Winlogon.exe fichier endommagé chkdsk ????

leroilion010 Messages postés 60 Statut Membre -
leroilion010 Messages postés 60 Statut Membre - 13 juin 2011 à 16:02

Bonjour,

voila apres avoir fais maintes recherches sur internet, je n'arrive toujours a regler ce probleme
a chaque fois que je demarre mon ordi on me dit comme je le dis dans mon titre l'ordinateur m'affiche Winlogon.exe fichier endommagé ou illisible, exécuter l'utilitaire chkdsk.
Alors étant bête et discipliné je m'y exécute. Alors j'essaie plusieurs méthode que j'ai vu sur les forums , tel que chkdsk /f , chkdsk /r, chkdsk /f /r, chkdsk /f c: bref après marqué le "o" pour pouvoir l'exécuter au démarrage bien je redémarre rien n'y fait
y a t'il quelqu'un pour m'aider, je ne peux installer aucun programme comme Itunes ou IE9 ....
bref si il y quelqu'un qui pourrait m'aider je suis assez novice
je vous en joins plus un random/random, un HijackThis mais bon je ne comprend pas grand chose,
voila je vous remercie d'avance..

Logfile of random's system information tool 1.08 (written by random/random)
Run by Oren at 2011-05-15 00:13:21
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2
System drive C: has 64 GB (54%) free of 119 GB
Total RAM: 2038 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:17:25, on 15/05/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\program files\avira\antivir desktop\avcenter.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\Downloads\RSIT.exe
C:\Program Files\trend micro\Oren.exe
C:\Users\Oren\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

