Sujet Précédent Sujet Suivant

Winlogon.exe fichier endommagé chkdsk ????

leroilion010 Messages postés 60 Statut Membre -  
leroilion010 Messages postés 60 Statut Membre -
Bonjour,

voila apres avoir fais maintes recherches sur internet, je n'arrive toujours a regler ce probleme
a chaque fois que je demarre mon ordi on me dit comme je le dis dans mon titre l'ordinateur m'affiche Winlogon.exe fichier endommagé ou illisible, exécuter l'utilitaire chkdsk.
Alors étant bête et discipliné je m'y exécute. Alors j'essaie plusieurs méthode que j'ai vu sur les forums , tel que chkdsk /f , chkdsk /r, chkdsk /f /r, chkdsk /f c: bref après marqué le "o" pour pouvoir l'exécuter au démarrage bien je redémarre rien n'y fait
y a t'il quelqu'un pour m'aider, je ne peux installer aucun programme comme Itunes ou IE9 ....
bref si il y quelqu'un qui pourrait m'aider je suis assez novice
je vous en joins plus un random/random, un HijackThis mais bon je ne comprend pas grand chose,
voila je vous remercie d'avance..

Logfile of random's system information tool 1.08 (written by random/random)
Run by Oren at 2011-05-15 00:13:21
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2
System drive C: has 64 GB (54%) free of 119 GB
Total RAM: 2038 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:17:25, on 15/05/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\program files\avira\antivir desktop\avcenter.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Oren\Downloads\RSIT.exe
C:\Program Files\trend micro\Oren.exe
C:\Users\Oren\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Users\Oren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

