PILOTE MASQUé rookit suite a un scan AVG 8.5
yacinft
Messages postés
1
Statut
Membre
-
lesane662 Messages postés 1564 Statut Membre -
lesane662 Messages postés 1564 Statut Membre -
Bonjour,
Bonjour j’ai exactement le même problème est actuellement je vie l’enfer avec ma machine en perte de performance
J’ai fais les étapes télécharger pccellin rookit et voila le contenu de mon fichier log
Logfile of random's system information tool 1.06 (written by random/random)
Run by medragh at 2009-05-22 00:06:39
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 16 GB (20%) free of 76 GB
Total RAM: 2046 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:07:51, on 22/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Users\medragh\Desktop\RSIT.exe
C:\Program Files\trend micro\medragh.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\real\IEeREAD.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\real\WebHook.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe
O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE
O23 - Service: OracleXEClrAgent - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe
O23 - Service: OracleXETNSListener - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Oracle Data Quality Inetd (TS inetd) - Oracle Corporation - c:\OraHome_1\oracledq\Common Files\oracledp\inetd\2\inetd.exe
O23 - Service: Oracle Data Quality Scheduler (TSS 11.5 - Scheduler) - Oracle Corporation - c:\OraHome_1\oracledq\metabase_server\bin\scheduler.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
--
End of file - 10245 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{C5D766D7-0E29-429F-BBD4-0944E1F5CB6C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24F06550-65E3-4D1C-8CFE-839C296B5530}]
AddTask Class - C:\Program Files\real\IEeREAD.dll [2007-06-28 57344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-05-21 1107224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A19C29D-ED45-4483-8999-9F939C8161F2}]
AddTask Class - C:\Program Files\real\WebHook.dll [2008-02-01 57224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-03-02 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-20 1451304]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-05-21 1947928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-03-06 177472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-04-10 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-04 486856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HWSetup]
\HWSetup.exe hwSetUP []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\okkmmcy]
c:\users\medragh\appdata\local\okkmmcy.exe okkmmcy []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVPWUTIL]
C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2008-10-28 96816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-01-02 210520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23c745d7-1526-11de-8864-001b384727ce}]
shell\AutoRun\command - G:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe
shell\open\command - G:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ce8f3fd-1937-11de-8cb8-001b384727ce}]
shell\AutoRun\command - H:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad04c4c6-4002-11de-8e15-001b384727ce}]
shell\AutoRun\command - G:\autorun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-05-21 23:35:37 ----D---- C:\Program Files\trend micro
2009-05-21 23:35:36 ----D---- C:\rsit
2009-05-21 19:09:11 ----A---- C:\Windows\system32\avgrep.txt
2009-05-21 15:56:28 ----HD---- C:\$AVG8.VAULT$
2009-05-21 11:37:43 ----A---- C:\Windows\system32\avgrsstx.dll
2009-05-21 11:35:33 ----D---- C:\Program Files\AVG
2009-05-21 11:35:32 ----D---- C:\ProgramData\avg8
2009-05-19 18:59:47 ----A---- C:\Windows\system32\aswBoot.exe
2009-05-19 18:59:41 ----D---- C:\Program Files\Alwil Software
2009-05-14 11:09:31 ----A---- C:\Windows\system32\vnetinst.dll
2009-05-14 11:09:22 ----A---- C:\Windows\system32\vmnetdhcp.exe
2009-05-14 11:09:17 ----A---- C:\Windows\system32\vmnat.exe
2009-05-14 11:09:07 ----RA---- C:\Windows\system32\vmnetbridge.dll
2009-05-14 11:08:59 ----A---- C:\Windows\system32\vnetlib.dll
2009-05-14 11:03:39 ----D---- C:\ProgramData\VMware
2009-05-14 11:02:15 ----D---- C:\Program Files\VMware
2009-05-14 09:52:12 ----D---- C:\Program Files\PostgreSQL
2009-05-14 02:59:41 ----A---- C:\Windows\system32\perf-ReportServer-rsctr.dll
2009-05-14 02:51:00 ----A---- C:\Windows\system32\perf-SQLSERVERAGENT-sqlagtctr10.0.1600.22.dll
2009-05-14 02:50:34 ----A---- C:\Windows\system32\perf-MSSQLSERVER-sqlctr10.0.1600.22.dll
2009-05-14 02:49:30 ----D---- C:\Windows\system32\WindowsPowerShell
2009-05-14 02:13:45 ----D---- C:\Program Files\Microsoft Analysis Services
