High-Tech Santé Médecine Droit-Finances

Auto-Entrepreneur

Comment faire ?

Rechercher : dans
Par :

Gen:Rootkit.Heur.4018E7A6A6

Dernière réponse le 2 jui 2009 à 20:54:16 titou57, le 30 jun 2009 à 13:17:43 
 Signaler ce message aux modérateurs

Bonjour,

Depuis quelques temps mon antivirus bitdefender affiche sans cesse une alerte:

"Bitdefender a bloqué plusieurs virus affectant votre ordinateur!
Nom du virus: Gen:Rootkit.Heur.4018E7A6A6
Emplacement: C:\Windows\System32\drivers\SKYNETvknexwcn.sys
L'accès au fichier a été refusé"

L'analyse antivirus ne montre pas de virus puisque celui ci est bloqué mais l'alerte s'affiche toutes les secondes!

Que puis je faire?

Merci beaucoup pour votre aide.

Configuration: Windows Vista
Firefox 3.0.11

Posez votre question Répondre

1

sKe69, le 30 jun 2009 à 13:18:55

Salut,


infection Tibs ... ^^



fais ceci pour commencer :

1- Télécharge et installe le logiciel HijackThis :

ici http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
ou ici http://www.trendsecure.com/portal/en-US/_download/HJTInstall­.exe
ou ici http://www.clubic.com/lancer-le-telechargement-51452-0-hijac­kthis.html

-->Clique sur le setup pour lancer l'installe : laisse toi guider et ne modifie pas les paramètres d'installation .
A la fin de l'installe , le prg se lance automatiquement : ferme le en cliquant sur la croix rouge .
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .

( ne lance pas ce prg pour l'instant et fais la suite ... )



2- Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


-> laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante ...
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum ...
( Et si "log.txt" seul, ne passe pas non plus , fais le en 2 fois ... merci ... )

( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
"Baby, I'm going on an airplane, And I don't know if I'll be back again"
IMPORTANT : ne vous croyez pas tiré d'affaire tant qu'on ne 
vous l'a pas dit !

   
Répondre à sKe69

2

titou57, le 30 jun 2009 à 13:32:38

Voila le log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Carole at 2009-06-30 13:29:15
WIN_VISTA Service Pack 1
System drive C: has 15 GB (26%) free of 57 GB
Total RAM: 1915 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:29:24, on 30/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Carole\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Carole.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: C:\Windows\system32\gsf83iujid.dll - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\Windows\system32\gsf83iujid.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-2283063892-3141148937-3368011838-1000\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [] C:\Windows\TEMP\sh7p3.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [] C:\Windows\TEMP\sh7p3.exe (User 'Default user')
O4 - S-1-5-21-2283063892-3141148937-3368011838-1000 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User '?')
O4 - S-1-5-21-2283063892-3141148937-3368011838-1000 Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User '?')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: reset5c - C:\Windows\SYSTEM32\reset5c.dll
O22 - SharedTaskScheduler: hs837hiudjgfo9s8gjio4gfd - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\Windows\system32\gsf83iujid.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
End of file - 9054 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-30 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2C7B2A1-00F3-42BD-F434-00AABA2C8952}]
C:\Windows\system32\gsf83iujid.dll - C:\Windows\system32\gsf83iujid.dll [2009-06-24 15000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2009-06-23 95536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-23 148888]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-04-24 103824]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-25 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-25 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-25 145944]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-08 6037504]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-06-24 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-05-09 716800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-06-23 778240]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2009-06-23 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-04-24 430080]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-08-13 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

C:\Users\Carole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
TRDCReminder.lnk - C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-12 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\reset5c]
C:\Windows\system32\reset5c.dll [2008-01-21 8704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
hs837hiudjgfo9s8gjio4gfd - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\Windows\system32\gsf83iujid.dll [2009-06-24 15000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54c25470-5ff1-11de-a40e-806e6f6e6963}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\index.html


