml.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\msscntrs.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\chtbrkr.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\chsbrkr.dll
2008-12-21 20:42:48 ----A---- C:\Windows\system32\tquery.dll
2008-12-21 20:42:48 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-12-21 20:42:48 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-12-21 20:42:47 ----A---- C:\Windows\system32\mssvp.dll
2008-12-21 20:42:47 ----A---- C:\Windows\system32\mssrch.dll
2008-12-21 20:42:47 ----A---- C:\Windows\system32\mssphtb.dll
2008-12-21 20:42:47 ----A---- C:\Windows\system32\mssph.dll
2008-12-21 20:40:18 ----A---- C:\Windows\system32\tzres.dll
2008-12-21 20:34:49 ----A---- C:\Windows\system32\msxml3.dll
2008-12-21 20:34:48 ----A---- C:\Windows\system32\wmpeffects.dll
2008-12-21 20:34:47 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-12-21 20:34:44 ----A---- C:\Windows\explorer.exe
2008-12-21 20:34:32 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-12-21 20:34:30 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-12-21 20:34:17 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-12-21 19:40:19 ----A---- C:\Windows\system32\urlmon.dll
2008-12-21 19:40:19 ----A---- C:\Windows\system32\ieframe.dll
2008-12-21 19:40:17 ----A---- C:\Windows\system32\wininet.dll
2008-12-21 19:40:17 ----A---- C:\Windows\system32\iertutil.dll
2008-12-21 19:40:16 ----A---- C:\Windows\system32\mstime.dll
2008-12-21 19:40:14 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-21 19:40:11 ----A---- C:\Windows\system32\EncDec.dll
2008-12-21 19:40:05 ----A---- C:\Windows\system32\psisdecd.dll
2008-12-21 19:39:56 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-21 19:39:54 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-21 19:39:51 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-12-21 19:39:50 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-12-21 19:39:50 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-12-21 19:39:48 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-12-21 19:39:46 ----A---- C:\Windows\system32\rpcrt4.dll
2008-12-21 19:39:45 ----A---- C:\Windows\system32\pacerprf.dll
2008-12-21 19:39:41 ----A---- C:\Windows\system32\shell32.dll
2008-12-21 19:39:33 ----A---- C:\Windows\system32\es.dll
2008-12-21 19:39:32 ----A---- C:\Windows\system32\netapi32.dll
2008-12-21 19:39:31 ----A---- C:\Windows\system32\gdi32.dll
2008-12-21 19:39:26 ----A---- C:\Windows\system32\wersvc.dll
2008-12-21 19:39:26 ----A---- C:\Windows\system32\Faultrep.dll
2008-12-21 19:39:25 ----A---- C:\Windows\system32\win32spl.dll
2008-12-21 19:39:14 ----A---- C:\Windows\system32\emdmgmt.dll
2008-12-21 19:39:14 ----A---- C:\Windows\system32\dataclen.dll
2008-12-21 19:39:14 ----A---- C:\Windows\system32\cdd.dll
2008-12-21 19:34:26 ----A---- C:\Windows\system32\wshext.dll
2008-12-21 19:34:26 ----A---- C:\Windows\system32\wscript.exe
2008-12-21 19:34:26 ----A---- C:\Windows\system32\vbscript.dll
2008-12-21 19:34:26 ----A---- C:\Windows\system32\jscript.dll
2008-12-21 19:34:26 ----A---- C:\Windows\system32\cscript.exe
2008-12-21 19:34:25 ----A---- C:\Windows\system32\scrobj.dll
2008-12-21 19:34:24 ----A---- C:\Windows\system32\scrrun.dll
2008-12-21 19:34:22 ----A---- C:\Windows\system32\mf.dll
2008-12-21 19:34:21 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-21 19:34:19 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-21 19:34:19 ----A---- C:\Windows\system32\logagent.exe
2008-12-21 19:34:12 ----D---- C:\ProgramData\eMule
2008-12-21 19:33:48 ----A---- C:\Windows\system32\connect.dll
2008-12-21 19:33:47 ----A---- C:\Windows\system32\inetcomm.dll
2008-12-21 19:33:33 ----D---- C:\Program Files\eMule
2008-12-21 19:33:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-12-21 19:33:09 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-12-21 19:33:04 ----A---- C:\Windows\system32\msxml6.dll
2008-12-21 19:31:02 ----D---- C:\Users\Hersi\AppData\Roaming\BitTorrent
2008-12-21 19:30:44 ----D---- C:\Users\Hersi\AppData\Roaming\DNA
2008-12-21 19:30:44 ----D---- C:\Program Files\DNA
2008-12-21 19:30:43 ----D---- C:\Program Files\BitTorrent
2008-12-21 19:27:42 ----A---- C:\Windows\system32\wups2.dll
2008-12-21 19:27:42 ----A---- C:\Windows\system32\wucltux.dll
2008-12-21 19:27:42 ----A---- C:\Windows\system32\wuaueng.dll
2008-12-21 19:27:42 ----A---- C:\Windows\system32\wuauclt.exe
2008-12-21 19:26:48 ----A---- C:\Windows\system32\wups.dll
2008-12-21 19:26:48 ----A---- C:\Windows\system32\wudriver.dll
2008-12-21 19:26:48 ----A---- C:\Windows\system32\wuapi.dll
2008-12-21 19:26:30 ----A---- C:\Windows\system32\wuwebv.dll
2008-12-21 19:26:30 ----A---- C:\Windows\system32\wuapp.exe
2008-12-21 19:26:15 ----D---- C:\Users\Hersi\AppData\Roaming\Google
2008-12-21 19:09:34 ----D---- C:\Users\Hersi\AppData\Roaming\ATI
2008-12-21 19:09:34 ----D---- C:\ProgramData\ATI
2008-12-21 19:09:24 ----SHD---- C:\$RECYCLE.BIN
2008-12-21 19:09:07 ----D---- C:\Users\Hersi\AppData\Roaming\Identities
2008-12-21 19:03:35 ----D---- C:\ProgramData\ToshibaEurope
2008-12-21 19:02:57 ----D---- C:\Users\Hersi\AppData\Roaming\InstallShield
2008-12-21 19:02:52 ----SD---- C:\Users\Hersi\AppData\Roaming\Microsoft
2008-12-21 19:02:52 ----D---- C:\Users\Hersi\AppData\Roaming\Media Center Programs
2008-12-21 18:59:17 ----SHD---- C:\ProgramData\Modèles
2008-12-21 18:59:17 ----SHD---- C:\ProgramData\Menu Démarrer
2008-12-21 18:59:17 ----SHD---- C:\ProgramData\Favoris
2008-12-21 18:59:17 ----SHD---- C:\ProgramData\Bureau
2008-12-21 18:59:17 ----SHD---- C:\Program Files\Fichiers communs
2008-12-21 18:57:06 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-21 18:56:56 ----D---- C:\Program Files\Common Files\Toshiba Shared
2008-12-21 18:55:13 ----D---- C:\Windows\system32\en
2008-12-21 18:54:33 ----D---- C:\Program Files\Camera Assistant Software for Toshiba
2008-12-21 18:54:19 ----D---- C:\Program Files\Apoint2K
2008-12-21 18:49:09 ----D---- C:\Program Files\ATI Technologies
2008-12-21 18:48:50 ----D---- C:\Program Files\ATI
2008-12-21 18:48:32 ----D---- C:\Windows\system32\FRA
2008-12-21 18:48:31 ----A---- C:\Windows\system32\imsmudlg.exe
2008-12-21 18:47:13 ----D---- C:\Windows\SoftwareDistribution
======List of files/folders modified in the last 1 months======
2009-01-20 15:52:52 ----D---- C:\Windows\Temp
2009-01-20 15:52:33 ----D---- C:\Windows\Prefetch
2009-01-20 15:52:33 ----D---- C:\Program Files
2009-01-20 15:30:45 ----D---- C:\Windows\System32
2009-01-20 15:30:45 ----D---- C:\Windows\inf
2009-01-20 15:30:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-20 14:50:22 ----SHD---- C:\Windows\Installer
2009-01-20 14:50:04 ----SHD---- C:\System Volume Information
2009-01-20 14:49:24 ----D---- C:\Program Files\Java
2009-01-20 13:22:56 ----D---- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
2009-01-20 13:22:24 ----SHD---- C:\Boot
2009-01-19 23:18:26 ----D---- C:\Windows
2009-01-19 19:34:48 ----D---- C:\Windows\winsxs
2009-01-19 19:34:25 ----D---- C:\Windows\system32\drivers
2009-01-19 19:34:10 ----D---- C:\Windows\system32\catroot
2009-01-19 19:03:56 ----D---- C:\Windows\system32\Msdtc
2009-01-19 19:03:45 ----D---- C:\Windows\system32\wbem
2009-01-19 19:02:25 ----D---- C:\Windows\system32\config
2009-01-19 19:01:28 ----D---- C:\Windows\Tasks
2009-01-19 19:01:28 ----D---- C:\Windows\system32\spool
2009-01-19 19:01:28 ----D---- C:\Windows\system32\CodeIntegrity
2009-01-19 19:01:28 ----D---- C:\Windows\system32\catroot2
2009-01-19 19:01:27 ----SD---- C:\Windows\Downloaded Program Files
2009-01-19 19:01:15 ----D---- C:\Program Files\Common Files
2009-01-19 19:01:09 ----D---- C:\Program Files\Adobe
2009-01-19 19:00:55 ----D---- C:\Windows\registration
2009-01-19 14:26:47 ----D---- C:\Windows\Logs
2009-01-19 13:04:51 ----HD---- C:\ProgramData
2009-01-14 22:15:13 ----D---- C:\ProgramData\Adobe
2009-01-11 14:04:31 ----D---- C:\Program Files\Common Files\Adobe
2009-01-11 12:37:11 ----D---- C:\Windows\system32\WDI
2009-01-11 01:42:19 ----D---- C:\Windows\system32\Tasks
2009-01-10 15:55:35 ----D---- C:\Windows\system32\Macromed
2009-01-08 19:16:33 ----D---- C:\Windows\Debug
2009-01-07 16:52:37 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-02 22:21:45 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-29 18:11:12 ----D---- C:\Program Files\Internet Explorer
2008-12-29 12:27:41 ----D---- C:\Windows\system32\LogFiles
2008-12-29 12:02:06 ----D---- C:\ProgramData\McAfee
2008-12-28 20:40:26 ----D---- C:\ProgramData\Microsoft Help
2008-12-28 20:37:50 ----RSD---- C:\Windows\assembly
2008-12-28 20:35:06 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-22 18:59:47 ----D---- C:\Windows\rescache
2008-12-21 23:49:01 ----D---- C:\Program Files\Google
2008-12-21 23:07:16 ----SD---- C:\ProgramData\Microsoft
2008-12-21 20:57:25 ----D---- C:\Windows\Microsoft.NET
2008-12-21 20:50:07 ----D---- C:\Windows\system32\fr-FR
2008-12-21 20:50:04 ----D---- C:\Windows\ehome
2008-12-21 20:50:04 ----D---- C:\Program Files\Windows Mail
2008-12-21 20:49:58 ----D---- C:\Windows\AppPatch
2008-12-21 20:49:55 ----D---- C:\Windows\PolicyDefinitions
2008-12-21 20:49:49 ----D---- C:\Windows\system32\migration
2008-12-21 20:37:47 ----HD---- C:\Windows\msdownld.tmp
2008-12-21 19:26:50 ----D---- C:\ProgramData\Google
2008-12-21 19:09:46 ----D---- C:\Toshiba
2008-12-21 19:02:49 ----RD---- C:\Users
2008-12-21 18:59:17 ----D---- C:\Program Files\Windows NT
2008-12-21 18:57:40 ----D---- C:\Program Files\Toshiba
