Au secour mon ordi rame sur le net (vista)
greeneyes972
Messages postés
18
Statut
Membre
-
greeneyes972 Messages postés 18 Statut Membre -
greeneyes972 Messages postés 18 Statut Membre -
Bonjour a tous ,
Voila j'ai remarqué que depuis peu de temps mon pc rame surtout sur le net ( pages internet exploreur longues a s'ouvrir et navigation sur le net super lente )
pour lire une video youtube je doit atendre 5 minutes de chargement si ce n'ai plus , alors que sur mon autre pc ça prend une minute seulement .
Lorsque je télécharge un ficher le taux de transfert ne dépasse pas 10ko/seconde contre 60ko /seconde il y a 1 mois environ.
Ma configuration est : windows vista édition familiale premium (service pack 1) 32 bits
processeur intel core duo CPU T2350 @ 1.86GHz 1.87GHz
mémoire vive 1 Go
connection modem médiaserv 512K (liaison en wifi)
mon antivirus est bitdenfender 2008
voici le rapport HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:56:24, on 12/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\mickael\Desktop\HTThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSDrvCheck] C:\Windows\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
Voila j'ai remarqué que depuis peu de temps mon pc rame surtout sur le net ( pages internet exploreur longues a s'ouvrir et navigation sur le net super lente )
pour lire une video youtube je doit atendre 5 minutes de chargement si ce n'ai plus , alors que sur mon autre pc ça prend une minute seulement .
Lorsque je télécharge un ficher le taux de transfert ne dépasse pas 10ko/seconde contre 60ko /seconde il y a 1 mois environ.
Ma configuration est : windows vista édition familiale premium (service pack 1) 32 bits
processeur intel core duo CPU T2350 @ 1.86GHz 1.87GHz
mémoire vive 1 Go
connection modem médiaserv 512K (liaison en wifi)
mon antivirus est bitdenfender 2008
voici le rapport HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:56:24, on 12/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\mickael\Desktop\HTThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSDrvCheck] C:\Windows\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
A voir également:
- Au secour mon ordi rame sur le net (vista)
- Ordi qui rame - Guide
- Net framework 2.0 - Télécharger - Divers Utilitaires
- Paint net - Télécharger - Dessin & Illustration
- Comment reinitialiser un ordi - Guide
- Logo .net - Télécharger - Études & Formations
22 réponses
bonsopir
a priori rien sur le hijack
passe cela:
passe cet antimalware, fait comme indique
Telecharges malwaresbytes antimalwares(MBAM) : egalement tres util sur pb de pub mais pas tous malheureusement
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
fais comme indique,mise a jour , scan complet en mode sans echec et les rapports.
COLLE LE RAPPORT APRES SUPPRESSION MERCI.
garde le et lance un scan tout les mois comme indique.
si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.
a priori rien sur le hijack
passe cela:
passe cet antimalware, fait comme indique
Telecharges malwaresbytes antimalwares(MBAM) : egalement tres util sur pb de pub mais pas tous malheureusement
Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe
Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
fais comme indique,mise a jour , scan complet en mode sans echec et les rapports.
COLLE LE RAPPORT APRES SUPPRESSION MERCI.
garde le et lance un scan tout les mois comme indique.
si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.
fait ce scan on va regarder plus en profondeur
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.
-> http://images.malwareremoval.com/random/RSIT.exe
! Déconnecte toi et ferme toutes tes applications en cours !
Double-clique sur " RSIT.exe " pour le lancer .
-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .
* Devant l'option "List files/folders created ..." , tu choisis : 2 months
* clique ensuite sur " Continue " pour lancer l'analyse ...
-> laisse faire le scan et ne touche pas au PC ...
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).
Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...
Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum
( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
encore merci pour ton aide voici le rapport :
Logfile of random's system information tool 1.05 (written by random/random)
Run by mickael at 2009-02-12 18:38:34
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 13 GB (23%) free of 57 GB
Total RAM: 1021 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:01, on 12/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Taskmgr.exe
C:\Users\mickael\Desktop\RSIT.exe
C:\Users\mickael\Desktop\HTThis\mickael.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSDrvCheck] C:\Windows\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by mickael at 2009-02-12 18:38:34
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 13 GB (23%) free of 57 GB
Total RAM: 1021 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:39:01, on 12/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Taskmgr.exe
C:\Users\mickael\Desktop\RSIT.exe
C:\Users\mickael\Desktop\HTThis\mickael.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSDrvCheck] C:\Windows\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
voici la suite :
======Scheduled tasks folder======
C:\Windows\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-08 501384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-09-23 654832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-03-05 86016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-19 411768]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-01-17 534648]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2006-11-01 413696]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-11-01 438272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-02 835584]
"StorageGuard"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-02-12 155648]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-17 368640]
"MSConfig"=C:\Windows\system32\msconfig.exe [2008-01-19 227840]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-01-13 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-01-13 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-01-13 81920]
"PSDrvCheck"=C:\Windows\system32\PSDrvCheck.exe [2003-08-28 396800]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-23 68856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-02-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-02-06 509496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe [2006-08-15 544768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2008-04-26 1271032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-03-02 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TZ Spyware Remover]
C:\Program Files\TrackZapper.com\TZ Spyware Remover\SpyRem.exe /STARTUP []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
shell\Auto\command - D:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\AdobeR.exe e
======Scheduled tasks folder======
C:\Windows\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-08 501384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-09-23 654832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-03-05 86016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-19 411768]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-01-17 534648]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2006-11-01 413696]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-11-01 438272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-02 835584]
"StorageGuard"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-02-12 155648]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-17 368640]
"MSConfig"=C:\Windows\system32\msconfig.exe [2008-01-19 227840]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-01-13 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-01-13 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-01-13 81920]
"PSDrvCheck"=C:\Windows\system32\PSDrvCheck.exe [2003-08-28 396800]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-23 68856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-02-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-02-06 509496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe [2006-08-15 544768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2008-04-26 1271032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-03-02 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TZ Spyware Remover]
C:\Program Files\TrackZapper.com\TZ Spyware Remover\SpyRem.exe /STARTUP []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
shell\Auto\command - D:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\AdobeR.exe e
et voici la fin du rapport :
======List of files/folders created in the last 2 months======
2009-02-12 18:34:29 ----D---- C:\rsit
2009-02-12 18:07:38 ----D---- C:\SDFix
2009-02-12 16:38:28 ----A---- C:\Windows\ntbtlog.txt
2009-02-12 16:22:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-10 15:10:19 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 15:10:17 ----A---- C:\Windows\system32\ieframe.dll
2009-02-10 15:10:15 ----A---- C:\Windows\system32\urlmon.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\wininet.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\mstime.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\iertutil.dll
2009-02-07 16:53:27 ----D---- C:\Windows\BDOSCAN8
2009-02-07 14:54:43 ----D---- C:\ProgramData\Grisoft
2009-02-06 22:19:00 ----D---- C:\ProgramData\NOS
2009-02-06 22:18:59 ----D---- C:\Program Files\NOS
2009-02-06 21:16:24 ----D---- C:\Users\mickael\AppData\Roaming\Malwarebytes
2009-02-06 21:16:17 ----D---- C:\ProgramData\Malwarebytes
2009-01-24 16:01:12 ----D---- C:\ProgramData\TuneUp Software
2009-01-19 18:49:41 ----D---- C:\Program Files\comptes
2009-01-19 18:49:03 ----N---- C:\Windows\Setup1.exe
2009-01-19 18:49:02 ----A---- C:\Windows\ST6UNST.EXE
2009-01-12 16:04:17 ----D---- C:\Windows\system32\Adobe
2008-12-30 11:57:26 ----D---- C:\ProgramData\Messenger Plus!