======List of files/folders created in the last 2 months======

2009-06-30 13:29:15 ----D---- C:\rsit
2009-06-30 13:25:48 ----D---- C:\Program Files\Trend Micro
2009-06-30 12:38:07 ----A---- C:\TB.txt
2009-06-30 12:37:35 ----D---- C:\ToolBar SD
2009-06-27 11:05:56 ----D---- C:\Windows\Sun
2009-06-27 10:39:03 ----A---- C:\Windows\ntbtlog.txt
2009-06-26 22:20:25 ----D---- C:\Users\Carole\AppData\Roaming\WinRAR
2009-06-26 22:19:52 ----D---- C:\Program Files\WinRAR
2009-06-24 22:33:04 ----D---- C:\ProgramData\Azureus
2009-06-24 22:32:59 ----D---- C:\Users\Carole\AppData\Roaming\Azureus
2009-06-24 22:30:35 ----D---- C:\Program Files\Vuze
2009-06-24 09:05:15 ----A---- C:\Windows\system32\msshooks.dll
2009-06-24 09:05:15 ----A---- C:\Windows\system32\msscb.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\wsepno.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-24 09:05:13 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\propsys.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\propdefs.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\offfilt.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\msstrc.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\msshsq.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\tquery.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-24 09:05:12 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-24 09:05:12 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssvp.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssrch.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssph.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-24 09:04:10 ----A---- C:\Windows\system32\tzres.dll
2009-06-24 08:46:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-24 08:46:21 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-24 08:46:21 ----A---- C:\Windows\system32\icardagt.exe
2009-06-24 08:46:20 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-24 08:46:20 ----A---- C:\Windows\system32\icardres.dll
2009-06-24 08:46:19 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-24 08:46:18 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-24 08:42:16 ----A---- C:\Windows\system32\dfshim.dll
2009-06-24 08:42:14 ----A---- C:\Windows\system32\netfxperf.dll
2009-06-24 08:42:14 ----A---- C:\Windows\system32\mscoree.dll
2009-06-24 08:42:08 ----A---- C:\Windows\system32\mscorier.dll
2009-06-24 08:42:05 ----A---- C:\Windows\system32\mscories.dll
2009-06-24 08:35:53 ----A---- C:\Windows\system32\reset5c.dll
2009-06-24 08:35:53 ----A---- C:\Windows\system32\gsf83iujid.dll
2009-06-24 08:35:52 ----A---- C:\vicgfdbf.exe
2009-06-24 08:35:52 ----A---- C:\ksai.exe
2009-06-24 08:35:52 ----A---- C:\dekyu.exe
2009-06-24 08:35:51 ----A---- C:\lcwyjx.exe
2009-06-24 08:35:51 ----A---- C:\jwyuclmh.exe
2009-06-24 08:35:43 ----A---- C:\Windows\system32\samsvc.exe
2009-06-23 23:25:34 ----D---- C:\Program Files\Common Files\DivX Shared
2009-06-23 23:25:33 ----D---- C:\Program Files\DivX
2009-06-23 17:45:12 ----D---- C:\Users\Carole\AppData\Roaming\PlayFirst
2009-06-23 17:45:12 ----D---- C:\ProgramData\PlayFirst
2009-06-23 17:44:08 ----D---- C:\Users\Carole\AppData\Roaming\OpenOffice.org2
2009-06-23 17:34:57 ----A---- C:\Windows\system32\javaws.exe
2009-06-23 17:34:57 ----A---- C:\Windows\system32\javaw.exe
2009-06-23 17:34:57 ----A---- C:\Windows\system32\java.exe
2009-06-23 17:34:57 ----A---- C:\Windows\system32\deploytk.dll
2009-06-23 17:29:55 ----D---- C:\Program Files\OpenOffice.org 2.4
2009-06-23 16:44:35 ----D---- C:\Program Files\Diner Dash - Seasonal Snack Pack
2009-06-23 16:35:25 ----D---- C:\Program Files\Microsoft
2009-06-23 16:35:10 ----D---- C:\Program Files\Windows Live SkyDrive
2009-06-23 16:34:54 ----D---- C:\Program Files\Windows Live
2009-06-23 16:32:37 ----D---- C:\Program Files\Common Files\Windows Live
2009-06-23 16:31:22 ----D---- C:\Users\Carole\AppData\Roaming\Macromedia
2009-06-23 16:20:55 ----D---- C:\Users\Carole\AppData\Roaming\Mozilla