End of file - 24553 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-03-18 1164680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [2007-09-25 132496]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-01-25 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-01-25 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-01-25 129560]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2006-12-06 366400]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-04-27 30192]
"Desktop SMS"=C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-25 413696]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-01-25 716800]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-11-01 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-05-04 571024]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-02-04 281768]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2007-12-29 430080]
"Google Update"=C:\Users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-25 136176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-04-01 15145352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-09-13 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2011-05-15 00:13:22 ----D---- C:\Program Files\trend micro
2011-05-15 00:13:21 ----D---- C:\rsit
2011-05-10 23:55:13 ----A---- C:\Windows\system32\XpsPrint.dll
2011-05-10 06:37:47 ----D---- C:\Users\Oren\AppData\Roaming\Mozilla
2011-05-09 17:53:02 ----D---- C:\Program Files\Windows Portable Devices
2011-05-09 17:24:34 ----A---- C:\Windows\system32\UIAnimation.dll
2011-05-09 17:24:33 ----A---- C:\Windows\system32\UIRibbonRes.dll
2011-05-09 17:24:32 ----A---- C:\Windows\system32\UIRibbon.dll
2011-05-09 17:23:54 ----A---- C:\Windows\system32\WMPhoto.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\dxdiagn.dll
2011-05-09 17:23:53 ----A---- C:\Windows\system32\dxdiag.exe
2011-05-09 17:23:52 ----A---- C:\Windows\system32\d3d11.dll
2011-05-09 17:23:06 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2011-05-09 17:23:06 ----A---- C:\Windows\system32\wpdbusenum.dll
2011-05-09 17:23:06 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2011-05-09 17:23:00 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2011-05-09 17:22:59 ----A---- C:\Windows\system32\WpdConns.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\wpdshext.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\WpdMtpUS.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\wpd_ci.dll
2011-05-09 17:22:58 ----A---- C:\Windows\system32\drivers\WpdUsb.sys
2011-05-09 17:22:57 ----A---- C:\Windows\system32\WPDSp.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\WpdMtp.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2011-05-09 17:22:57 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2011-05-09 03:06:55 ----A---- C:\Windows\system32\oleaccrc.dll
2011-05-09 03:06:55 ----A---- C:\Windows\system32\oleacc.dll
2011-05-09 03:06:54 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-05-08 19:54:14 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-05-08 19:54:14 ----A---- C:\Windows\system32\MFH264Dec.dll
2011-05-08 19:54:14 ----A---- C:\Windows\system32\dxgi.dll
2011-05-08 19:54:13 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-05-08 19:54:13 ----A---- C:\Windows\system32\mfmp4src.dll
2011-05-08 19:54:13 ----A---- C:\Windows\system32\MFHEAACdec.dll
2011-05-08 19:54:13 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-05-08 19:54:12 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2011-05-08 19:54:12 ----A---- C:\Windows\system32\mf.dll
2011-05-08 19:54:12 ----A---- C:\Windows\system32\cdd.dll
2011-05-08 19:54:11 ----A---- C:\Windows\system32\stobject.dll
2011-05-08 19:54:11 ----A---- C:\Windows\system32\shdocvw.dll
2011-05-08 19:54:11 ----A---- C:\Windows\system32\mfplat.dll
2011-05-08 19:54:10 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2011-05-08 19:54:10 ----A---- C:\Windows\system32\mfps.dll
2011-05-08 19:45:50 ----A---- C:\Windows\system32\d3d10warp.dll
2011-05-08 19:45:50 ----A---- C:\Windows\system32\d3d10_1.dll
2011-05-08 19:45:50 ----A---- C:\Windows\system32\d2d1.dll
2011-05-08 19:45:49 ----A---- C:\Windows\system32\FntCache.dll
2011-05-08 19:45:49 ----A---- C:\Windows\system32\DWrite.dll
2011-05-08 19:45:49 ----A---- C:\Windows\system32\d3d10.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\xpsservices.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\OpcServices.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\d3d10level9.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\d3d10core.dll
2011-05-08 19:45:48 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-05-08 19:43:58 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2011-05-08 19:43:58 ----A---- C:\Windows\system32\Apphlpdm.dll
2011-05-08 19:06:51 ----A---- C:\Windows\system32\msshsq.dll
2011-04-24 19:48:38 ----D---- C:\Users\Oren\AppData\Roaming\Apple Computer
2011-04-24 19:48:07 ----DC---- C:\Windows\system32\DRVSTORE
2011-04-24 19:48:07 ----A---- C:\Windows\system32\GEARAspi.dll
2011-04-24 19:48:07 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-04-24 19:47:25 ----D---- C:\Program Files\iPod
2011-04-24 19:47:23 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-04-24 19:47:23 ----D---- C:\Program Files\iTunes
2011-04-24 19:45:47 ----D---- C:\Program Files\QuickTime
2011-04-24 19:45:45 ----D---- C:\ProgramData\Apple Computer
2011-04-24 19:45:07 ----D---- C:\Program Files\Apple Software Update
2011-04-24 19:43:12 ----D---- C:\Program Files\Bonjour
2011-04-24 19:42:42 ----D---- C:\ProgramData\Apple
2011-04-24 19:42:42 ----D---- C:\Program Files\Common Files\Apple
2011-04-24 16:40:12 ----D---- C:\Windows\system32\eu-ES
2011-04-24 16:40:12 ----D---- C:\Windows\system32\ca-ES
2011-04-24 16:40:09 ----D---- C:\Windows\system32\vi-VN
2011-04-24 14:41:42 ----D---- C:\Windows\system32\EventProviders
2011-04-21 12:13:56 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2011-04-21 12:13:53 ----A---- C:\Windows\system32\SLsvc.exe
2011-04-21 12:13:53 ----A---- C:\Windows\system32\SLCExt.dll
2011-04-21 12:13:51 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2011-04-21 12:13:51 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2011-04-21 12:13:50 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2011-04-21 12:13:48 ----A---- C:\Windows\system32\mssrch.dll
2011-04-21 12:13:46 ----A---- C:\Windows\system32\tquery.dll
2011-04-21 12:13:46 ----A---- C:\Windows\system32\drivers\spsys.sys
2011-04-21 12:13:45 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2011-04-21 12:13:44 ----A---- C:\Windows\system32\scavenge.dll
2011-04-21 12:13:44 ----A---- C:\Windows\system32\drivers\hdaudbus.sys
2011-04-21 12:13:43 ----A---- C:\Windows\system32\msi.dll
2011-04-21 12:13:42 ----A---- C:\Windows\system32\imapi2fs.dll
2011-04-21 12:13:41 ----A---- C:\Windows\system32\WscEapPr.dll
2011-04-21 12:13:41 ----A---- C:\Windows\system32\wcnwiz2.dll
2011-04-21 12:13:41 ----A---- C:\Windows\system32\sysmain.dll
2011-04-21 12:13:40 ----A---- C:\Windows\system32\icardagt.exe
2011-04-21 12:13:39 ----A---- C:\Windows\system32\EhStorShell.dll