2008-12-30 00:09:41 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-25 18:23:44 ----N---- C:\Windows\system32\pxhpinst.exe
2008-12-25 18:23:39 ----A---- C:\Windows\winamp.ini
2008-12-25 17:39:12 ----D---- C:\Users\mickael\AppData\Roaming\Steinberg
2008-12-25 17:37:07 ----A---- C:\Windows\~GLH0325.TMP
2008-12-25 17:37:06 ----A---- C:\Windows\system32\PSDrvCheck.exe
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspp6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm5.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nsppx.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nspa6.dll
2008-12-25 17:37:04 ----D---- C:\Program Files\VOB
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nspw7.dll
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nsp.dll
2008-12-25 17:37:03 ----D---- C:\Program Files\Pinnacle
2008-12-25 17:36:33 ----D---- C:\MyMp3Pro
2008-12-25 17:36:21 ----A---- C:\Windows\LOOP.exe
2008-12-25 17:34:56 ----A---- C:\Windows\IsUninst.exe
2008-12-22 15:27:31 ----D---- C:\Users\mickael\AppData\Roaming\Mozilla
2008-12-22 15:27:01 ----D---- C:\Users\mickael\AppData\Roaming\SecondLife
2008-12-21 17:00:51 ----D---- C:\Users\mickael\AppData\Roaming\LimeWire
2008-12-17 11:04:16 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2008-12-17 11:02:24 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-17 10:59:34 ----D---- C:\Program Files\Microsoft
2008-12-17 10:58:46 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-15 00:25:19 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 2 months======
2009-02-12 18:38:42 ----D---- C:\Windows\Temp
2009-02-12 18:34:29 ----D---- C:\Windows\Prefetch
2009-02-12 18:29:47 ----D---- C:\Windows\System32
2009-02-12 18:29:47 ----D---- C:\Windows\inf
2009-02-12 18:29:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-12 18:08:59 ----D---- C:\Windows\system32\Tasks
2009-02-12 16:38:28 ----D---- C:\Windows
2009-02-12 16:23:00 ----D---- C:\Windows\system32\drivers
2009-02-12 16:22:56 ----RD---- C:\Program Files
2009-02-11 22:36:53 ----D---- C:\Windows\winsxs
2009-02-10 17:07:31 ----D---- C:\Windows\Debug
2009-02-10 17:06:42 ----D---- C:\Windows\system32\catroot
2009-02-10 17:06:29 ----SHD---- C:\Windows\Installer
2009-02-10 17:06:23 ----D---- C:\ProgramData\Microsoft Help
2009-02-10 17:05:43 ----D---- C:\Program Files\Windows Mail
2009-02-10 17:05:25 ----SHD---- C:\System Volume Information
2009-02-10 15:08:42 ----D---- C:\Windows\system32\catroot2
2009-02-07 18:32:39 ----D---- C:\Windows\system32\LogFiles
2009-02-07 16:53:29 ----SD---- C:\Windows\Downloaded Program Files
2009-02-07 14:54:43 ----HD---- C:\ProgramData
2009-02-07 14:32:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-07 01:00:50 ----D---- C:\Windows\system32\Macromed
2009-02-07 00:46:50 ----D---- C:\ProgramData\WinZip
2009-02-07 00:45:15 ----D---- C:\Program Files\Navilog1
2009-02-07 00:22:03 ----D---- C:\Program Files\Windows Journal
2009-02-07 00:04:46 ----D---- C:\Windows\Help
2009-02-05 23:23:21 ----D---- C:\Windows\system32\Msdtc
2009-02-05 23:23:18 ----D---- C:\Windows\system32\wbem
2009-02-05 23:19:17 ----D---- C:\Windows\system32\config
2009-02-05 23:16:45 ----D---- C:\Windows\Tasks
2009-02-05 23:16:45 ----D---- C:\Windows\system32\spool
2009-02-05 23:16:45 ----D---- C:\Windows\system32\CodeIntegrity
2009-02-05 23:16:45 ----D---- C:\Windows\rescache
2009-02-05 23:15:57 ----D---- C:\Windows\registration
2009-02-05 23:15:52 ----D---- C:\Windows\system32\XPSViewer
2009-02-04 21:10:32 ----D---- C:\Windows\Microsoft.NET
2009-02-04 21:10:24 ----RSD---- C:\Windows\assembly
2009-02-03 19:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-01-24 15:29:37 ----SD---- C:\Users\mickael\AppData\Roaming\Microsoft
2009-01-12 15:18:32 ----D---- C:\Program Files\DivX
2009-01-03 03:33:02 ----SD---- C:\ProgramData\Microsoft
2009-01-03 03:31:53 ----D---- C:\PerfLogs
2008-12-26 00:34:02 ----D---- C:\Windows\WindowsMobile
2008-12-25 17:37:07 ----RSD---- C:\Windows\Fonts
2008-12-17 11:04:17 ----D---- C:\Program Files\Common Files\System
2008-12-17 11:03:32 ----D---- C:\Program Files\Windows Live
2008-12-17 11:00:57 ----D---- C:\Windows\SoftwareDistribution
2008-12-17 10:59:11 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files
2008-12-15 21:16:32 ----D---- C:\Windows\AppPatch
2008-12-15 21:16:31 ----D---- C:\Windows\system32\fr-FR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2007-07-27 149504]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2007-08-02 188432]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-01-21 8320]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-13 4452288]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-02 182328]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
S3 apt5vzr8;apt5vzr8; C:\Windows\system32\drivers\apt5vzr8.sys []
S3 catchme;catchme; \??\C:\Users\mickael\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 Profos;Profos; \??\C:\PROGRA~1\Softwin\BITDEF~1\profos.sys [2006-06-21 13184]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-19 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WINUSB;Pilote WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-19 31616]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-19 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-29 86016]
R3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-23 138680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-29 87288]
-----------------EOF-----------------
======List of files/folders created in the last 2 months======
2009-02-12 18:34:29 ----D---- C:\rsit
2009-02-12 18:07:38 ----D---- C:\SDFix
2009-02-12 16:38:28 ----A---- C:\Windows\ntbtlog.txt
2009-02-12 16:22:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-10 15:10:19 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 15:10:17 ----A---- C:\Windows\system32\ieframe.dll
2009-02-10 15:10:15 ----A---- C:\Windows\system32\urlmon.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\wininet.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\mstime.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\iertutil.dll
2009-02-07 16:53:27 ----D---- C:\Windows\BDOSCAN8
2009-02-07 14:54:43 ----D---- C:\ProgramData\Grisoft
2009-02-06 22:19:00 ----D---- C:\ProgramData\NOS
2009-02-06 22:18:59 ----D---- C:\Program Files\NOS
2009-02-06 21:16:24 ----D---- C:\Users\mickael\AppData\Roaming\Malwarebytes
2009-02-06 21:16:17 ----D---- C:\ProgramData\Malwarebytes
2009-01-24 16:01:12 ----D---- C:\ProgramData\TuneUp Software
2009-01-19 18:49:41 ----D---- C:\Program Files\comptes
2009-01-19 18:49:03 ----N---- C:\Windows\Setup1.exe
2009-01-19 18:49:02 ----A---- C:\Windows\ST6UNST.EXE
2009-01-12 16:04:17 ----D---- C:\Windows\system32\Adobe
2008-12-30 11:57:26 ----D---- C:\ProgramData\Messenger Plus!
2008-12-30 00:09:41 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-25 18:23:44 ----N---- C:\Windows\system32\pxhpinst.exe
2008-12-25 18:23:39 ----A---- C:\Windows\winamp.ini
2008-12-25 17:39:12 ----D---- C:\Users\mickael\AppData\Roaming\Steinberg
2008-12-25 17:37:07 ----A---- C:\Windows\~GLH0325.TMP
2008-12-25 17:37:06 ----A---- C:\Windows\system32\PSDrvCheck.exe
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspp6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm5.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nsppx.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nspa6.dll
2008-12-25 17:37:04 ----D---- C:\Program Files\VOB
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nspw7.dll
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nsp.dll
2008-12-25 17:37:03 ----D---- C:\Program Files\Pinnacle
2008-12-25 17:36:33 ----D---- C:\MyMp3Pro
2008-12-25 17:36:21 ----A---- C:\Windows\LOOP.exe
2008-12-25 17:34:56 ----A---- C:\Windows\IsUninst.exe
2008-12-22 15:27:31 ----D---- C:\Users\mickael\AppData\Roaming\Mozilla
2008-12-22 15:27:01 ----D---- C:\Users\mickael\AppData\Roaming\SecondLife
2008-12-21 17:00:51 ----D---- C:\Users\mickael\AppData\Roaming\LimeWire
2008-12-17 11:04:16 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2008-12-17 11:02:24 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-17 10:59:34 ----D---- C:\Program Files\Microsoft
2008-12-17 10:58:46 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-15 00:25:19 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 2 months======
2009-02-12 18:38:42 ----D---- C:\Windows\Temp
2009-02-12 18:34:29 ----D---- C:\Windows\Prefetch
2009-02-12 18:29:47 ----D---- C:\Windows\System32
2009-02-12 18:29:47 ----D---- C:\Windows\inf
2009-02-12 18:29:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-12 18:08:59 ----D---- C:\Windows\system32\Tasks
2009-02-12 16:38:28 ----D---- C:\Windows
2009-02-12 16:23:00 ----D---- C:\Windows\system32\drivers
2009-02-12 16:22:56 ----RD---- C:\Program Files
2009-02-11 22:36:53 ----D---- C:\Windows\winsxs
2009-02-10 17:07:31 ----D---- C:\Windows\Debug
2009-02-10 17:06:42 ----D---- C:\Windows\system32\catroot
2009-02-10 17:06:29 ----SHD---- C:\Windows\Installer
2009-02-10 17:06:23 ----D---- C:\ProgramData\Microsoft Help
2009-02-10 17:05:43 ----D---- C:\Program Files\Windows Mail
2009-02-10 17:05:25 ----SHD---- C:\System Volume Information
2009-02-10 15:08:42 ----D---- C:\Windows\system32\catroot2
2009-02-07 18:32:39 ----D---- C:\Windows\system32\LogFiles
2009-02-07 16:53:29 ----SD---- C:\Windows\Downloaded Program Files
2009-02-07 14:54:43 ----HD---- C:\ProgramData
2009-02-07 14:32:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-07 01:00:50 ----D---- C:\Windows\system32\Macromed
2009-02-07 00:46:50 ----D---- C:\ProgramData\WinZip
2009-02-07 00:45:15 ----D---- C:\Program Files\Navilog1
2009-02-07 00:22:03 ----D---- C:\Program Files\Windows Journal
2009-02-07 00:04:46 ----D---- C:\Windows\Help
2009-02-05 23:23:21 ----D---- C:\Windows\system32\Msdtc
2009-02-05 23:23:18 ----D---- C:\Windows\system32\wbem
2009-02-05 23:19:17 ----D---- C:\Windows\system32\config
2009-02-05 23:16:45 ----D---- C:\Windows\Tasks
2009-02-05 23:16:45 ----D---- C:\Windows\system32\spool
2009-02-05 23:16:45 ----D---- C:\Windows\system32\CodeIntegrity
2009-02-05 23:16:45 ----D---- C:\Windows\rescache
2009-02-05 23:15:57 ----D---- C:\Windows\registration
2009-02-05 23:15:52 ----D---- C:\Windows\system32\XPSViewer
2009-02-04 21:10:32 ----D---- C:\Windows\Microsoft.NET
2009-02-04 21:10:24 ----RSD---- C:\Windows\assembly
2009-02-03 19:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-01-24 15:29:37 ----SD---- C:\Users\mickael\AppData\Roaming\Microsoft
2009-01-12 15:18:32 ----D---- C:\Program Files\DivX
2009-01-03 03:33:02 ----SD---- C:\ProgramData\Microsoft
2009-01-03 03:31:53 ----D---- C:\PerfLogs
2008-12-26 00:34:02 ----D---- C:\Windows\WindowsMobile
2008-12-25 17:37:07 ----RSD---- C:\Windows\Fonts
2008-12-17 11:04:17 ----D---- C:\Program Files\Common Files\System
2008-12-17 11:03:32 ----D---- C:\Program Files\Windows Live
2008-12-17 11:00:57 ----D---- C:\Windows\SoftwareDistribution
2008-12-17 10:59:11 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files
2008-12-15 21:16:32 ----D---- C:\Windows\AppPatch
2008-12-15 21:16:31 ----D---- C:\Windows\system32\fr-FR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2007-07-27 149504]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2007-08-02 188432]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-01-21 8320]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-13 4452288]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-02 182328]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
S3 apt5vzr8;apt5vzr8; C:\Windows\system32\drivers\apt5vzr8.sys []
S3 catchme;catchme; \??\C:\Users\mickael\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 Profos;Profos; \??\C:\PROGRA~1\Softwin\BITDEF~1\profos.sys [2006-06-21 13184]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-19 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WINUSB;Pilote WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-19 31616]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-19 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-29 86016]
R3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-23 138680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-29 87288]
-----------------EOF-----------------
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
avec rav tu devrais avoir une alerte assez rapidement je suppose.
1/ # Télécharge RavAntivirus d'Evosla :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus
# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!
2/ Télécharge sur le bureau Flash Disinfector (de SUBS) à cette adresse : https://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
Double-clique sur l’icône.
Les icônes vont disparaître. C’est normal.
Si un rapport est généré en cas d'infection, sauvegarde-le sur le bureau, et poste le ensuite
Redémarre ensuite le PC.
3)apres refais un nouveau rapport rsit . merci .