2008-12-21 18:56:57 ----D---- C:\ProgramData\Toshiba
2008-12-21 18:55:17 ----D---- C:\Windows\system32\tr
2008-12-21 18:55:17 ----D---- C:\Windows\system32\sv
2008-12-21 18:55:17 ----D---- C:\Windows\system32\ru
2008-12-21 18:55:17 ----D---- C:\Windows\system32\pt
2008-12-21 18:55:17 ----D---- C:\Windows\system32\pl
2008-12-21 18:55:17 ----D---- C:\Windows\system32\no
2008-12-21 18:55:17 ----D---- C:\Windows\system32\nl
2008-12-21 18:55:17 ----D---- C:\Windows\system32\it
2008-12-21 18:55:17 ----D---- C:\Windows\system32\hu
2008-12-21 18:55:17 ----D---- C:\Windows\system32\fr
2008-12-21 18:55:17 ----D---- C:\Windows\system32\fi
2008-12-21 18:55:17 ----D---- C:\Windows\system32\es
2008-12-21 18:55:17 ----D---- C:\Windows\system32\el
2008-12-21 18:55:17 ----D---- C:\Windows\system32\de
2008-12-21 18:55:17 ----D---- C:\Windows\system32\da
2008-12-21 18:55:17 ----D---- C:\Windows\system32\cs
2008-12-21 18:55:16 ----D---- C:\Windows\system32\zh-TW
2008-12-21 18:55:16 ----D---- C:\Windows\system32\sk
2008-12-21 18:55:13 ----D---- C:\Windows\system32\zh-CN
2008-12-21 18:55:13 ----D---- C:\Windows\system32\ko-KR
2008-12-21 18:55:13 ----D---- C:\Windows\system32\ja-JP
2008-12-21 18:54:01 ----D---- C:\Windows\system32\restore
2008-12-21 18:52:31 ----D---- C:\Windows\Panther
2008-12-21 18:51:58 ----D---- C:\Windows\system32\Lang
2008-12-21 18:48:31 ----D---- C:\Program Files\Intel
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-12-29 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-12-29 26824]
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2008-10-07 135944]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-09-04 82440]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-11-27 164400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-04-08 3548672]
R3 bdfm;BDFM; C:\Windows\system32\drivers\bdfm.sys [2008-09-18 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-10-17 104328]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2008-09-18 230920]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys [2008-02-26 8448]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-04-04 310272]
S3 AvgWfpX;AVG Free8 Firewall Driver x86; C:\Windows\System32\Drivers\avgwfpx.sys [2008-12-29 69128]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2008-09-02 13056]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2007-07-10 36736]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
Bon jai retelechargé Java et ça remarche. Jai telechargé Hijackthis et voici el rapport:
info.txt:
info.txt logfile of random's system information tool 1.05 2009-01-20 15:52:57
======Uninstall list======
-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS4-->C:\Program Files\Common Files\Adobe\Installers\acce07fd2c8fe7f9e3f26243e626578\Setup.exe --uninstall=1
Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash CS4 Extension - Flash Lite STI fr-->MsiExec.exe /I{BD423B54-8668-44B6-8610-D24514445E88}
Adobe Flash CS4 Professional-->C:\Program Files\Common Files\Adobe\Installers\a68eec966ce913ddaa63251dc82ed31\Setup.exe --uninstall=1
Adobe Flash CS4 STI-fr-->MsiExec.exe /I{48F9998C-3BA0-42D3-82E6-5882441EB8CE}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{3A6829EF-0791-4FDD-9382-C690DD0821B9}
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x40c
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}
Adobe Setup-->MsiExec.exe /I{EED50C97-C79E-4149-BD82-7C5A22437708}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BetClic Poker-->C:\PROGRA~1\BETCLI~1\UNWISE.EXE C:\PROGRA~1\BETCLI~1\INSTALL.LOG
BitDefender Total Security 2009-->MsiExec.exe /X{C731ACA8-EEE2-4B5A-9838-41D0AAD080C8}
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c
Catalyst Control Center - Branding-->MsiExec.exe /I{69E5255D-9D43-4CFF-8984-843ABD7753B7}
Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ITE1HERza.INF
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179\UIU32m.exe -U -ITE1HERzm.INF
HDMI Control Manager-->C:\Program Files\InstallShield Installation Information\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}\setup.exe -runfromtemp -l0x040c -removeonly
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Manuels TOSHIBA-->C:\Program Files\InstallShield Installation Information\{5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}\setup.exe -runfromtemp -l0x040c -removeonly
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
myphotobook 3.6-->C:\Program Files\myphotobook\uninst.exe
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
O2Micro Flash Memory Card Reader Driver (x86)-->MsiExec.exe /X{156E98D0-1AEC-4013-A41A-94A1A01BFD68}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Réducteur de bruit du lecteur de CD/DVD-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x040c -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c
TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x040c -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B}
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B} /l1036
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{491DD193-1B57-4D1C-8B14-18B96992A89F} /l1036
Toshiba TEMPRO-->MsiExec.exe /X{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x040c
TRDCReminder-->C:\Program Files\InstallShield Installation Information\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\setup.exe -runfromtemp -l0x040c
TRORDCLauncher-->C:\Program Files\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe -runfromtemp -l0x040c
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
VLC media player 0.9.8a-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamax Poker (remove only)-->"C:\Program Files\WinamaxPoker\uninst.exe"
Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}
======Security center information======
AV: AVG (outdated)
AV: BitDefender Antivirus (outdated)
FW: Pare-feu BitDefender
AS: BitDefender AntiSpam
AS: AVG (disabled) (outdated)
AS: Windows Defender
System event log
Computer Name: PC-de-Hersi
Event Code: 7036
Message: Le service Gestionnaire de connexions d'accès distant est entré dans l'état : en cours d'exécution.
Record Number: 19138
Source Name: Service Control Manager
Time Written: 20090120142938.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 7036
Message: Le service Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration est entré dans l'état : arrêté.
Record Number: 19139
Source Name: Service Control Manager
Time Written: 20090120142941.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 10029
Message: DCOM a démarré le service usnjsvc avec les arguments « » de façon à exécuter le serveur :
{98AC5C33-EE18-4EC2-BE25-3B16EE8F75F1}
Record Number: 19140
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090120143000.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 7036
Message: Le service Service Messenger Sharing Folders USN Journal Reader est entré dans l'état : en cours d'exécution.
Record Number: 19141
Source Name: Service Control Manager
Time Written: 20090120143000.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté.
Record Number: 19142
Source Name: Service Control Manager
Time Written: 20090120144606.000000-000
Event Type: Information
User:
Application event log
Computer Name: PC-de-Hersi
Event Code: 302
Message: msnmsgr (4032) \\.\C:\Users\Hersi\AppData\Local\Microsoft\Messenger\hersiliarodriguez@hotmail.com\SharingMetadata\Working\database_E638_A82F_38A7_FCA5\dfsr.db: Le moteur de la base de données a terminé les étapes de récupération avec succès.
Record Number: 4120
Source Name: ESENT
Time Written: 20090120143001.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 1001
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés. Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système et les dernières entrées du registre d'aide.
Record Number: 4121
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090120143045.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 1000
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été chargés. Les données d'enregistrement dans la section des données contiennent les nouvelles valeurs d'index assignées à ce service.
Record Number: 4122
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090120143045.000000-000
Event Type: Information
User:
Computer Name: PC-de-Hersi
Event Code: 1000
Message: Application défaillante IEUser.exe, version 6.0.6001.18000, horodatage 0x47918f0e, module défaillant avgoff2k.dll, version 8.0.0.153, horodatage 0x4885e26d, code d’exception 0xc0000005, décalage d’erreur 0x000041e6, ID du processus 0x1610, heure de début de l’application 0x01c97b0afbacb83f.
Record Number: 4123
Source Name: Application Error
Time Written: 20090120143902.000000-000
Event Type: Erreur
User:
Computer Name: PC-de-Hersi
Event Code: 1001
Message: Récipient d’erreurs 858587434, type 1
Événement : APPCRASH
Réponse : Aucun
ID de CAB : 0
Signature du problème :
P1 : IEUser.exe
P2 : 6.0.6001.18000
P3 : 47918f0e
P4 : avgoff2k.dll
P5 : 8.0.0.153
P6 : 4885e26d
P7 : c0000005
P8 : 000041e6
P9 :
P10 :
Fichiers joints :
C:\Users\Hersi\AppData\Local\Temp\WER4F96.tmp.version.txt
Ces fichiers sont peut-être disponibles ici :
C:\Users\Hersi\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report107f6a08
Record Number: 4124
Source Name: Windows Error Reporting
Time Written: 20090120143918.000000-000
Event Type: Information
User:
Security event log
Computer Name: PC-de-Hersi
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.