2009-05-14 02:11:29 ----D---- C:\Windows\system32\RsFx
2009-05-14 02:11:09 ----D---- C:\Program Files\Microsoft Sync Framework
2009-05-14 02:06:07 ----D---- C:\Windows\system32\1033
2009-05-14 01:37:39 ----D---- C:\Windows\system32\1036
2009-05-13 23:04:09 ----A---- C:\Windows\system32\msimsg.dll
2009-05-13 23:04:09 ----A---- C:\Windows\system32\msiexec.exe
2009-05-13 23:04:08 ----A---- C:\Windows\system32\msihnd.dll
2009-05-13 23:04:08 ----A---- C:\Windows\system32\msi.dll
2009-05-13 22:11:57 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-13 22:11:57 ----A---- C:\Windows\system32\icardie.dll
2009-05-13 22:11:56 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-13 22:11:56 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-13 22:11:56 ----A---- C:\Windows\system32\ieui.dll
2009-05-13 22:11:56 ----A---- C:\Windows\system32\admparse.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\msls31.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\imgutil.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\iernonce.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\ieakeng.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\corpol.dll
2009-05-13 22:11:54 ----A---- C:\Windows\system32\iepeers.dll
2009-05-13 22:11:54 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\occache.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\msrating.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\licmgr10.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\inseng.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-13 22:11:52 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-05-13 22:11:52 ----A---- C:\Windows\system32\wextract.exe
2009-05-13 22:11:52 ----A---- C:\Windows\system32\webcheck.dll
2009-05-13 22:11:52 ----A---- C:\Windows\system32\mstime.dll
2009-05-13 22:11:52 ----A---- C:\Windows\system32\msfeedssync.exe
2009-05-13 22:11:52 ----A---- C:\Windows\system32\iesetup.dll
2009-05-13 22:11:52 ----A---- C:\Windows\system32\ieakui.dll
2009-05-13 22:11:51 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-13 22:11:51 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-13 22:11:51 ----A---- C:\Windows\system32\advpack.dll
2009-05-13 22:11:50 ----A---- C:\Windows\system32\vbscript.dll
2009-05-13 22:11:50 ----A---- C:\Windows\system32\jscript.dll
2009-05-13 22:11:50 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-13 22:11:49 ----A---- C:\Windows\system32\url.dll
2009-05-13 22:11:49 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-13 22:11:47 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\SetDepNx.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\PDMSetup.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\mshta.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\iexpress.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\iesysprep.dll
2009-05-13 22:11:46 ----A---- C:\Windows\system32\wininet.dll
2009-05-13 22:11:46 ----A---- C:\Windows\system32\iertutil.dll
2009-05-13 22:11:46 ----A---- C:\Windows\system32\ie4uinit.exe
2009-05-13 22:11:45 ----A---- C:\Windows\system32\urlmon.dll
2009-05-13 22:11:43 ----A---- C:\Windows\system32\ieframe.dll
2009-05-13 22:11:42 ----A---- C:\Windows\system32\mshtml.dll
2009-05-13 21:04:33 ----D---- C:\Program Files\Trillium Software
2009-05-13 20:40:34 ----D---- C:\OraHome_1
2009-05-13 20:38:59 ----D---- C:\Program Files\Oracle
2009-04-26 17:05:49 ----A---- C:\Windows\ODBC.INI
2009-04-26 17:04:50 ----D---- C:\Windows\system32\js
2009-04-26 17:04:50 ----D---- C:\Windows\system32\images
2009-04-26 17:04:50 ----D---- C:\Windows\system32\html
2009-04-26 17:04:50 ----D---- C:\Windows\system32\css
2009-04-26 17:04:50 ----D---- C:\Program Files\Business Objects
2009-04-26 16:56:40 ----D---- C:\Program Files\Microsoft Device Emulator
2009-04-26 16:55:28 ----D---- C:\Program Files\Windows Mobile 5.0 SDK R2
2009-04-26 16:54:50 ----D---- C:\Program Files\Microsoft Synchronization Services
2009-04-26 16:54:50 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-04-26 16:46:17 ----D---- C:\ProgramData\PreEmptive Solutions
2009-04-26 16:40:15 ----D---- C:\Windows\symbols
2009-04-26 16:37:55 ----D---- C:\Program Files\Microsoft SDKs
2009-04-26 16:37:55 ----D---- C:\Program Files\Common Files\Merge Modules
2009-04-26 16:37:54 ----D---- C:\Program Files\HTML Help Workshop
2009-04-26 16:37:54 ----D---- C:\Program Files\CE Remote Tools
2009-04-26 16:37:52 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2009-04-26 16:35:30 ----D---- C:\Program Files\Microsoft Web Designer Tools
2009-04-26 16:35:30 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-04-26 12:31:13 ----D---- C:\Users\medragh\AppData\Roaming\SQL Developer