2009-06-23 16:19:34 ----D---- C:\Program Files\Mozilla Firefox
2009-06-23 15:43:56 ----D---- C:\Program Files\Aspyr
2009-06-23 15:35:16 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-23 15:35:15 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-06-23 15:35:06 ----A---- C:\Windows\system32\rpcss.dll
2009-06-23 15:35:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-23 15:35:05 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-23 15:35:04 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-23 15:35:04 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iashost.exe
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iasads.dll
2009-06-23 15:34:59 ----A---- C:\Windows\system32\xolehlp.dll
2009-06-23 15:34:59 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-23 15:34:11 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-23 15:34:09 ----A---- C:\Windows\system32\mf.dll
2009-06-23 15:34:08 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-23 15:34:08 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-23 15:34:08 ----A---- C:\Windows\system32\logagent.exe
2009-06-23 15:34:06 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-23 15:34:00 ----A---- C:\Windows\system32\mshtml.dll
2009-06-23 15:33:59 ----A---- C:\Windows\system32\urlmon.dll
2009-06-23 15:33:59 ----A---- C:\Windows\system32\ieframe.dll
2009-06-23 15:33:58 ----A---- C:\Windows\system32\wininet.dll
2009-06-23 15:33:58 ----A---- C:\Windows\system32\iertutil.dll
2009-06-23 15:33:58 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\occache.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\mstime.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\msfeeds.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\ieUnatt.exe
2009-06-23 15:33:57 ----A---- C:\Windows\system32\ieaksie.dll
2009-06-23 15:33:56 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-23 15:33:56 ----A---- C:\Windows\system32\ieencode.dll
2009-06-23 15:33:48 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-23 15:33:47 ----A---- C:\Windows\system32\kernel32.dll
2009-06-23 15:33:46 ----A---- C:\Windows\system32\secur32.dll
2009-06-23 15:33:46 ----A---- C:\Windows\system32\apilogen.dll
2009-06-23 15:33:46 ----A---- C:\Windows\system32\amxread.dll
2009-06-23 15:33:43 ----A---- C:\Windows\system32\wmp.dll
2009-06-23 15:33:41 ----A---- C:\Windows\system32\spwmp.dll
2009-06-23 15:33:41 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-23 15:33:40 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-23 15:33:39 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-23 15:33:38 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-23 15:33:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-23 15:33:35 ----A---- C:\Windows\system32\shell32.dll
2009-06-23 15:33:30 ----A---- C:\Windows\system32\msxml3.dll
2009-06-23 15:33:29 ----A---- C:\Windows\system32\netapi32.dll
2009-06-23 15:33:28 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-23 15:33:27 ----A---- C:\Windows\system32\winhttp.dll
2009-06-23 15:33:25 ----A---- C:\Windows\system32\gdi32.dll
2009-06-23 15:33:24 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-23 15:33:24 ----A---- C:\Windows\system32\dataclen.dll
2009-06-23 15:33:24 ----A---- C:\Windows\system32\cdd.dll
2009-06-23 15:33:22 ----A---- C:\Windows\system32\win32spl.dll
2009-06-23 15:32:46 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-23 15:31:43 ----A---- C:\Windows\system32\es.dll
2009-06-23 15:31:31 ----A---- C:\Windows\system32\localspl.dll
2009-06-23 15:30:55 ----A---- C:\Windows\explorer.exe
2009-06-23 15:30:21 ----A---- C:\Windows\system32\schannel.dll
2009-06-23 15:30:18 ----A---- C:\Windows\system32\wersvc.dll
2009-06-23 15:30:18 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-23 15:29:54 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-23 15:28:13 ----A---- C:\Windows\system32\connect.dll
2009-06-23 15:24:00 ----A---- C:\Windows\system32\msxml6.dll
2009-06-23 15:23:15 ----D---- C:\Users\Carole\AppData\Roaming\BitDefender