Nom du fichier : \Device\HarddiskVolume2\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys
Record Number: 5388
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.726977-000
Event Type: Échec de l'audit
User:
Computer Name: PC-de-Hersi
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-HERSI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Compte dont les informations d’identification ont été utilisées :
Nom du compte : Hersi
Domaine du compte : PC-de-Hersi
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost
Informations sur le processus :
ID du processus : 0x390
Nom du processus : C:\Windows\System32\winlogon.exe
Informations sur le réseau :
Adresse du réseau : 127.0.0.1
Port : 0
Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 5389
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.867377-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Hersi
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-HERSI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Type d’ouverture de session : 2
Nouvelle ouverture de session :
ID de sécurité : S-1-5-21-3693962522-2374594360-1819107045-1000
Nom du compte : Hersi
Domaine du compte : PC-de-Hersi
ID d’ouverture de session : 0x4dcf6
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x390
Nom du processus : C:\Windows\System32\winlogon.exe
Informations sur le réseau :
Nom de la station de travail : PC-DE-HERSI
Adresse du réseau source : 127.0.0.1
Port source : 0
Informations détaillées sur l’authentification :
Processus d’ouverture de session : User32
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 5390
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.867377-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Hersi
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.
Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-HERSI$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
Type d’ouverture de session : 2
Nouvelle ouverture de session :
ID de sécurité : S-1-5-21-3693962522-2374594360-1819107045-1000
Nom du compte : Hersi
Domaine du compte : PC-de-Hersi
ID d’ouverture de session : 0x4dd13
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}
Informations sur le processus :
ID du processus : 0x390
Nom du processus : C:\Windows\System32\winlogon.exe
Informations sur le réseau :
Nom de la station de travail : PC-DE-HERSI
Adresse du réseau source : 127.0.0.1
Port source : 0
Informations détaillées sur l’authentification :
Processus d’ouverture de session : User32
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0
Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.
Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.
Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).
Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.
Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.
Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 5391
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.867377-000
Event Type: Succès de l'audit
User:
Computer Name: PC-de-Hersi
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.
Sujet :
ID de sécurité : S-1-5-21-3693962522-2374594360-1819107045-1000
Nom du compte : Hersi
Domaine du compte : PC-de-Hersi
ID d’ouverture de session : 0x4dcf6
Privilèges : SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5392
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090120141127.867377-000
Event Type: Succès de l'audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
-----------------EOF-----------------
ET LOG.TEXT:
Logfile of random's system information tool 1.05 (written by random/random)
Run by Hersi at 2009-01-20 15:52:32
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 76 GB (49%) free of 154 GB
Total RAM: 3066 MB (62% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-29 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-20 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-29 2055960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-20 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-12-29 2055960]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2008-11-06 90112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START []
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-03 29744]
"Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-04-24 103824]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-12-15 184320]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-03-19 716800]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-04-26 716800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-29 1261336]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-01-06 185872]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2008-10-30 741376]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2008-10-17 69632]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-20 136600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-21 2153472]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-04-24 430080]
"BitTorrent DNA"=C:\Users\Hersi\Program Files\DNA\btdna.exe [2008-12-21 342848]
"MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
"AdobeBridge"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Users\Hersi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TRDCReminder.lnk - C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9149a920-d75e-11dd-9db2-001e68d0e28a}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\system.exe
shell\Explore\command - D:\system.exe
shell\Open\command - D:\system.exe
======File associations======
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"
======List of files/folders created in the last 1 months======
2009-01-20 15:52:33 ----D---- C:\Program Files\trend micro
2009-01-20 15:52:32 ----D---- C:\rsit
2009-01-20 14:50:20 ----D---- C:\Program Files\Sun
2009-01-20 14:49:45 ----A---- C:\Windows\system32\javaws.exe
2009-01-20 14:49:45 ----A---- C:\Windows\system32\javaw.exe
2009-01-20 14:49:45 ----A---- C:\Windows\system32\java.exe
2009-01-20 14:48:46 ----SHD---- C:\Config.Msi
2009-01-20 08:35:57 ----D---- C:\Users\Hersi\AppData\Roaming\Template
2009-01-19 23:18:26 ----A---- C:\Windows\ntbtlog.txt
2009-01-19 21:05:21 ----A---- C:\Windows\system32\deploytk.dll
2009-01-19 13:05:04 ----D---- C:\Users\Hersi\AppData\Roaming\Malwarebytes
2009-01-19 13:04:51 ----D---- C:\ProgramData\Malwarebytes
2009-01-19 13:04:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-14 09:03:28 ----D---- C:\Users\Hersi\AppData\Roaming\BitDefender
2009-01-14 09:02:29 ----D---- C:\ProgramData\BitDefender
2009-01-14 09:02:29 ----D---- C:\Program Files\BitDefender
2009-01-14 09:01:37 ----D---- C:\Program Files\Common Files\BitDefender
2009-01-14 08:49:32 ----D---- C:\ProgramData\Norton
2009-01-14 08:41:53 ----D---- C:\ProgramData\NortonInstaller
2009-01-11 09:51:25 ----RSHD---- C:\resycled
2009-01-11 01:41:55 ----A---- C:\Windows\softokn3.dll
2009-01-11 01:41:55 ----A---- C:\Windows\plds4.dll
2009-01-11 01:41:55 ----A---- C:\Windows\plc4.dll
2009-01-11 01:41:55 ----A---- C:\Windows\nss3.dll
2009-01-11 01:41:55 ----A---- C:\Windows\nspr4.dll
2009-01-11 01:29:39 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-01-10 15:24:34 ----D---- C:\ProgramData\FLEXnet
2009-01-10 15:13:27 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-09 13:14:49 ----D---- C:\Users\Hersi\AppData\Roaming\Mozilla
2009-01-09 13:14:31 ----D---- C:\Program Files\Mozilla Firefox
2009-01-09 13:10:08 ----D---- C:\Users\Hersi\AppData\Roaming\Notepad++
2009-01-09 13:10:08 ----D---- C:\Program Files\Notepad++
2009-01-07 19:05:11 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2009-01-07 18:44:32 ----D---- C:\Users\Hersi\AppData\Roaming\Download Manager
2009-01-07 16:55:14 ----D---- C:\ProgramData\Macrovision
2009-01-06 21:13:46 ----D---- C:\Program Files\BetClic Poker
2009-01-06 19:54:01 ----D---- C:\Program Files\Common Files\xing shared
2009-01-06 19:53:55 ----A---- C:\Windows\system32\rmoc3260.dll
2009-01-06 19:53:49 ----A---- C:\Windows\system32\pndx5032.dll
2009-01-06 19:53:49 ----A---- C:\Windows\system32\pndx5016.dll
2009-01-06 19:53:48 ----D---- C:\Program Files\Real
2009-01-06 19:53:48 ----A---- C:\Windows\system32\pncrt.dll
2009-01-06 19:53:46 ----D---- C:\Program Files\Common Files\Real
2009-01-06 19:53:26 ----D---- C:\Users\Hersi\AppData\Roaming\Real
2009-01-02 22:22:20 ----D---- C:\ProgramData\Lavasoft
2009-01-02 22:22:20 ----D---- C:\Program Files\Lavasoft
2008-12-31 12:37:25 ----HD---- C:\$AVG8.VAULT$
2008-12-31 01:05:07 ----D---- C:\Users\Hersi\AppData\Roaming\aAvgApi
2008-12-29 21:53:35 ----D---- C:\Program Files\PokerStars
2008-12-29 18:12:20 ----D---- C:\Users\Hersi\AppData\Roaming\Apple Computer
2008-12-29 18:12:08 ----DC---- C:\Windows\system32\DRVSTORE
2008-12-29 18:12:08 ----A---- C:\Windows\system32\GEARAspi.dll
2008-12-29 18:12:00 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-29 18:12:00 ----D---- C:\Program Files\iPod
2008-12-29 18:11:59 ----D---- C:\Program Files\iTunes
2008-12-29 18:11:23 ----D---- C:\Program Files\Bonjour
2008-12-29 18:10:50 ----D---- C:\ProgramData\Apple Computer
2008-12-29 18:10:50 ----D---- C:\Program Files\QuickTime
2008-12-29 18:10:30 ----D---- C:\Program Files\Apple Software Update
2008-12-29 18:09:56 ----D---- C:\ProgramData\Apple
2008-12-29 18:09:56 ----D---- C:\Program Files\Common Files\Apple
2008-12-29 12:05:51 ----A---- C:\Windows\system32\avgrsstx.dll
2008-12-29 12:05:25 ----D---- C:\Program Files\AVG
2008-12-29 12:05:24 ----D---- C:\ProgramData\avg8
2008-12-23 14:03:30 ----D---- C:\Users\Hersi\AppData\Roaming\myphotobook
2008-12-23 13:30:56 ----D---- C:\ProgramData\WinZip
2008-12-23 13:30:52 ----D---- C:\Program Files\WinZip
2008-12-22 23:15:48 ----D---- C:\ProgramData\IsolatedStorage
2008-12-22 15:33:45 ----D---- C:\Users\Hersi\AppData\Roaming\dvdcss
2008-12-22 15:04:27 ----D---- C:\Program Files\WinamaxPoker
2008-12-22 11:45:40 ----D---- C:\Program Files\MSN Messenger
2008-12-22 10:57:03 ----D---- C:\Users\Hersi\AppData\Roaming\Adobe