End of file - 24553 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-03-18 1164680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-25 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-25 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-25 129560]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2006-12-06 366400]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-04-27 30192]
"Desktop SMS"=C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-25 413696]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-01-25 716800]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-11-01 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-02-04 281768]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2007-12-29 430080]
"Google Update"=C:\Users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-25 136176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-01 15145352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-09-13 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2011-05-15 00:13:22 ----D---- C:\Program Files\trend micro
2011-05-15 00:13:21 ----D---- C:\rsit
2011-05-10 23:55:13 ----A---- C:\Windows\system32\XpsPrint.dll
2011-05-10 06:37:47 ----D---- C:\Users\Oren\AppData\Roaming\Mozilla
2011-05-09 17:53:02 ----D---- C:\Program Files\Windows Portable Devices
2011-05-09 17:24:34 ----A---- C:\Windows\system32\UIAnimation.dll
2011-05-09 17:24:33 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-05-09 17:24:32 ----A---- C:\Windows\system32\UIRibbon.dll
2011-05-09 17:23:54 ----A---- C:\Windows\system32\WMPhoto.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\dxdiagn.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\dxdiag.exe
2011-05-09 17:23:52 ----A---- C:\Windows\system32\d3d11.dll
2011-05-09 17:23:06 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2011-05-09 17:23:06 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-05-09 17:23:06 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2011-05-09 17:23:00 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2011-05-09 17:22:59 ----A---- C:\Windows\system32\WpdConns.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\wpdshext.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\WpdMtpUS.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\wpd_ci.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\drivers\WpdUsb.sys
2011-05-09 17:22:57 ----A---- C:\Windows\system32\WPDSp.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\WpdMtp.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-05-09 03:06:55 ----A---- C:\Windows\system32\oleaccrc.dll
2011-05-09 03:06:55 ----A---- C:\Windows\system32\oleacc.dll
2011-05-09 03:06:54 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-05-08 19:54:14 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-05-08 19:54:14 ----A---- C:\Windows\system32\MFH264Dec.dll
2011-05-08 19:54:14 ----A---- C:\Windows\system32\dxgi.dll
2011-05-08 19:54:13 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-05-08 19:54:13 ----A---- C:\Windows\system32\mfmp4src.dll
2011-05-08 19:54:13 ----A---- C:\Windows\system32\MFHEAACdec.dll
2011-05-08 19:54:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-05-08 19:54:12 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2011-05-08 19:54:12 ----A---- C:\Windows\system32\mf.dll
2011-05-08 19:54:12 ----A---- C:\Windows\system32\cdd.dll
2011-05-08 19:54:11 ----A---- C:\Windows\system32\stobject.dll
2011-05-08 19:54:11 ----A---- C:\Windows\system32\shdocvw.dll
2011-05-08 19:54:11 ----A---- C:\Windows\system32\mfplat.dll
2011-05-08 19:54:10 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2011-05-08 19:54:10 ----A---- C:\Windows\system32\mfps.dll
2011-05-08 19:45:50 ----A---- C:\Windows\system32\d3d10warp.dll
2011-05-08 19:45:50 ----A---- C:\Windows\system32\d3d10_1.dll
2011-05-08 19:45:50 ----A---- C:\Windows\system32\d2d1.dll
2011-05-08 19:45:49 ----A---- C:\Windows\system32\FntCache.dll
2011-05-08 19:45:49 ----A---- C:\Windows\system32\DWrite.dll
2011-05-08 19:45:49 ----A---- C:\Windows\system32\d3d10.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\xpsservices.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\OpcServices.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\d3d10level9.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\d3d10core.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-05-08 19:43:58 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2011-05-08 19:43:58 ----A---- C:\Windows\system32\Apphlpdm.dll
2011-05-08 19:06:51 ----A---- C:\Windows\system32\msshsq.dll
2011-04-24 19:48:38 ----D---- C:\Users\Oren\AppData\Roaming\Apple Computer
2011-04-24 19:48:07 ----DC---- C:\Windows\system32\DRVSTORE
2011-04-24 19:48:07 ----A---- C:\Windows\system32\GEARAspi.dll
2011-04-24 19:48:07 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-04-24 19:47:25 ----D---- C:\Program Files\iPod
2011-04-24 19:47:23 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-04-24 19:47:23 ----D---- C:\Program Files\iTunes
2011-04-24 19:45:47 ----D---- C:\Program Files\QuickTime
2011-04-24 19:45:45 ----D---- C:\ProgramData\Apple Computer
2011-04-24 19:45:07 ----D---- C:\Program Files\Apple Software Update
2011-04-24 19:43:12 ----D---- C:\Program Files\Bonjour
2011-04-24 19:42:42 ----D---- C:\ProgramData\Apple
2011-04-24 19:42:42 ----D---- C:\Program Files\Common Files\Apple
2011-04-24 16:40:12 ----D---- C:\Windows\system32\eu-ES
2011-04-24 16:40:12 ----D---- C:\Windows\system32\ca-ES
2011-04-24 16:40:09 ----D---- C:\Windows\system32\vi-VN
2011-04-24 14:41:42 ----D---- C:\Windows\system32\EventProviders
2011-04-21 12:13:56 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2011-04-21 12:13:53 ----A---- C:\Windows\system32\SLsvc.exe
2011-04-21 12:13:53 ----A---- C:\Windows\system32\SLCExt.dll
2011-04-21 12:13:51 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2011-04-21 12:13:51 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2011-04-21 12:13:50 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2011-04-21 12:13:48 ----A---- C:\Windows\system32\mssrch.dll
2011-04-21 12:13:46 ----A---- C:\Windows\system32\tquery.dll
2011-04-21 12:13:46 ----A---- C:\Windows\system32\drivers\spsys.sys
2011-04-21 12:13:45 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2011-04-21 12:13:44 ----A---- C:\Windows\system32\scavenge.dll
2011-04-21 12:13:44 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-04-21 12:13:43 ----A---- C:\Windows\system32\msi.dll
2011-04-21 12:13:42 ----A---- C:\Windows\system32\imapi2fs.dll
2011-04-21 12:13:41 ----A---- C:\Windows\system32\WscEapPr.dll
2011-04-21 12:13:41 ----A---- C:\Windows\system32\wcnwiz2.dll
2011-04-21 12:13:41 ----A---- C:\Windows\system32\sysmain.dll
2011-04-21 12:13:40 ----A---- C:\Windows\system32\icardagt.exe
2011-04-21 12:13:39 ----A---- C:\Windows\system32\EhStorShell.dll
2011-04-21 12:13:39 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2011-04-21 12:13:38 ----A---- C:\Windows\system32\spreview.exe
2011-04-21 12:13:38 ----A---- C:\Windows\system32\spinstall.exe
2011-04-21 12:13:38 ----A---- C:\Windows\system32\drmv2clt.dll
2011-04-21 12:13:37 ----A---- C:\Windows\system32\spwizui.dll
2011-04-21 12:13:37 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-04-21 12:13:36 ----A---- C:\Windows\system32\p2psvc.dll
2011-04-21 12:13:35 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-04-21 12:13:35 ----A---- C:\Windows\system32\mssvp.dll
2011-04-21 12:13:34 ----A---- C:\Windows\system32\mssphtb.dll
2011-04-21 12:13:34 ----A---- C:\Windows\system32\mssph.dll
2011-04-21 12:13:34 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2011-04-21 12:13:34 ----A---- C:\Windows\system32\imapi2.dll
2011-04-21 12:13:33 ----A---- C:\Windows\system32\sdohlp.dll
2011-04-21 12:13:32 ----A---- C:\Windows\system32\IMJP10K.DLL
2011-04-21 12:13:32 ----A---- C:\Windows\system32\esent.dll
2011-04-21 12:13:31 ----A---- C:\Windows\system32\DevicePairing.dll
2011-04-21 12:13:30 ----A---- C:\Windows\system32\wevtsvc.dll
2011-04-21 12:13:30 ----A---- C:\Windows\system32\sperror.dll
2011-04-21 12:13:30 ----A---- C:\Windows\system32\korwbrkr.dll
2011-04-21 12:13:29 ----A---- C:\Windows\system32\SLC.dll
2011-04-21 12:13:29 ----A---- C:\Windows\system32\IasMigReader.exe
2011-04-21 12:13:27 ----A---- C:\Windows\system32\msjet40.dll
2011-04-21 12:13:27 ----A---- C:\Windows\system32\MPSSVC.dll
2011-04-21 12:13:26 ----A---- C:\Windows\system32\Query.dll
2011-04-21 12:13:26 ----A---- C:\Windows\system32\qmgr.dll
2011-04-21 12:13:25 ----A---- C:\Windows\system32\msexch40.dll
2011-04-21 12:13:25 ----A---- C:\Windows\system32\diagperf.dll
2011-04-21 12:13:24 ----A---- C:\Windows\system32\P2PGraph.dll
2011-04-21 12:13:23 ----A---- C:\Windows\system32\winload.exe
2011-04-21 12:13:23 ----A---- C:\Windows\system32\srchadmin.dll
2011-04-21 12:13:23 ----A---- C:\Windows\system32\mblctr.exe
2011-04-21 12:13:22 ----A---- C:\Windows\system32\uDWM.dll
2011-04-21 12:13:22 ----A---- C:\Windows\system32\riched20.dll
2011-04-21 12:13:22 ----A---- C:\Windows\system32\mmc.exe
2011-04-21 12:13:22 ----A---- C:\Windows\system32\IasMigPlugin.dll
2011-04-21 12:13:22 ----A---- C:\Windows\system32\dfsr.exe