2011-04-21 12:13:39 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2011-04-21 12:13:38 ----A---- C:\Windows\system32\spreview.exe
2011-04-21 12:13:38 ----A---- C:\Windows\system32\spinstall.exe
2011-04-21 12:13:38 ----A---- C:\Windows\system32\drmv2clt.dll
2011-04-21 12:13:37 ----A---- C:\Windows\system32\spwizui.dll
2011-04-21 12:13:37 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2011-04-21 12:13:36 ----A---- C:\Windows\system32\p2psvc.dll
2011-04-21 12:13:35 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-04-21 12:13:35 ----A---- C:\Windows\system32\mssvp.dll
2011-04-21 12:13:34 ----A---- C:\Windows\system32\mssphtb.dll
2011-04-21 12:13:34 ----A---- C:\Windows\system32\mssph.dll
2011-04-21 12:13:34 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2011-04-21 12:13:34 ----A---- C:\Windows\system32\imapi2.dll
2011-04-21 12:13:33 ----A---- C:\Windows\system32\sdohlp.dll
2011-04-21 12:13:32 ----A---- C:\Windows\system32\IMJP10K.DLL
2011-04-21 12:13:32 ----A---- C:\Windows\system32\esent.dll
2011-04-21 12:13:31 ----A---- C:\Windows\system32\DevicePairing.dll
2011-04-21 12:13:30 ----A---- C:\Windows\system32\wevtsvc.dll
2011-04-21 12:13:30 ----A---- C:\Windows\system32\sperror.dll
2011-04-21 12:13:30 ----A---- C:\Windows\system32\korwbrkr.dll
2011-04-21 12:13:29 ----A---- C:\Windows\system32\SLC.dll
2011-04-21 12:13:29 ----A---- C:\Windows\system32\IasMigReader.exe
2011-04-21 12:13:27 ----A---- C:\Windows\system32\msjet40.dll
2011-04-21 12:13:27 ----A---- C:\Windows\system32\MPSSVC.dll
2011-04-21 12:13:26 ----A---- C:\Windows\system32\Query.dll
2011-04-21 12:13:26 ----A---- C:\Windows\system32\qmgr.dll
2011-04-21 12:13:25 ----A---- C:\Windows\system32\msexch40.dll
2011-04-21 12:13:25 ----A---- C:\Windows\system32\diagperf.dll
2011-04-21 12:13:24 ----A---- C:\Windows\system32\P2PGraph.dll
2011-04-21 12:13:23 ----A---- C:\Windows\system32\winload.exe
2011-04-21 12:13:23 ----A---- C:\Windows\system32\srchadmin.dll
2011-04-21 12:13:23 ----A---- C:\Windows\system32\mblctr.exe
2011-04-21 12:13:22 ----A---- C:\Windows\system32\uDWM.dll
2011-04-21 12:13:22 ----A---- C:\Windows\system32\riched20.dll
2011-04-21 12:13:22 ----A---- C:\Windows\system32\mmc.exe
2011-04-21 12:13:22 ----A---- C:\Windows\system32\IasMigPlugin.dll
2011-04-21 12:13:22 ----A---- C:\Windows\system32\dfsr.exe
2011-04-21 12:13:21 ----A---- C:\Windows\system32\RacEngn.dll
2011-04-21 12:13:21 ----A---- C:\Windows\system32\fdBth.dll
2011-04-21 12:13:20 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-04-21 12:13:20 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-04-21 12:13:20 ----A---- C:\Windows\system32\milcore.dll
2011-04-21 12:13:20 ----A---- C:\Windows\system32\kernel32.dll
2011-04-21 12:13:19 ----A---- C:\Windows\system32\spoolss.dll
2011-04-21 12:13:19 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2011-04-21 12:13:19 ----A---- C:\Windows\system32\EhStorAPI.dll
2011-04-21 12:13:19 ----A---- C:\Windows\system32\CertEnroll.dll
2011-04-21 12:13:18 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2011-04-21 12:13:17 ----A---- C:\Windows\system32\msvcp60.dll
2011-04-21 12:13:17 ----A---- C:\Windows\system32\msjtes40.dll
2011-04-21 12:13:17 ----A---- C:\Windows\system32\infocardapi.dll
2011-04-21 12:13:17 ----A---- C:\Windows\system32\gpedit.dll
2011-04-21 12:13:16 ----A---- C:\Windows\system32\WinSAT.exe
2011-04-21 12:13:16 ----A---- C:\Windows\system32\PresentationSettings.exe
2011-04-21 12:13:16 ----A---- C:\Windows\system32\es.dll
2011-04-21 12:13:15 ----A---- C:\Windows\system32\mstext40.dll
2011-04-21 12:13:15 ----A---- C:\Windows\system32\Magnify.exe
2011-04-21 12:13:15 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-04-21 12:13:15 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2011-04-21 12:13:15 ----A---- C:\Windows\system32\advapi32.dll
2011-04-21 12:13:14 ----A---- C:\Windows\system32\WebClnt.dll
2011-04-21 12:13:14 ----A---- C:\Windows\system32\slwmi.dll
2011-04-21 12:13:14 ----A---- C:\Windows\system32\msexcl40.dll
2011-04-21 12:13:13 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2011-04-21 12:13:13 ----A---- C:\Windows\system32\msxbde40.dll
2011-04-21 12:13:13 ----A---- C:\Windows\system32\comsvcs.dll
2011-04-21 12:13:12 ----A---- C:\Windows\system32\vssapi.dll
2011-04-21 12:13:12 ----A---- C:\Windows\system32\authui.dll
2011-04-21 12:13:11 ----A---- C:\Windows\system32\propsys.dll
2011-04-21 12:13:11 ----A---- C:\Windows\system32\newdev.dll
2011-04-21 12:13:11 ----A---- C:\Windows\system32\NetProjW.dll
2011-04-21 12:13:11 ----A---- C:\Windows\system32\msrepl40.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\rpcss.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\iasrecst.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\gpsvc.dll
2011-04-21 12:13:10 ----A---- C:\Windows\system32\eudcedit.exe
2011-04-21 12:13:10 ----A---- C:\Windows\system32\crypt32.dll
2011-04-21 12:13:10 ----A---- C:\Windows\explorer.exe
2011-04-21 12:13:09 ----A---- C:\Windows\system32\setupapi.dll
2011-04-21 12:13:09 ----A---- C:\Windows\system32\mspbde40.dll
2011-04-21 12:13:09 ----A---- C:\Windows\system32\d3d9.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\msrd3x40.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\msltus40.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\msdtctm.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\EhStorAuthn.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\davclnt.dll
2011-04-21 12:13:08 ----A---- C:\Windows\system32\browseui.dll
2011-04-21 12:13:07 ----A---- C:\Windows\system32\wevtapi.dll
2011-04-21 12:13:07 ----A---- C:\Windows\system32\user32.dll
2011-04-21 12:13:07 ----A---- C:\Windows\system32\photowiz.dll
2011-04-21 12:13:07 ----A---- C:\Windows\system32\nlhtml.dll
2011-04-21 12:13:06 ----A---- C:\Windows\system32\samsrv.dll
2011-04-21 12:13:06 ----A---- C:\Windows\system32\ci.dll
2011-04-21 12:13:05 ----A---- C:\Windows\system32\win32spl.dll
2011-04-21 12:13:05 ----A---- C:\Windows\system32\WcnNetsh.dll
2011-04-21 12:13:05 ----A---- C:\Windows\system32\SLCommDlg.dll
2011-04-21 12:13:05 ----A---- C:\Windows\system32\oleaut32.dll
2011-04-21 12:13:04 ----A---- C:\Windows\system32\netshell.dll
2011-04-21 12:13:04 ----A---- C:\Windows\system32\IKEEXT.DLL
2011-04-21 12:13:04 ----A---- C:\Windows\system32\compcln.exe
2011-04-21 12:13:03 ----A---- C:\Windows\system32\xmlfilter.dll
2011-04-21 12:13:03 ----A---- C:\Windows\system32\mswstr10.dll
2011-04-21 12:13:03 ----A---- C:\Windows\system32\emdmgmt.dll
2011-04-21 12:13:03 ----A---- C:\Windows\system32\drivers\rdbss.sys
2011-04-21 12:13:03 ----A---- C:\Windows\system32\audiosrv.dll
2011-04-21 12:13:03 ----A---- C:\Windows\system32\apds.dll
2011-04-21 12:13:02 ----A---- C:\Windows\system32\msvcrt.dll
2011-04-21 12:13:02 ----A---- C:\Windows\system32\msctf.dll
2011-04-21 12:13:02 ----A---- C:\Windows\system32\gdi32.dll
2011-04-21 12:13:02 ----A---- C:\Windows\system32\drivers\netio.sys
2011-04-21 12:13:02 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2011-04-21 12:13:01 ----A---- C:\Windows\system32\VSSVC.exe