2008-12-22 00:48:16 ----D---- C:\Users\Hersi\AppData\Roaming\vlc
2008-12-22 00:47:45 ----D---- C:\Program Files\VideoLAN
2008-12-21 23:49:13 ----D---- C:\Users\Hersi\AppData\Roaming\Macromedia
2008-12-21 20:47:06 ----A---- C:\Windows\system32\mshtml.dll
2008-12-21 20:43:07 ----A---- C:\Windows\system32\msshooks.dll
2008-12-21 20:43:02 ----A---- C:\Windows\system32\msscb.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-12-21 20:42:51 ----A---- C:\Windows\system32\propsys.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\propdefs.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\msstrc.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\mssprxy.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\mssitlb.dll
2008-12-21 20:42:51 ----A---- C:\Windows\system32\msshsq.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\wsepno.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\thawbrkr.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\srchadmin.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\rtffilt.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\mimefilt.dll
2008-12-21 20:42:50 ----A---- C:\Windows\system32\korwbrkr.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\xmlfilter.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\offfilt.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\nlhtml.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\msscntrs.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\chtbrkr.dll
2008-12-21 20:42:49 ----A---- C:\Windows\system32\chsbrkr.dll
2008-12-21 20:42:48 ----A---- C:\Windows\system32\tquery.dll
2008-12-21 20:42:48 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-12-21 20:42:48 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-12-21 20:42:47 ----A---- C:\Windows\system32\mssvp.dll
2008-12-21 20:42:47 ----A---- C:\Windows\system32\mssrch.dll
2008-12-21 20:42:47 ----A---- C:\Windows\system32\mssphtb.dll
2008-12-21 20:42:47 ----A---- C:\Windows\system32\mssph.dll
2008-12-21 20:40:18 ----A---- C:\Windows\system32\tzres.dll
2008-12-21 20:34:49 ----A---- C:\Windows\system32\msxml3.dll
2008-12-21 20:34:48 ----A---- C:\Windows\system32\wmpeffects.dll
2008-12-21 20:34:47 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-12-21 20:34:44 ----A---- C:\Windows\explorer.exe
2008-12-21 20:34:32 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-12-21 20:34:30 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-12-21 20:34:17 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-12-21 19:40:19 ----A---- C:\Windows\system32\urlmon.dll
2008-12-21 19:40:19 ----A---- C:\Windows\system32\ieframe.dll
2008-12-21 19:40:17 ----A---- C:\Windows\system32\wininet.dll
2008-12-21 19:40:17 ----A---- C:\Windows\system32\iertutil.dll
2008-12-21 19:40:16 ----A---- C:\Windows\system32\mstime.dll
2008-12-21 19:40:14 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-21 19:40:11 ----A---- C:\Windows\system32\EncDec.dll
2008-12-21 19:40:05 ----A---- C:\Windows\system32\psisdecd.dll
2008-12-21 19:39:56 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-21 19:39:54 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-21 19:39:51 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-12-21 19:39:50 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-12-21 19:39:50 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-12-21 19:39:48 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-12-21 19:39:46 ----A---- C:\Windows\system32\rpcrt4.dll
2008-12-21 19:39:45 ----A---- C:\Windows\system32\pacerprf.dll
2008-12-21 19:39:41 ----A---- C:\Windows\system32\shell32.dll
2008-12-21 19:39:33 ----A---- C:\Windows\system32\es.dll
2008-12-21 19:39:32 ----A---- C:\Windows\system32\netapi32.dll
2008-12-21 19:39:31 ----A---- C:\Windows\system32\gdi32.dll
2008-12-21 19:39:26 ----A---- C:\Windows\system32\wersvc.dll
2008-12-21 19:39:26 ----A---- C:\Windows\system32\Faultrep.dll
2008-12-21 19:39:25 ----A---- C:\Windows\system32\win32spl.dll
2008-12-21 19:39:14 ----A---- C:\Windows\system32\emdmgmt.dll
2008-12-21 19:39:14 ----A---- C:\Windows\system32\dataclen.dll
2008-12-21 19:39:14 ----A---- C:\Windows\system32\cdd.dll
2008-12-21 19:34:26 ----A---- C:\Windows\system32\wshext.dll
2008-12-21 19:34:26 ----A---- C:\Windows\system32\wscript.exe
2008-12-21 19:34:26 ----A---- C:\Windows\system32\vbscript.dll
2008-12-21 19:34:26 ----A---- C:\Windows\system32\jscript.dll
2008-12-21 19:34:26 ----A---- C:\Windows\system32\cscript.exe
2008-12-21 19:34:25 ----A---- C:\Windows\system32\scrobj.dll
2008-12-21 19:34:24 ----A---- C:\Windows\system32\scrrun.dll
2008-12-21 19:34:22 ----A---- C:\Windows\system32\mf.dll
2008-12-21 19:34:21 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-21 19:34:19 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-21 19:34:19 ----A---- C:\Windows\system32\logagent.exe
2008-12-21 19:34:12 ----D---- C:\ProgramData\eMule
2008-12-21 19:33:48 ----A---- C:\Windows\system32\connect.dll
2008-12-21 19:33:47 ----A---- C:\Windows\system32\inetcomm.dll
2008-12-21 19:33:33 ----D---- C:\Program Files\eMule
2008-12-21 19:33:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-12-21 19:33:09 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-12-21 19:33:04 ----A---- C:\Windows\system32\msxml6.dll
2008-12-21 19:31:02 ----D---- C:\Users\Hersi\AppData\Roaming\BitTorrent
2008-12-21 19:30:44 ----D---- C:\Users\Hersi\AppData\Roaming\DNA
2008-12-21 19:30:44 ----D---- C:\Program Files\DNA
2008-12-21 19:30:43 ----D---- C:\Program Files\BitTorrent
2008-12-21 19:27:42 ----A---- C:\Windows\system32\wups2.dll
2008-12-21 19:27:42 ----A---- C:\Windows\system32\wucltux.dll
2008-12-21 19:27:42 ----A---- C:\Windows\system32\wuaueng.dll
2008-12-21 19:27:42 ----A---- C:\Windows\system32\wuauclt.exe
2008-12-21 19:26:48 ----A---- C:\Windows\system32\wups.dll
2008-12-21 19:26:48 ----A---- C:\Windows\system32\wudriver.dll
2008-12-21 19:26:48 ----A---- C:\Windows\system32\wuapi.dll
2008-12-21 19:26:30 ----A---- C:\Windows\system32\wuwebv.dll
2008-12-21 19:26:30 ----A---- C:\Windows\system32\wuapp.exe
2008-12-21 19:26:15 ----D---- C:\Users\Hersi\AppData\Roaming\Google
2008-12-21 19:09:34 ----D---- C:\Users\Hersi\AppData\Roaming\ATI
2008-12-21 19:09:34 ----D---- C:\ProgramData\ATI
2008-12-21 19:09:24 ----SHD---- C:\$RECYCLE.BIN
2008-12-21 19:09:07 ----D---- C:\Users\Hersi\AppData\Roaming\Identities
2008-12-21 19:03:35 ----D---- C:\ProgramData\ToshibaEurope
2008-12-21 19:02:57 ----D---- C:\Users\Hersi\AppData\Roaming\InstallShield
2008-12-21 19:02:52 ----SD---- C:\Users\Hersi\AppData\Roaming\Microsoft
2008-12-21 19:02:52 ----D---- C:\Users\Hersi\AppData\Roaming\Media Center Programs
2008-12-21 18:59:17 ----SHD---- C:\ProgramData\Modèles
2008-12-21 18:59:17 ----SHD---- C:\ProgramData\Menu Démarrer
2008-12-21 18:59:17 ----SHD---- C:\ProgramData\Favoris
2008-12-21 18:59:17 ----SHD---- C:\ProgramData\Bureau
2008-12-21 18:59:17 ----SHD---- C:\Program Files\Fichiers communs
2008-12-21 18:57:06 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-21 18:56:56 ----D---- C:\Program Files\Common Files\Toshiba Shared
2008-12-21 18:55:13 ----D---- C:\Windows\system32\en
2008-12-21 18:54:33 ----D---- C:\Program Files\Camera Assistant Software for Toshiba
2008-12-21 18:54:19 ----D---- C:\Program Files\Apoint2K
2008-12-21 18:49:09 ----D---- C:\Program Files\ATI Technologies
2008-12-21 18:48:50 ----D---- C:\Program Files\ATI
2008-12-21 18:48:32 ----D---- C:\Windows\system32\FRA
2008-12-21 18:48:31 ----A---- C:\Windows\system32\imsmudlg.exe
2008-12-21 18:47:13 ----D---- C:\Windows\SoftwareDistribution
======List of files/folders modified in the last 1 months======
2009-01-20 15:52:52 ----D---- C:\Windows\Temp
2009-01-20 15:52:33 ----D---- C:\Windows\Prefetch
2009-01-20 15:52:33 ----D---- C:\Program Files
2009-01-20 15:30:45 ----D---- C:\Windows\System32
2009-01-20 15:30:45 ----D---- C:\Windows\inf
2009-01-20 15:30:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-01-20 14:50:22 ----SHD---- C:\Windows\Installer
2009-01-20 14:50:04 ----SHD---- C:\System Volume Information
2009-01-20 14:49:24 ----D---- C:\Program Files\Java
2009-01-20 13:22:56 ----D---- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
2009-01-20 13:22:24 ----SHD---- C:\Boot
2009-01-19 23:18:26 ----D---- C:\Windows
2009-01-19 19:34:48 ----D---- C:\Windows\winsxs
2009-01-19 19:34:25 ----D---- C:\Windows\system32\drivers
2009-01-19 19:34:10 ----D---- C:\Windows\system32\catroot
2009-01-19 19:03:56 ----D---- C:\Windows\system32\Msdtc
2009-01-19 19:03:45 ----D---- C:\Windows\system32\wbem
2009-01-19 19:02:25 ----D---- C:\Windows\system32\config
2009-01-19 19:01:28 ----D---- C:\Windows\Tasks
2009-01-19 19:01:28 ----D---- C:\Windows\system32\spool
2009-01-19 19:01:28 ----D---- C:\Windows\system32\CodeIntegrity
2009-01-19 19:01:28 ----D---- C:\Windows\system32\catroot2
2009-01-19 19:01:27 ----SD---- C:\Windows\Downloaded Program Files
2009-01-19 19:01:15 ----D---- C:\Program Files\Common Files
2009-01-19 19:01:09 ----D---- C:\Program Files\Adobe
2009-01-19 19:00:55 ----D---- C:\Windows\registration
2009-01-19 14:26:47 ----D---- C:\Windows\Logs
2009-01-19 13:04:51 ----HD---- C:\ProgramData
2009-01-14 22:15:13 ----D---- C:\ProgramData\Adobe
2009-01-11 14:04:31 ----D---- C:\Program Files\Common Files\Adobe
2009-01-11 12:37:11 ----D---- C:\Windows\system32\WDI
2009-01-11 01:42:19 ----D---- C:\Windows\system32\Tasks
2009-01-10 15:55:35 ----D---- C:\Windows\system32\Macromed
2009-01-08 19:16:33 ----D---- C:\Windows\Debug
2009-01-07 16:52:37 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-02 22:21:45 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-29 18:11:12 ----D---- C:\Program Files\Internet Explorer
2008-12-29 12:27:41 ----D---- C:\Windows\system32\LogFiles
2008-12-29 12:02:06 ----D---- C:\ProgramData\McAfee
2008-12-28 20:40:26 ----D---- C:\ProgramData\Microsoft Help
2008-12-28 20:37:50 ----RSD---- C:\Windows\assembly