2011-04-21 12:13:21 ----A---- C:\Windows\system32\RacEngn.dll
2011-04-21 12:13:21 ----A---- C:\Windows\system32\fdBth.dll
2011-04-21 12:13:20 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-04-21 12:13:20 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-04-21 12:13:20 ----A---- C:\Windows\system32\milcore.dll
2011-04-21 12:13:20 ----A---- C:\Windows\system32\kernel32.dll
2011-04-21 12:13:19 ----A---- C:\Windows\system32\spoolss.dll
2011-04-21 12:13:19 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-04-21 12:13:19 ----A---- C:\Windows\system32\EhStorAPI.dll
2011-04-21 12:13:19 ----A---- C:\Windows\system32\CertEnroll.dll
2011-04-21 12:13:18 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2011-04-21 12:13:17 ----A---- C:\Windows\system32\msvcp60.dll
2011-04-21 12:13:17 ----A---- C:\Windows\system32\msjtes40.dll
2011-04-21 12:13:17 ----A---- C:\Windows\system32\infocardapi.dll
2011-04-21 12:13:17 ----A---- C:\Windows\system32\gpedit.dll
2011-04-21 12:13:16 ----A---- C:\Windows\system32\WinSAT.exe
2011-04-21 12:13:16 ----A---- C:\Windows\system32\PresentationSettings.exe
2011-04-21 12:13:16 ----A---- C:\Windows\system32\es.dll
2011-04-21 12:13:15 ----A---- C:\Windows\system32\mstext40.dll
2011-04-21 12:13:15 ----A---- C:\Windows\system32\Magnify.exe
2011-04-21 12:13:15 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-04-21 12:13:15 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2011-04-21 12:13:15 ----A---- C:\Windows\system32\advapi32.dll
2011-04-21 12:13:14 ----A---- C:\Windows\system32\WebClnt.dll
2011-04-21 12:13:14 ----A---- C:\Windows\system32\slwmi.dll
2011-04-21 12:13:14 ----A---- C:\Windows\system32\msexcl40.dll
2011-04-21 12:13:13 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2011-04-21 12:13:13 ----A---- C:\Windows\system32\msxbde40.dll
2011-04-21 12:13:13 ----A---- C:\Windows\system32\comsvcs.dll
2011-04-21 12:13:12 ----A---- C:\Windows\system32\vssapi.dll
2011-04-21 12:13:12 ----A---- C:\Windows\system32\authui.dll
2011-04-21 12:13:11 ----A---- C:\Windows\system32\propsys.dll
2011-04-21 12:13:11 ----A---- C:\Windows\system32\newdev.dll
2011-04-21 12:13:11 ----A---- C:\Windows\system32\NetProjW.dll
2011-04-21 12:13:11 ----A---- C:\Windows\system32\msrepl40.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\rpcss.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\iasrecst.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\gpsvc.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\eudcedit.exe
2011-04-21 12:13:10 ----A---- C:\Windows\system32\crypt32.dll
2011-04-21 12:13:10 ----A---- C:\Windows\explorer.exe
2011-04-21 12:13:09 ----A---- C:\Windows\system32\setupapi.dll
2011-04-21 12:13:09 ----A---- C:\Windows\system32\mspbde40.dll
2011-04-21 12:13:09 ----A---- C:\Windows\system32\d3d9.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\msrd3x40.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\msltus40.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\msdtctm.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\EhStorAuthn.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\davclnt.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\browseui.dll
2011-04-21 12:13:07 ----A---- C:\Windows\system32\wevtapi.dll
2011-04-21 12:13:07 ----A---- C:\Windows\system32\user32.dll
2011-04-21 12:13:07 ----A---- C:\Windows\system32\photowiz.dll
2011-04-21 12:13:07 ----A---- C:\Windows\system32\nlhtml.dll
2011-04-21 12:13:06 ----A---- C:\Windows\system32\samsrv.dll
2011-04-21 12:13:06 ----A---- C:\Windows\system32\ci.dll
2011-04-21 12:13:05 ----A---- C:\Windows\system32\win32spl.dll
2011-04-21 12:13:05 ----A---- C:\Windows\system32\WcnNetsh.dll
2011-04-21 12:13:05 ----A---- C:\Windows\system32\SLCommDlg.dll
2011-04-21 12:13:05 ----A---- C:\Windows\system32\oleaut32.dll
2011-04-21 12:13:04 ----A---- C:\Windows\system32\netshell.dll
2011-04-21 12:13:04 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-04-21 12:13:04 ----A---- C:\Windows\system32\compcln.exe
2011-04-21 12:13:03 ----A---- C:\Windows\system32\xmlfilter.dll
2011-04-21 12:13:03 ----A---- C:\Windows\system32\mswstr10.dll
2011-04-21 12:13:03 ----A---- C:\Windows\system32\emdmgmt.dll
2011-04-21 12:13:03 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-04-21 12:13:03 ----A---- C:\Windows\system32\audiosrv.dll
2011-04-21 12:13:03 ----A---- C:\Windows\system32\apds.dll
2011-04-21 12:13:02 ----A---- C:\Windows\system32\msvcrt.dll
2011-04-21 12:13:02 ----A---- C:\Windows\system32\msctf.dll
2011-04-21 12:13:02 ----A---- C:\Windows\system32\gdi32.dll
2011-04-21 12:13:02 ----A---- C:\Windows\system32\drivers\netio.sys
2011-04-21 12:13:02 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-04-21 12:13:01 ----A---- C:\Windows\system32\VSSVC.exe
2011-04-21 12:13:01 ----A---- C:\Windows\system32\SLUI.exe
2011-04-21 12:13:01 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-04-21 12:13:01 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\propdefs.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\msrd2x40.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\eapphost.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-04-21 12:12:59 ----A---- C:\Windows\system32\winresume.exe
2011-04-21 12:12:58 ----A---- C:\Windows\system32\wevtutil.exe
2011-04-21 12:12:58 ----A---- C:\Windows\system32\mssitlb.dll
2011-04-21 12:12:58 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-04-21 12:12:58 ----A---- C:\Windows\system32\dbgeng.dll
2011-04-21 12:12:57 ----A---- C:\Windows\system32\swprv.dll
2011-04-21 12:12:57 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-04-21 12:12:56 ----A---- C:\Windows\system32\vds.exe
2011-04-21 12:12:55 ----A---- C:\Windows\system32\netlogon.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\msscb.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\msctfp.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\fdBthProxy.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\drvinst.exe
2011-04-21 12:12:55 ----A---- C:\Windows\system32\devmgr.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\BFE.DLL
2011-04-21 12:12:55 ----A---- C:\Windows\system32\autochk.exe
2011-04-21 12:12:55 ----A---- C:\Windows\system32\adsldpc.dll
2011-04-21 12:12:54 ----A---- C:\Windows\system32\WMVSDECD.DLL
2011-04-21 12:12:54 ----A---- C:\Windows\system32\Wldap32.dll
2011-04-21 12:12:54 ----A---- C:\Windows\system32\wcnwiz.dll
2011-04-21 12:12:54 ----A---- C:\Windows\system32\evr.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\wercon.exe
2011-04-21 12:12:53 ----A---- C:\Windows\system32\wcncsvc.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\services.exe
2011-04-21 12:12:53 ----A---- C:\Windows\system32\mimefilt.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\iertutil.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-04-21 12:12:53 ----A---- C:\Windows\system32\comdlg32.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\adtschema.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\reg.exe
2011-04-21 12:12:52 ----A---- C:\Windows\system32\mswdat10.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\msjter40.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\msdtcprx.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\certcli.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\w32time.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\rtffilt.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-04-21 12:12:51 ----A---- C:\Windows\system32\certutil.exe
2011-04-21 12:12:50 ----A---- C:\Windows\system32\msshooks.dll
2011-04-21 12:12:50 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-04-21 12:12:50 ----A---- C:\Windows\system32\bcrypt.dll
2011-04-21 12:12:49 ----A---- C:\Windows\system32\rsaenh.dll
2011-04-21 12:12:49 ----A---- C:\Windows\system32\msscntrs.dll
2011-04-21 12:12:49 ----A---- C:\Windows\system32\msihnd.dll
2011-04-21 12:12:49 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-04-21 12:12:49 ----A---- C:\Windows\system32\bthserv.dll
2011-04-21 12:12:48 ----A---- C:\Windows\system32\TsWpfWrp.exe
2011-04-21 12:12:48 ----A---- C:\Windows\system32\msstrc.dll
2011-04-21 12:12:48 ----A---- C:\Windows\system32\MMDevAPI.dll
2011-04-21 12:12:46 ----A---- C:\Windows\system32\netapi32.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\mtxclu.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\inetpp.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\hidserv.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\fundisc.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\cryptsvc.dll
2011-04-21 12:12:44 ----A---- C:\Windows\system32\termsrv.dll
2011-04-21 12:12:44 ----A---- C:\Windows\system32\profsvc.dll
2011-04-21 12:12:44 ----A---- C:\Windows\system32\mscories.dll
2011-04-21 12:12:44 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2011-04-21 12:12:42 ----A---- C:\Windows\system32\msiexec.exe
2011-04-21 12:12:42 ----A---- C:\Windows\system32\imapi.dll
2011-04-21 12:12:41 ----A---- C:\Windows\system32\wdc.dll
2011-04-21 12:12:41 ----A---- C:\Windows\system32\drivers\pci.sys
2011-04-21 12:12:41 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2011-04-21 12:12:41 ----A---- C:\Windows\system32\chsbrkr.dll