2009-06-23 15:22:51 ----D---- C:\Program Files\BitDefender
2009-06-23 15:21:51 ----D---- C:\Program Files\Common Files\BitDefender
2009-06-23 15:09:14 ----D---- C:\Users\Carole\AppData\Roaming\Adobe
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wups2.dll
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wucltux.dll
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wuaueng.dll
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wuauclt.exe
2009-06-23 15:06:27 ----A---- C:\Windows\system32\wups.dll
2009-06-23 15:06:27 ----A---- C:\Windows\system32\wudriver.dll
2009-06-23 15:06:27 ----A---- C:\Windows\system32\wuapi.dll
2009-06-23 15:05:57 ----A---- C:\Windows\system32\wuwebv.dll
2009-06-23 15:05:57 ----A---- C:\Windows\system32\wuapp.exe
2009-06-23 15:04:03 ----D---- C:\Program Files\Neuf
2009-06-23 15:00:40 ----D---- C:\Users\Carole\AppData\Roaming\Toshiba
2009-06-23 14:58:58 ----D---- C:\Users\Carole\AppData\Roaming\Google
2009-06-23 14:56:17 ----D---- C:\Users\Carole\AppData\Roaming\vlc
2009-06-23 14:54:10 ----D---- C:\Program Files\VideoLAN
2009-06-23 14:51:04 ----D---- C:\ProgramData\BitDefender
2009-06-23 14:44:09 ----SHD---- C:\$RECYCLE.BIN
2009-06-23 14:43:43 ----D---- C:\Users\Carole\AppData\Roaming\Identities
2009-06-23 14:43:35 ----A---- C:\Windows\system32\RtlLib.dll
2009-06-23 14:43:34 ----A---- C:\Windows\system32\libeay32.dll
2009-06-23 14:43:34 ----A---- C:\Windows\system32\IpLib.dll
2009-06-23 14:43:34 ----A---- C:\Windows\system32\EnumDevLib.dll
2009-06-23 14:42:40 ----D---- C:\Windows\system32\en
2009-06-23 14:41:36 ----D---- C:\Program Files\Camera Assistant Software for Toshiba
2009-06-23 14:41:17 ----D---- C:\Users\Carole\AppData\Roaming\InstallShield
2009-06-23 14:39:26 ----D---- C:\ProgramData\ToshibaEurope
2009-06-23 14:38:52 ----SD---- C:\Users\Carole\AppData\Roaming\Microsoft
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Modèles
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Menu Démarrer
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Favoris
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Bureau
2009-06-23 14:35:34 ----SHD---- C:\Program Files\Fichiers communs
2009-06-23 14:31:56 ----D---- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver
2009-06-23 14:31:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-06-23 14:31:26 ----D---- C:\Program Files\Common Files\Toshiba Shared
2009-06-23 14:31:03 ----D---- C:\Program Files\ltmoh
2009-06-23 14:31:03 ----A---- C:\Windows\system32\tosmreg.ini
2009-06-23 14:31:03 ----A---- C:\Windows\system32\tosmreg.exe
2009-06-23 14:31:03 ----A---- C:\Windows\system32\cseltbl.ini
2009-06-23 14:31:03 ----A---- C:\Windows\system32\csellang.ini
2009-06-23 14:31:03 ----A---- C:\Windows\system32\csellang.dll
2009-06-23 14:31:03 ----A---- C:\Windows\system32\cselect.exe
2009-06-23 14:30:51 ----D---- C:\Windows\Options
2009-06-23 14:26:59 ----D---- C:\Windows\system32\RTCOM
2009-06-23 14:26:53 ----A---- C:\Windows\DIFxAPI.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSWOW.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSHP360.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkAPO.dll
2009-06-23 14:26:52 ----A---- C:\Windows\SkyTel.exe
2009-06-23 14:26:52 ----A---- C:\Windows\RtlUpd.exe
2009-06-23 14:26:51 ----A---- C:\Windows\system32\maxxaudioapo.dll
2009-06-23 14:26:51 ----A---- C:\Windows\system32\FMAPO.dll
2009-06-23 14:26:51 ----A---- C:\Windows\RtlExUpd.dll
2009-06-23 14:26:51 ----A---- C:\Windows\RtHDVCpl.exe
2009-06-23 14:26:51 ----A---- C:\Windows\HideWin.exe
2009-06-23 14:26:17 ----A---- C:\Windows\system32\igxpun.exe
2009-06-23 14:26:09 ----D---- C:\Windows\system32\FRA
2009-06-23 14:26:08 ----D---- C:\Windows\system32\Lang
2009-06-23 14:26:08 ----A---- C:\Windows\system32\imsmudlg.exe
2009-06-23 14:26:08 ----A---- C:\Windows\system32\difxapi.dll
2009-06-23 14:25:18 ----D---- C:\Windows\SoftwareDistribution
2009-06-23 14:22:13 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 2 months======