2008-12-28 20:35:06 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-22 18:59:47 ----D---- C:\Windows\rescache
2008-12-21 23:49:01 ----D---- C:\Program Files\Google
2008-12-21 23:07:16 ----SD---- C:\ProgramData\Microsoft
2008-12-21 20:57:25 ----D---- C:\Windows\Microsoft.NET
2008-12-21 20:50:07 ----D---- C:\Windows\system32\fr-FR
2008-12-21 20:50:04 ----D---- C:\Windows\ehome
2008-12-21 20:50:04 ----D---- C:\Program Files\Windows Mail
2008-12-21 20:49:58 ----D---- C:\Windows\AppPatch
2008-12-21 20:49:55 ----D---- C:\Windows\PolicyDefinitions
2008-12-21 20:49:49 ----D---- C:\Windows\system32\migration
2008-12-21 20:37:47 ----HD---- C:\Windows\msdownld.tmp
2008-12-21 19:26:50 ----D---- C:\ProgramData\Google
2008-12-21 19:09:46 ----D---- C:\Toshiba
2008-12-21 19:02:49 ----RD---- C:\Users
2008-12-21 18:59:17 ----D---- C:\Program Files\Windows NT
2008-12-21 18:57:40 ----D---- C:\Program Files\Toshiba
2008-12-21 18:56:57 ----D---- C:\ProgramData\Toshiba
2008-12-21 18:55:17 ----D---- C:\Windows\system32\tr
2008-12-21 18:55:17 ----D---- C:\Windows\system32\sv
2008-12-21 18:55:17 ----D---- C:\Windows\system32\ru
2008-12-21 18:55:17 ----D---- C:\Windows\system32\pt
2008-12-21 18:55:17 ----D---- C:\Windows\system32\pl
2008-12-21 18:55:17 ----D---- C:\Windows\system32\no
2008-12-21 18:55:17 ----D---- C:\Windows\system32\nl
2008-12-21 18:55:17 ----D---- C:\Windows\system32\it
2008-12-21 18:55:17 ----D---- C:\Windows\system32\hu
2008-12-21 18:55:17 ----D---- C:\Windows\system32\fr
2008-12-21 18:55:17 ----D---- C:\Windows\system32\fi
2008-12-21 18:55:17 ----D---- C:\Windows\system32\es
2008-12-21 18:55:17 ----D---- C:\Windows\system32\el
2008-12-21 18:55:17 ----D---- C:\Windows\system32\de
2008-12-21 18:55:17 ----D---- C:\Windows\system32\da
2008-12-21 18:55:17 ----D---- C:\Windows\system32\cs
2008-12-21 18:55:16 ----D---- C:\Windows\system32\zh-TW
2008-12-21 18:55:16 ----D---- C:\Windows\system32\sk
2008-12-21 18:55:13 ----D---- C:\Windows\system32\zh-CN
2008-12-21 18:55:13 ----D---- C:\Windows\system32\ko-KR
2008-12-21 18:55:13 ----D---- C:\Windows\system32\ja-JP
2008-12-21 18:54:01 ----D---- C:\Windows\system32\restore
2008-12-21 18:52:31 ----D---- C:\Windows\Panther
2008-12-21 18:51:58 ----D---- C:\Windows\system32\Lang
2008-12-21 18:48:31 ----D---- C:\Program Files\Intel
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-12-29 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-12-29 26824]
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2008-10-07 135944]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-09-04 82440]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-11-27 164400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-04-08 3548672]
R3 bdfm;BDFM; C:\Windows\system32\drivers\bdfm.sys [2008-09-18 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-10-17 104328]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2008-09-18 230920]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys [2008-02-26 8448]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160]
R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-04-04 310272]
S3 AvgWfpX;AVG Free8 Firewall Driver x86; C:\Windows\System32\Drivers\avgwfpx.sys [2008-12-29 69128]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2008-09-02 13056]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2007-07-10 36736]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
et le reste:
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-01-02 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-04-07 667648]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-29 231704]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-10-30 401408]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-06-05 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2008-11-13 1572864]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-29 875288]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-01-07 68096]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-11 655624]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-03 29744]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-01-02 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-04-07 667648]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-29 231704]
R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-10-30 401408]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-06-05 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2008-11-13 1572864]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]
R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-29 875288]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-01-07 68096]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-11 655624]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-03 29744]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-03 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
20 janv. 2009 à 17:09
20 janv. 2009 à 17:09
si tu as AVG 8 t bitdefender vires un des deux
puis
______________
Telecharge UsbFix sur ton bureau
http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe
--> Lance l installation avec les parametres par default
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Double clic sur le raccourci UsbFix sur ton bureau
(choisir l'option nettoyage)
--> Le pc va redémarer
-->Apres redémarrage post le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
_____________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
puis
______________
Telecharge UsbFix sur ton bureau
http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe
--> Lance l installation avec les parametres par default
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Double clic sur le raccourci UsbFix sur ton bureau
(choisir l'option nettoyage)
--> Le pc va redémarer
-->Apres redémarrage post le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
_____________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
20 janv. 2009 à 17:37
20 janv. 2009 à 17:37
le site plante
alors fais ceci:
Telecharge FindyKill sur ton bureau :
--> http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
alors fais ceci:
Telecharge FindyKill sur ton bureau :
--> http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
--> Lance l installation avec les parametres par default
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Voici le rapport de findykill:
###################### [ FindyKill V4.714 ]
# User : Hersi - PC-DE-HERSI
# Emplacement : C:\Program Files\FindyKill
# Outils Mis a jours le 19/01/09 par Chiquitine29
# Recherche effectuée à 21:55:56 le 20/01/2009
# Windows Vista - Internet Explorer 7.0.6001.18000
# [ FindyKill V4.714 - Scan ] ##############
\\\\\\\\\\\\\\\\\\\\ [ Processus actifs ] ///////////////////
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\\\\\\\\\\\\\\\\\ [ Fichiers/Dossiers infectieux ] ///////////////////
################## [ C:\ ]
################## [ C:\Windows ]
################## [ C:\Windows\Prefetch ]
################## [ C:\Windows\system32 ]
################## [ C:\Windows\system32\drivers ]
################## [ C:\Users\Hersi\AppData\Roaming ]
################## [ C:\Users\Hersi\AppData\Local\Temp ]
\\\\\\\\\\\\\\\\\\ [ Registre / Startup ] ///////////////////
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Sidebar=C:\Program Files\Windows Sidebar\sidebar.exe
WindowsWelcomeCenter=rundll32.exe oobefldr.dll,ShowWelcomeCenter
TOSCDSPD=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
BitTorrent DNA="C:\Users\Hersi\Program Files\DNA\btdna.exe"
MsnMsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
AdobeBridge=
WMPNSCFG=C:\Program Files\Windows Media Player\WMPNSCFG.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
ITSecMng=%ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
NDSTray.exe=NDSTray.exe
cfFncEnabler.exe=cfFncEnabler.exe
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
Google EULA Launcher=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
Toshiba TEMPO=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
topi=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
Apoint=C:\Program Files\Apoint2K\Apoint.exe
Camera Assistant Software="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
TPwrMain=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
HSON=%ProgramFiles%\TOSHIBA\TBS\HSON.exe
SmoothView=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
00TCrdMain=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
HDMICtrlMan=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
Toshiba Registration=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
TkBellExe="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
AdobeCS4ServiceManager="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
BDAgent="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
BitDefender Antiphishing Helper="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=
\\\\\\\\\\\\\\\\\\ [ Registre / Clés infectieuses ] ///////////////////
\\\\\\\\\\\\\\\\\\ [ Etat / Services ] ///////////////////
# Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
Ndisuio - # Type de démarrage = 3
EapHost - # Type de démarrage = 3
Wlansvc - # Type de démarrage = 2
/!\ SharedAccess - # Type de démarrage = 4
wuauserv - # Type de démarrage = 2
wscsvc - # Type de démarrage = 2
WinDefend - # Type de démarrage = 2
-> UAC is Enable
\\\\\\\\\\\\\\\\\\ [ Recherche dans supports amovibles] ///////////////////
# Informations :
C: - Lecteur fixe
E: - Lecteur fixe
# Contenu de l'autorun : C:\autorun.inf
[autorun]
;nidlwkawimzdtoioewfocvzwnhbhaqbzscmwsklaelyvukxedruvxuwcrrfvxvgcq
shellexecute="resycled\boot.com c:"
;zzgkfqmfbqdcruadbztvvbjhtpytmfjclnetgmszzkgvjoanzrkfzhlwkakpnflnxistzuqqyhvxcctadvtzyzhhsgxc
shell\Open\command="resycled\boot.com c:"
;
# presence des fichiers :
Found ! [11/01/2009 20:30][-rahs----] - C:\autorun.inf
\\\\\\\\\\\\\\\\\\ [ Registre / Mountpoint2 ] ///////////////////
-> Not found !