2011-04-21 12:12:40 ----A---- C:\Windows\system32\rasmans.dll
2011-04-21 12:12:40 ----A---- C:\Windows\system32\pnidui.dll
2011-04-21 12:12:40 ----A---- C:\Windows\system32\iassdo.dll
2011-04-21 12:12:39 ----A---- C:\Windows\system32\wersvc.dll
2011-04-21 12:12:39 ----A---- C:\Windows\system32\scrrun.dll
2011-04-21 12:12:39 ----A---- C:\Windows\system32\PSHED.DLL
2011-04-21 12:12:39 ----A---- C:\Windows\system32\icardres.dll
2011-04-21 12:12:39 ----A---- C:\Windows\system32\drivers\termdd.sys
2011-04-21 12:12:39 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2011-04-21 12:12:39 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-04-21 12:12:39 ----A---- C:\Windows\system32\autofmt.exe
2011-04-21 12:12:38 ----A---- C:\Windows\system32\slmgr.vbs
2011-04-21 12:12:38 ----A---- C:\Windows\system32\pdh.dll
2011-04-21 12:12:38 ----A---- C:\Windows\system32\drivers\Storport.sys
2011-04-21 12:12:38 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-04-21 12:12:38 ----A---- C:\Windows\system32\dhcpcsvc.dll
2011-04-21 12:12:38 ----A---- C:\Windows\system32\clfs.sys
2011-04-21 12:12:38 ----A---- C:\Windows\system32\CertEnrollUI.dll
2011-04-21 12:12:38 ----A---- C:\Windows\system32\azroles.dll
2011-04-21 12:12:37 ----A---- C:\Windows\system32\winlogon.exe
2011-04-21 12:12:37 ----A---- C:\Windows\system32\SyncCenter.dll
2011-04-21 12:12:37 ----A---- C:\Windows\system32\pidgenx.dll
2011-04-21 12:12:37 ----A---- C:\Windows\system32\drivers\partmgr.sys
2011-04-21 12:12:36 ----A---- C:\Windows\system32\SLUINotify.dll
2011-04-21 12:12:36 ----A---- C:\Windows\system32\msjetoledb40.dll
2011-04-21 12:12:36 ----A---- C:\Windows\system32\drivers\mup.sys
2011-04-21 12:12:36 ----A---- C:\Windows\system32\comuid.dll
2011-04-21 12:12:36 ----A---- C:\Windows\system32\certmgr.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\wisptis.exe
2011-04-21 12:12:35 ----A---- C:\Windows\system32\untfs.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\spp.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\sethc.exe
2011-04-21 12:12:35 ----A---- C:\Windows\system32\scrobj.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\ncrypt.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\kd1394.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\iassam.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\dwm.exe
2011-04-21 12:12:35 ----A---- C:\Windows\system32\drivers\disk.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\printui.dll
2011-04-21 12:12:34 ----A---- C:\Windows\system32\iasnap.dll
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\pciidex.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\msrpc.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\ecache.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\autoconv.exe
2011-04-21 12:12:33 ----A---- C:\Windows\system32\wow32.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\winsrv.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\userenv.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\onex.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\kdcom.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2011-04-21 12:12:33 ----A---- C:\Windows\system32\cscript.exe
2011-04-21 12:12:33 ----A---- C:\Windows\system32\basecsp.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\audiodg.exe
2011-04-21 12:12:32 ----A---- C:\Windows\system32\spcmsg.dll
2011-04-21 12:12:32 ----A---- C:\Windows\system32\osk.exe
2011-04-21 12:12:32 ----A---- C:\Windows\system32\mswsock.dll
2011-04-21 12:12:32 ----A---- C:\Windows\system32\kdusb.dll
2011-04-21 12:12:32 ----A---- C:\Windows\system32\drivers\atapi.sys
2011-04-21 12:12:31 ----A---- C:\Windows\system32\WinSCard.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\winmm.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\RelMon.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\rdpencom.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\msftedit.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-04-21 12:12:30 ----A---- C:\Windows\system32\WerFaultSecure.exe
2011-04-21 12:12:30 ----A---- C:\Windows\system32\offfilt.dll
2011-04-21 12:12:29 ----A---- C:\Windows\system32\wsepno.dll
2011-04-21 12:12:29 ----A---- C:\Windows\system32\WerFault.exe
2011-04-21 12:12:29 ----A---- C:\Windows\system32\Utilman.exe
2011-04-21 12:12:29 ----A---- C:\Windows\system32\diskraid.exe
2011-04-21 12:12:28 ----A---- C:\Windows\system32\wiaservc.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\sysclass.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\SndVol.exe
2011-04-21 12:12:28 ----A---- C:\Windows\system32\prnntfy.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\msnetobj.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\mscms.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\mcmde.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\apphelp.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\adsmsext.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\wscript.exe
2011-04-21 12:12:27 ----A---- C:\Windows\system32\ulib.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\odbccp32.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2011-04-21 12:12:27 ----A---- C:\Windows\system32\iasdatastore.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\dsound.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\cryptui.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\wscntfy.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\rastapi.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\pnpsetup.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\ipsecsnp.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\fdProxy.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\brcpl.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\wscsvc.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\WMVENCOD.DLL
2011-04-21 12:12:25 ----A---- C:\Windows\system32\wlangpui.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\vdsdyn.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\logman.exe
2011-04-21 12:12:25 ----A---- C:\Windows\system32\iashlpr.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\gpapi.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\diskpart.exe
2011-04-21 12:12:24 ----A---- C:\Windows\system32\wusa.exe
2011-04-21 12:12:24 ----A---- C:\Windows\system32\regsvc.dll
2011-04-21 12:12:24 ----A---- C:\Windows\system32\rasapi32.dll
2011-04-21 12:12:24 ----A---- C:\Windows\system32\ntprint.dll
2011-04-21 12:12:24 ----A---- C:\Windows\system32\mscorier.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\zipfldr.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\wshext.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\wpccpl.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\webcheck.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\rasdlg.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\netcenter.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\iasrad.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\findstr.exe
2011-04-21 12:12:22 ----A---- C:\Windows\system32\wsnmp32.dll
2011-04-21 12:12:22 ----A---- C:\Windows\system32\wer.dll
2011-04-21 12:12:22 ----A---- C:\Windows\system32\themecpl.dll
2011-04-21 12:12:22 ----A---- C:\Windows\system32\iassvcs.dll
2011-04-21 12:12:22 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-04-21 12:12:21 ----A---- C:\Windows\system32\uxsms.dll
2011-04-21 12:12:21 ----A---- C:\Windows\system32\mssprxy.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\slcc.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\scansetting.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\powrprof.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\ntmarta.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\msutb.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\mstlsapi.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\iasads.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\iasacct.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\drivers\ks.sys
2011-04-21 12:12:19 ----A---- C:\Windows\system32\powercpl.dll
2011-04-21 12:12:19 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2011-04-21 12:12:19 ----A---- C:\Windows\system32\networkmap.dll
2011-04-21 12:12:19 ----A---- C:\Windows\system32\authz.dll
2011-04-21 12:12:18 ----A---- C:\Windows\system32\sud.dll
2011-04-21 12:12:18 ----A---- C:\Windows\system32\newdev.exe
2011-04-21 12:12:18 ----A---- C:\Windows\system32\dot3svc.dll
2011-04-21 12:12:18 ----A---- C:\Windows\system32\connect.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\themeui.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\systemcpl.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\samlib.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\pcaui.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\mmci.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\drivers\sdbus.sys
2011-04-21 12:12:17 ----A---- C:\Windows\system32\accessibilitycpl.dll
2011-04-21 12:12:16 ----A---- C:\Windows\system32\wlanpref.dll
2011-04-21 12:12:16 ----A---- C:\Windows\system32\usercpl.dll
2011-04-21 12:12:16 ----A---- C:\Windows\system32\rpchttp.dll