2009-06-30 13:29:24 ----D---- C:\Windows\Prefetch
2009-06-30 13:29:22 ----D---- C:\Windows\Temp
2009-06-30 13:26:10 ----AD---- C:\Windows\System32
2009-06-30 13:25:48 ----RD---- C:\Program Files
2009-06-28 12:17:23 ----D---- C:\Windows\inf
2009-06-28 12:17:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-27 20:30:30 ----D---- C:\Windows\system32\LogFiles
2009-06-27 12:49:32 ----D---- C:\Windows\Logs
2009-06-27 11:05:56 ----D---- C:\Windows
2009-06-27 10:27:54 ----D---- C:\Windows\system32\WDI
2009-06-25 03:01:02 ----D---- C:\Windows\winsxs
2009-06-24 22:33:04 ----HD---- C:\ProgramData
2009-06-24 14:36:56 ----D---- C:\Windows\rescache
2009-06-24 14:14:39 ----D---- C:\Windows\Microsoft.NET
2009-06-24 14:14:15 ----RSD---- C:\Windows\assembly
2009-06-24 09:15:01 ----D---- C:\Windows\system32\drivers
2009-06-24 09:15:01 ----D---- C:\Windows\AppPatch
2009-06-24 09:15:00 ----D---- C:\Windows\system32\fr-FR
2009-06-24 09:15:00 ----D---- C:\Windows\PolicyDefinitions
2009-06-24 09:14:59 ----D---- C:\Program Files\Windows Media Player
2009-06-24 09:14:58 ----D---- C:\Windows\system32\wbem
2009-06-24 09:14:58 ----D---- C:\Program Files\Windows Mail
2009-06-24 09:14:57 ----D---- C:\Windows\system32\manifeststore
2009-06-24 09:14:49 ----D---- C:\Windows\system32\XPSViewer
2009-06-24 09:14:49 ----D---- C:\Windows\system32\en-US
2009-06-24 09:14:43 ----D---- C:\Windows\system32\migration
2009-06-24 09:14:43 ----D---- C:\Program Files\Internet Explorer
2009-06-24 09:12:42 ----SHD---- C:\Windows\Installer
2009-06-24 09:12:38 ----D---- C:\Program Files\Microsoft Works
2009-06-24 09:07:02 ----D---- C:\ProgramData\Microsoft Help
2009-06-24 09:05:50 ----D---- C:\Windows\system32\catroot
2009-06-24 09:05:49 ----D---- C:\Windows\system32\catroot2
2009-06-24 08:59:29 ----HD---- C:\Windows\msdownld.tmp
2009-06-23 23:25:34 ----D---- C:\Program Files\Common Files
2009-06-23 17:34:30 ----D---- C:\Program Files\Java
2009-06-23 17:30:31 ----RSD---- C:\Windows\Fonts
2009-06-23 16:35:15 ----D---- C:\Program Files\Common Files\microsoft shared
2009-06-23 16:32:23 ----SD---- C:\ProgramData\Microsoft
2009-06-23 15:17:56 ----D---- C:\ProgramData\McAfee
2009-06-23 15:16:14 ----D---- C:\Program Files\Google
2009-06-23 15:13:07 ----D---- C:\Windows\Tasks
2009-06-23 15:07:34 ----D---- C:\ProgramData\Google
2009-06-23 14:44:34 ----D---- C:\Toshiba
2009-06-23 14:43:35 ----D---- C:\Program Files\Realtek
2009-06-23 14:43:33 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-23 14:43:18 ----D---- C:\Windows\Help
2009-06-23 14:43:18 ----D---- C:\Program Files\TOSHIBA
2009-06-23 14:42:49 ----D---- C:\Windows\system32\tr
2009-06-23 14:42:49 ----D---- C:\Windows\system32\sv
2009-06-23 14:42:49 ----D---- C:\Windows\system32\ru
2009-06-23 14:42:49 ----D---- C:\Windows\system32\pt
2009-06-23 14:42:49 ----D---- C:\Windows\system32\pl
2009-06-23 14:42:49 ----D---- C:\Windows\system32\no
2009-06-23 14:42:49 ----D---- C:\Windows\system32\nl
2009-06-23 14:42:49 ----D---- C:\Windows\system32\it
2009-06-23 14:42:49 ----D---- C:\Windows\system32\hu
2009-06-23 14:42:49 ----D---- C:\Windows\system32\fr
2009-06-23 14:42:49 ----D---- C:\Windows\system32\fi
2009-06-23 14:42:49 ----D---- C:\Windows\system32\es
2009-06-23 14:42:49 ----D---- C:\Windows\system32\el
2009-06-23 14:42:49 ----D---- C:\Windows\system32\de
2009-06-23 14:42:49 ----D---- C:\Windows\system32\da
2009-06-23 14:42:49 ----D---- C:\Windows\system32\cs
2009-06-23 14:42:47 ----D---- C:\Windows\system32\sk
2009-06-23 14:42:46 ----D---- C:\Windows\system32\zh-TW
2009-06-23 14:42:41 ----D---- C:\Windows\system32\zh-CN
2009-06-23 14:42:41 ----D---- C:\Windows\system32\ko-KR
2009-06-23 14:42:41 ----D---- C:\Windows\system32\ja-JP
2009-06-23 14:38:52 ----RD---- C:\Users
2009-06-23 14:35:34 ----D---- C:\Program Files\Windows NT
2009-06-23 14:35:33 ----D---- C:\Windows\Debug
2009-06-23 14:31:57 ----D---- C:\Windows\system
2009-06-23 14:31:26 ----D---- C:\ProgramData\Toshiba
2009-06-23 14:30:13 ----D---- C:\Windows\system32\restore
2009-06-23 14:29:02 ----D---- C:\Windows\Panther
2009-06-23 14:26:08 ----D---- C:\Program Files\Intel