################## [ ! Fin du rapport # FindyKill V4.714 ! ]
###################### [ FindyKill V4.714 ]
# User : Hersi - PC-DE-HERSI
# Emplacement : C:\Program Files\FindyKill
# Outils Mis a jours le 19/01/09 par Chiquitine29
# Recherche effectuée à 21:55:56 le 20/01/2009
# Windows Vista - Internet Explorer 7.0.6001.18000
# [ FindyKill V4.714 - Scan ] ##############
\\\\\\\\\\\\\\\\\\\\ [ Processus actifs ] ///////////////////
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\\\\\\\\\\\\\\\\\ [ Fichiers/Dossiers infectieux ] ///////////////////
################## [ C:\ ]
################## [ C:\Windows ]
################## [ C:\Windows\Prefetch ]
################## [ C:\Windows\system32 ]
################## [ C:\Windows\system32\drivers ]
################## [ C:\Users\Hersi\AppData\Roaming ]
################## [ C:\Users\Hersi\AppData\Local\Temp ]
\\\\\\\\\\\\\\\\\\ [ Registre / Startup ] ///////////////////
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Sidebar=C:\Program Files\Windows Sidebar\sidebar.exe
WindowsWelcomeCenter=rundll32.exe oobefldr.dll,ShowWelcomeCenter
TOSCDSPD=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
BitTorrent DNA="C:\Users\Hersi\Program Files\DNA\btdna.exe"
MsnMsgr="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
AdobeBridge=
WMPNSCFG=C:\Program Files\Windows Media Player\WMPNSCFG.exe
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
ITSecMng=%ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
NDSTray.exe=NDSTray.exe
cfFncEnabler.exe=cfFncEnabler.exe
Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
Google Desktop Search="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
Google EULA Launcher=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
Toshiba TEMPO=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
topi=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
Apoint=C:\Program Files\Apoint2K\Apoint.exe
Camera Assistant Software="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
TPwrMain=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
HSON=%ProgramFiles%\TOSHIBA\TBS\HSON.exe
SmoothView=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
00TCrdMain=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
HDMICtrlMan=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
Toshiba Registration=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
AVG8_TRAY=C:\PROGRA~1\AVG\AVG8\avgtray.exe
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
TkBellExe="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
AdobeCS4ServiceManager="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
BDAgent="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
BitDefender Antiphishing Helper="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=
\\\\\\\\\\\\\\\\\\ [ Registre / Clés infectieuses ] ///////////////////
\\\\\\\\\\\\\\\\\\ [ Etat / Services ] ///////////////////
# Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
Ndisuio - # Type de démarrage = 3
EapHost - # Type de démarrage = 3
Wlansvc - # Type de démarrage = 2
/!\ SharedAccess - # Type de démarrage = 4
wuauserv - # Type de démarrage = 2
wscsvc - # Type de démarrage = 2
WinDefend - # Type de démarrage = 2
-> UAC is Enable
\\\\\\\\\\\\\\\\\\ [ Recherche dans supports amovibles] ///////////////////
# Informations :
C: - Lecteur fixe
E: - Lecteur fixe
# Contenu de l'autorun : C:\autorun.inf
[autorun]
;nidlwkawimzdtoioewfocvzwnhbhaqbzscmwsklaelyvukxedruvxuwcrrfvxvgcq
shellexecute="resycled\boot.com c:"
;zzgkfqmfbqdcruadbztvvbjhtpytmfjclnetgmszzkgvjoanzrkfzhlwkakpnflnxistzuqqyhvxcctadvtzyzhhsgxc
shell\Open\command="resycled\boot.com c:"
;
# presence des fichiers :
Found ! [11/01/2009 20:30][-rahs----] - C:\autorun.inf
\\\\\\\\\\\\\\\\\\ [ Registre / Mountpoint2 ] ///////////////////
-> Not found !
################## [ ! Fin du rapport # FindyKill V4.714 ! ]
Voici le rappor Hijack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:40, on 20/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\HijackThis\eden.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Hersi\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/43.10/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:40, on 20/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\HijackThis\eden.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Hersi\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/43.10/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 janv. 2009 à 10:22
21 janv. 2009 à 10:22
1 seul antivirus sur un ordi: bitdefender ou AVG 8!
____________
refais findykill option 2 et colle le rapport
____________
refais findykill option 2 et colle le rapport
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 janv. 2009 à 11:19
21 janv. 2009 à 11:19
vire avg8 en mode sans echec
https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/
https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/
jai redemarré en mode sans echec, AVG impossible supprimer:
Installer initialization failed due to following error:
Error: @AvgErrorCode_0x0253 %FILE% = "C:\Program Files\AVG\AVG8"
@AvgErrorCode_0x0020
Installer initialization failed due to following error:
Error: @AvgErrorCode_0x0253 %FILE% = "C:\Program Files\AVG\AVG8"
@AvgErrorCode_0x0020
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 janv. 2009 à 14:04
21 janv. 2009 à 14:04
refais findykill option 2 et colle le rapport
______________
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
______________
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
Logfile of random's system information tool 1.05 (written by random/random)
Run by Hersi at 2009-01-21 14:20:00
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 73 GB (47%) free of 154 GB
Total RAM: 3066 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:02, on 21/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\WinamaxPoker\WinamaxPoker.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hersi\Desktop\RSIT.exe
C:\Program Files\trend micro\HijackThis\Hersi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Hersi\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/43.10/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Run by Hersi at 2009-01-21 14:20:00
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 73 GB (47%) free of 154 GB
Total RAM: 3066 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:02, on 21/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\WinamaxPoker\WinamaxPoker.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hersi\Desktop\RSIT.exe
C:\Program Files\trend micro\HijackThis\Hersi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Hersi\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/43.10/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by Hersi at 2009-01-21 14:20:00
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 73 GB (47%) free of 154 GB
Total RAM: 3066 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:02, on 21/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\WinamaxPoker\WinamaxPoker.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hersi\Desktop\RSIT.exe
C:\Program Files\trend micro\HijackThis\Hersi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Hersi\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/43.10/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Run by Hersi at 2009-01-21 14:20:00
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 73 GB (47%) free of 154 GB
Total RAM: 3066 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:02, on 21/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\WinamaxPoker\WinamaxPoker.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hersi\Desktop\RSIT.exe
C:\Program Files\trend micro\HijackThis\Hersi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Hersi\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/43.10/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 janv. 2009 à 16:38
21 janv. 2009 à 16:38
analyse ce fichier sur virus total et colle le rapport https://www.virustotal.com/gui/
D:\system.exe
_____________
l'ordi va mieux?
D:\system.exe
_____________
l'ordi va mieux?
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 janv. 2009 à 18:01
21 janv. 2009 à 18:01
télécharge OTMoveIt
http://oldtimer.geekstogo.com/OTMoveIt3.exe
(de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
(bien mettre :files)
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9149a920-d75e-11dd-9db2-001e68d0e28a}]
:files
D:\system.exe
:commands
[purity]
[emptytemp]
[start explorer]
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
____________________
scan après mise a jour avec malwarebyte et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_______________________
lance reg cleaner pour nettoyer le registre:
https://www.01net.com/telecharger/
________________________
colle un rapport avec bitdefender que tu as
http://oldtimer.geekstogo.com/OTMoveIt3.exe
(de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
(bien mettre :files)
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9149a920-d75e-11dd-9db2-001e68d0e28a}]
:files
D:\system.exe
:commands
[purity]
[emptytemp]
[start explorer]
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
____________________
scan après mise a jour avec malwarebyte et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_______________________
lance reg cleaner pour nettoyer le registre:
https://www.01net.com/telecharger/
________________________
colle un rapport avec bitdefender que tu as
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9149a920-d75e-11dd-9db2-001e68d0e28a}\\ not found.
========== FILES ==========
File/Folder D:\system.exe not found.
========== COMMANDS ==========
File delete failed. C:\Users\Hersi\AppData\Local\Temp\Low\~DF32B1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Hersi\AppData\Local\Temp\Low\~DF32BB.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Hersi\AppData\Local\Temp\~DF35B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Hersi\AppData\Local\Temp\~DFF81.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Hersi\AppData\Local\Temp\~DFF8B.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\{762A86B6-FD9A-4650-8D6A-08A45A9D5CFE}\setup.isn scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96d-e325-11ce-bfc1-08002be10318}0000\INWCS2.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0000\FMTE1.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0000\ISACS.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0000\TE1EQ.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00007e18\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00007b9e\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00006909\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp000054d9\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp000051af\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00005079\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00002f60\tmp0011ee57 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00002f16\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp0000241c\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp000020f5\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp0000206a\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00000acb\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp000004f3\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SMARTAUDIO\SmAudio.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\06b40d45-8401-4dd5-a6e5-01502e2aa458.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\0803703d-0bac-4c83-972f-59b48a04941a.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\183a3.mst scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\307f6d09-3328-4c36-b9b2-f1a467f961c3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\36c081cc-3551-4698-a3d2-c519814d4dd7.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\3d3251ae-5d2b-4c69-9588-b4d3808ba558.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\445624d9-ca77-4d94-a501-ae150966917d.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\53eefaac-c8d0-42eb-b3d0-8dca668b6372.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\54e821ca-3e4b-4f21-8d1f-179461dabe58.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\939e7ae3-dfb4-4709-8535-ace88040154b.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\9bf0d335-e09c-418f-bf76-f14acdcf9c6c.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\aa90201c-d496-4f69-a91d-585212b8449c.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\avg8info.id scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\bdc5EE3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\bdc6B5F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\bdc904D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\bf52e866-97b8-4c79-81cb-39be3183770c.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\c87a734e-97a0-49b2-be76-6447cd1c36c8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\c95ceb18-f75a-4e3b-9d7c-be8a5d6c1b28.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\coinlog.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\conexant.cer scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\d5a5f7aa-c83d-477c-b129-ecd0cf3d5eac.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\d87d9523-287c-43d4-a12d-2420b8bcfc45.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DIFXAPI.DLL scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI17E3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI557F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI6057.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI7647.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI8EF5.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI979D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI98A6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIA331.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIA497.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIB07.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIB5EC.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIC20.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\ehprivjob.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\ehprivjob1.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\f4b1b95a-ff68-467c-a609-b2ed470a7976.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile00.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile01.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile02.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile03.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile04.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile05.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile06.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile07.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile08.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile09.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile10.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile11.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile12.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile13.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile14.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile15.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile16.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile17.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile18.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile19.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\JETA755.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MpCmdRun.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MpSigStub.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\OutofProcReport1325267.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\report.dat scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\rtsr.dat scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\RTWaveTempINI.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\RTWaveTempINI2.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SETUP.LOG scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_2EXjqIB8kZiPMAB scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_9k7sUp1c9A4FZmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_9rb3isoRnrFeTcb scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_9xrKbZeCeWR9g8T scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_BKyvRxIs9wRCoJa scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_FcQgqhu7UQxjlE8 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_fqU55VcPMyoPhCO scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_FZc25ewwjGIfTqR scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_GCdpNLGJyfePyhE scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_HHgoMsml8zj9uZT scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_LcDsfqxoqs8hTqJ scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_R5S1USvVMGqOHF1 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_tafHeiRxjPtYRSe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_TgJkd3gbWz0ozaa scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_xQrZhdVct6WmTQQ scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_xwGp0ADKKEzbk3N scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_YolTbAZi3wGoJHZ scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_Z57hgswgZuDJnaj scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\TempINI.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\v_live_s.xml scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER125.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER136.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1A8C.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1A8D.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1ADE.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1ADF.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1F3.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1F4.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER3111.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER318E.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER31B.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER34B.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER3CA2.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER3CA3.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER4089.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER408A.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER41A4.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER41B5.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER429E.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER429F.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER541D.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER542E.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER563A.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER563B.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER737D.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER737E.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER90DA.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER90DB.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER9185.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA488.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA489.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA6AA.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA6AB.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERAF51.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERAF52.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERBF4.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC025.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC026.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC05.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC1BA.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC1DA.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC2D5.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC2D6.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD402.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD403.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD4DB.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD4DC.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD4EA.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD529.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDAA1.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDAB2.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDC3C.tmp.mdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDFC4.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDFD7.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDFD8.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDFE4.tmp.appcompat.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WEREC23.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERECEF.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WEREE3A.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WEREE3B.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERF394.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERF549.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERF6EF.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERFB4F.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERFB50.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERFFDF.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERFFE0.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WFV670B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_DX.etl scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_KernelLog.etl scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_StorageAsmt.etl scheduled to be deleted on reboot.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01212009_181411
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9149a920-d75e-11dd-9db2-001e68d0e28a}\\ not found.