1/ # Télécharge RavAntivirus d'Evosla :
http://ww25.evosla.com/compteur.php?soft=rav_antivirus
# Si tu as une clé USB, disque dur externe, etc, branche-les sans les ouvrir avant de lancer ce FIX
# Fais un clic droit sur le fichier .ZIP > Extraire sur > le Bureau
# Doucle-clique sur >> RAV.exe << afin de lancer l'outil.
# Une fois RAV ANTIVIRUS lancé, laisse-le réagir , il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
# Si infection > un log s'établira, sinon le soft affichera (très rapide) ==>Votre Ordinateur est sain .
# Retire tes disques amovibles et redémarrez votre ordinateur.
# Poste le rapport, si infection!
2/ Télécharge sur le bureau Flash Disinfector (de SUBS) à cette adresse : https://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe
Double-clique sur l’icône.
Les icônes vont disparaître. C’est normal.
Si un rapport est généré en cas d'infection, sauvegarde-le sur le bureau, et poste le ensuite
Redémarre ensuite le PC.
3)apres refais un nouveau rapport rsit . merci .
RavAntivirus et Flash Disinfector n'ont rien trouvé et ne m'ont pas donné de rapport .
voici le nouveau rapport rsit :
Logfile of random's system information tool 1.05 (written by random/random)
Run by mickael at 2009-02-12 20:35:58
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 14 GB (24%) free of 57 GB
Total RAM: 1021 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:36:18, on 12/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\System32\rundll32.exe
C:\Users\mickael\Desktop\RSIT.exe
C:\Users\mickael\Desktop\HTThis\mickael.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSDrvCheck] C:\Windows\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
voici le nouveau rapport rsit :
Logfile of random's system information tool 1.05 (written by random/random)
Run by mickael at 2009-02-12 20:35:58
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 14 GB (24%) free of 57 GB
Total RAM: 1021 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:36:18, on 12/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Windows\System32\rundll32.exe
C:\Users\mickael\Desktop\RSIT.exe
C:\Users\mickael\Desktop\HTThis\mickael.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSDrvCheck] C:\Windows\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
======Scheduled tasks folder======
C:\Windows\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-08 501384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-09-23 654832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-03-05 86016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-19 411768]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-01-17 534648]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2006-11-01 413696]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-11-01 438272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-02 835584]
"StorageGuard"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-02-12 155648]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-17 368640]
"MSConfig"=C:\Windows\system32\msconfig.exe [2008-01-19 227840]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-01-13 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-01-13 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-01-13 81920]
"PSDrvCheck"=C:\Windows\system32\PSDrvCheck.exe [2003-08-28 396800]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-23 68856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-02-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-02-06 509496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe [2006-08-15 544768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2008-04-26 1271032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-03-02 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TZ Spyware Remover]
C:\Program Files\TrackZapper.com\TZ Spyware Remover\SpyRem.exe /STARTUP []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=36
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
shell\Auto\command - D:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\AdobeR.exe e
C:\Windows\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-08 501384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-09-23 654832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-03-05 86016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-19 411768]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-01-17 534648]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2006-11-01 413696]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-11-01 438272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-02 835584]
"StorageGuard"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-02-12 155648]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-17 368640]
"MSConfig"=C:\Windows\system32\msconfig.exe [2008-01-19 227840]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-01-13 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-01-13 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-01-13 81920]
"PSDrvCheck"=C:\Windows\system32\PSDrvCheck.exe [2003-08-28 396800]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-23 68856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-02-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-02-06 509496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe [2006-08-15 544768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2008-04-26 1271032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-03-02 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TZ Spyware Remover]
C:\Program Files\TrackZapper.com\TZ Spyware Remover\SpyRem.exe /STARTUP []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=36
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
shell\Auto\command - D:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\AdobeR.exe e
======List of files/folders created in the last 2 months======
2009-02-12 20:25:31 ----RASHD---- C:\autorun.inf
2009-02-12 20:01:25 ----D---- C:\Program Files\WinZip
2009-02-12 18:34:29 ----D---- C:\rsit
2009-02-12 18:07:38 ----D---- C:\SDFix
2009-02-12 16:38:28 ----A---- C:\Windows\ntbtlog.txt
2009-02-12 16:22:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-10 15:10:19 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 15:10:17 ----A---- C:\Windows\system32\ieframe.dll
2009-02-10 15:10:15 ----A---- C:\Windows\system32\urlmon.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\wininet.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\mstime.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\iertutil.dll
2009-02-07 16:53:27 ----D---- C:\Windows\BDOSCAN8
2009-02-07 14:54:43 ----D---- C:\ProgramData\Grisoft
2009-02-06 22:19:00 ----D---- C:\ProgramData\NOS
2009-02-06 22:18:59 ----D---- C:\Program Files\NOS
2009-02-06 21:16:24 ----D---- C:\Users\mickael\AppData\Roaming\Malwarebytes
2009-02-06 21:16:17 ----D---- C:\ProgramData\Malwarebytes
2009-01-24 16:01:12 ----D---- C:\ProgramData\TuneUp Software
2009-01-19 18:49:41 ----D---- C:\Program Files\comptes
2009-01-19 18:49:03 ----N---- C:\Windows\Setup1.exe
2009-01-19 18:49:02 ----A---- C:\Windows\ST6UNST.EXE
2009-01-12 16:04:17 ----D---- C:\Windows\system32\Adobe
2008-12-30 11:57:26 ----D---- C:\ProgramData\Messenger Plus!
2008-12-30 00:09:41 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-25 18:23:44 ----N---- C:\Windows\system32\pxhpinst.exe
2008-12-25 18:23:39 ----A---- C:\Windows\winamp.ini
2008-12-25 17:39:12 ----D---- C:\Users\mickael\AppData\Roaming\Steinberg
2008-12-25 17:37:07 ----A---- C:\Windows\~GLH0325.TMP
2008-12-25 17:37:06 ----A---- C:\Windows\system32\PSDrvCheck.exe
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspp6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm5.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nsppx.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nspa6.dll
2008-12-25 17:37:04 ----D---- C:\Program Files\VOB
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nspw7.dll
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nsp.dll
2008-12-25 17:37:03 ----D---- C:\Program Files\Pinnacle
2008-12-25 17:36:33 ----D---- C:\MyMp3Pro
2008-12-25 17:36:21 ----A---- C:\Windows\LOOP.exe
2008-12-25 17:34:56 ----A---- C:\Windows\IsUninst.exe
2008-12-22 15:27:31 ----D---- C:\Users\mickael\AppData\Roaming\Mozilla
2008-12-22 15:27:01 ----D---- C:\Users\mickael\AppData\Roaming\SecondLife
2008-12-21 17:00:51 ----D---- C:\Users\mickael\AppData\Roaming\LimeWire
2008-12-17 11:04:16 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2008-12-17 11:02:24 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-17 10:59:34 ----D---- C:\Program Files\Microsoft
2008-12-17 10:58:46 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-15 00:25:19 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 2 months======
2009-02-12 20:36:11 ----D---- C:\Windows\Prefetch
2009-02-12 20:36:03 ----D---- C:\Windows\Temp
2009-02-12 20:32:13 ----D---- C:\Windows\System32
2009-02-12 20:26:56 ----D---- C:\Windows\system32\Tasks
2009-02-12 20:14:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-12 20:14:16 ----D---- C:\Windows\inf
2009-02-12 20:02:00 ----D---- C:\ProgramData\WinZip
2009-02-12 20:01:52 ----SHD---- C:\Windows\Installer
2009-02-12 20:01:25 ----RD---- C:\Program Files
2009-02-12 20:00:18 ----SHD---- C:\System Volume Information
2009-02-12 16:38:28 ----D---- C:\Windows
2009-02-12 16:23:00 ----D---- C:\Windows\system32\drivers
2009-02-11 22:36:53 ----D---- C:\Windows\winsxs
2009-02-10 17:07:31 ----D---- C:\Windows\Debug
2009-02-10 17:06:42 ----D---- C:\Windows\system32\catroot
2009-02-10 17:06:23 ----D---- C:\ProgramData\Microsoft Help
2009-02-10 17:05:43 ----D---- C:\Program Files\Windows Mail
2009-02-10 15:08:42 ----D---- C:\Windows\system32\catroot2
2009-02-07 18:32:39 ----D---- C:\Windows\system32\LogFiles
2009-02-07 16:53:29 ----SD---- C:\Windows\Downloaded Program Files
2009-02-07 14:54:43 ----HD---- C:\ProgramData
2009-02-07 14:32:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-07 01:00:50 ----D---- C:\Windows\system32\Macromed
2009-02-07 00:45:15 ----D---- C:\Program Files\Navilog1
2009-02-07 00:22:03 ----D---- C:\Program Files\Windows Journal
2009-02-07 00:04:46 ----D---- C:\Windows\Help
2009-02-05 23:23:21 ----D---- C:\Windows\system32\Msdtc
2009-02-05 23:23:18 ----D---- C:\Windows\system32\wbem
2009-02-05 23:19:17 ----D---- C:\Windows\system32\config
2009-02-05 23:16:45 ----D---- C:\Windows\Tasks
2009-02-05 23:16:45 ----D---- C:\Windows\system32\spool
2009-02-05 23:16:45 ----D---- C:\Windows\system32\CodeIntegrity
2009-02-05 23:16:45 ----D---- C:\Windows\rescache
2009-02-05 23:15:57 ----D---- C:\Windows\registration
2009-02-05 23:15:52 ----D---- C:\Windows\system32\XPSViewer
2009-02-04 21:10:32 ----D---- C:\Windows\Microsoft.NET
2009-02-04 21:10:24 ----RSD---- C:\Windows\assembly
2009-02-03 19:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-01-24 15:29:37 ----SD---- C:\Users\mickael\AppData\Roaming\Microsoft
2009-01-12 15:18:32 ----D---- C:\Program Files\DivX
2009-01-03 03:33:02 ----SD---- C:\ProgramData\Microsoft
2009-01-03 03:31:53 ----D---- C:\PerfLogs
2008-12-26 00:34:02 ----D---- C:\Windows\WindowsMobile
2008-12-25 17:37:07 ----RSD---- C:\Windows\Fonts
2008-12-17 11:04:17 ----D---- C:\Program Files\Common Files\System
2008-12-17 11:03:32 ----D---- C:\Program Files\Windows Live
2008-12-17 11:00:57 ----D---- C:\Windows\SoftwareDistribution
2008-12-17 10:59:11 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files
2008-12-15 21:16:32 ----D---- C:\Windows\AppPatch
2008-12-15 21:16:31 ----D---- C:\Windows\system32\fr-FR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2007-07-27 149504]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2007-08-02 188432]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-01-21 8320]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-13 4452288]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-02 182328]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
S3 ahlfn2up;ahlfn2up; C:\Windows\system32\drivers\ahlfn2up.sys []
S3 catchme;catchme; \??\C:\Users\mickael\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 Profos;Profos; \??\C:\PROGRA~1\Softwin\BITDEF~1\profos.sys [2006-06-21 13184]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-19 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WINUSB;Pilote WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-19 31616]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-19 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-29 86016]
R3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-23 138680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-29 87288]
-----------------EOF-----------------
2009-02-12 20:25:31 ----RASHD---- C:\autorun.inf
2009-02-12 20:01:25 ----D---- C:\Program Files\WinZip
2009-02-12 18:34:29 ----D---- C:\rsit
2009-02-12 18:07:38 ----D---- C:\SDFix
2009-02-12 16:38:28 ----A---- C:\Windows\ntbtlog.txt
2009-02-12 16:22:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-10 15:10:19 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 15:10:17 ----A---- C:\Windows\system32\ieframe.dll
2009-02-10 15:10:15 ----A---- C:\Windows\system32\urlmon.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\wininet.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\mstime.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\iertutil.dll
2009-02-07 16:53:27 ----D---- C:\Windows\BDOSCAN8
2009-02-07 14:54:43 ----D---- C:\ProgramData\Grisoft
2009-02-06 22:19:00 ----D---- C:\ProgramData\NOS
2009-02-06 22:18:59 ----D---- C:\Program Files\NOS
2009-02-06 21:16:24 ----D---- C:\Users\mickael\AppData\Roaming\Malwarebytes
2009-02-06 21:16:17 ----D---- C:\ProgramData\Malwarebytes
2009-01-24 16:01:12 ----D---- C:\ProgramData\TuneUp Software
2009-01-19 18:49:41 ----D---- C:\Program Files\comptes
2009-01-19 18:49:03 ----N---- C:\Windows\Setup1.exe
2009-01-19 18:49:02 ----A---- C:\Windows\ST6UNST.EXE
2009-01-12 16:04:17 ----D---- C:\Windows\system32\Adobe
2008-12-30 11:57:26 ----D---- C:\ProgramData\Messenger Plus!