2011-04-21 12:13:01 ----A---- C:\Windows\system32\SLUI.exe
2011-04-21 12:13:01 ----A---- C:\Windows\system32\QAGENTRT.DLL
2011-04-21 12:13:01 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\sqlsrv32.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\propdefs.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\msrd2x40.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\eapphost.dll
2011-04-21 12:13:00 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-04-21 12:12:59 ----A---- C:\Windows\system32\winresume.exe
2011-04-21 12:12:58 ----A---- C:\Windows\system32\wevtutil.exe
2011-04-21 12:12:58 ----A---- C:\Windows\system32\mssitlb.dll
2011-04-21 12:12:58 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-04-21 12:12:58 ----A---- C:\Windows\system32\dbgeng.dll
2011-04-21 12:12:57 ----A---- C:\Windows\system32\swprv.dll
2011-04-21 12:12:57 ----A---- C:\Windows\system32\mmcndmgr.dll
2011-04-21 12:12:56 ----A---- C:\Windows\system32\vds.exe
2011-04-21 12:12:55 ----A---- C:\Windows\system32\netlogon.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\msscb.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\msctfp.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\fdBthProxy.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\drvinst.exe
2011-04-21 12:12:55 ----A---- C:\Windows\system32\devmgr.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2011-04-21 12:12:55 ----A---- C:\Windows\system32\BFE.DLL
2011-04-21 12:12:55 ----A---- C:\Windows\system32\autochk.exe
2011-04-21 12:12:55 ----A---- C:\Windows\system32\adsldpc.dll
2011-04-21 12:12:54 ----A---- C:\Windows\system32\WMVSDECD.DLL
2011-04-21 12:12:54 ----A---- C:\Windows\system32\Wldap32.dll
2011-04-21 12:12:54 ----A---- C:\Windows\system32\wcnwiz.dll
2011-04-21 12:12:54 ----A---- C:\Windows\system32\evr.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\wercon.exe
2011-04-21 12:12:53 ----A---- C:\Windows\system32\wcncsvc.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\services.exe
2011-04-21 12:12:53 ----A---- C:\Windows\system32\mimefilt.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\iertutil.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2011-04-21 12:12:53 ----A---- C:\Windows\system32\comdlg32.dll
2011-04-21 12:12:53 ----A---- C:\Windows\system32\adtschema.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\reg.exe
2011-04-21 12:12:52 ----A---- C:\Windows\system32\mswdat10.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\msjter40.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\msdtcprx.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\ipsmsnap.dll
2011-04-21 12:12:52 ----A---- C:\Windows\system32\certcli.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\WMNetMgr.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\w32time.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\rtffilt.dll
2011-04-21 12:12:51 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-04-21 12:12:51 ----A---- C:\Windows\system32\certutil.exe
2011-04-21 12:12:50 ----A---- C:\Windows\system32\msshooks.dll
2011-04-21 12:12:50 ----A---- C:\Windows\system32\IPSECSVC.DLL
2011-04-21 12:12:50 ----A---- C:\Windows\system32\bcrypt.dll
2011-04-21 12:12:49 ----A---- C:\Windows\system32\rsaenh.dll
2011-04-21 12:12:49 ----A---- C:\Windows\system32\msscntrs.dll
2011-04-21 12:12:49 ----A---- C:\Windows\system32\msihnd.dll
2011-04-21 12:12:49 ----A---- C:\Windows\system32\drivers\ndis.sys
2011-04-21 12:12:49 ----A---- C:\Windows\system32\bthserv.dll
2011-04-21 12:12:48 ----A---- C:\Windows\system32\TsWpfWrp.exe
2011-04-21 12:12:48 ----A---- C:\Windows\system32\msstrc.dll
2011-04-21 12:12:48 ----A---- C:\Windows\system32\MMDevAPI.dll
2011-04-21 12:12:46 ----A---- C:\Windows\system32\netapi32.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\mtxclu.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\inetpp.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\hidserv.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\fundisc.dll
2011-04-21 12:12:45 ----A---- C:\Windows\system32\cryptsvc.dll
2011-04-21 12:12:44 ----A---- C:\Windows\system32\termsrv.dll
2011-04-21 12:12:44 ----A---- C:\Windows\system32\profsvc.dll
2011-04-21 12:12:44 ----A---- C:\Windows\system32\mscories.dll
2011-04-21 12:12:44 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2011-04-21 12:12:42 ----A---- C:\Windows\system32\msiexec.exe
2011-04-21 12:12:42 ----A---- C:\Windows\system32\imapi.dll
2011-04-21 12:12:41 ----A---- C:\Windows\system32\wdc.dll
2011-04-21 12:12:41 ----A---- C:\Windows\system32\drivers\pci.sys
2011-04-21 12:12:41 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2011-04-21 12:12:41 ----A---- C:\Windows\system32\chsbrkr.dll
2011-04-21 12:12:40 ----A---- C:\Windows\system32\rasmans.dll
2011-04-21 12:12:40 ----A---- C:\Windows\system32\pnidui.dll
2011-04-21 12:12:40 ----A---- C:\Windows\system32\iassdo.dll
2011-04-21 12:12:39 ----A---- C:\Windows\system32\wersvc.dll
2011-04-21 12:12:39 ----A---- C:\Windows\system32\scrrun.dll
2011-04-21 12:12:39 ----A---- C:\Windows\system32\PSHED.DLL
2011-04-21 12:12:39 ----A---- C:\Windows\system32\icardres.dll
2011-04-21 12:12:39 ----A---- C:\Windows\system32\drivers\termdd.sys
2011-04-21 12:12:39 ----A---- C:\Windows\system32\drivers\crashdmp.sys
2011-04-21 12:12:39 ----A---- C:\Windows\system32\drivers\acpi.sys
2011-04-21 12:12:39 ----A---- C:\Windows\system32\autofmt.exe
2011-04-21 12:12:38 ----A---- C:\Windows\system32\slmgr.vbs
2011-04-21 12:12:38 ----A---- C:\Windows\system32\pdh.dll
2011-04-21 12:12:38 ----A---- C:\Windows\system32\drivers\Storport.sys
2011-04-21 12:12:38 ----A---- C:\Windows\system32\drivers\ataport.sys
2011-04-21 12:12:38 ----A---- C:\Windows\system32\dhcpcsvc.dll
2011-04-21 12:12:38 ----A---- C:\Windows\system32\clfs.sys
2011-04-21 12:12:38 ----A---- C:\Windows\system32\CertEnrollUI.dll
2011-04-21 12:12:38 ----A---- C:\Windows\system32\azroles.dll
2011-04-21 12:12:37 ----A---- C:\Windows\system32\winlogon.exe
2011-04-21 12:12:37 ----A---- C:\Windows\system32\SyncCenter.dll
2011-04-21 12:12:37 ----A---- C:\Windows\system32\pidgenx.dll
2011-04-21 12:12:37 ----A---- C:\Windows\system32\drivers\partmgr.sys
2011-04-21 12:12:36 ----A---- C:\Windows\system32\SLUINotify.dll
2011-04-21 12:12:36 ----A---- C:\Windows\system32\msjetoledb40.dll
2011-04-21 12:12:36 ----A---- C:\Windows\system32\drivers\mup.sys
2011-04-21 12:12:36 ----A---- C:\Windows\system32\comuid.dll
2011-04-21 12:12:36 ----A---- C:\Windows\system32\certmgr.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\wisptis.exe
2011-04-21 12:12:35 ----A---- C:\Windows\system32\untfs.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\spp.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\sethc.exe
2011-04-21 12:12:35 ----A---- C:\Windows\system32\scrobj.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\ncrypt.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\kd1394.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\iassam.dll
2011-04-21 12:12:35 ----A---- C:\Windows\system32\dwm.exe