Afficher la suite

A voir également:

Winlogon.exe fichier endommagé chkdsk ????
Fichier bin - Guide
Fichier epub - Guide
Chkdsk - Guide
Fichier rar - Guide
Comment réduire la taille d'un fichier - Guide

92 réponses

Réponse 21 / 92

leroilion010 Messages postés 60 Statut Membre

a 43% de la verification il me dise

la protection des ressources windows n'a pas reussi a effectuer l'operartion demandée

Réponse 22 / 92

leroilion010 Messages postés 60 Statut Membre

je redémarre quand meme??

Réponse 23 / 92

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

laisse continuer

Réponse 24 / 92

leroilion010 Messages postés 60 Statut Membre

oé mais ca c arreté a 43% copletement
et apres il me remarque system32>

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 92

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

redémarre ouais

Réponse 26 / 92

leroilion010 Messages postés 60 Statut Membre

toujours le meme message ....
:s

Réponse 27 / 92

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

/!\ Ne pas utiliser ce logiciel en dehors du cadre de cette désinfection : DANGEREUX /!\

Si tu utilises AVG, IL FAUT IMPÉRATIVEMENT LE DÉSINSTALLER avant d''utiliser Combofix car il peut causer des dégâts en interaction avec l''outil pouvant mener à la réinstallation totale du système.
La simple désactivation du résident n''est pas suffisante.
Télécharge le désinstalleur d''AVG sur ce lien : https://www.avg.com/fr-fr/avg-remover
Choisis la version adéquate (32 ou 64 bits)/!\
_______________________________________________________________

Les logiciels d''émulation de CD comme Daemon Tools peuvent gêner les outils de désinfection. Utilise Defogger pour les désactiver temporairement :

▶ Télécharge Defogger (de jpshortstuff) sur ton Bureau
▶ Lance le
▶ Une fenêtre apparait : clique sur "Disable"
▶ Fais redémarrer l''ordinateur si l''outil te le demande

Note : Quand nous aurons terminé la désinfection, tu pourras réactiver ces logiciels en relançant Defogger et en cliquant sur "Re-enable"
_______________________________________________________________

▶ /!\ IMPORTANT /!\
Désactive ton Antivirus, antispyware et Pare feu avant le scan avec Combofix :
https://forum.pcastuces.com/default.asp
https://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/
_______________________________________________________________

▶ Fais un clic droit sur le lien ci dessous, choisi "Enregistrer la cible du lien sous", comme destination : ton Bureau, change son nom (ton_pseudo.exe par exemple) :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

▶ Double-clique sur ComboFix.exe
Un "pop-up" va apparaître qui dit que ComboFix est utilisé à vos risques et avec aucune garantie... Clique sur oui pour accepter

▶ ▶ SI TU ES SOUS WINDOWS XP, SURTOUT INSTALLES LA CONSOLE DE RÉCUPÉRATION [Si tu travailles avec Vista ou seven ne tiens pas compte de cet avertissement]
▶ ▶ Ne touche à rien (souris, clavier) tant que le scan n''est pas terminé, car tu risques de planter ton PC

▶ En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.
▶ Une fois le scan achevé, un rapport va s''afficher : Poste son contenu
▶ ▶ /!\ Réactive la protection en temps réel de ton antivirus avant de te reconnecter à Internet. /!\

Notes:
-> Le rapport se trouve également là : C:\ComboFix.txt
-> tutoriel combofix

Réponse 28 / 92

leroilion010 Messages postés 60 Statut Membre

mais attend mec j'ai deja avira j'ai pas besoin de telecharger avg??? nan ??

Réponse 29 / 92

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

j ai pas dis d'installer avg ??

Si tu utilises AVG, IL FAUT IMPÉRATIVEMENT LE DÉSINSTALLER avant d''utiliser combofix [...]

zappe cette partie, ça concerne les utilisateurs d'avg , pas antivir !

Réponse 30 / 92

leroilion010 Messages postés 60 Statut Membre

donc je desactive aussi mon antivirus antispaware et mon pare feu ??

Réponse 31 / 92

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

ouaip.

de toute façon si tu laisse antivir tourner, combofix voudra pas se lancer, il va te dire qu'avira est actif et qu'il ne pourra pas bosser tranquillement.