2008-12-30 00:09:41 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-25 18:23:44 ----N---- C:\Windows\system32\pxhpinst.exe
2008-12-25 18:23:39 ----A---- C:\Windows\winamp.ini
2008-12-25 17:39:12 ----D---- C:\Users\mickael\AppData\Roaming\Steinberg
2008-12-25 17:37:07 ----A---- C:\Windows\~GLH0325.TMP
2008-12-25 17:37:06 ----A---- C:\Windows\system32\PSDrvCheck.exe
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspp6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm5.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nsppx.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nspa6.dll
2008-12-25 17:37:04 ----D---- C:\Program Files\VOB
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nspw7.dll
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nsp.dll
2008-12-25 17:37:03 ----D---- C:\Program Files\Pinnacle
2008-12-25 17:36:33 ----D---- C:\MyMp3Pro
2008-12-25 17:36:21 ----A---- C:\Windows\LOOP.exe
2008-12-25 17:34:56 ----A---- C:\Windows\IsUninst.exe
2008-12-22 15:27:31 ----D---- C:\Users\mickael\AppData\Roaming\Mozilla
2008-12-22 15:27:01 ----D---- C:\Users\mickael\AppData\Roaming\SecondLife
2008-12-21 17:00:51 ----D---- C:\Users\mickael\AppData\Roaming\LimeWire
2008-12-17 11:04:16 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2008-12-17 11:02:24 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-17 10:59:34 ----D---- C:\Program Files\Microsoft
2008-12-17 10:58:46 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-15 00:25:19 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 2 months======
2009-02-12 20:36:11 ----D---- C:\Windows\Prefetch
2009-02-12 20:36:03 ----D---- C:\Windows\Temp
2009-02-12 20:32:13 ----D---- C:\Windows\System32
2009-02-12 20:26:56 ----D---- C:\Windows\system32\Tasks
2009-02-12 20:14:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-12 20:14:16 ----D---- C:\Windows\inf
2009-02-12 20:02:00 ----D---- C:\ProgramData\WinZip
2009-02-12 20:01:52 ----SHD---- C:\Windows\Installer
2009-02-12 20:01:25 ----RD---- C:\Program Files
2009-02-12 20:00:18 ----SHD---- C:\System Volume Information
2009-02-12 16:38:28 ----D---- C:\Windows
2009-02-12 16:23:00 ----D---- C:\Windows\system32\drivers
2009-02-11 22:36:53 ----D---- C:\Windows\winsxs
2009-02-10 17:07:31 ----D---- C:\Windows\Debug
2009-02-10 17:06:42 ----D---- C:\Windows\system32\catroot
2009-02-10 17:06:23 ----D---- C:\ProgramData\Microsoft Help
2009-02-10 17:05:43 ----D---- C:\Program Files\Windows Mail
2009-02-10 15:08:42 ----D---- C:\Windows\system32\catroot2
2009-02-07 18:32:39 ----D---- C:\Windows\system32\LogFiles
2009-02-07 16:53:29 ----SD---- C:\Windows\Downloaded Program Files
2009-02-07 14:54:43 ----HD---- C:\ProgramData
2009-02-07 14:32:51 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-07 01:00:50 ----D---- C:\Windows\system32\Macromed
2009-02-07 00:45:15 ----D---- C:\Program Files\Navilog1
2009-02-07 00:22:03 ----D---- C:\Program Files\Windows Journal
2009-02-07 00:04:46 ----D---- C:\Windows\Help
2009-02-05 23:23:21 ----D---- C:\Windows\system32\Msdtc
2009-02-05 23:23:18 ----D---- C:\Windows\system32\wbem
2009-02-05 23:19:17 ----D---- C:\Windows\system32\config
2009-02-05 23:16:45 ----D---- C:\Windows\Tasks
2009-02-05 23:16:45 ----D---- C:\Windows\system32\spool
2009-02-05 23:16:45 ----D---- C:\Windows\system32\CodeIntegrity
2009-02-05 23:16:45 ----D---- C:\Windows\rescache
2009-02-05 23:15:57 ----D---- C:\Windows\registration
2009-02-05 23:15:52 ----D---- C:\Windows\system32\XPSViewer
2009-02-04 21:10:32 ----D---- C:\Windows\Microsoft.NET
2009-02-04 21:10:24 ----RSD---- C:\Windows\assembly
2009-02-03 19:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-01-24 15:29:37 ----SD---- C:\Users\mickael\AppData\Roaming\Microsoft
2009-01-12 15:18:32 ----D---- C:\Program Files\DivX
2009-01-03 03:33:02 ----SD---- C:\ProgramData\Microsoft
2009-01-03 03:31:53 ----D---- C:\PerfLogs
2008-12-26 00:34:02 ----D---- C:\Windows\WindowsMobile
2008-12-25 17:37:07 ----RSD---- C:\Windows\Fonts
2008-12-17 11:04:17 ----D---- C:\Program Files\Common Files\System
2008-12-17 11:03:32 ----D---- C:\Program Files\Windows Live
2008-12-17 11:00:57 ----D---- C:\Windows\SoftwareDistribution
2008-12-17 10:59:11 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files
2008-12-15 21:16:32 ----D---- C:\Windows\AppPatch
2008-12-15 21:16:31 ----D---- C:\Windows\system32\fr-FR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2007-07-27 149504]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2007-08-02 188432]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-01-21 8320]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-13 4452288]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-02 182328]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
R3 UVCFTR;UVCFTR; C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
S3 ahlfn2up;ahlfn2up; C:\Windows\system32\drivers\ahlfn2up.sys []
S3 catchme;catchme; \??\C:\Users\mickael\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 Profos;Profos; \??\C:\PROGRA~1\Softwin\BITDEF~1\profos.sys [2006-06-21 13184]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-19 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WINUSB;Pilote WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-19 31616]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-19 428152]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 118784]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-29 86016]
R3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-23 138680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-29 87288]
-----------------EOF-----------------
1)Télécharge OTMoveIt3 de OldTimer sur ton Bureau en cliquant sur ce lien :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
2)Une fois téléchargé double-clique sur OTMoveIt3.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
3)puis copie les lignes en gras qui se trouvent en dessous :
:processes
explorer.exe
:files
D:\AdobeR.exe
:reg
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
et colle-les dans le cadre de gauche de OTMoveIt : "Paste List Of Files/Folders to Move."
clique sur move it pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
4) Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
5) Il te sera peut-être demander de redémarrer le pc pour achever la suppression -> Accepte ( si il ne fait pas automatiquement , fait-le toi même )
/!\ Note : Au démarrage ton bureau RISQUE de ne plus apparaître , dans ce cas fait --> CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"
Tape explorer.exe et valide. Cela fera re-apparaître le Bureau.
http://oldtimer.geekstogo.com/OTMoveIt3.exe
2)Une fois téléchargé double-clique sur OTMoveIt3.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
3)puis copie les lignes en gras qui se trouvent en dessous :
:processes
explorer.exe
:files
D:\AdobeR.exe
:reg
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
et colle-les dans le cadre de gauche de OTMoveIt : "Paste List Of Files/Folders to Move."
clique sur move it pour lancer la suppression.
le résultat apparaitra dans le cadre Results.
clique sur Exit pour fermer.
4) Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
5) Il te sera peut-être demander de redémarrer le pc pour achever la suppression -> Accepte ( si il ne fait pas automatiquement , fait-le toi même )
/!\ Note : Au démarrage ton bureau RISQUE de ne plus apparaître , dans ce cas fait --> CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"
Tape explorer.exe et valide. Cela fera re-apparaître le Bureau.
bonjour désolé pour cette réponse tardive due au décalage horaire de la martinique
voici le rapport OTMoveIt3 de OldTimer :
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder D:\AdobeR.exe not found.
========== REGISTRY ==========
========== COMMANDS ==========
File delete failed. C:\Users\mickael\AppData\Local\Temp\Low\~DF4DFC.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\mickael\AppData\Local\Temp\Low\~DF4E04.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02132009_172526
Files moved on Reboot...
File C:\Users\mickael\AppData\Local\Temp\Low\~DF4DFC.tmp not found!
File C:\Users\mickael\AppData\Local\Temp\Low\~DF4E04.tmp not found!
voici le rapport OTMoveIt3 de OldTimer :
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder D:\AdobeR.exe not found.
========== REGISTRY ==========
========== COMMANDS ==========
File delete failed. C:\Users\mickael\AppData\Local\Temp\Low\~DF4DFC.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\mickael\AppData\Local\Temp\Low\~DF4E04.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02132009_172526
Files moved on Reboot...
File C:\Users\mickael\AppData\Local\Temp\Low\~DF4DFC.tmp not found!