2009-04-26 00:55:12 ----D---- C:\Program Files\Microsoft Visual Studio .NET
2009-04-26 00:53:10 ----D---- C:\oraclexe
======List of files/folders modified in the last 1 months======
2009-05-22 00:07:50 ----D---- C:\Windows\Temp
2009-05-21 23:39:08 ----D---- C:\Windows\System32
2009-05-21 23:39:08 ----D---- C:\Windows\inf
2009-05-21 23:39:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-21 23:35:37 ----RD---- C:\Program Files
2009-05-21 21:27:52 ----D---- C:\Windows\system32\WDI
2009-05-21 19:08:01 ----A---- C:\Windows\ntbtlog.txt
2009-05-21 12:01:35 ----SHD---- C:\System Volume Information
2009-05-21 11:51:54 ----D---- C:\Windows
2009-05-21 11:37:41 ----D---- C:\Windows\system32\drivers
2009-05-21 11:36:14 ----D---- C:\Windows\system32\catroot
2009-05-21 11:35:32 ----HD---- C:\ProgramData
2009-05-21 11:34:53 ----SHD---- C:\Windows\Installer
2009-05-21 11:34:53 ----HD---- C:\Config.Msi
2009-05-21 11:33:39 ----SD---- C:\Users\medragh\AppData\Roaming\Microsoft
2009-05-21 11:29:54 ----D---- C:\Windows\Prefetch
2009-05-21 11:12:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-21 11:12:48 ----D---- C:\Program Files\Common Files
2009-05-20 21:30:25 ----D---- C:\Users\medragh\AppData\Roaming\Free Download Manager
2009-05-19 22:33:11 ----D---- C:\Downloads
2009-05-19 19:18:09 ----SD---- C:\ProgramData\Microsoft
2009-05-14 13:00:43 ----D---- C:\Windows\rescache
2009-05-14 09:54:54 ----RD---- C:\Users
2009-05-14 09:33:17 ----D---- C:\Windows\system32\catroot2
2009-05-14 03:28:14 ----D---- C:\Windows\Microsoft.NET
2009-05-14 03:27:56 ----RSD---- C:\Windows\assembly
2009-05-14 02:49:31 ----D---- C:\Windows\winsxs
2009-05-14 02:39:51 ----D---- C:\ProgramData\Microsoft Help
2009-05-14 02:22:41 ----D---- C:\Program Files\Common Files\microsoft shared
2009-05-14 02:20:39 ----D---- C:\Program Files\Microsoft Office
2009-05-14 02:14:27 ----D---- C:\Program Files\Microsoft SQL Server
2009-05-13 23:10:33 ----D---- C:\Windows\system32\zh-TW
2009-05-13 23:10:33 ----D---- C:\Windows\system32\zh-CN
2009-05-13 23:10:33 ----D---- C:\Windows\system32\uk-UA
2009-05-13 23:10:33 ----D---- C:\Windows\system32\tr-TR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\th-TH
2009-05-13 23:10:33 ----D---- C:\Windows\system32\sv-SE
2009-05-13 23:10:33 ----D---- C:\Windows\system32\sr-Latn-CS
2009-05-13 23:10:33 ----D---- C:\Windows\system32\sl-SI
2009-05-13 23:10:33 ----D---- C:\Windows\system32\sk-SK
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ru-RU
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ro-RO
2009-05-13 23:10:33 ----D---- C:\Windows\system32\pt-PT
2009-05-13 23:10:33 ----D---- C:\Windows\system32\pt-BR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\pl-PL
2009-05-13 23:10:33 ----D---- C:\Windows\system32\nl-NL
2009-05-13 23:10:33 ----D---- C:\Windows\system32\nb-NO
2009-05-13 23:10:33 ----D---- C:\Windows\system32\lv-LV
2009-05-13 23:10:33 ----D---- C:\Windows\system32\lt-LT
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ko-KR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ja-JP
2009-05-13 23:10:33 ----D---- C:\Windows\system32\it-IT
2009-05-13 23:10:33 ----D---- C:\Windows\system32\hu-HU
2009-05-13 23:10:33 ----D---- C:\Windows\system32\hr-HR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\he-IL
2009-05-13 23:10:33 ----D---- C:\Windows\system32\fr-FR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\fi-FI
2009-05-13 23:10:33 ----D---- C:\Windows\system32\et-EE
2009-05-13 23:10:33 ----D---- C:\Windows\system32\es-ES
2009-05-13 23:10:33 ----D---- C:\Windows\system32\en-US
2009-05-13 23:10:33 ----D---- C:\Windows\system32\el-GR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\de-DE
2009-05-13 23:10:33 ----D---- C:\Windows\system32\da-DK
2009-05-13 23:10:33 ----D---- C:\Windows\system32\cs-CZ
2009-05-13 23:10:33 ----D---- C:\Windows\system32\bg-BG
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ar-SA
2009-05-13 23:03:29 ----D---- C:\Windows\SoftwareDistribution
2009-05-13 22:49:51 ----D---- C:\Windows\system32\Tasks
2009-05-13 22:49:50 ----D---- C:\Windows\Tasks
2009-05-13 22:37:26 ----D---- C:\Program Files\Google
2009-05-13 22:32:36 ----D---- C:\Program Files\Internet Explorer
2009-05-13 22:32:34 ----D---- C:\Windows\system32\migration
2009-05-13 22:32:34 ----D---- C:\Windows\PolicyDefinitions
2009-05-13 22:18:08 ----RSD---- C:\Windows\Fonts
2009-05-13 22:17:40 ----D---- C:\Program Files\Microsoft Works
2009-05-13 22:15:50 ----A---- C:\Windows\win.ini
2009-05-13 22:07:08 ----D---- C:\Program Files\Windows Mail
2009-05-13 21:08:36 ----D---- C:\ProgramData\Google
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-05-01 14:47:10 ----D---- C:\Program Files\Mozilla Firefox