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2009-06-23 137224]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 bdfm;BDFM; C:\Windows\system32\drivers\bdfm.sys [2008-09-18 111112]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2008-12-10 242184]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys [2009-06-23 8832]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-09 2095512]
R3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2008-09-02 13056]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
R3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2009-06-23 39808]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys [2009-06-23 104328]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-04-02 62976]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-17 40960]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2009-06-23 415024]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-02-06 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2009-06-23 1626112]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-23 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\partner.exe [2008-08-13 110576]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504]

-----------------EOF-----------------

   
Répondre à titou57

3

titou57, le 30 jun 2009 à 13:33:28

Et le info

info.txt logfile of random's system information tool 1.06 2009-06-30 13:29:32

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x40c
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x40c
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
BitDefender Internet Security 2009-->MsiExec.exe /X{A7E80619-A6CC-438C-92B3-708FFC004AFE}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Diner Dash: Seasonal Snack Pack-->"C:\Program Files\Diner Dash - Seasonal Snack Pack\unins000.exe"
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x40c
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Manuels TOSHIBA-->C:\Program Files\InstallShield Installation Information\{5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}\setup.exe -runfromtemp -l0x040c -removeonly
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (French) 2007-->MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
Module de compatibilité pour Microsoft Office System 2007-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Mozilla Firefox (3.0.11)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
myphotobook 3.6-->C:\Program Files\myphotobook\uninst.exe
Neuf - Kit de connexion-->C:\Program Files\Neuf\Kit\uninstall.exe
OpenOffice.org 2.4-->MsiExec.exe /I{1E0FF527-971B-4BBF-83D1-987E8DEE437D}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x040c -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
REALTEK RTL8187B Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{895722FE-25FE-4854-95AC-B0C42F9DBEDA}\Install.exe -uninst -l0x40C
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe" -l0x9 -removeonly
Realtek WiFi Protected Setup Library-->C:\Program Files\InstallShield Installation Information\{02CA24DD-C8B0-4280-BE53-7862869C2EB1}\Install.exe -uninst -l0x40C
Réducteur de bruit du lecteur de CD/DVD-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x040c -removeonly
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x040c -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c
TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x040c -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B}
TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2883F6F5-0509-43F3-868C-D50330DD9DD3}\setup.exe" -l0x40c
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly
TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}\setup.exe" -l0x40c
Toshiba TEMPRO-->MsiExec.exe /X{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x040c
TRDCReminder-->C:\Program Files\InstallShield Installation Information\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\setup.exe -runfromtemp -l0x040c
TRORDCLauncher-->C:\Program Files\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe -runfromtemp -l0x040c
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Office 2007 (KB934528)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B939677-2FFD-48F6-9075-7BF48CB87C80}
Update for Office System 2007 Setup (KB929722)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D8E9BEBD-655F-467D-8176-CA9959C140A3}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Securitycenter WMI appears to be broken