File C:\Users\mickael\AppData\Local\Temp\Low\~DF4E04.tmp not found!
bonjour voici le nouveau rapport r sit:
Logfile of random's system information tool 1.05 (written by random/random)
Run by mickael at 2009-02-14 20:05:39
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 14 GB (24%) free of 57 GB
Total RAM: 1021 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:03, on 14/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode
Running processes:
C:\Windows\Explorer.EXE
C:\Users\mickael\Desktop\RSIT.exe
C:\Users\mickael\Desktop\HTThis\mickael.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSDrvCheck] C:\Windows\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by mickael at 2009-02-14 20:05:39
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 14 GB (24%) free of 57 GB
Total RAM: 1021 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:06:03, on 14/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode
Running processes:
C:\Windows\Explorer.EXE
C:\Users\mickael\Desktop\RSIT.exe
C:\Users\mickael\Desktop\HTThis\mickael.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PSDrvCheck] C:\Windows\system32\PSDrvCheck.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
======Scheduled tasks folder======
C:\Windows\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-08 501384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-09-23 654832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-03-05 86016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-19 411768]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-01-17 534648]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2006-11-01 413696]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-11-01 438272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-02 835584]
"StorageGuard"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-02-12 155648]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-17 368640]
"MSConfig"=C:\Windows\system32\msconfig.exe [2008-01-19 227840]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-01-13 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-01-13 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-01-13 81920]
"PSDrvCheck"=C:\Windows\system32\PSDrvCheck.exe [2003-08-28 396800]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-23 68856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-02-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-02-06 509496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe [2006-08-15 544768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2008-04-26 1271032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-03-02 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TZ Spyware Remover]
C:\Program Files\TrackZapper.com\TZ Spyware Remover\SpyRem.exe /STARTUP []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=36
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
shell\Auto\command - D:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\AdobeR.exe e
C:\Windows\tasks\Maintenance en 1 clic.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-03-08 501384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-09-23 654832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll [2008-03-05 86016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-09-23 2436160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-01-18 4349952]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2006-12-19 411768]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-01-17 534648]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2006-11-01 413696]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-11-01 438272]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-02 835584]
"StorageGuard"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-02-12 155648]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe [2008-09-17 368640]
"MSConfig"=C:\Windows\system32\msconfig.exe [2008-01-19 227840]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-01-13 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-01-13 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-01-13 81920]
"PSDrvCheck"=C:\Windows\system32\PSDrvCheck.exe [2003-08-28 396800]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-23 68856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-02-13 405504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-02-06 509496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe [2006-08-15 544768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2008-04-26 1271032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-03-02 577536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TZ Spyware Remover]
C:\Program Files\TrackZapper.com\TZ Spyware Remover\SpyRem.exe /STARTUP []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=FFFFFFFF
"NoDriveTypeAutoRun"=36
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
shell\Auto\command - D:\AdobeR.exe e
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\AdobeR.exe e
======List of files/folders created in the last 2 months======
2009-02-13 17:25:26 ----D---- C:\_OTMoveIt
2009-02-12 20:25:31 ----RASHD---- C:\autorun.inf
2009-02-12 20:01:25 ----D---- C:\Program Files\WinZip
2009-02-12 18:34:29 ----D---- C:\rsit
2009-02-12 18:07:38 ----D---- C:\SDFix
2009-02-12 16:38:28 ----A---- C:\Windows\ntbtlog.txt
2009-02-12 16:22:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-10 15:10:19 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 15:10:17 ----A---- C:\Windows\system32\ieframe.dll
2009-02-10 15:10:15 ----A---- C:\Windows\system32\urlmon.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\wininet.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\mstime.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\iertutil.dll
2009-02-07 16:53:27 ----D---- C:\Windows\BDOSCAN8
2009-02-07 14:54:43 ----D---- C:\ProgramData\Grisoft
2009-02-06 22:19:00 ----D---- C:\ProgramData\NOS
2009-02-06 22:18:59 ----D---- C:\Program Files\NOS
2009-02-06 21:16:24 ----D---- C:\Users\mickael\AppData\Roaming\Malwarebytes
2009-02-06 21:16:17 ----D---- C:\ProgramData\Malwarebytes
2009-01-24 16:01:12 ----D---- C:\ProgramData\TuneUp Software
2009-01-19 18:49:41 ----D---- C:\Program Files\comptes
2009-01-19 18:49:03 ----N---- C:\Windows\Setup1.exe
2009-01-19 18:49:02 ----A---- C:\Windows\ST6UNST.EXE
2009-01-12 16:04:17 ----D---- C:\Windows\system32\Adobe
2008-12-30 11:57:26 ----D---- C:\ProgramData\Messenger Plus!
2008-12-30 00:09:41 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-25 18:23:44 ----N---- C:\Windows\system32\pxhpinst.exe
2008-12-25 18:23:39 ----A---- C:\Windows\winamp.ini
2008-12-25 17:39:12 ----D---- C:\Users\mickael\AppData\Roaming\Steinberg
2008-12-25 17:37:07 ----A---- C:\Windows\~GLH0325.TMP
2008-12-25 17:37:06 ----A---- C:\Windows\system32\PSDrvCheck.exe
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspp6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm5.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nsppx.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nspa6.dll
2008-12-25 17:37:04 ----D---- C:\Program Files\VOB
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nspw7.dll
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nsp.dll
2008-12-25 17:37:03 ----D---- C:\Program Files\Pinnacle
2008-12-25 17:36:33 ----D---- C:\MyMp3Pro
2008-12-25 17:36:21 ----A---- C:\Windows\LOOP.exe
2008-12-25 17:34:56 ----A---- C:\Windows\IsUninst.exe
2008-12-22 15:27:31 ----D---- C:\Users\mickael\AppData\Roaming\Mozilla
2008-12-22 15:27:01 ----D---- C:\Users\mickael\AppData\Roaming\SecondLife
2008-12-21 17:00:51 ----D---- C:\Users\mickael\AppData\Roaming\LimeWire
2008-12-17 11:04:16 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2008-12-17 11:02:24 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-17 10:59:34 ----D---- C:\Program Files\Microsoft
2008-12-17 10:58:46 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-15 00:25:19 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 2 months======
2009-02-14 19:53:22 ----D---- C:\Windows\Temp
2009-02-14 19:52:12 ----D---- C:\Windows\System32
2009-02-14 19:09:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-14 19:09:39 ----D---- C:\Windows\inf
2009-02-14 19:06:44 ----D---- C:\Windows\Prefetch
2009-02-12 22:33:01 ----SD---- C:\Windows\Downloaded Program Files
2009-02-12 22:33:00 ----D---- C:\Windows
2009-02-12 21:04:50 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-12 20:26:56 ----D---- C:\Windows\system32\Tasks
2009-02-12 20:02:00 ----D---- C:\ProgramData\WinZip
2009-02-12 20:01:52 ----SHD---- C:\Windows\Installer
2009-02-12 20:01:25 ----RD---- C:\Program Files
2009-02-12 20:00:18 ----SHD---- C:\System Volume Information
2009-02-12 16:23:00 ----D---- C:\Windows\system32\drivers
2009-02-11 22:36:53 ----D---- C:\Windows\winsxs
2009-02-10 17:07:31 ----D---- C:\Windows\Debug
2009-02-10 17:06:42 ----D---- C:\Windows\system32\catroot
2009-02-10 17:06:23 ----D---- C:\ProgramData\Microsoft Help
2009-02-10 17:05:43 ----D---- C:\Program Files\Windows Mail
2009-02-10 15:08:42 ----D---- C:\Windows\system32\catroot2
2009-02-07 18:32:39 ----D---- C:\Windows\system32\LogFiles
2009-02-07 14:54:43 ----HD---- C:\ProgramData
2009-02-07 01:00:50 ----D---- C:\Windows\system32\Macromed
2009-02-07 00:45:15 ----D---- C:\Program Files\Navilog1
2009-02-07 00:22:03 ----D---- C:\Program Files\Windows Journal
2009-02-07 00:04:46 ----D---- C:\Windows\Help
2009-02-05 23:23:21 ----D---- C:\Windows\system32\Msdtc
2009-02-05 23:23:18 ----D---- C:\Windows\system32\wbem
2009-02-05 23:19:17 ----D---- C:\Windows\system32\config
2009-02-05 23:16:45 ----D---- C:\Windows\Tasks
2009-02-05 23:16:45 ----D---- C:\Windows\system32\spool
2009-02-05 23:16:45 ----D---- C:\Windows\system32\CodeIntegrity
2009-02-05 23:16:45 ----D---- C:\Windows\rescache
2009-02-05 23:15:57 ----D---- C:\Windows\registration
2009-02-05 23:15:52 ----D---- C:\Windows\system32\XPSViewer
2009-02-04 21:10:32 ----D---- C:\Windows\Microsoft.NET
2009-02-04 21:10:24 ----RSD---- C:\Windows\assembly
2009-02-03 19:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-01-24 15:29:37 ----SD---- C:\Users\mickael\AppData\Roaming\Microsoft
2009-01-12 15:18:32 ----D---- C:\Program Files\DivX
2009-01-03 03:33:02 ----SD---- C:\ProgramData\Microsoft
2009-01-03 03:31:53 ----D---- C:\PerfLogs
2008-12-26 00:34:02 ----D---- C:\Windows\WindowsMobile
2008-12-25 17:37:07 ----RSD---- C:\Windows\Fonts
2008-12-17 11:04:17 ----D---- C:\Program Files\Common Files\System
2008-12-17 11:03:32 ----D---- C:\Program Files\Windows Live
2008-12-17 11:00:57 ----D---- C:\Windows\SoftwareDistribution
2008-12-17 10:59:11 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files
2008-12-15 21:16:32 ----D---- C:\Windows\AppPatch
2008-12-15 21:16:31 ----D---- C:\Windows\system32\fr-FR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-02 182328]
S1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2007-07-27 149504]
S3 a4uq68bh;a4uq68bh; C:\Windows\system32\drivers\a4uq68bh.sys []
S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
S3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2007-08-02 188432]
S3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-01-21 8320]
S3 catchme;catchme; \??\C:\Users\mickael\AppData\Local\Temp\catchme.sys []
S3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-13 4452288]
S3 Profos;Profos; \??\C:\PROGRA~1\Softwin\BITDEF~1\profos.sys [2006-06-21 13184]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
S3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-19 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 UVCFTR;UVCFTR; C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
S3 WINUSB;Pilote WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-19 31616]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
S2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
S2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-19 428152]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 118784]
S2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-29 86016]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-23 138680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-29 87288]
-----------------EOF-----------------
2009-02-13 17:25:26 ----D---- C:\_OTMoveIt
2009-02-12 20:25:31 ----RASHD---- C:\autorun.inf
2009-02-12 20:01:25 ----D---- C:\Program Files\WinZip
2009-02-12 18:34:29 ----D---- C:\rsit
2009-02-12 18:07:38 ----D---- C:\SDFix
2009-02-12 16:38:28 ----A---- C:\Windows\ntbtlog.txt
2009-02-12 16:22:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-10 15:10:19 ----A---- C:\Windows\system32\mshtml.dll
2009-02-10 15:10:17 ----A---- C:\Windows\system32\ieframe.dll
2009-02-10 15:10:15 ----A---- C:\Windows\system32\urlmon.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\wininet.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\mstime.dll
2009-02-10 15:10:14 ----A---- C:\Windows\system32\msfeeds.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\jsproxy.dll
2009-02-10 15:10:13 ----A---- C:\Windows\system32\iertutil.dll
2009-02-07 16:53:27 ----D---- C:\Windows\BDOSCAN8
2009-02-07 14:54:43 ----D---- C:\ProgramData\Grisoft
2009-02-06 22:19:00 ----D---- C:\ProgramData\NOS
2009-02-06 22:18:59 ----D---- C:\Program Files\NOS
2009-02-06 21:16:24 ----D---- C:\Users\mickael\AppData\Roaming\Malwarebytes
2009-02-06 21:16:17 ----D---- C:\ProgramData\Malwarebytes
2009-01-24 16:01:12 ----D---- C:\ProgramData\TuneUp Software
2009-01-19 18:49:41 ----D---- C:\Program Files\comptes
2009-01-19 18:49:03 ----N---- C:\Windows\Setup1.exe
2009-01-19 18:49:02 ----A---- C:\Windows\ST6UNST.EXE
2009-01-12 16:04:17 ----D---- C:\Windows\system32\Adobe
2008-12-30 11:57:26 ----D---- C:\ProgramData\Messenger Plus!