2009-04-27 13:40:23 ----D---- C:\Windows\Registration
2009-04-26 22:25:32 ----D---- C:\Windows\system32\LogFiles
2009-04-26 16:53:10 ----D---- C:\Program Files\Microsoft.NET
2009-04-26 16:41:02 ----D---- C:\Program Files\MSBuild
2009-04-26 01:00:16 ----D---- C:\Users\medragh\AppData\Roaming\Apple Computer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2009-05-21 23832]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-05-21 325896]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-05-21 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-05-21 108552]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2008-10-28 32304]
R2 vmci;VMware vmci; \??\C:\Windows\system32\Drivers\vmci.sys [2008-10-28 54960]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2008-10-28 31280]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2008-10-28 26288]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [2008-10-28 857392]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys [2008-10-02 22448]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-29 919552]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-20 3077632]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-03-20 208688]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2008-10-28 23216]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2008-10-28 16560]
S3 a6el0s1z;a6el0s1z; C:\Windows\system32\drivers\a6el0s1z.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-18 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-05 36864]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 RsFx0102;RsFx0102 Driver; C:\Windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-09-20 610304]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-05-21 298776]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-05-21 1366904]
R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 RapiMgr;Connectivité de l'appareil Windows Mobile; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 WcesComm;Connectivité de l'appareil Windows Mobile 2003; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
S3 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S3 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-19 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 MsDtsServer100;SQL Server Integration Services 10.0; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-07-10 218136]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S3 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-07-10 31256]
S3 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
S3 MSSQLServerOLAPService;SQL Server Analysis Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\bin\msmdsrv.exe [2008-07-10 21945368]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe [2006-02-02 57616]
S3 OracleServiceXE;OracleServiceXE; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE [2006-02-02 59064320]
S3 OracleXEClrAgent;OracleXEClrAgent; C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe [2006-02-02 45056]
S3 OracleXETNSListener;OracleXETNSListener; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-02 204800]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2009-02-03 65536]
S3 ReportServer;SQL Server Reporting Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2008-07-10 1106968]
S3 SQLSERVERAGENT;Agent SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S3 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe [2007-09-21 77824]
S3 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
S3 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
S3 TS inetd;Oracle Data Quality Inetd; c:\OraHome_1\oracledq\Common Files\oracledp\inetd\2\inetd.exe [2008-06-30 122880]
S3 TSS 11.5 - Scheduler;Oracle Data Quality Scheduler; c:\OraHome_1\oracledq\metabase_server\bin\scheduler.exe [2008-11-10 1236282]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2008-10-02 191024]
S3 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S3 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2008-10-28 113200]
S3 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2008-10-28 326192]
S3 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2008-10-28 399920]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 MSSQLServerADHelper100;Service SQL Active Directory Helper; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2008-07-29 3201024]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe [2006-02-02 102400]
-----------------EOF-----------------
-------------------------------------------------------------------------------------------------------------------------------------------
Merci de m’aider SVP.