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE

-----------------EOF-----------------

   
Répondre à titou57

4

titou57, le 30 jun 2009 à 13:34:08

MERCI!

   
Répondre à titou57

5

sKe69, le 30 jun 2009 à 13:56:29

Et bien ...


si il n'y avait que Tibs .... tu est très infecté ! ... ^^"

Pas mal de travail ...


/!\ N'entreprends rien avec le PC sans mon autorisations et suis à la lettre les procédures qui vont suivre ... si tu as un quelquonque prb n' hésite pas à m'en faire part ( évite les prises de décision hasardeuses ) .
Ne pas utiliser ce PC autrement que pour venir ici poursuivre la désinfection .



commence par ceci :


Télécharge ToolBar S&D ( de Eric_71/Team IDN ) sur ton bureau :
http://eric.71.mespages.googlepages.com/ToolBarSD.exe

( Tuto : http://toolbarsd.googlepages.com/aideenimages )

!! Déconnecte toi et ferme toutes tes applications en cours le temps de la manipe !!

* Double-clique sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...
--> Tapes directement sur 2 ( option " suppression " ) puis tape sur [Entrée].

Le nettoyage commence .

! ne touche à rien lors de la suppression !

Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse
accompagné d'un nouveau rapport RSIT ( log.txt ) pour analyse ...

( le rapport est en outre sauvegardé ici -> C:\TB.txt )

"Baby, I'm going on an airplane, And I don't know if I'll be back again"
IMPORTANT : ne vous croyez pas tiré d'affaire tant qu'on ne 
vous l'a pas dit !

   
Répondre à sKe69

6

titou57, le 30 jun 2009 à 14:04:38

Voila le toolbar


-----------\\ ToolBar S&D 1.2.8 XP/Vista

( : )
USER : Carole ( Administrator )

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 30/06/2009|14:00 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="http://recherche.neuf.fr/"
"Start Page"="http://www.google.com/"
"Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;"
"Search Bar"="http://recherche.neuf.fr/ie/default.html"
"Url"="http://go.microsoft.com/fwlink/?LinkId=75720"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;"
"Default_Search_URL"="http://recherche.neuf.fr/"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 30/06/2009|12:40 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 30/06/2009|12:45 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 30/06/2009|14:03 - Option : [2]

-----------\\ Fin du rapport a 14:03:19,84

   
Répondre à titou57

7

titou57, le 30 jun 2009 à 14:07:10

Et le nouveau log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Carole at 2009-06-30 14:05:27
WIN_VISTA Service Pack 1
System drive C: has 15 GB (26%) free of 57 GB
Total RAM: 1915 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:05:32, on 30/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
C:\Users\Carole\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Carole.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: C:\Windows\system32\gsf83iujid.dll - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\Windows\system32\gsf83iujid.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-2283063892-3141148937-3368011838-1000\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [] C:\Windows\TEMP\sh7p3.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [] C:\Windows\TEMP\sh7p3.exe (User 'Default user')
O4 - S-1-5-21-2283063892-3141148937-3368011838-1000 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User '?')
O4 - S-1-5-21-2283063892-3141148937-3368011838-1000 Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User '?')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: reset5c - C:\Windows\SYSTEM32\reset5c.dll
O22 - SharedTaskScheduler: hs837hiudjgfo9s8gjio4gfd - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\Windows\system32\gsf83iujid.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
End of file - 8981 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-30 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2C7B2A1-00F3-42BD-F434-00AABA2C8952}]
C:\Windows\system32\gsf83iujid.dll - C:\Windows\system32\gsf83iujid.dll [2009-06-24 15000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2009-06-23 95536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-23 148888]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-04-24 103824]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-25 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-25 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-25 145944]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-08 6037504]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-06-24 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-05-09 716800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-06-23 778240]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2009-06-23 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-04-24 430080]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-08-13 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