2011-04-21 12:12:35 ----A---- C:\Windows\system32\drivers\disk.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\printui.dll
2011-04-21 12:12:34 ----A---- C:\Windows\system32\iasnap.dll
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\volsnap.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\volmgrx.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\pciidex.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\msrpc.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\fltMgr.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\drivers\ecache.sys
2011-04-21 12:12:34 ----A---- C:\Windows\system32\autoconv.exe
2011-04-21 12:12:33 ----A---- C:\Windows\system32\wow32.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\winsrv.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\userenv.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\onex.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\kdcom.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\drivers\Dumpata.sys
2011-04-21 12:12:33 ----A---- C:\Windows\system32\cscript.exe
2011-04-21 12:12:33 ----A---- C:\Windows\system32\basecsp.dll
2011-04-21 12:12:33 ----A---- C:\Windows\system32\audiodg.exe
2011-04-21 12:12:32 ----A---- C:\Windows\system32\spcmsg.dll
2011-04-21 12:12:32 ----A---- C:\Windows\system32\osk.exe
2011-04-21 12:12:32 ----A---- C:\Windows\system32\mswsock.dll
2011-04-21 12:12:32 ----A---- C:\Windows\system32\kdusb.dll
2011-04-21 12:12:32 ----A---- C:\Windows\system32\drivers\atapi.sys
2011-04-21 12:12:31 ----A---- C:\Windows\system32\WinSCard.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\winmm.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\RelMon.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\rdpencom.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\msftedit.dll
2011-04-21 12:12:31 ----A---- C:\Windows\system32\drivers\netbt.sys
2011-04-21 12:12:30 ----A---- C:\Windows\system32\WerFaultSecure.exe
2011-04-21 12:12:30 ----A---- C:\Windows\system32\offfilt.dll
2011-04-21 12:12:29 ----A---- C:\Windows\system32\wsepno.dll
2011-04-21 12:12:29 ----A---- C:\Windows\system32\WerFault.exe
2011-04-21 12:12:29 ----A---- C:\Windows\system32\Utilman.exe
2011-04-21 12:12:29 ----A---- C:\Windows\system32\diskraid.exe
2011-04-21 12:12:28 ----A---- C:\Windows\system32\wiaservc.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\sysclass.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\SndVol.exe
2011-04-21 12:12:28 ----A---- C:\Windows\system32\prnntfy.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\msnetobj.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\mscms.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\mcmde.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\apphelp.dll
2011-04-21 12:12:28 ----A---- C:\Windows\system32\adsmsext.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\wscript.exe
2011-04-21 12:12:27 ----A---- C:\Windows\system32\ulib.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\odbccp32.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2011-04-21 12:12:27 ----A---- C:\Windows\system32\iasdatastore.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\dsound.dll
2011-04-21 12:12:27 ----A---- C:\Windows\system32\cryptui.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\wscntfy.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\rastapi.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\pnpsetup.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\ipsecsnp.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\fdProxy.dll
2011-04-21 12:12:26 ----A---- C:\Windows\system32\brcpl.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\wscsvc.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\WMVENCOD.DLL
2011-04-21 12:12:25 ----A---- C:\Windows\system32\wlangpui.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\vdsdyn.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\logman.exe
2011-04-21 12:12:25 ----A---- C:\Windows\system32\iashlpr.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\gpapi.dll
2011-04-21 12:12:25 ----A---- C:\Windows\system32\diskpart.exe
2011-04-21 12:12:24 ----A---- C:\Windows\system32\wusa.exe
2011-04-21 12:12:24 ----A---- C:\Windows\system32\regsvc.dll
2011-04-21 12:12:24 ----A---- C:\Windows\system32\rasapi32.dll
2011-04-21 12:12:24 ----A---- C:\Windows\system32\ntprint.dll
2011-04-21 12:12:24 ----A---- C:\Windows\system32\mscorier.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\zipfldr.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\wshext.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\wpccpl.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\webcheck.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\rasdlg.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\netcenter.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\iasrad.dll
2011-04-21 12:12:23 ----A---- C:\Windows\system32\findstr.exe
2011-04-21 12:12:22 ----A---- C:\Windows\system32\wsnmp32.dll
2011-04-21 12:12:22 ----A---- C:\Windows\system32\wer.dll
2011-04-21 12:12:22 ----A---- C:\Windows\system32\themecpl.dll
2011-04-21 12:12:22 ----A---- C:\Windows\system32\iassvcs.dll
2011-04-21 12:12:22 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-04-21 12:12:21 ----A---- C:\Windows\system32\uxsms.dll
2011-04-21 12:12:21 ----A---- C:\Windows\system32\mssprxy.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\slcc.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\scansetting.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\powrprof.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\ntmarta.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\msutb.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\mstlsapi.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\iasads.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\iasacct.dll
2011-04-21 12:12:20 ----A---- C:\Windows\system32\drivers\ks.sys
2011-04-21 12:12:19 ----A---- C:\Windows\system32\powercpl.dll
2011-04-21 12:12:19 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2011-04-21 12:12:19 ----A---- C:\Windows\system32\networkmap.dll
2011-04-21 12:12:19 ----A---- C:\Windows\system32\authz.dll
2011-04-21 12:12:18 ----A---- C:\Windows\system32\sud.dll
2011-04-21 12:12:18 ----A---- C:\Windows\system32\newdev.exe
2011-04-21 12:12:18 ----A---- C:\Windows\system32\dot3svc.dll
2011-04-21 12:12:18 ----A---- C:\Windows\system32\connect.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\themeui.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\systemcpl.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\samlib.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\pcaui.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\mmci.dll
2011-04-21 12:12:17 ----A---- C:\Windows\system32\drivers\sdbus.sys
2011-04-21 12:12:17 ----A---- C:\Windows\system32\accessibilitycpl.dll
2011-04-21 12:12:16 ----A---- C:\Windows\system32\wlanpref.dll
2011-04-21 12:12:16 ----A---- C:\Windows\system32\usercpl.dll
2011-04-21 12:12:16 ----A---- C:\Windows\system32\rpchttp.dll
A voir également:

92 réponses

Précédent
Réponse 61 / 92
leroilion010 Messages postés 60 Statut Membre
 
je fais le message que tu m'as envoyé en dernier "on va s'y prendre autrement"???
0
Réponse 62 / 92
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
oui
0
Réponse 63 / 92
leroilion010 Messages postés 60 Statut Membre
 
aussi avant tout il y a marqué le systeme est infecté , attepting to restore "c:/.......autocheck.exe"
0
Réponse 64 / 92
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
oui combofix essaye de remplacer autochck mais il y arrivera pas, c est déjà la 5eme exécution sans mieux !!!

fais ce que j'ai demandé stp
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 92
Utilisateur anonyme
 
salut pour avancer JUJU666 :

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

clique sur "Parcourir" et trouve puis selectionne ce(s) fichier(s) :

c:\windows\system32\agremove.exe

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée colle le lien de(s)( la) page(s) dans ta prochaine réponse.
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
merci gen :)

vais avoir autochck pour analyse on y verra plus clair :p
0
Réponse 66 / 92
Utilisateur anonyme
 
je pense pas qu'autochk y soit pour quelque chose
0
Réponse 67 / 92
leroilion010 Messages postés 60 Statut Membre
 
voial j'ai tout fais
mais quand jdois compressé system32 il me dit fichier ou lecture non autorisé!!
0
Réponse 68 / 92
leroilion010 Messages postés 60 Statut Membre
 