Merci d’avance
Bonjour j’ai exactement le même problème est actuellement je vie l’enfer avec ma machine en perte de performance
J’ai fais les étapes télécharger pccellin rookit et voila le contenu de mon fichier log
Logfile of random's system information tool 1.06 (written by random/random)
Run by medragh at 2009-05-22 00:06:39
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 16 GB (20%) free of 76 GB
Total RAM: 2046 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:07:51, on 22/05/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\Registration\ToshibaRegistration.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IELowutil.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Users\medragh\Desktop\RSIT.exe
C:\Program Files\trend micro\medragh.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AddTask Class - {24F06550-65E3-4D1C-8CFE-839C296B5530} - C:\Program Files\real\IEeREAD.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: AddTask Class - {6A19C29D-ED45-4483-8999-9F939C8161F2} - C:\Program Files\real\WebHook.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?FR (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe
O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE
O23 - Service: OracleXEClrAgent - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe
O23 - Service: OracleXETNSListener - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Oracle Data Quality Inetd (TS inetd) - Oracle Corporation - c:\OraHome_1\oracledq\Common Files\oracledp\inetd\2\inetd.exe
O23 - Service: Oracle Data Quality Scheduler (TSS 11.5 - Scheduler) - Oracle Corporation - c:\OraHome_1\oracledq\metabase_server\bin\scheduler.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
--
End of file - 10245 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{C5D766D7-0E29-429F-BBD4-0944E1F5CB6C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24F06550-65E3-4D1C-8CFE-839C296B5530}]
AddTask Class - C:\Program Files\real\IEeREAD.dll [2007-06-28 57344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-05-21 1107224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A19C29D-ED45-4483-8999-9F939C8161F2}]
AddTask Class - C:\Program Files\real\WebHook.dll [2008-02-01 57224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2009-03-02 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-20 1451304]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-05-21 1947928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-03-06 177472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-04-10 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-04 486856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HWSetup]
\HWSetup.exe hwSetUP []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-03-12 342312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeNotify]
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\okkmmcy]
c:\users\medragh\appdata\local\okkmmcy.exe okkmmcy []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVPWUTIL]
C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2008-10-28 96816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-01-02 210520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23c745d7-1526-11de-8864-001b384727ce}]
shell\AutoRun\command - G:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe
shell\open\command - G:\CONFIG\S-1-5-21-1482476501-1644491937-682003330-1013\Cfg.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4ce8f3fd-1937-11de-8cb8-001b384727ce}]
shell\AutoRun\command - H:\SETUP.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad04c4c6-4002-11de-8e15-001b384727ce}]
shell\AutoRun\command - G:\autorun.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-05-21 23:35:37 ----D---- C:\Program Files\trend micro
2009-05-21 23:35:36 ----D---- C:\rsit
2009-05-21 19:09:11 ----A---- C:\Windows\system32\avgrep.txt
2009-05-21 15:56:28 ----HD---- C:\$AVG8.VAULT$
2009-05-21 11:37:43 ----A---- C:\Windows\system32\avgrsstx.dll
2009-05-21 11:35:33 ----D---- C:\Program Files\AVG
2009-05-21 11:35:32 ----D---- C:\ProgramData\avg8
2009-05-19 18:59:47 ----A---- C:\Windows\system32\aswBoot.exe
2009-05-19 18:59:41 ----D---- C:\Program Files\Alwil Software
2009-05-14 11:09:31 ----A---- C:\Windows\system32\vnetinst.dll
2009-05-14 11:09:22 ----A---- C:\Windows\system32\vmnetdhcp.exe
2009-05-14 11:09:17 ----A---- C:\Windows\system32\vmnat.exe
2009-05-14 11:09:07 ----RA---- C:\Windows\system32\vmnetbridge.dll
2009-05-14 11:08:59 ----A---- C:\Windows\system32\vnetlib.dll
2009-05-14 11:03:39 ----D---- C:\ProgramData\VMware
2009-05-14 11:02:15 ----D---- C:\Program Files\VMware
2009-05-14 09:52:12 ----D---- C:\Program Files\PostgreSQL
2009-05-14 02:59:41 ----A---- C:\Windows\system32\perf-ReportServer-rsctr.dll
2009-05-14 02:51:00 ----A---- C:\Windows\system32\perf-SQLSERVERAGENT-sqlagtctr10.0.1600.22.dll
2009-05-14 02:50:34 ----A---- C:\Windows\system32\perf-MSSQLSERVER-sqlctr10.0.1600.22.dll
2009-05-14 02:49:30 ----D---- C:\Windows\system32\WindowsPowerShell
2009-05-14 02:13:45 ----D---- C:\Program Files\Microsoft Analysis Services
2009-05-14 02:11:29 ----D---- C:\Windows\system32\RsFx