Réponse 32 / 92

leroilion010 Messages postés 60 Statut Membre

ok
atte de suite donc

Réponse 33 / 92

leroilion010 Messages postés 60 Statut Membre

ComboFix 11-05-16.01 - Oren 16/05/2011 23:36:55.1.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2038.748 [GMT 2:00]
Lancé depuis: c:\users\Oren\Desktop\Oren010.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Oren\AppData\Local\Temp\ppcrlui_1956_2
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-16 au 2011-05-16 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-16 21:44 . 2011-05-16 21:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-16 20:35 . 2011-05-16 20:35 -------- d-----w- C:\Change
2011-05-16 20:11 . 2011-05-16 20:11 -------- d-----w- c:\program files\SEAF
2011-05-15 23:05 . 2011-05-15 23:05 -------- d-----w- c:\programdata\nlhd
2011-05-15 23:00 . 2011-05-15 23:00 -------- d-----w- c:\program files\Common Files\EPSON
2011-05-15 22:55 . 2011-05-15 22:53 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2011-05-15 22:55 . 2011-05-15 22:53 93696 ----a-w- c:\windows\system32\E_FLBGJE.DLL
2011-05-15 22:55 . 2011-05-15 22:53 63488 ----a-w- c:\windows\system32\E_FD4BGJE.DLL
2011-05-15 22:55 . 2011-05-15 23:00 -------- d-----w- c:\programdata\EPSON
2011-05-15 22:54 . 2009-11-19 22:00 341504 ----a-w- c:\windows\system32\esw2ud.dll
2011-05-15 22:54 . 2009-04-30 22:00 15872 ----a-w- c:\windows\system32\escdev.dll
2011-05-15 22:54 . 2009-04-30 22:00 128392 ----a-w- c:\windows\system32\esdevapp.exe
2011-05-15 22:54 . 2011-05-15 22:54 -------- d-----w- c:\program files\epson
2011-05-15 00:07 . 2011-05-15 00:07 0 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-15 00:02 . 2011-05-15 00:07 -------- d-----w- c:\program files\ZHPDiag
2011-05-14 22:13 . 2011-05-14 22:17 -------- d-----w- c:\program files\trend micro
2011-05-14 22:13 . 2011-05-14 22:17 -------- d-----w- C:\rsit
2011-05-14 21:31 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AF39E2BF-80CC-4DB2-81FC-00533BFC870C}\mpengine.dll
2011-05-10 21:57 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-10 21:55 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-09 15:53 . 2011-05-09 15:53 -------- d-----w- c:\program files\Windows Portable Devices
2011-05-09 15:24 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-05-09 15:24 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-05-09 15:24 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-05-09 15:23 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-05-09 15:23 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-05-09 15:23 . 2009-09-25 02:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-05-09 15:23 . 2009-09-25 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-05-09 15:23 . 2009-09-25 01:33 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-05-09 15:23 . 2009-09-25 01:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-05-09 15:23 . 2009-09-25 01:31 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-05-09 15:23 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2011-05-09 15:23 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2011-05-09 15:23 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2011-05-09 15:23 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2011-05-09 01:06 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-05-09 01:06 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-05-09 01:06 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-05-08 17:45 . 2011-01-20 16:08 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-08 17:45 . 2011-01-20 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-05-08 17:45 . 2011-01-20 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-05-08 17:45 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-05-08 17:45 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-05-08 17:45 . 2011-01-20 16:08 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-05-08 17:45 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-08 17:45 . 2011-01-20 16:08 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-08 17:45 . 2011-01-20 16:08 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-05-08 17:45 . 2011-01-20 14:28 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-05-08 17:45 . 2011-01-20 14:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-05-08 17:45 . 2011-01-20 14:11 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-05-08 17:43 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-08 17:43 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-08 17:06 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-04-24 17:48 . 2011-05-02 21:11 -------- d-----w- c:\users\Oren\AppData\Local\Apple Computer
2011-04-24 17:48 . 2011-04-24 17:51 -------- d-----w- c:\users\Oren\AppData\Roaming\Apple Computer
2011-04-24 17:48 . 2011-04-24 17:48 -------- dc----w- c:\windows\system32\DRVSTORE
2011-04-24 17:48 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-04-24 17:48 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-04-24 17:47 . 2011-05-14 21:14 -------- d-----w- c:\program files\iPod
2011-04-24 17:47 . 2011-04-24 17:48 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-04-24 17:47 . 2011-04-24 17:48 -------- d-----w- c:\program files\iTunes
2011-04-24 17:45 . 2011-04-24 17:46 -------- d-----w- c:\program files\QuickTime
2011-04-24 17:45 . 2011-04-24 17:47 -------- d-----w- c:\programdata\Apple Computer
2011-04-24 17:45 . 2011-04-24 17:45 -------- d-----w- c:\users\Oren\AppData\Local\Apple
2011-04-24 17:45 . 2011-04-24 17:45 -------- d-----w- c:\program files\Apple Software Update
2011-04-24 17:43 . 2011-04-24 17:43 -------- d-----w- c:\program files\Bonjour
2011-04-24 17:42 . 2011-04-27 19:39 -------- d-----w- c:\programdata\Apple
2011-04-24 17:42 . 2011-04-24 17:47 -------- d-----w- c:\program files\Common Files\Apple
2011-04-24 15:24 . 2011-04-24 15:31 -------- d-----w- c:\users\Oren\AppData\Local\Microsoft Games
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\ca-ES
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\eu-ES
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\vi-VN
2011-04-24 12:41 . 2011-04-24 12:41 -------- d-----w- c:\windows\system32\EventProviders
2011-04-21 10:12 . 2009-04-11 06:33 926184 ----a-w- c:\windows\system32\winresume.exe
2011-04-21 10:11 . 2009-04-11 06:28 47104 ----a-w- c:\windows\system32\wbem\WmiPerfInst.dll
2011-04-21 09:54 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-04-17 22:24 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-04-17 22:24 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-04-17 22:24 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-04-17 22:24 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-04-17 22:24 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-16 21:19 . 2011-03-24 23:58 44544 ----a-w- c:\windows\system32\agremove.exe
2011-04-12 15:49 . 2011-03-24 23:36 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 14:20 . 2011-04-06 14:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-03 15:40 . 2011-05-08 17:43 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-05-08 17:43 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-05-08 17:43 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-05-08 17:43 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-02-18 14:36 . 2011-02-18 14:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 14:36 . 2011-02-18 14:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2007-12-29 430080]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-25 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-25 129560]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"NDSTray.exe"="NDSTray.exe" [BU]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2006-12-06 366400]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-04-27 30192]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-01-25 716800]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2007-7-27 389120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\00
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-04-27 30192]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
S3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDART.sys [2008-02-01 187904]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
Voila le rapport !!!!

.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000Core.job
- c:\users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 23:27]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000UA.job
- c:\users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 23:27]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-16 23:44
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????????????X?[???[???[???[?
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Heure de fin: 2011-05-16 23:47:45
ComboFix-quarantined-files.txt 2011-05-16 21:47
.
Avant-CF: 70 887 227 392 octets libres
Après-CF: 71 036 252 160 octets libres
.
- - End Of File - - 4E907A9D18224BE1EEF31DBE3AC08B1E

Réponse 34 / 92

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

tiens télécharge et lance ça : http://www.archive-host.com

redémarre le pc

ava mieux? plus harcelé? ^^

Réponse 35 / 92

leroilion010 Messages postés 60 Statut Membre

dsl mec ca ne marche toujours pas!!

Réponse 36 / 92

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

▶ ▶ DÉSACTIVE TES PROTECTIONS DURANT LA PROCÉDURE

▶ ▶ SCRIPT PERSONNALISE A CET ORDINATEUR, NE PAS REPRODUIRE : DANGEREUX !!!!

▶ Créé un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :


SkipFix::

Registry::
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] 
"BootExecute"=- 

Reboot::

▶ Enregistre ce fichier sous le nom CFScript

▶ Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :http://i261.photobucket.com/albums/ii49/Malekal_morte/CFScript-2.gif

▶ Combofix se lance, laisse toi guider..

▶ Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c''est normal!
Ne touche à rien tant que le scan n''est pas terminé.
▶ Une fois le scan achevé, un rapport va s''afficher: poste son contenu, en précisant où en sont tes soucis

▶ Si le fichier ne s''ouvre pas, il se trouve ici > C:\ComboFix.txt

Réponse 37 / 92

leroilion010 Messages postés 60 Statut Membre

Voila le rapport!!!!