========== FILES ==========
File/Folder D:\system.exe not found.
========== COMMANDS ==========
File delete failed. C:\Users\Hersi\AppData\Local\Temp\Low\~DF32B1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Hersi\AppData\Local\Temp\Low\~DF32BB.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Hersi\AppData\Local\Temp\~DF35B8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Hersi\AppData\Local\Temp\~DFF81.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\Hersi\AppData\Local\Temp\~DFF8B.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\{762A86B6-FD9A-4650-8D6A-08A45A9D5CFE}\setup.isn scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96d-e325-11ce-bfc1-08002be10318}0000\INWCS2.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0000\FMTE1.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0000\ISACS.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0000\TE1EQ.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00007e18\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00007b9e\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00006909\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp000054d9\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp000051af\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00005079\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00002f60\tmp0011ee57 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00002f16\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp0000241c\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp000020f5\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp0000206a\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00000acb\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp000004f3\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SMARTAUDIO\SmAudio.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\06b40d45-8401-4dd5-a6e5-01502e2aa458.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\0803703d-0bac-4c83-972f-59b48a04941a.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\183a3.mst scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\307f6d09-3328-4c36-b9b2-f1a467f961c3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\36c081cc-3551-4698-a3d2-c519814d4dd7.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\3d3251ae-5d2b-4c69-9588-b4d3808ba558.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\445624d9-ca77-4d94-a501-ae150966917d.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\53eefaac-c8d0-42eb-b3d0-8dca668b6372.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\54e821ca-3e4b-4f21-8d1f-179461dabe58.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\939e7ae3-dfb4-4709-8535-ace88040154b.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\9bf0d335-e09c-418f-bf76-f14acdcf9c6c.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\aa90201c-d496-4f69-a91d-585212b8449c.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\avg8info.id scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\bdc5EE3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\bdc6B5F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\bdc904D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\bf52e866-97b8-4c79-81cb-39be3183770c.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\c87a734e-97a0-49b2-be76-6447cd1c36c8.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\c95ceb18-f75a-4e3b-9d7c-be8a5d6c1b28.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\coinlog.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\conexant.cer scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\d5a5f7aa-c83d-477c-b129-ecd0cf3d5eac.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\d87d9523-287c-43d4-a12d-2420b8bcfc45.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DIFXAPI.DLL scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI17E3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI557F.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI6057.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI7647.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI8EF5.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI979D.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI98A6.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIA331.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIA497.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIB07.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIB5EC.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIC20.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\ehprivjob.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\ehprivjob1.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\f4b1b95a-ff68-467c-a609-b2ed470a7976.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile00.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile01.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile02.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile03.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile04.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile05.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile06.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile07.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile08.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile09.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile10.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile11.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile12.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile13.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile14.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile15.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile16.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile17.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile18.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile19.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\JETA755.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MpCmdRun.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MpSigStub.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\OutofProcReport1325267.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\report.dat scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\rtsr.dat scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\RTWaveTempINI.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\RTWaveTempINI2.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SETUP.LOG scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_2EXjqIB8kZiPMAB scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_9k7sUp1c9A4FZmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_9rb3isoRnrFeTcb scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_9xrKbZeCeWR9g8T scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_BKyvRxIs9wRCoJa scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_FcQgqhu7UQxjlE8 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_fqU55VcPMyoPhCO scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_FZc25ewwjGIfTqR scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_GCdpNLGJyfePyhE scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_HHgoMsml8zj9uZT scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_LcDsfqxoqs8hTqJ scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_R5S1USvVMGqOHF1 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_tafHeiRxjPtYRSe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_TgJkd3gbWz0ozaa scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_xQrZhdVct6WmTQQ scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_xwGp0ADKKEzbk3N scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_YolTbAZi3wGoJHZ scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\sqlite_Z57hgswgZuDJnaj scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\TempINI.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\v_live_s.xml scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER125.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER136.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1A8C.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1A8D.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1ADE.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1ADF.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1F3.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER1F4.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER3111.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER318E.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER31B.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER34B.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER3CA2.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER3CA3.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER4089.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER408A.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER41A4.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER41B5.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER429E.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER429F.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER541D.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER542E.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER563A.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER563B.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER737D.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER737E.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER90DA.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER90DB.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WER9185.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA488.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA489.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA6AA.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA6AB.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERAF51.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERAF52.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERBF4.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC025.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC026.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC05.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC1BA.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC1DA.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC2D5.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERC2D6.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD402.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD403.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD4DB.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD4DC.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD4EA.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERD529.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDAA1.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDAB2.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDC3C.tmp.mdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDFC4.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDFD7.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDFD8.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERDFE4.tmp.appcompat.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WEREC23.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERECEF.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WEREE3A.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WEREE3B.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERF394.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERF549.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERF6EF.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERFB4F.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERFB50.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERFFDF.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERFFE0.tmp.hdmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WFV670B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_DX.etl scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_KernelLog.etl scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_StorageAsmt.etl scheduled to be deleted on reboot.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01212009_181411
malware ne detecte rien d'anormal:
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1674
Windows 6.0.6001 Service Pack 1
21/01/2009 20:50:53
mbam-log-2009-01-21 (20-50-53).txt
Type de recherche: Examen complet (C:\|E:\|F:\|)
Eléments examinés: 177263
Temps écoulé: 2 hour(s), 0 minute(s), 41 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1674
Windows 6.0.6001 Service Pack 1
21/01/2009 20:50:53
mbam-log-2009-01-21 (20-50-53).txt
Type de recherche: Examen complet (C:\|E:\|F:\|)
Eléments examinés: 177263
Temps écoulé: 2 hour(s), 0 minute(s), 41 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 janv. 2009 à 18:45
21 janv. 2009 à 18:45
vire le fichier system.exe
D:\system.exe
D:\system.exe
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
21 janv. 2009 à 20:52
21 janv. 2009 à 20:52
vire le fichier system.exe
D:\system.exe
_______________________
lance reg cleaner pour nettoyer le registre:
https://www.01net.com/
________________________
colle un rapport avec bitdefender que tu as
D:\system.exe
_______________________
lance reg cleaner pour nettoyer le registre:
https://www.01net.com/
________________________
colle un rapport avec bitdefender que tu as
Bit defender et Malaware n'ont rien trouvé sauf pour ce qui est des clés de registres. Voici el rapport bitdefender:
<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="C:\Program Files\BitDefender\BitDefender 2009\uiscan_log.xsl"?>
<ScanSession creator="BitDefender Total Security 2009" version="BitDefender UIScanner v.12" creationDate="22:44:58 21/01/2009" installPath="C:\Program Files\BitDefender\BitDefender 2009" originalPath="C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\deep_scan\1232574298_1_00.xml" scanClient="C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe" taskName="Analyse approfondie">
<ScanOptions
showWarnings="1" >
<ScanPaths>
<path id="0000">C:\</path>
<path id="0001">E:\</path>
</ScanPaths>
<ScanObjects
scanViruses="1"
scanAddware="1"
scanSpyware="1"
scanApplications="1"
scanDialers="1"
scanRootkits="1"
/>
<TargetSelection
heuristicScan="1"
scanArchives="1"
scanRegistryKeys="1"
scanRegistry="1"
scanCookies="1"
memoryProcesses="1"
scanBootSectors="1"
scanEmail="0"
scanAllFiles="1"
scanPackedFiles="1"
scanSubfolders="1"
includeExtensions=""
excludeExtensions=""
/>
<TargetProcessing
infectedAction="3"
suspiciousAction="1"
hiddenAction="1"
/>
</ScanOptions>
<EngineSummary
archivePlugins="45"
mailPlugins="6"
scanPlugins="13"
totalSignatures="2566736"
systemPlugins="5"
unpackPlugins="7"
/>
<ScanSummary
scannedItems="755727"
passProtItems="0"
infectedItems="0"
suspiciousItems="0"
resolvedItems="0"
unresolvedItems="0"
scannedArchives="2482"
bootSectorCount="4"
scannedDirectories="19821"
inputOutputErrors="89"
virusesNumber="0"
scanTime="01:01:14"
filesPerSecond="205"
>
<FileSummary
scanned="754519"
archives="2482"
packed="37975"
infected="0"
suspicious="0"
resolved="0"
deleted="0"
moved="0"
copied="0"
/>
<RegistryKeySummary
scanned="1097"
infected="0"
suspicious="0"
/>
<CookieSummary
scanned="29"
infected="0"
suspicious="0"
/>
<ProcessSummary
scanned="82"
infected="0"
suspicious="0"
/>
<MailSummary
scanned="0"
infected="0"
suspicious="0"
/>
</ScanSummary>
<ScanDetails>
</ScanDetails>
</ScanSession>
Crois tu que j'ai encore des virus? En tt cas l'ordi marche mieux. Meme sil est encore un peu lent au demarrage
<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="C:\Program Files\BitDefender\BitDefender 2009\uiscan_log.xsl"?>
<ScanSession creator="BitDefender Total Security 2009" version="BitDefender UIScanner v.12" creationDate="22:44:58 21/01/2009" installPath="C:\Program Files\BitDefender\BitDefender 2009" originalPath="C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\deep_scan\1232574298_1_00.xml" scanClient="C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe" taskName="Analyse approfondie">
<ScanOptions
showWarnings="1" >
<ScanPaths>
<path id="0000">C:\</path>
<path id="0001">E:\</path>
</ScanPaths>
<ScanObjects
scanViruses="1"
scanAddware="1"
scanSpyware="1"
scanApplications="1"
scanDialers="1"
scanRootkits="1"
/>
<TargetSelection
heuristicScan="1"
scanArchives="1"
scanRegistryKeys="1"
scanRegistry="1"
scanCookies="1"
memoryProcesses="1"
scanBootSectors="1"
scanEmail="0"
scanAllFiles="1"
scanPackedFiles="1"
scanSubfolders="1"
includeExtensions=""
excludeExtensions=""
/>
<TargetProcessing
infectedAction="3"
suspiciousAction="1"
hiddenAction="1"
/>
</ScanOptions>
<EngineSummary
archivePlugins="45"
mailPlugins="6"
scanPlugins="13"
totalSignatures="2566736"
systemPlugins="5"
unpackPlugins="7"
/>
<ScanSummary
scannedItems="755727"
passProtItems="0"
infectedItems="0"
suspiciousItems="0"
resolvedItems="0"
unresolvedItems="0"
scannedArchives="2482"
bootSectorCount="4"
scannedDirectories="19821"
inputOutputErrors="89"
virusesNumber="0"
scanTime="01:01:14"
filesPerSecond="205"
>
<FileSummary
scanned="754519"
archives="2482"
packed="37975"
infected="0"
suspicious="0"
resolved="0"
deleted="0"
moved="0"
copied="0"
/>
<RegistryKeySummary
scanned="1097"
infected="0"
suspicious="0"
/>
<CookieSummary
scanned="29"
infected="0"
suspicious="0"
/>
<ProcessSummary
scanned="82"
infected="0"
suspicious="0"
/>
<MailSummary
scanned="0"
infected="0"
suspicious="0"
/>
</ScanSummary>
<ScanDetails>
</ScanDetails>
</ScanSession>
Crois tu que j'ai encore des virus? En tt cas l'ordi marche mieux. Meme sil est encore un peu lent au demarrage
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
22 janv. 2009 à 11:37
22 janv. 2009 à 11:37
passe un coup de regcleaner pour nettoyer le registre
https://www.01net.com/telecharger/
___________
tu as bien viré: ?