jtenvoie aussi le rap

ComboFix 11-05-16.01 - Oren 18/05/2011 23:05:44.7.2 - x86
Microsoft® Windows Vista(TM) Édition Familiale Premium 6.0.6002.2.1252.33.1036.18.2038.824 [GMT 2:00]
Lancé depuis: c:\users\Oren\Desktop\Oren010.exe
Commutateurs utilisés :: c:\users\Oren\Desktop\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
- Mode FONCTIONNALITES REDUITES -
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\System32\autochk.exe . . . est infecté!!
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-04-18 au 2011-05-18 ))))))))))))))))))))))))))))))))))))
.
.
2011-05-18 21:40 . 2011-05-18 21:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-17 21:54 . 2011-05-17 21:54 -------- d-----w- c:\users\Oren\DoctorWeb
2011-05-17 16:15 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CBD41541-5821-4D8E-8DC8-117593BE87BE}\mpengine.dll
2011-05-16 23:15 . 2011-05-18 21:42 -------- d-----w- c:\users\Oren\AppData\Local\temp
2011-05-16 21:34 . 2011-05-16 21:47 -------- d-----w- C:\Oren010
2011-05-16 20:35 . 2011-05-17 19:24 -------- d-----w- C:\Change
2011-05-16 20:11 . 2011-05-16 20:11 -------- d-----w- c:\program files\SEAF
2011-05-15 23:05 . 2011-05-15 23:05 -------- d-----w- c:\programdata\nlhd
2011-05-15 23:00 . 2011-05-15 23:00 -------- d-----w- c:\program files\Common Files\EPSON
2011-05-15 22:55 . 2011-05-15 22:53 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2011-05-15 22:55 . 2011-05-15 22:53 93696 ----a-w- c:\windows\system32\E_FLBGJE.DLL
2011-05-15 22:55 . 2011-05-15 22:53 63488 ----a-w- c:\windows\system32\E_FD4BGJE.DLL
2011-05-15 22:55 . 2011-05-15 23:00 -------- d-----w- c:\programdata\EPSON
2011-05-15 22:54 . 2009-11-19 22:00 341504 ----a-w- c:\windows\system32\esw2ud.dll
2011-05-15 22:54 . 2009-04-30 22:00 15872 ----a-w- c:\windows\system32\escdev.dll
2011-05-15 22:54 . 2009-04-30 22:00 128392 ----a-w- c:\windows\system32\esdevapp.exe
2011-05-15 22:54 . 2011-05-15 22:54 -------- d-----w- c:\program files\epson
2011-05-15 00:07 . 2011-05-15 00:07 0 ----a-w- C:\PhysicalDisk0_MBR.bin
2011-05-15 00:02 . 2011-05-15 00:07 -------- d-----w- c:\program files\ZHPDiag
2011-05-14 22:13 . 2011-05-14 22:17 -------- d-----w- c:\program files\trend micro
2011-05-14 22:13 . 2011-05-14 22:17 -------- d-----w- C:\rsit
2011-05-10 21:57 . 2011-04-07 12:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2011-05-10 21:55 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-05-09 15:53 . 2011-05-09 15:53 -------- d-----w- c:\program files\Windows Portable Devices
2011-05-09 15:24 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2011-05-09 15:24 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2011-05-09 15:24 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2011-05-09 15:23 . 2009-09-25 01:33 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-05-09 15:23 . 2009-09-25 02:10 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-05-09 15:23 . 2009-09-25 02:07 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-05-09 15:23 . 2009-09-25 02:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-05-09 15:23 . 2009-09-25 01:33 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-05-09 15:23 . 2009-09-25 01:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-05-09 15:23 . 2009-09-25 01:31 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-05-09 15:23 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2011-05-09 15:23 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2011-05-09 15:23 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2011-05-09 15:23 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2011-05-09 01:06 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2011-05-09 01:06 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2011-05-09 01:06 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2011-05-08 17:45 . 2011-01-20 16:08 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-05-08 17:45 . 2011-01-20 14:12 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-05-08 17:45 . 2011-01-20 13:47 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-05-08 17:45 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-05-08 17:45 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-05-08 17:45 . 2011-01-20 16:08 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-05-08 17:45 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-05-08 17:45 . 2011-01-20 16:08 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-05-08 17:45 . 2011-01-20 16:08 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-05-08 17:45 . 2011-01-20 14:28 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-05-08 17:45 . 2011-01-20 14:25 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-05-08 17:45 . 2011-01-20 14:11 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-05-08 17:43 . 2011-03-03 15:40 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2011-05-08 17:43 . 2011-03-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2011-05-08 17:06 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2011-04-24 17:48 . 2011-05-02 21:11 -------- d-----w- c:\users\Oren\AppData\Local\Apple Computer
2011-04-24 17:48 . 2011-04-24 17:51 -------- d-----w- c:\users\Oren\AppData\Roaming\Apple Computer
2011-04-24 17:48 . 2011-04-24 17:48 -------- dc----w- c:\windows\system32\DRVSTORE
2011-04-24 17:48 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-04-24 17:48 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-04-24 17:47 . 2011-05-14 21:14 -------- d-----w- c:\program files\iPod
2011-04-24 17:47 . 2011-04-24 17:48 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-04-24 17:47 . 2011-04-24 17:48 -------- d-----w- c:\program files\iTunes
2011-04-24 17:45 . 2011-04-24 17:46 -------- d-----w- c:\program files\QuickTime
2011-04-24 17:45 . 2011-04-24 17:47 -------- d-----w- c:\programdata\Apple Computer
2011-04-24 17:45 . 2011-04-24 17:45 -------- d-----w- c:\users\Oren\AppData\Local\Apple
2011-04-24 17:45 . 2011-04-24 17:45 -------- d-----w- c:\program files\Apple Software Update
2011-04-24 17:43 . 2011-04-24 17:43 -------- d-----w- c:\program files\Bonjour
2011-04-24 17:42 . 2011-04-27 19:39 -------- d-----w- c:\programdata\Apple
2011-04-24 17:42 . 2011-04-24 17:47 -------- d-----w- c:\program files\Common Files\Apple
2011-04-24 15:24 . 2011-04-24 15:31 -------- d-----w- c:\users\Oren\AppData\Local\Microsoft Games
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\ca-ES
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\eu-ES
2011-04-24 14:40 . 2011-04-24 14:41 -------- d-----w- c:\windows\system32\vi-VN
2011-04-24 12:41 . 2011-04-24 12:41 -------- d-----w- c:\windows\system32\EventProviders
2011-04-21 10:12 . 2009-04-11 06:33 926184 ----a-w- c:\windows\system32\winresume.exe
2011-04-21 10:11 . 2009-04-11 06:28 47104 ----a-w- c:\windows\system32\wbem\WmiPerfInst.dll
2011-04-21 09:54 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-16 21:19 . 2011-03-24 23:58 44544 ----a-w- c:\windows\system32\agremove.exe
2011-04-12 15:49 . 2011-03-24 23:36 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2011-04-06 14:20 . 2011-04-06 14:20 197920 ----a-w- c:\windows\system32\dnssdX.dll
2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-03-03 15:40 . 2011-05-08 17:43 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2011-03-03 15:40 . 2011-05-08 17:43 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2011-03-03 15:40 . 2011-05-08 17:43 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2011-03-03 15:40 . 2011-05-08 17:43 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2011-02-18 14:36 . 2011-02-18 14:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 14:36 . 2011-02-18 14:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2007-12-29 430080]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-25 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-25 129560]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"NDSTray.exe"="NDSTray.exe" [BU]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2006-12-06 366400]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2011-04-27 30192]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-06-18 1507328]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"HDMICtrlMan"="c:\program files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe" [2008-01-25 716800]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-02-04 281768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\Toshiba\TRDCReminder\TRDCReminder.exe [2007-7-27 389120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2011-04-27 30192]
R3 WPFFontCache_v0400;Cache de police de Windows Presentation Foundation 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
S3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\system32\drivers\CHDART.sys [2008-02-01 187904]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]
S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contenu du dossier 'Tâches planifiées'
.
2011-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000Core.job
- c:\users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 23:27]
.
2011-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1785631965-124800873-3049275052-1000UA.job
- c:\users\Oren\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-24 23:27]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-18 23:41
Windows 6.0.6002 Service Pack 2 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i?????????????X?[???[???[???[?
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'Explorer.exe'(1996)
c:\program files\IDM\Desktop SMS\oehook.dll
.
Heure de fin: 2011-05-18 23:58:02
ComboFix-quarantined-files.txt 2011-05-18 21:57
ComboFix2.txt 2011-05-18 20:41
ComboFix3.txt 2011-05-17 20:19
ComboFix4.txt 2011-05-16 23:24
ComboFix5.txt 2011-05-18 21:04
.
Avant-CF: 70 533 468 160 octets libres
Après-CF: 70 512 996 352 octets libres
.
- - End Of File - - E1DF4D7E843B82FAC778314550A2D825
0
Réponse 69 / 92
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
fais un clic droit sur autochck > copier
colle le sur ton bureau