ComboFix 11-05-16.01 - Oren 17/05/2011 0:17.2.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2038.776 [GMT 2:00]
Lancé depuis: c:\users\Oren\Desktop\Oren010.exe
Commutateurs utilisés :: c:\users\Oren\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
- Mode FONCTIONNALITES REDUITES -
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Oren\AppData\Local\Temp\ppcrlui_4000_2
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-16 au 2011-05-16 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-16 22:19 . 2011-05-16 22:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-16 21:57 . 2011-05-16 21:57 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2011-05-16 21:57 . 2011-05-16 21:57 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2011-05-16 21:34 . 2011-05-16 21:47 -------- d-----w- C:\Oren010
2011-05-16 20:35 . 2011-05-16 20:35 -------- d-----w- C:\Change
2011-05-16 20:11 . 2011-05-16 20:11 -------- d-----w- c:\program files\SEAF
2011-05-15 23:05 . 2011-05-15 23:05 -------- d-----w- c:\programdata\nlhd
2011-05-15 23:00 . 2011-05-15 23:00 -------- d-----w- c:\program files\Common Files\EPSON
2011-05-15 22:55 . 2011-05-15 22:53 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2011-05-15 22:55 . 2011-05-15 22:53 93696 ----a-w- c:\windows\system32\E_FLBGJE.DLL
2011-05-15 22:55 . 2011-05-15 22:53 63488 ----a-w- c:\windows\system32\E_FD4BGJE.DLL
2011-05-15 22:55 . 2011-05-15 23:00 -------- d-----w- c:\programdata\EPSON
2011-05-15 22:54 . 2009-11-19 22:00 341504 ----a-w- c:\windows\system32\esw2ud.dll
2011-05-15 22:54 . 2009-04-30 22:00 15872 ----a-w- c:\windows\system32\escdev.dll
2011-05-15 22:54 . 2009-04-30 22:00 128392 ----a-w- c:\windows\system32\esdevapp.exe
2011-05-15 22:54 . 2011-05-15 22:54 -------- d-----w- c:\program files\epson
2011-05-15 00:07 . 2011-05-15 00:07 0 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-15 00:02 . 2011-05-15 00:07 -------- d-----w- c:\program files\ZHPDiag
2011-05-14 22:13 . 2011-05-14 22:17 -------- d-----w- c:\program files\trend micro
2011-05-14 22:13 . 2011-05-14 22:17 -------- d-----w- C:\rsit
2011-05-14 21:31 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AF39E2BF-80CC-4DB2-81FC-00533BFC870C}\mpengine.dll
2011-05-10 21:57 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-10 21:55 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-09 15:53 . 2011-05-09 15:53 -------- d-----w- c:\program files\Windows Portable Devices
2011-05-09 15:24 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-05-09 15:24 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-05-09 15:24 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-05-09 15:23 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-05-09 15:23 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-05-09 15:23 . 2009-09-25 02:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-05-09 15:23 . 2009-09-25 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-05-09 15:23 . 2009-09-25 01:33 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-05-09 15:23 . 2009-09-25 01:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-05-09 15:23 . 2009-09-25 01:31 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-05-09 15:23 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2011-05-09 15:23 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2011-05-09 15:23 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2011-05-09 15:23 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2011-05-09 01:06 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-05-09 01:06 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-05-09 01:06 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-05-08 17:45 . 2011-01-20 16:08 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-08 17:45 . 2011-01-20 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-05-08 17:45 . 2011-01-20 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-05-08 17:45 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-05-08 17:45 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-05-08 17:45 . 2011-01-20 16:08 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-05-08 17:45 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-08 17:45 . 2011-01-20 16:08 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-08 17:45 . 2011-01-20 16:08 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-05-08 17:45 . 2011-01-20 14:28 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-05-08 17:45 . 2011-01-20 14:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-05-08 17:45 . 2011-01-20 14:11 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-05-08 17:43 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-08 17:43 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-08 17:06 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-04-24 17:48 . 2011-05-02 21:11 -------- d-----w- c:\users\Oren\AppData\Local\Apple Computer
2011-04-24 17:48 . 2011-04-24 17:51 -------- d-----w- c:\users\Oren\AppData\Roaming\Apple Computer
2011-04-24 17:48 . 2011-04-24 17:48 -------- dc----w- c:\windows\system32\DRVSTORE
2011-04-24 17:48 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-04-24 17:48 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-04-24 17:47 . 2011-05-14 21:14 -------- d-----w- c:\program files\iPod
2011-04-24 17:47 . 2011-04-24 17:48 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-04-24 17:47 . 2011-04-24 17:48 -------- d-----w- c:\program files\iTunes
2011-04-24 17:45 . 2011-04-24 17:46 -------- d-----w- c:\program files\QuickTime
2011-04-24 17:45 . 2011-04-24 17:47 -------- d-----w- c:\programdata\Apple Computer
2011-04-24 17:45 . 2011-04-24 17:45 -------- d-----w- c:\users\Oren\AppData\Local\Apple
2011-04-24 17:45 . 2011-04-24 17:45 -------- d-----w- c:\program files\Apple Software Update
2011-04-24 17:43 . 2011-04-24 17:43 -------- d-----w- c:\program files\Bonjour
2011-04-24 17:42 . 2011-04-27 19:39 -------- d-----w- c:\programdata\Apple
2011-04-24 17:42 . 2011-04-24 17:47 -------- d-----w- c:\program files\Common Files\Apple
2011-04-24 15:24 . 2011-04-24 15:31 -------- d-----w- c:\users\Oren\AppData\Local\Microsoft Games
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\ca-ES
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\eu-ES
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\vi-VN
2011-04-24 12:41 . 2011-04-24 12:41 -------- d-----w- c:\windows\system32\EventProviders
2011-04-21 10:12 . 2009-04-11 06:33 926184 ----a-w- c:\windows\system32\winresume.exe
2011-04-21 10:11 . 2009-04-11 06:28 47104 ----a-w- c:\windows\system32\wbem\WmiPerfInst.dll
2011-04-21 09:54 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-04-17 22:24 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-04-17 22:24 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-04-17 22:24 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-04-17 22:24 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-04-17 22:24 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-16 21:19 . 2011-03-24 23:58 44544 ----a-w- c:\windows\system32\agremove.exe
2011-04-12 15:49 . 2011-03-24 23:36 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 14:20 . 2011-04-06 14:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-03 15:40 . 2011-05-08 17:43 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-05-08 17:43 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-05-08 17:43 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-05-08 17:43 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-02-18 14:36 . 2011-02-18 14:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 14:36 . 2011-02-18 14:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2007-12-29 430080]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-25 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-25 129560]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"NDSTray.exe"="NDSTray.exe" [BU]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2006-12-06 366400]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-04-27 30192]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-01-25 716800]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2007-7-27 389120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-04-27 30192]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
S3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDART.sys [2008-02-01 187904]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000Core.job
- c:\users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 23:27]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000UA.job
- c:\users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 23:27]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-17 00:21
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????????????X?[???[???[???[?
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(2700)
c:\program files\IDM\Desktop SMS\oehook.dll
c:\programdata\nlhd\nlhdshellext.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Toshiba\ConfigFree\NDSTray.exe
c:\windows\system32\igfxext.exe
c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
c:\program files\Toshiba\ConfigFree\CFSwMgr.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Windows Mail\WinMail.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Heure de fin: 2011-05-17 00:24:12 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-05-16 22:24
ComboFix2.txt 2011-05-16 21:47
.
Avant-CF: 73 428 574 208 octets libres
Après-CF: 73 299 386 368 octets libres
.
- - End Of File - - 589DCD95712761338DDDF1943E4BD38B

Réponse 38 / 92

juju666 Messages postés 35446 Date d'inscription Statut Contributeur sécurité Dernière intervention 4 796

Ah ben on a débloqué l infection ^^

▶ ▶ DÉSACTIVE TES PROTECTIONS DURANT LA PROCÉDURE

▶ ▶ SCRIPT PERSONNALISE A CET ORDINATEUR, NE PAS REPRODUIRE : DANGEREUX !!!!

▶ Créé un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

KillAll::

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] 

File::
c:\windows\system32\rpcnetp.dll     
c:\windows\system32\rpcnetp.exe     

Reboot::

Réponse 39 / 92

leroilion010 Messages postés 60 Statut Membre

ok a tt de suite!!

Réponse 40 / 92

leroilion010 Messages postés 60 Statut Membre

Voila le rapport chef!!

(ya toujours le mess qui s'affiche!!)