D:\system.exe
__________
Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
_________________
a plus
https://www.01net.com/telecharger/
___________
tu as bien viré: ?
D:\system.exe
__________
Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
_________________
a plus
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
22 janv. 2009 à 12:37
22 janv. 2009 à 12:37
poste de travail puis D
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
22 janv. 2009 à 12:56
22 janv. 2009 à 12:56
en 20 tu m'as dis l'avoir analysé?
voici le rapport:
[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\HijackThis: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\hijackthis\HJTInstall.exe: trouvé !
C:\hijackthis\hijackthis.log: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\trend micro\HijackThis: trouvé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\FindyKill: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FindyKill: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\FindyKill: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\FindyKill: trouvé !
C:\Users\Hersi\AppData\Local\VirtualStore\Program Files\trend micro\HijackThis: trouvé !
C:\Users\Hersi\AppData\Local\VirtualStore\Program Files\trend micro\HijackThis\hijackthis.log: trouvé !
C:\Users\Hersi\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\FindyKill: trouvé !
C:\Users\Hersi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FindyKill: trouvé !
C:\Users\Hersi\Desktop\OTMoveIt3.exe: trouvé !
C:\Users\Hersi\Desktop\Rsit.exe: trouvé !
[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\HijackThis: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\hijackthis\HJTInstall.exe: trouvé !
C:\hijackthis\hijackthis.log: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\trend micro\HijackThis: trouvé !
C:\Program Files\trend micro\HijackThis\hijackthis.log: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programmes\FindyKill: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FindyKill: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programmes\FindyKill: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\HijackThis: trouvé !
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\FindyKill: trouvé !
C:\Users\Hersi\AppData\Local\VirtualStore\Program Files\trend micro\HijackThis: trouvé !
C:\Users\Hersi\AppData\Local\VirtualStore\Program Files\trend micro\HijackThis\hijackthis.log: trouvé !
C:\Users\Hersi\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes\FindyKill: trouvé !
C:\Users\Hersi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FindyKill: trouvé !
C:\Users\Hersi\Desktop\OTMoveIt3.exe: trouvé !
C:\Users\Hersi\Desktop\Rsit.exe: trouvé !
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
22 janv. 2009 à 12:59
22 janv. 2009 à 12:59
ok vires tout
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
22 janv. 2009 à 13:04
22 janv. 2009 à 13:04
refais un rsit pour verifier
sinon encore des soucis?
sinon encore des soucis?
Logfile of random's system information tool 1.05 (written by random/random)
Run by Hersi at 2009-01-22 13:05:57
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 72 GB (47%) free of 154 GB
Total RAM: 3066 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:06:12, on 22/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\iTunes\iTunes.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hersi\Desktop\RSIT.exe
C:\Program Files\trend micro\Hersi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Hersi\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/43.10/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Run by Hersi at 2009-01-22 13:05:57
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 72 GB (47%) free of 154 GB
Total RAM: 3066 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:06:12, on 22/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\Hersi\Program Files\DNA\btdna.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\Program Files\RegCleaner\RegCleanr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\iTunes\iTunes.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hersi\Desktop\RSIT.exe
C:\Program Files\trend micro\Hersi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Hersi\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.fr/s/v/43.10/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
22 janv. 2009 à 13:31
22 janv. 2009 à 13:31
on le voit dans le rapport:
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9149a920-d75e-11dd-9db2-001e68d0e28a}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\system.exe
shell\Explore\command - D:\system.exe
shell\Open\command - D:\system.exe
_____________
si tu n'as pas de disque D pas grave
tu fera quand disponible usbfix pour verifier sinon c'est bon!!!!
Telecharge UsbFix sur ton bureau
http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe
--> Lance l installation avec les parametres par default
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Double clic sur le raccourci UsbFix sur ton bureau
--> Le pc va redémarer
-->Apres redémarrage post le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9149a920-d75e-11dd-9db2-001e68d0e28a}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\system.exe
shell\Explore\command - D:\system.exe
shell\Open\command - D:\system.exe
_____________
si tu n'as pas de disque D pas grave
tu fera quand disponible usbfix pour verifier sinon c'est bon!!!!
Telecharge UsbFix sur ton bureau
http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe
--> Lance l installation avec les parametres par default
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
--> Double clic sur le raccourci UsbFix sur ton bureau
--> Le pc va redémarer
-->Apres redémarrage post le rapport UsbFix.txt
Note : le rapport UsbFix.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
20 janv. 2009 à 13:44
Alors voila, cest de pire en pire, j'arrive plus à telecharger aucun fichier: il apparait un message:
C:\program~1\Java\jre6\bin\ssvagent.exe
Windows ne parvient pas a acceder au periphérique. Vous ne disposez peut etre pas des autorisations appropriées pour avoir accès à l'élement.
Voicii le resultat de lanalyse ce matin avec bitdefender :
?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="C:\Program Files\BitDefender\BitDefender 2009\uiscan_log.xsl"?>
<ScanSession creator="BitDefender Total Security 2009" version="BitDefender UIScanner v.12" creationDate="07:48:01 20/01/2009" installPath="C:\Program Files\BitDefender\BitDefender 2009" originalPath="C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\deep_scan\1232434081_1_02.xml" scanClient="C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe" taskName="Analyse approfondie">
<ScanOptions
showWarnings="1" >
<ScanPaths>
<path id="0000">C:\</path>
<path id="0001">E:\</path>
</ScanPaths>
<ScanObjects
scanViruses="1"
scanAddware="1"
scanSpyware="1"
scanApplications="1"
scanDialers="1"
scanRootkits="1"
/>
<TargetSelection
heuristicScan="1"
scanArchives="1"
scanRegistryKeys="1"
scanRegistry="1"
scanCookies="1"
memoryProcesses="1"
scanBootSectors="1"
scanEmail="0"
scanAllFiles="1"
scanPackedFiles="1"
scanSubfolders="1"
includeExtensions=""
excludeExtensions=""
/>
<TargetProcessing
infectedAction="3"
suspiciousAction="1"
hiddenAction="1"
/>
</ScanOptions>
<EngineSummary
archivePlugins="43"
mailPlugins="6"
scanPlugins="12"
totalSignatures="2187512"
systemPlugins="4"
unpackPlugins="7"
/>
<ScanSummary
scannedItems="270420"
passProtItems="0"
infectedItems="1"
suspiciousItems="0"
resolvedItems="0"
unresolvedItems="1"
scannedArchives="1017"
bootSectorCount="8"
scannedDirectories="19833"
inputOutputErrors="103"
virusesNumber="1"
scanTime="01:16:19"
filesPerSecond="58"
>
<FileSummary
scanned="269150"
archives="1017"
packed="12756"
infected="1"
suspicious="0"
resolved="0"
deleted="0"
moved="0"
copied="0"
/>
<RegistryKeySummary
scanned="1106"
infected="0"
suspicious="0"
/>
<CookieSummary
scanned="78"
infected="0"
suspicious="0"
/>
<ProcessSummary
scanned="86"
infected="0"
suspicious="0"
/>
<MailSummary
scanned="0"
infected="0"
suspicious="0"
/>
</ScanSummary>
<ScanDetails>
<AffectedItem itemType ="File" path="C:\Users\Hersi\AppData\Local\Temp\5.exe=](NSIS o)=]lzma_nsis0002=](Embedded EXE o)" threatType="virus" threatName="Trojan.Generic.469636" action="none" finalStatus= "infected" error= "infected archive"/>
</ScanDetails>
</ScanSession>
ET VOICI CONCERNANT LES CLES REGISTRE:
NOM DE LA CLé: HKLM\SOFTWARE\mICROSOFT\WINDOWS\Currentversion\SharedDLLS
Valeur de la clé:c:\Windows\Microsoft.net\..\rk\v1.0.3705\vsavb7rt.dll
et il y en a 19 autres dans le meme genre, j'arrive pas a copier coller le rapport, j'y connais pas grand chose...
Je crois que le probleme de telechargement cest suite a la mise a jour de java... mais je suis pas sure...