2008-12-30 00:09:41 ----D---- C:\Program Files\Messenger Plus! Live
2008-12-25 18:23:44 ----N---- C:\Windows\system32\pxhpinst.exe
2008-12-25 18:23:39 ----A---- C:\Windows\winamp.ini
2008-12-25 17:39:12 ----D---- C:\Users\mickael\AppData\Roaming\Steinberg
2008-12-25 17:37:07 ----A---- C:\Windows\~GLH0325.TMP
2008-12-25 17:37:06 ----A---- C:\Windows\system32\PSDrvCheck.exe
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspp6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm6.dll
2008-12-25 17:37:06 ----A---- C:\Windows\system32\nspm5.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nsppx.dll
2008-12-25 17:37:05 ----A---- C:\Windows\system32\nspa6.dll
2008-12-25 17:37:04 ----D---- C:\Program Files\VOB
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nspw7.dll
2008-12-25 17:37:04 ----A---- C:\Windows\system32\nsp.dll
2008-12-25 17:37:03 ----D---- C:\Program Files\Pinnacle
2008-12-25 17:36:33 ----D---- C:\MyMp3Pro
2008-12-25 17:36:21 ----A---- C:\Windows\LOOP.exe
2008-12-25 17:34:56 ----A---- C:\Windows\IsUninst.exe
2008-12-22 15:27:31 ----D---- C:\Users\mickael\AppData\Roaming\Mozilla
2008-12-22 15:27:01 ----D---- C:\Users\mickael\AppData\Roaming\SecondLife
2008-12-21 17:00:51 ----D---- C:\Users\mickael\AppData\Roaming\LimeWire
2008-12-17 11:04:16 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2008-12-17 11:02:24 ----A---- C:\Windows\system32\d3dx9_32.dll
2008-12-17 10:59:34 ----D---- C:\Program Files\Microsoft
2008-12-17 10:58:46 ----D---- C:\Program Files\Windows Live SkyDrive
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files\Windows Live
2008-12-15 00:25:19 ----A---- C:\Windows\system32\tzres.dll
======List of files/folders modified in the last 2 months======
2009-02-14 19:53:22 ----D---- C:\Windows\Temp
2009-02-14 19:52:12 ----D---- C:\Windows\System32
2009-02-14 19:09:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-02-14 19:09:39 ----D---- C:\Windows\inf
2009-02-14 19:06:44 ----D---- C:\Windows\Prefetch
2009-02-12 22:33:01 ----SD---- C:\Windows\Downloaded Program Files
2009-02-12 22:33:00 ----D---- C:\Windows
2009-02-12 21:04:50 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-02-12 20:26:56 ----D---- C:\Windows\system32\Tasks
2009-02-12 20:02:00 ----D---- C:\ProgramData\WinZip
2009-02-12 20:01:52 ----SHD---- C:\Windows\Installer
2009-02-12 20:01:25 ----RD---- C:\Program Files
2009-02-12 20:00:18 ----SHD---- C:\System Volume Information
2009-02-12 16:23:00 ----D---- C:\Windows\system32\drivers
2009-02-11 22:36:53 ----D---- C:\Windows\winsxs
2009-02-10 17:07:31 ----D---- C:\Windows\Debug
2009-02-10 17:06:42 ----D---- C:\Windows\system32\catroot
2009-02-10 17:06:23 ----D---- C:\ProgramData\Microsoft Help
2009-02-10 17:05:43 ----D---- C:\Program Files\Windows Mail
2009-02-10 15:08:42 ----D---- C:\Windows\system32\catroot2
2009-02-07 18:32:39 ----D---- C:\Windows\system32\LogFiles
2009-02-07 14:54:43 ----HD---- C:\ProgramData
2009-02-07 01:00:50 ----D---- C:\Windows\system32\Macromed
2009-02-07 00:45:15 ----D---- C:\Program Files\Navilog1
2009-02-07 00:22:03 ----D---- C:\Program Files\Windows Journal
2009-02-07 00:04:46 ----D---- C:\Windows\Help
2009-02-05 23:23:21 ----D---- C:\Windows\system32\Msdtc
2009-02-05 23:23:18 ----D---- C:\Windows\system32\wbem
2009-02-05 23:19:17 ----D---- C:\Windows\system32\config
2009-02-05 23:16:45 ----D---- C:\Windows\Tasks
2009-02-05 23:16:45 ----D---- C:\Windows\system32\spool
2009-02-05 23:16:45 ----D---- C:\Windows\system32\CodeIntegrity
2009-02-05 23:16:45 ----D---- C:\Windows\rescache
2009-02-05 23:15:57 ----D---- C:\Windows\registration
2009-02-05 23:15:52 ----D---- C:\Windows\system32\XPSViewer
2009-02-04 21:10:32 ----D---- C:\Windows\Microsoft.NET
2009-02-04 21:10:24 ----RSD---- C:\Windows\assembly
2009-02-03 19:21:12 ----A---- C:\Windows\system32\mrt.exe
2009-01-24 15:29:37 ----SD---- C:\Users\mickael\AppData\Roaming\Microsoft
2009-01-12 15:18:32 ----D---- C:\Program Files\DivX
2009-01-03 03:33:02 ----SD---- C:\ProgramData\Microsoft
2009-01-03 03:31:53 ----D---- C:\PerfLogs
2008-12-26 00:34:02 ----D---- C:\Windows\WindowsMobile
2008-12-25 17:37:07 ----RSD---- C:\Windows\Fonts
2008-12-17 11:04:17 ----D---- C:\Program Files\Common Files\System
2008-12-17 11:03:32 ----D---- C:\Program Files\Windows Live
2008-12-17 11:00:57 ----D---- C:\Windows\SoftwareDistribution
2008-12-17 10:59:11 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-17 10:30:36 ----D---- C:\Program Files\Common Files
2008-12-15 21:16:32 ----D---- C:\Windows\AppPatch
2008-12-15 21:16:31 ----D---- C:\Windows\system32\fr-FR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-02 182328]
S1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2007-07-27 149504]
S3 a4uq68bh;a4uq68bh; C:\Windows\system32\drivers\a4uq68bh.sys []
S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-01-23 689664]
S3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2007-08-02 188432]
S3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-01-21 8320]
S3 catchme;catchme; \??\C:\Users\mickael\AppData\Local\Temp\catchme.sys []
S3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-18 1729632]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Pilote de carte Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-01-13 4452288]
S3 Profos;Profos; \??\C:\PROGRA~1\Softwin\BITDEF~1\profos.sys [2006-06-21 13184]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-04 59392]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
S3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2006-07-06 168448]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-19 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 UVCFTR;UVCFTR; C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-01-26 17712]
S3 WINUSB;Pilote WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-19 31616]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
S2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2008-11-27 1179648]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
S2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2006-12-19 428152]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-02 118784]
S2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe [2008-09-15 1261568]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 XCOMM;BitDefender Communicator; C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe [2007-11-29 86016]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-09-23 138680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-29 87288]
-----------------EOF-----------------
va sur virustotal et analyse ce fichier: C:\Windows\system32\drivers\a4uq68bh.sys
colle le rapport onbtenu.
colle le rapport onbtenu.
Bonjour ,
J'essai depuis hier d'analyser le fichier C:\Windows\system32\drivers\a4uq68bh.sys
mais il semblerai que je ne puisse pas l'envoyer
Voici le message d'erreur : 0 bytes size received / Se ha recibido un archivo vacio
Remarque je ne trouve pas le fichier a4uq68bh.sys dans mon pc
Que dois je faire ?
J'essai depuis hier d'analyser le fichier C:\Windows\system32\drivers\a4uq68bh.sys
mais il semblerai que je ne puisse pas l'envoyer
Voici le message d'erreur : 0 bytes size received / Se ha recibido un archivo vacio
Remarque je ne trouve pas le fichier a4uq68bh.sys dans mon pc
Que dois je faire ?
passe cela
pour voir télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
pour voir télécharge combofix (par sUBs) ici :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et enregistre le sur le bureau.
déconnecte toi d'internet et ferme toutes tes applications.
désactive tes protections (antivirus, parefeu, garde en temps réel de l'antispyware)
double-clique sur combofix.exe et suis les instructions
à la fin, il va produire un rapport C:\ComboFix.txt
réactive ton parefeu, ton antivirus, la garde de ton antispyware
copie/colle le rapport C:\ComboFix.txt dans ta prochaine réponse.
Attention, n'utilise pas ta souris ni ton clavier (ni un autre système de pointage) pendant que le programme tourne. Cela pourrait figer l'ordi.
Tu as un tutoriel complet ici :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
bonjour,
Voici le rapport combofix (par sUBs) :
ComboFix 09-02-15.01 - mickael 2009-02-17 12:10:54.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1021.407 [GMT -4:00]
Lancé depuis: c:\users\mickael\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *On-access scanning enabled* (Updated)
* Un nouveau point de restauration a été créé
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-01-17 au 2009-02-17 ))))))))))))))))))))))))))))))))))))
.