ensuite zippe le
0
Réponse 70 / 92
leroilion010 Messages postés 60 Statut Membre
 
https://www.cjoint.com/?AEtanqzNXpn

le voici!!
0
Réponse 71 / 92
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
bien reçu, merci

Télécharge Depatch_Me de gen hackman

Ouvre le. Dans le bloc note qui s ouvre colle ça :

"C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe" "c:\windoiws\system32\autochk.exe

Ferme le bloc note, accepte la modif et le pc va redémarrer.
0
Utilisateur anonyme
 
t'as oublié un guillemet ^^
0
Réponse 72 / 92
leroilion010 Messages postés 60 Statut Membre
 
voila c'est fait
en redémarrant ya toujours le meme message!!!

:s
0
Réponse 73 / 92
Utilisateur anonyme
 
re

le resultat de ca il est ou ?

https://forums.commentcamarche.net/forum/affich-22102084-winlogon-exe-fichier-endommage-chkdsk?page=4#82
0
Réponse 74 / 92
leroilion010 Messages postés 60 Statut Membre
 
jpensais te l'avoir envoyé!!!
le voila
dsl

http://www.virustotal.com/file-scan/report.html?id=cd1dc21c324eec7f73f935f41cc4901e48709f1dcf62f4ed421f4db9dc708acb-1305760241
0
Réponse 75 / 92
Utilisateur anonyme
 
prenons plus de precisions sur ce fichier

Télécharge SEAF.exe de C_XX

*Double clique sur SF.exe (Exécuter en tant qu'administrateur pour Vista/7) .

*Une fenêtre va s'ouvrir .

*Tape agremove.exe

dans cette fenêtre

confirme la recherche "aussi" dans le registre et [Entrée].

*Patiente pendant la recherche.

*Une fenêtre avec un log.txt va s'afficher.

*Copie/colle ce rapport dans ta prochaine réponse.
0
Réponse 76 / 92
leroilion010 Messages postés 60 Statut Membre
 
voila chef!

1. ========================= SEAF 1.0.1.0 - C_XX
2.
3. Commencé à: 01:28:54 le 19/05/2011
4.
5. Valeur(s) recherchée(s):
6. agremove.exe
7.
8. Légende: TC => Date de création, TM => Date de modification, DA => Dernier accès
9.
10. (!) --- Recherche registre
11.
12. ====== Fichier(s) ======
13.
14.
15. "C:\Windows\System32\agremove.exe" [ ARCHIVE | 45 Ko ]
16. TC: 25/03/2011,01:58:07 | TM: 16/05/2011,23:19:15 | DA: 25/03/2011,01:58:07
17.
18.
19. =========================
20.
21.
22.
23. ====== Entrée(s) du registre ======
24.
25. Aucun élément dans le registre trouvé
26.
27. =========================
28.
29. Fin à: 01:39:30 le 19/05/2011
30. 388563 Éléments analysés
31.
32. =========================
33. E.O.F
0
Réponse 77 / 92
Utilisateur anonyme
 
desinstalle internet download manager
0
Réponse 78 / 92
leroilion010 Messages postés 60 Statut Membre
 
jle trouve pas!!
0
Réponse 79 / 92
leroilion010 Messages postés 60 Statut Membre
 
comment je fais pour le desinstaller
jle trouve pas dans ajout et supressions des prog!!!
0
Réponse 80 / 92
Utilisateur anonyme
 
IDM ?
0

Discussions similaires

Chemin Logo du site de la Cité de l'espace
Keiios -
blux -

11 réponses