2009-05-14 02:11:09 ----D---- C:\Program Files\Microsoft Sync Framework
2009-05-14 02:06:07 ----D---- C:\Windows\system32\1033
2009-05-14 01:37:39 ----D---- C:\Windows\system32\1036
2009-05-13 23:04:09 ----A---- C:\Windows\system32\msimsg.dll
2009-05-13 23:04:09 ----A---- C:\Windows\system32\msiexec.exe
2009-05-13 23:04:08 ----A---- C:\Windows\system32\msihnd.dll
2009-05-13 23:04:08 ----A---- C:\Windows\system32\msi.dll
2009-05-13 22:11:57 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-13 22:11:57 ----A---- C:\Windows\system32\icardie.dll
2009-05-13 22:11:56 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-13 22:11:56 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-13 22:11:56 ----A---- C:\Windows\system32\ieui.dll
2009-05-13 22:11:56 ----A---- C:\Windows\system32\admparse.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\msls31.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\imgutil.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\iernonce.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\ieakeng.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-13 22:11:55 ----A---- C:\Windows\system32\corpol.dll
2009-05-13 22:11:54 ----A---- C:\Windows\system32\iepeers.dll
2009-05-13 22:11:54 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\occache.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\msrating.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\licmgr10.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\inseng.dll
2009-05-13 22:11:53 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-13 22:11:52 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-05-13 22:11:52 ----A---- C:\Windows\system32\wextract.exe
2009-05-13 22:11:52 ----A---- C:\Windows\system32\webcheck.dll
2009-05-13 22:11:52 ----A---- C:\Windows\system32\mstime.dll
2009-05-13 22:11:52 ----A---- C:\Windows\system32\msfeedssync.exe
2009-05-13 22:11:52 ----A---- C:\Windows\system32\iesetup.dll
2009-05-13 22:11:52 ----A---- C:\Windows\system32\ieakui.dll
2009-05-13 22:11:51 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-13 22:11:51 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-13 22:11:51 ----A---- C:\Windows\system32\advpack.dll
2009-05-13 22:11:50 ----A---- C:\Windows\system32\vbscript.dll
2009-05-13 22:11:50 ----A---- C:\Windows\system32\jscript.dll
2009-05-13 22:11:50 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-13 22:11:49 ----A---- C:\Windows\system32\url.dll
2009-05-13 22:11:49 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-13 22:11:47 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\SetDepNx.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\PDMSetup.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\mshta.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\iexpress.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-13 22:11:47 ----A---- C:\Windows\system32\iesysprep.dll
2009-05-13 22:11:46 ----A---- C:\Windows\system32\wininet.dll
2009-05-13 22:11:46 ----A---- C:\Windows\system32\iertutil.dll
2009-05-13 22:11:46 ----A---- C:\Windows\system32\ie4uinit.exe
2009-05-13 22:11:45 ----A---- C:\Windows\system32\urlmon.dll
2009-05-13 22:11:43 ----A---- C:\Windows\system32\ieframe.dll
2009-05-13 22:11:42 ----A---- C:\Windows\system32\mshtml.dll
2009-05-13 21:04:33 ----D---- C:\Program Files\Trillium Software
2009-05-13 20:40:34 ----D---- C:\OraHome_1
2009-05-13 20:38:59 ----D---- C:\Program Files\Oracle
2009-04-26 17:05:49 ----A---- C:\Windows\ODBC.INI
2009-04-26 17:04:50 ----D---- C:\Windows\system32\js
2009-04-26 17:04:50 ----D---- C:\Windows\system32\images
2009-04-26 17:04:50 ----D---- C:\Windows\system32\html
2009-04-26 17:04:50 ----D---- C:\Windows\system32\css
2009-04-26 17:04:50 ----D---- C:\Program Files\Business Objects
2009-04-26 16:56:40 ----D---- C:\Program Files\Microsoft Device Emulator
2009-04-26 16:55:28 ----D---- C:\Program Files\Windows Mobile 5.0 SDK R2
2009-04-26 16:54:50 ----D---- C:\Program Files\Microsoft Synchronization Services
2009-04-26 16:54:50 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-04-26 16:46:17 ----D---- C:\ProgramData\PreEmptive Solutions
2009-04-26 16:40:15 ----D---- C:\Windows\symbols
2009-04-26 16:37:55 ----D---- C:\Program Files\Microsoft SDKs
2009-04-26 16:37:55 ----D---- C:\Program Files\Common Files\Merge Modules
2009-04-26 16:37:54 ----D---- C:\Program Files\HTML Help Workshop
2009-04-26 16:37:54 ----D---- C:\Program Files\CE Remote Tools
2009-04-26 16:37:52 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2009-04-26 16:35:30 ----D---- C:\Program Files\Microsoft Web Designer Tools
2009-04-26 16:35:30 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-04-26 12:31:13 ----D---- C:\Users\medragh\AppData\Roaming\SQL Developer
2009-04-26 00:55:12 ----D---- C:\Program Files\Microsoft Visual Studio .NET
2009-04-26 00:53:10 ----D---- C:\oraclexe
======List of files/folders modified in the last 1 months======
2009-05-22 00:07:50 ----D---- C:\Windows\Temp
2009-05-21 23:39:08 ----D---- C:\Windows\System32
2009-05-21 23:39:08 ----D---- C:\Windows\inf
2009-05-21 23:39:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-21 23:35:37 ----RD---- C:\Program Files