2009-02-15 22:03 . 2008-12-05 00:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 22:03 . 2008-12-05 00:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 22:03 . 2008-12-05 00:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 22:03 . 2008-12-05 00:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 22:03 . 2008-12-05 00:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-13 17:25 . 2009-02-13 17:25 <REP> d-------- C:\_OTMoveIt
2009-02-12 18:34 . 2009-02-12 18:35 <REP> d-------- C:\rsit
2009-02-12 18:07 . 2008-11-06 02:03 <REP> d-------- C:\SDFix
2009-02-12 16:23 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-12 16:22 . 2009-02-12 16:23 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-12 16:22 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-10 15:10 . 2009-01-14 23:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-10 15:10 . 2009-01-15 02:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-07 16:53 . 2009-02-07 16:53 <REP> d-------- c:\windows\BDOSCAN8
2009-02-07 14:54 . 2009-02-07 14:54 <REP> d-------- c:\users\All Users\Grisoft
2009-02-07 14:54 . 2009-02-07 14:54 <REP> d-------- c:\programdata\Grisoft
2009-02-06 22:19 . 2009-02-06 22:19 <REP> d-------- c:\users\All Users\NOS
2009-02-06 22:19 . 2009-02-06 22:19 <REP> d-------- c:\programdata\NOS
2009-02-06 22:18 . 2009-02-06 22:18 <REP> d-------- c:\program files\NOS
2009-02-06 21:16 . 2009-02-06 21:16 <REP> d-------- c:\users\mickael\AppData\Roaming\Malwarebytes
2009-02-06 21:16 . 2009-02-06 21:16 <REP> d-------- c:\users\All Users\Malwarebytes
2009-02-06 21:16 . 2009-02-06 21:16 <REP> d-------- c:\programdata\Malwarebytes
2009-01-24 16:01 . 2009-01-24 16:01 <REP> d-------- c:\users\All Users\TuneUp Software
2009-01-24 16:01 . 2009-01-24 16:01 <REP> d-------- c:\programdata\TuneUp Software
2009-01-19 18:49 . 2009-01-19 18:52 <REP> d-------- c:\program files\comptes
2009-01-19 18:49 . 2009-01-19 18:49 290,816 --------- c:\windows\Setup1.exe
2009-01-19 18:49 . 2009-01-19 18:49 74,752 --a------ c:\windows\ST6UNST.EXE
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-17 16:13 81,984 ----a-w c:\windows\System32\bdod.bin
2009-02-17 15:48 25,337 ----a-w c:\users\mickael\AppData\Roaming\nvModes.dat
2009-02-13 01:04 --------- d-----w c:\programdata\Spybot - Search & Destroy
2009-02-13 00:02 --------- d-----w c:\programdata\WinZip
2009-02-10 21:06 --------- d-----w c:\programdata\Microsoft Help
2009-02-10 21:05 --------- d-----w c:\program files\Windows Mail
2009-02-07 04:45 --------- d-----w c:\program files\Navilog1
2009-02-07 04:22 --------- d-----w c:\program files\Windows Journal
2009-01-14 23:47 13,307 ----a-w c:\users\CL.CONSEILS\AppData\Roaming\nvModes.dat
2009-01-12 19:18 --------- d-----w c:\program files\DivX
2008-12-30 15:57 --------- d-----w c:\programdata\Messenger Plus!
2008-12-30 04:09 --------- d-----w c:\program files\Messenger Plus! Live
2008-12-25 21:39 --------- d-----w c:\users\mickael\AppData\Roaming\Steinberg
2008-12-25 21:37 --------- d-----w c:\program files\VOB
2008-12-25 21:37 --------- d-----w c:\program files\Pinnacle
2008-12-22 19:52 --------- d-----w c:\users\mickael\AppData\Roaming\SecondLife
2008-12-21 22:58 --------- d-----w c:\users\mickael\AppData\Roaming\LimeWire
2008-12-17 15:04 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2008-12-17 15:03 --------- d-----w c:\program files\Windows Live
2008-12-17 14:59 --------- d-----w c:\program files\Microsoft
2008-12-17 14:58 --------- d-----w c:\program files\Windows Live SkyDrive
2008-12-17 14:30 --------- d-----w c:\program files\Common Files\Windows Live
2008-12-05 04:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
2008-12-03 02:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-06-29 18:10 174 --sha-w c:\program files\desktop.ini
2008-10-10 15:48 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-10-10 15:48 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-10-10 15:48 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-23 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-19 411768]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-01-17 534648]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2006-11-01 413696]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-11-01 438272]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-02-02 835584]
"StorageGuard"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-12 155648]
"BDAgent"="c:\program files\BitDefender\BitDefender 2008\bdagent.exe" [2008-09-17 368640]
"MSConfig"="c:\windows\system32\msconfig.exe" [2008-01-19 227840]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-01-13 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-01-13 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-01-13 81920]
"PSDrvCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-08-28 396800]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 c:\windows\RtHDVCpl.exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-10-08 394856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
--a------ 2007-02-13 03:30 405504 c:\program files\Camera Assistant Software for Toshiba\traybar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-04-01 05:39 486856 c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
--a------ 2006-11-06 12:14 34352 c:\program files\TOSHIBA\Utilities\KeNotify.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2008-12-02 22:41 3882312 c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
--a------ 2007-02-06 09:21 509496 c:\program files\TOSHIBA\SmoothView\SmoothView.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
--a------ 2006-08-15 14:45 544768 c:\program files\Sprite Software\Sprite Backup\SpriteService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-04-26 09:39 1271032 c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
--a------ 2007-03-02 09:10 577536 c:\program files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
--a------ 2007-02-19 10:00 571024 c:\program files\TOSHIBA\Registration\ToshibaRegistration.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
--a------ 2007-05-31 08:21 648072 c:\windows\WindowsMobile\wmdc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{893313E5-D534-40E9-8F4A-6E91379FF809}c:\\program files\\steam\\steamapps\\sawyer972\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\sawyer972\counter-strike source\hl2.exe:hl2
"UDP Query User{001FA1A4-BCF2-4082-83C6-798D1E597FCF}c:\\program files\\steam\\steamapps\\sawyer972\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\sawyer972\counter-strike source\hl2.exe:hl2
"{244AA351-6052-4827-9883-B201098F0FF4}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{F797F6DF-B37C-4B4E-9AA0-A49329D252FD}c:\\program files\\steam\\steamapps\\sawyer972\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\sawyer972\counter-strike source\hl2.exe:hl2
"UDP Query User{972477DC-7CA4-4632-9B20-D28B318FB94C}c:\\program files\\steam\\steamapps\\sawyer972\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\sawyer972\counter-strike source\hl2.exe:hl2
"TCP Query User{03C29A37-5D20-4270-A41C-4745DC0A9F55}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{2CC73557-772C-4F87-B194-6427D8867F5D}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{89830513-D628-49EF-8B37-F9BA00ADD44E}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{90E8617F-F4CF-4C6F-B9CA-8CBAA23F48EC}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{2A04C25D-78FC-4DA5-94A2-9E85BF004E1A}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 1 (0x1)
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-02-29 810320]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-02-06 33752]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contenu du dossier 'Tâches planifiées'
2009-02-13 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -
MSConfigStartUp-TZ Spyware Remover - c:\program files\TrackZapper.com\TZ Spyware Remover\SpyRem.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
MSConfigStartUp-NDSTray - NDSTray.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-17 12:13:29
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
c:\users\mickael\AppData\Local\Temp\catchme.dll 53248 bytes executable
Scan terminé avec succès
Fichiers cachés: 1
**************************************************************************
.
Heure de fin: 2009-02-17 12:14:56
ComboFix-quarantined-files.txt 2009-02-17 16:14:52
Avant-CF: 15 148 158 976 octets libres
Après-CF: 15,016,542,208 octets libres
178 --- E O F --- 2009-02-16 04:24:11
Voici le rapport combofix (par sUBs) :
ComboFix 09-02-15.01 - mickael 2009-02-17 12:10:54.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.1021.407 [GMT -4:00]
Lancé depuis: c:\users\mickael\Desktop\ComboFix.exe
AV: Bitdefender Antivirus *On-access scanning enabled* (Updated)
* Un nouveau point de restauration a été créé
.
((((((((((((((((((((((((((((( Fichiers créés du 2009-01-17 au 2009-02-17 ))))))))))))))))))))))))))))))))))))
.
2009-02-15 22:03 . 2008-12-05 00:32 428,544 --a------ c:\windows\System32\EncDec.dll
2009-02-15 22:03 . 2008-12-05 00:32 293,376 --a------ c:\windows\System32\psisdecd.dll
2009-02-15 22:03 . 2008-12-05 00:31 217,088 --a------ c:\windows\System32\psisrndr.ax
2009-02-15 22:03 . 2008-12-05 00:31 177,664 --a------ c:\windows\System32\mpg2splt.ax
2009-02-15 22:03 . 2008-12-05 00:31 80,896 --a------ c:\windows\System32\MSNP.ax
2009-02-13 17:25 . 2009-02-13 17:25 <REP> d-------- C:\_OTMoveIt
2009-02-12 18:34 . 2009-02-12 18:35 <REP> d-------- C:\rsit
2009-02-12 18:07 . 2008-11-06 02:03 <REP> d-------- C:\SDFix
2009-02-12 16:23 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2009-02-12 16:22 . 2009-02-12 16:23 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-12 16:22 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2009-02-10 15:10 . 2009-01-14 23:36 1,383,424 --a------ c:\windows\System32\mshtml.tlb
2009-02-10 15:10 . 2009-01-15 02:11 827,392 --a------ c:\windows\System32\wininet.dll
2009-02-07 16:53 . 2009-02-07 16:53 <REP> d-------- c:\windows\BDOSCAN8
2009-02-07 14:54 . 2009-02-07 14:54 <REP> d-------- c:\users\All Users\Grisoft
2009-02-07 14:54 . 2009-02-07 14:54 <REP> d-------- c:\programdata\Grisoft
2009-02-06 22:19 . 2009-02-06 22:19 <REP> d-------- c:\users\All Users\NOS
2009-02-06 22:19 . 2009-02-06 22:19 <REP> d-------- c:\programdata\NOS
2009-02-06 22:18 . 2009-02-06 22:18 <REP> d-------- c:\program files\NOS
2009-02-06 21:16 . 2009-02-06 21:16 <REP> d-------- c:\users\mickael\AppData\Roaming\Malwarebytes
2009-02-06 21:16 . 2009-02-06 21:16 <REP> d-------- c:\users\All Users\Malwarebytes
2009-02-06 21:16 . 2009-02-06 21:16 <REP> d-------- c:\programdata\Malwarebytes
2009-01-24 16:01 . 2009-01-24 16:01 <REP> d-------- c:\users\All Users\TuneUp Software
2009-01-24 16:01 . 2009-01-24 16:01 <REP> d-------- c:\programdata\TuneUp Software
2009-01-19 18:49 . 2009-01-19 18:52 <REP> d-------- c:\program files\comptes
2009-01-19 18:49 . 2009-01-19 18:49 290,816 --------- c:\windows\Setup1.exe
2009-01-19 18:49 . 2009-01-19 18:49 74,752 --a------ c:\windows\ST6UNST.EXE
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-17 16:13 81,984 ----a-w c:\windows\System32\bdod.bin
2009-02-17 15:48 25,337 ----a-w c:\users\mickael\AppData\Roaming\nvModes.dat
2009-02-13 01:04 --------- d-----w c:\programdata\Spybot - Search & Destroy
2009-02-13 00:02 --------- d-----w c:\programdata\WinZip
2009-02-10 21:06 --------- d-----w c:\programdata\Microsoft Help
2009-02-10 21:05 --------- d-----w c:\program files\Windows Mail
2009-02-07 04:45 --------- d-----w c:\program files\Navilog1
2009-02-07 04:22 --------- d-----w c:\program files\Windows Journal
2009-01-14 23:47 13,307 ----a-w c:\users\CL.CONSEILS\AppData\Roaming\nvModes.dat
2009-01-12 19:18 --------- d-----w c:\program files\DivX
2008-12-30 15:57 --------- d-----w c:\programdata\Messenger Plus!