ComboFix 11-05-16.01 - Oren 17/05/2011 0:45.3.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2038.775 [GMT 2:00]
Lancé depuis: c:\users\Oren\Desktop\Oren010.exe
Commutateurs utilisés :: c:\users\Oren\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\rpcnetp.dll"
"c:\windows\system32\rpcnetp.exe"
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\rpcnetp.dll
c:\windows\system32\rpcnetp.exe
.
c:\windows\System32\autochk.exe . . . est infecté!!
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-16 au 2011-05-16 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-16 23:15 . 2011-05-16 23:20 -------- d-----w- c:\users\Oren\AppData\Local\temp
2011-05-16 23:15 . 2011-05-16 23:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-16 21:34 . 2011-05-16 21:47 -------- d-----w- C:\Oren010
2011-05-16 20:35 . 2011-05-16 20:35 -------- d-----w- C:\Change
2011-05-16 20:11 . 2011-05-16 20:11 -------- d-----w- c:\program files\SEAF
2011-05-15 23:05 . 2011-05-15 23:05 -------- d-----w- c:\programdata\nlhd
2011-05-15 23:00 . 2011-05-15 23:00 -------- d-----w- c:\program files\Common Files\EPSON
2011-05-15 22:55 . 2011-05-15 22:53 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2011-05-15 22:55 . 2011-05-15 22:53 93696 ----a-w- c:\windows\system32\E_FLBGJE.DLL
2011-05-15 22:55 . 2011-05-15 22:53 63488 ----a-w- c:\windows\system32\E_FD4BGJE.DLL
2011-05-15 22:55 . 2011-05-15 23:00 -------- d-----w- c:\programdata\EPSON
2011-05-15 22:54 . 2009-11-19 22:00 341504 ----a-w- c:\windows\system32\esw2ud.dll
2011-05-15 22:54 . 2009-04-30 22:00 15872 ----a-w- c:\windows\system32\escdev.dll
2011-05-15 22:54 . 2009-04-30 22:00 128392 ----a-w- c:\windows\system32\esdevapp.exe
2011-05-15 22:54 . 2011-05-15 22:54 -------- d-----w- c:\program files\epson
2011-05-15 00:07 . 2011-05-15 00:07 0 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-15 00:02 . 2011-05-15 00:07 -------- d-----w- c:\program files\ZHPDiag
2011-05-14 22:13 . 2011-05-14 22:17 -------- d-----w- c:\program files\trend micro
2011-05-14 22:13 . 2011-05-14 22:17 -------- d-----w- C:\rsit
2011-05-14 21:31 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AF39E2BF-80CC-4DB2-81FC-00533BFC870C}\mpengine.dll
2011-05-10 21:57 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-10 21:55 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-09 15:53 . 2011-05-09 15:53 -------- d-----w- c:\program files\Windows Portable Devices
2011-05-09 15:24 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-05-09 15:24 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-05-09 15:24 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-05-09 15:23 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-05-09 15:23 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-05-09 15:23 . 2009-09-25 02:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-05-09 15:23 . 2009-09-25 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-05-09 15:23 . 2009-09-25 01:33 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-05-09 15:23 . 2009-09-25 01:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-05-09 15:23 . 2009-09-25 01:31 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-05-09 15:23 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2011-05-09 15:23 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2011-05-09 15:23 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2011-05-09 15:23 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2011-05-09 01:06 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-05-09 01:06 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-05-09 01:06 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-05-08 17:45 . 2011-01-20 16:08 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-08 17:45 . 2011-01-20 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-05-08 17:45 . 2011-01-20 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-05-08 17:45 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-05-08 17:45 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-05-08 17:45 . 2011-01-20 16:08 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-05-08 17:45 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-08 17:45 . 2011-01-20 16:08 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-08 17:45 . 2011-01-20 16:08 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-05-08 17:45 . 2011-01-20 14:28 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-05-08 17:45 . 2011-01-20 14:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-05-08 17:45 . 2011-01-20 14:11 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-05-08 17:43 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-08 17:43 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-08 17:06 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-04-24 17:48 . 2011-05-02 21:11 -------- d-----w- c:\users\Oren\AppData\Local\Apple Computer
2011-04-24 17:48 . 2011-04-24 17:51 -------- d-----w- c:\users\Oren\AppData\Roaming\Apple Computer
2011-04-24 17:48 . 2011-04-24 17:48 -------- dc----w- c:\windows\system32\DRVSTORE
2011-04-24 17:48 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-04-24 17:48 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-04-24 17:47 . 2011-05-14 21:14 -------- d-----w- c:\program files\iPod
2011-04-24 17:47 . 2011-04-24 17:48 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-04-24 17:47 . 2011-04-24 17:48 -------- d-----w- c:\program files\iTunes
2011-04-24 17:45 . 2011-04-24 17:46 -------- d-----w- c:\program files\QuickTime
2011-04-24 17:45 . 2011-04-24 17:47 -------- d-----w- c:\programdata\Apple Computer
2011-04-24 17:45 . 2011-04-24 17:45 -------- d-----w- c:\users\Oren\AppData\Local\Apple
2011-04-24 17:45 . 2011-04-24 17:45 -------- d-----w- c:\program files\Apple Software Update
2011-04-24 17:43 . 2011-04-24 17:43 -------- d-----w- c:\program files\Bonjour
2011-04-24 17:42 . 2011-04-27 19:39 -------- d-----w- c:\programdata\Apple
2011-04-24 17:42 . 2011-04-24 17:47 -------- d-----w- c:\program files\Common Files\Apple
2011-04-24 15:24 . 2011-04-24 15:31 -------- d-----w- c:\users\Oren\AppData\Local\Microsoft Games
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\ca-ES
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\eu-ES
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\vi-VN
2011-04-24 12:41 . 2011-04-24 12:41 -------- d-----w- c:\windows\system32\EventProviders
2011-04-21 10:12 . 2009-04-11 06:33 926184 ----a-w- c:\windows\system32\winresume.exe
2011-04-21 10:11 . 2009-04-11 06:28 47104 ----a-w- c:\windows\system32\wbem\WmiPerfInst.dll
2011-04-21 09:54 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2011-04-17 22:24 . 2009-11-08 08:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-04-17 22:24 . 2009-11-08 08:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-04-17 22:24 . 2009-11-08 08:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-04-17 22:24 . 2009-11-08 08:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-04-17 22:24 . 2009-11-08 08:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-16 21:19 . 2011-03-24 23:58 44544 ----a-w- c:\windows\system32\agremove.exe
2011-04-12 15:49 . 2011-03-24 23:36 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 14:20 . 2011-04-06 14:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-03 15:40 . 2011-05-08 17:43 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-05-08 17:43 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-05-08 17:43 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-05-08 17:43 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-02-18 14:36 . 2011-02-18 14:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 14:36 . 2011-02-18 14:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2007-12-29 430080]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-25 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-25 129560]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"NDSTray.exe"="NDSTray.exe" [BU]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2006-12-06 366400]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-04-27 30192]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-01-25 716800]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2007-7-27 389120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-04-27 30192]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
S3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDART.sys [2008-02-01 187904]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000Core.job
- c:\users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 23:27]
.
2011-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000UA.job
- c:\users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 23:27]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-17 01:20
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????????????X?[???[???[???[?
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(2900)
c:\program files\IDM\Desktop SMS\oehook.dll
c:\programdata\nlhd\nlhdshellext.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\program files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\Toshiba\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\conime.exe
c:\program files\Toshiba\ConfigFree\NDSTray.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
c:\windows\system32\igfxext.exe
c:\program files\Windows Mail\WinMail.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Heure de fin: 2011-05-17 01:24:36 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-05-16 23:24
ComboFix2.txt 2011-05-16 22:24
ComboFix3.txt 2011-05-16 21:47
.
Avant-CF: 73 321 725 952 octets libres
Après-CF: 73 097 641 984 octets libres
.
- - End Of File - - A426F3CB0946F2E5BCD4D4D1FF143ADB

Discussions similaires

Chemin Logo du site de la Cité de l'espace

Winlogon.exe fichier endommagé chkdsk ????

92 réponses

Votre réponse

Discussions similaires

Newsletters