2009-05-21 21:27:52 ----D---- C:\Windows\system32\WDI
2009-05-21 19:08:01 ----A---- C:\Windows\ntbtlog.txt
2009-05-21 12:01:35 ----SHD---- C:\System Volume Information
2009-05-21 11:51:54 ----D---- C:\Windows
2009-05-21 11:37:41 ----D---- C:\Windows\system32\drivers
2009-05-21 11:36:14 ----D---- C:\Windows\system32\catroot
2009-05-21 11:35:32 ----HD---- C:\ProgramData
2009-05-21 11:34:53 ----SHD---- C:\Windows\Installer
2009-05-21 11:34:53 ----HD---- C:\Config.Msi
2009-05-21 11:33:39 ----SD---- C:\Users\medragh\AppData\Roaming\Microsoft
2009-05-21 11:29:54 ----D---- C:\Windows\Prefetch
2009-05-21 11:12:49 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-21 11:12:48 ----D---- C:\Program Files\Common Files
2009-05-20 21:30:25 ----D---- C:\Users\medragh\AppData\Roaming\Free Download Manager
2009-05-19 22:33:11 ----D---- C:\Downloads
2009-05-19 19:18:09 ----SD---- C:\ProgramData\Microsoft
2009-05-14 13:00:43 ----D---- C:\Windows\rescache
2009-05-14 09:54:54 ----RD---- C:\Users
2009-05-14 09:33:17 ----D---- C:\Windows\system32\catroot2
2009-05-14 03:28:14 ----D---- C:\Windows\Microsoft.NET
2009-05-14 03:27:56 ----RSD---- C:\Windows\assembly
2009-05-14 02:49:31 ----D---- C:\Windows\winsxs
2009-05-14 02:39:51 ----D---- C:\ProgramData\Microsoft Help
2009-05-14 02:22:41 ----D---- C:\Program Files\Common Files\microsoft shared
2009-05-14 02:20:39 ----D---- C:\Program Files\Microsoft Office
2009-05-14 02:14:27 ----D---- C:\Program Files\Microsoft SQL Server
2009-05-13 23:10:33 ----D---- C:\Windows\system32\zh-TW
2009-05-13 23:10:33 ----D---- C:\Windows\system32\zh-CN
2009-05-13 23:10:33 ----D---- C:\Windows\system32\uk-UA
2009-05-13 23:10:33 ----D---- C:\Windows\system32\tr-TR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\th-TH
2009-05-13 23:10:33 ----D---- C:\Windows\system32\sv-SE
2009-05-13 23:10:33 ----D---- C:\Windows\system32\sr-Latn-CS
2009-05-13 23:10:33 ----D---- C:\Windows\system32\sl-SI
2009-05-13 23:10:33 ----D---- C:\Windows\system32\sk-SK
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ru-RU
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ro-RO
2009-05-13 23:10:33 ----D---- C:\Windows\system32\pt-PT
2009-05-13 23:10:33 ----D---- C:\Windows\system32\pt-BR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\pl-PL
2009-05-13 23:10:33 ----D---- C:\Windows\system32\nl-NL
2009-05-13 23:10:33 ----D---- C:\Windows\system32\nb-NO
2009-05-13 23:10:33 ----D---- C:\Windows\system32\lv-LV
2009-05-13 23:10:33 ----D---- C:\Windows\system32\lt-LT
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ko-KR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ja-JP
2009-05-13 23:10:33 ----D---- C:\Windows\system32\it-IT
2009-05-13 23:10:33 ----D---- C:\Windows\system32\hu-HU
2009-05-13 23:10:33 ----D---- C:\Windows\system32\hr-HR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\he-IL
2009-05-13 23:10:33 ----D---- C:\Windows\system32\fr-FR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\fi-FI
2009-05-13 23:10:33 ----D---- C:\Windows\system32\et-EE
2009-05-13 23:10:33 ----D---- C:\Windows\system32\es-ES
2009-05-13 23:10:33 ----D---- C:\Windows\system32\en-US
2009-05-13 23:10:33 ----D---- C:\Windows\system32\el-GR
2009-05-13 23:10:33 ----D---- C:\Windows\system32\de-DE
2009-05-13 23:10:33 ----D---- C:\Windows\system32\da-DK
2009-05-13 23:10:33 ----D---- C:\Windows\system32\cs-CZ
2009-05-13 23:10:33 ----D---- C:\Windows\system32\bg-BG
2009-05-13 23:10:33 ----D---- C:\Windows\system32\ar-SA
2009-05-13 23:03:29 ----D---- C:\Windows\SoftwareDistribution
2009-05-13 22:49:51 ----D---- C:\Windows\system32\Tasks
2009-05-13 22:49:50 ----D---- C:\Windows\Tasks
2009-05-13 22:37:26 ----D---- C:\Program Files\Google
2009-05-13 22:32:36 ----D---- C:\Program Files\Internet Explorer
2009-05-13 22:32:34 ----D---- C:\Windows\system32\migration
2009-05-13 22:32:34 ----D---- C:\Windows\PolicyDefinitions
2009-05-13 22:18:08 ----RSD---- C:\Windows\Fonts
2009-05-13 22:17:40 ----D---- C:\Program Files\Microsoft Works
2009-05-13 22:15:50 ----A---- C:\Windows\win.ini
2009-05-13 22:07:08 ----D---- C:\Program Files\Windows Mail
2009-05-13 21:08:36 ----D---- C:\ProgramData\Google
2009-05-07 09:16:29 ----A---- C:\Windows\system32\mrt.exe
2009-05-01 14:47:10 ----D---- C:\Program Files\Mozilla Firefox
2009-04-27 13:40:23 ----D---- C:\Windows\Registration
2009-04-26 22:25:32 ----D---- C:\Windows\system32\LogFiles
2009-04-26 16:53:10 ----D---- C:\Program Files\Microsoft.NET
2009-04-26 16:41:02 ----D---- C:\Program Files\MSBuild
2009-04-26 01:00:16 ----D---- C:\Users\medragh\AppData\Roaming\Apple Computer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2009-05-21 23832]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-05-21 325896]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-05-21 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-05-21 108552]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2008-10-28 32304]