2008-12-30 04:09 --------- d-----w c:\program files\Messenger Plus! Live
2008-12-25 21:39 --------- d-----w c:\users\mickael\AppData\Roaming\Steinberg
2008-12-25 21:37 --------- d-----w c:\program files\VOB
2008-12-25 21:37 --------- d-----w c:\program files\Pinnacle
2008-12-22 19:52 --------- d-----w c:\users\mickael\AppData\Roaming\SecondLife
2008-12-21 22:58 --------- d-----w c:\users\mickael\AppData\Roaming\LimeWire
2008-12-17 15:04 --------- d-----w c:\program files\Microsoft Office Outlook Connector
2008-12-17 15:03 --------- d-----w c:\program files\Windows Live
2008-12-17 14:59 --------- d-----w c:\program files\Microsoft
2008-12-17 14:58 --------- d-----w c:\program files\Windows Live SkyDrive
2008-12-17 14:30 --------- d-----w c:\program files\Common Files\Windows Live
2008-12-05 04:11 308,584 ----a-w c:\windows\WLXPGSS.SCR
2008-12-03 02:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-06-29 18:10 174 --sha-w c:\program files\desktop.ini
2008-10-10 15:48 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-10-10 15:48 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-10-10 15:48 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-23 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-19 411768]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-01-17 534648]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2006-11-01 413696]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-11-01 438272]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-02-02 835584]
"StorageGuard"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-02-12 155648]
"BDAgent"="c:\program files\BitDefender\BitDefender 2008\bdagent.exe" [2008-09-17 368640]
"MSConfig"="c:\windows\system32\msconfig.exe" [2008-01-19 227840]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-01-13 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-01-13 7766016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-01-13 81920]
"PSDrvCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-08-28 396800]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 c:\windows\RtHDVCpl.exe]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-10-08 394856]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lancement rapide d'Adobe Reader.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk
backup=c:\windows\pss\Lancement rapide d'Adobe Reader.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
--a------ 2007-02-13 03:30 405504 c:\program files\Camera Assistant Software for Toshiba\traybar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-04-01 05:39 486856 c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
--a------ 2006-11-06 12:14 34352 c:\program files\TOSHIBA\Utilities\KeNotify.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2008-12-02 22:41 3882312 c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
--a------ 2007-02-06 09:21 509496 c:\program files\TOSHIBA\SmoothView\SmoothView.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
--a------ 2006-08-15 14:45 544768 c:\program files\Sprite Software\Sprite Backup\SpriteService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-04-26 09:39 1271032 c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
--a------ 2007-03-02 09:10 577536 c:\program files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
--a------ 2007-02-19 10:00 571024 c:\program files\TOSHIBA\Registration\ToshibaRegistration.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
--a------ 2007-05-31 08:21 648072 c:\windows\WindowsMobile\wmdc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{893313E5-D534-40E9-8F4A-6E91379FF809}c:\\program files\\steam\\steamapps\\sawyer972\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\sawyer972\counter-strike source\hl2.exe:hl2
"UDP Query User{001FA1A4-BCF2-4082-83C6-798D1E597FCF}c:\\program files\\steam\\steamapps\\sawyer972\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\sawyer972\counter-strike source\hl2.exe:hl2
"{244AA351-6052-4827-9883-B201098F0FF4}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{F797F6DF-B37C-4B4E-9AA0-A49329D252FD}c:\\program files\\steam\\steamapps\\sawyer972\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\sawyer972\counter-strike source\hl2.exe:hl2
"UDP Query User{972477DC-7CA4-4632-9B20-D28B318FB94C}c:\\program files\\steam\\steamapps\\sawyer972\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\sawyer972\counter-strike source\hl2.exe:hl2
"TCP Query User{03C29A37-5D20-4270-A41C-4745DC0A9F55}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{2CC73557-772C-4F87-B194-6427D8867F5D}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{89830513-D628-49EF-8B37-F9BA00ADD44E}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{90E8617F-F4CF-4C6F-B9CA-8CBAA23F48EC}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{2A04C25D-78FC-4DA5-94A2-9E85BF004E1A}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 1 (0x1)
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-02-29 810320]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-02-06 33752]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contenu du dossier 'Tâches planifiées'
2009-02-13 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe []
.
- - - - ORPHELINS SUPPRIMES - - - -
MSConfigStartUp-TZ Spyware Remover - c:\program files\TrackZapper.com\TZ Spyware Remover\SpyRem.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
MSConfigStartUp-NDSTray - NDSTray.exe
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-17 12:13:29
Windows 6.0.6001 Service Pack 1 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
Recherche de fichiers cachés ...
c:\users\mickael\AppData\Local\Temp\catchme.dll 53248 bytes executable
Scan terminé avec succès
Fichiers cachés: 1
**************************************************************************
.
Heure de fin: 2009-02-17 12:14:56
ComboFix-quarantined-files.txt 2009-02-17 16:14:52
Avant-CF: 15 148 158 976 octets libres
Après-CF: 15,016,542,208 octets libres
178 --- E O F --- 2009-02-16 04:24:11
refais ot move it mais colle cela , une toute petite difference
:processes
explorer.exe
:files
D:\AdobeR.exe e
:reg
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
:processes
explorer.exe
:files
D:\AdobeR.exe e
:reg
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7e0c2ec2-f433-11dc-803e-0016d4f57716}]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
Bonjour,
Voici le rapport ot move it :
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder D:\AdobeR.exe e not found.
========== REGISTRY ==========
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\tmp00005bcd\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00002822\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043DECB81234918998 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043DECB81234919034 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043DECB81234919038 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043DECB81234919056 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043E86001234918897 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043E86001234918898 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043E86001234918905 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAC5301234909690 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAC5301234911246 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAC5301234911265 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAC5301234918364 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918316 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918317 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918323 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918324 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918337 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FC2AD81234909811 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FC6EF81234918429 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt059288F01234919902 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt059288F01234919903 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt059288F01234919945 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4AD501234920416 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4AD501234920417 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4AD501234920455 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4AD501234920465 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4E0681234920271 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234911856 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234911989 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912005 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912023 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912051 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912072 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912094 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912114 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912135 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912153 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912168 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912187 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912205 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912233 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912253 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B535901234918551 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\kds.xml scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\report.dat scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\updateop.xml scheduled to be deleted on reboot.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02172009_220818
Files moved on Reboot...
File move failed. C:\Windows\temp\tmp00005bcd\tmp00000000 scheduled to be moved on reboot.
File C:\Windows\temp\tmp00002822\tmp00000000 not found!
File move failed. C:\Windows\temp\httproxy_clt043DECB81234918998 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043DECB81234919034 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043DECB81234919038 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043DECB81234919056 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043E86001234918897 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043E86001234918898 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043E86001234918905 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAC5301234909690 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAC5301234911246 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAC5301234911265 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAC5301234918364 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918316 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918317 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918323 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918324 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918337 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FC2AD81234909811 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FC6EF81234918429 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt059288F01234919902 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt059288F01234919903 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt059288F01234919945 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4AD501234920416 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4AD501234920417 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4AD501234920455 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4AD501234920465 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4E0681234920271 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234911856 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234911989 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912005 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912023 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912051 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912072 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912094 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912114 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912135 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912153 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912168 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912187 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912205 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912233 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912253 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B535901234918551 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\kds.xml scheduled to be moved on reboot.
File move failed. C:\Windows\temp\report.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\updateop.xml scheduled to be moved on reboot.
Voici le rapport ot move it :
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder D:\AdobeR.exe e not found.
========== REGISTRY ==========
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\tmp00005bcd\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\tmp00002822\tmp00000000 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043DECB81234918998 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043DECB81234919034 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043DECB81234919038 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043DECB81234919056 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043E86001234918897 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043E86001234918898 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt043E86001234918905 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAC5301234909690 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAC5301234911246 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAC5301234911265 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAC5301234918364 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918316 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918317 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918323 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918324 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FAE7401234918337 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FC2AD81234909811 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt04FC6EF81234918429 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt059288F01234919902 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt059288F01234919903 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt059288F01234919945 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4AD501234920416 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4AD501234920417 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4AD501234920455 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4AD501234920465 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B4E0681234920271 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234911856 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234911989 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912005 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912023 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912051 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912072 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912094 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912114 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912135 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912153 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912168 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912187 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912205 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912233 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B502781234912253 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\httproxy_clt05B535901234918551 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\kds.xml scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\report.dat scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\updateop.xml scheduled to be deleted on reboot.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02172009_220818
Files moved on Reboot...
File move failed. C:\Windows\temp\tmp00005bcd\tmp00000000 scheduled to be moved on reboot.
File C:\Windows\temp\tmp00002822\tmp00000000 not found!
File move failed. C:\Windows\temp\httproxy_clt043DECB81234918998 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043DECB81234919034 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043DECB81234919038 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043DECB81234919056 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043E86001234918897 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043E86001234918898 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt043E86001234918905 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAC5301234909690 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAC5301234911246 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAC5301234911265 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAC5301234918364 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918316 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918317 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918323 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918324 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FAE7401234918337 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FC2AD81234909811 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt04FC6EF81234918429 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt059288F01234919902 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt059288F01234919903 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt059288F01234919945 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4AD501234920416 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4AD501234920417 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4AD501234920455 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4AD501234920465 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B4E0681234920271 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234911856 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234911989 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912005 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912023 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912051 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912072 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912094 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912114 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912135 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912153 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912168 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912187 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912205 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912233 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B502781234912253 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\httproxy_clt05B535901234918551 scheduled to be moved on reboot.
File move failed. C:\Windows\temp\kds.xml scheduled to be moved on reboot.
File move failed. C:\Windows\temp\report.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\updateop.xml scheduled to be moved on reboot.
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1755
Windows 6.0.6001 Service Pack 1
12/02/2009 17:14:49
mbam-log-2009-02-12 (17-14-49).txt
Type de recherche: Examen complet (C:\|E:\|)
Eléments examinés: 173800
Temps écoulé: 33 minute(s), 40 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
par contre mon pc rame toujour autant sur le net