R2 vmci;VMware vmci; \??\C:\Windows\system32\Drivers\vmci.sys [2008-10-28 54960]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2008-10-28 31280]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2008-10-28 26288]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\Drivers\vmx86.sys [2008-10-28 857392]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys [2008-10-02 22448]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-29 919552]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-20 3077632]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-03-20 208688]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2008-10-28 23216]
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2008-10-28 16560]
S3 a6el0s1z;a6el0s1z; C:\Windows\system32\drivers\a6el0s1z.sys []
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-18 9216]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2008-01-18 15872]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-05 36864]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 RsFx0102;RsFx0102 Driver; C:\Windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-09-20 610304]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-05-21 298776]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-05-21 1366904]
R2 BcmSqlStartupSvc;Service de démarrage SQL Server pour le Gestionnaire de contacts professionnels; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 hpqddsvc;Service HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-26 554352]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 RapiMgr;Connectivité de l'appareil Windows Mobile; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 WcesComm;Connectivité de l'appareil Windows Mobile 2003; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-06 132424]
S3 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S3 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-19 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-26 2999664]
S3 MsDtsServer100;SQL Server Integration Services 10.0; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2008-07-10 218136]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S3 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-07-10 31256]
S3 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
S3 MSSQLServerOLAPService;SQL Server Analysis Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\bin\msmdsrv.exe [2008-07-10 21945368]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe [2006-02-02 57616]
S3 OracleServiceXE;OracleServiceXE; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE [2006-02-02 59064320]
S3 OracleXEClrAgent;OracleXEClrAgent; C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe [2006-02-02 45056]
S3 OracleXETNSListener;OracleXETNSListener; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-02 204800]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files\PostgreSQL\8.3\bin\pg_ctl.exe [2009-02-03 65536]
S3 ReportServer;SQL Server Reporting Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2008-07-10 1106968]
S3 SQLSERVERAGENT;Agent SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S3 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA HD DVD PLAYER\TNaviSrv.exe [2007-09-21 77824]
S3 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
S3 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
S3 TS inetd;Oracle Data Quality Inetd; c:\OraHome_1\oracledq\Common Files\oracledp\inetd\2\inetd.exe [2008-06-30 122880]
S3 TSS 11.5 - Scheduler;Oracle Data Quality Scheduler; c:\OraHome_1\oracledq\metabase_server\bin\scheduler.exe [2008-11-10 1236282]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2008-10-02 191024]
S3 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S3 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2008-10-28 113200]
S3 VMnetDHCP;VMware DHCP Service; C:\Windows\system32\vmnetdhcp.exe [2008-10-28 326192]
S3 VMware NAT Service;VMware NAT Service; C:\Windows\system32\vmnat.exe [2008-10-28 399920]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 MSSQLServerADHelper100;Service SQL Active Directory Helper; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2008-07-29 3201024]
S4 OracleJobSchedulerXE;OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe [2006-02-02 102400]
-----------------EOF-----------------
-------------------------------------------------------------------------------------------------------------------------------------------
Merci de m’aider SVP.
Merci d’avance
Configuration: Windows Vista Internet Explorer 8.0
A voir également:
- PILOTE MASQUé rookit suite a un scan AVG 8.5
- Pilote son windows 10 - Télécharger - Pilotes & Matériel
- Avg free - Télécharger - Antivirus & Antimalwares
- Numero masque - Guide
- Scan qr code pc - Guide
- Sfc scan - Guide
1 réponse
Télécharge GenProc
Dézippez le dossier GenProc.zip
Ouvrez le dossier GenProc, et double-cliquez sur le fichier GenProc.bat
Laissez vous guider par l'outil, quand la recherche sera finie, une fenêtre s'affichera et le rapport s'ouvrira
ensuite poster ce rapport
PS: tu 2 antivirus , vire avast avec cet utilitaire
Dézippez le dossier GenProc.zip
Ouvrez le dossier GenProc, et double-cliquez sur le fichier GenProc.bat
Laissez vous guider par l'outil, quand la recherche sera finie, une fenêtre s'affichera et le rapport s'ouvrira
ensuite poster ce rapport
PS: tu 2 antivirus , vire avast avec cet utilitaire