C:\Users\Carole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
TRDCReminder.lnk - C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-12 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\reset5c]
C:\Windows\system32\reset5c.dll [2008-01-21 8704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
hs837hiudjgfo9s8gjio4gfd - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\Windows\system32\gsf83iujid.dll [2009-06-24 15000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54c25470-5ff1-11de-a40e-806e6f6e6963}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\index.html


======List of files/folders created in the last 2 months======

2009-06-30 13:29:15 ----D---- C:\rsit
2009-06-30 13:25:48 ----D---- C:\Program Files\Trend Micro
2009-06-30 12:38:07 ----A---- C:\TB.txt
2009-06-30 12:37:35 ----D---- C:\ToolBar SD
2009-06-27 11:05:56 ----D---- C:\Windows\Sun
2009-06-27 10:39:03 ----A---- C:\Windows\ntbtlog.txt
2009-06-26 22:20:25 ----D---- C:\Users\Carole\AppData\Roaming\WinRAR
2009-06-26 22:19:52 ----D---- C:\Program Files\WinRAR
2009-06-24 22:33:04 ----D---- C:\ProgramData\Azureus
2009-06-24 22:32:59 ----D---- C:\Users\Carole\AppData\Roaming\Azureus
2009-06-24 22:30:35 ----D---- C:\Program Files\Vuze
2009-06-24 09:05:15 ----A---- C:\Windows\system32\msshooks.dll
2009-06-24 09:05:15 ----A---- C:\Windows\system32\msscb.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\wsepno.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-24 09:05:13 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\propsys.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\propdefs.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\offfilt.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\msstrc.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\msshsq.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\tquery.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-24 09:05:12 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-24 09:05:12 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssvp.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssrch.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssph.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-24 09:04:10 ----A---- C:\Windows\system32\tzres.dll
2009-06-24 08:46:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-24 08:46:21 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-24 08:46:21 ----A---- C:\Windows\system32\icardagt.exe
2009-06-24 08:46:20 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-24 08:46:20 ----A---- C:\Windows\system32\icardres.dll
2009-06-24 08:46:19 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-24 08:46:18 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-24 08:42:16 ----A---- C:\Windows\system32\dfshim.dll
2009-06-24 08:42:14 ----A---- C:\Windows\system32\netfxperf.dll
2009-06-24 08:42:14 ----A---- C:\Windows\system32\mscoree.dll
2009-06-24 08:42:08 ----A---- C:\Windows\system32\mscorier.dll
2009-06-24 08:42:05 ----A---- C:\Windows\system32\mscories.dll
2009-06-24 08:35:53 ----A---- C:\Windows\system32\reset5c.dll
2009-06-24 08:35:53 ----A---- C:\Windows\system32\gsf83iujid.dll
2009-06-24 08:35:52 ----A---- C:\vicgfdbf.exe
2009-06-24 08:35:52 ----A---- C:\ksai.exe
2009-06-24 08:35:52 ----A---- C:\dekyu.exe
2009-06-24 08:35:51 ----A---- C:\lcwyjx.exe
2009-06-24 08:35:51 ----A---- C:\jwyuclmh.exe
2009-06-24 08:35:43 ----A---- C:\Windows\system32\samsvc.exe
2009-06-23 23:25:34 ----D---- C:\Program Files\Common Files\DivX Shared
2009-06-23 23:25:33 ----D---- C:\Program Files\DivX
2009-06-23 17:45:12 ----D---- C:\Users\Carole\AppData\Roaming\PlayFirst
2009-06-23 17:45:12 ----D---- C:\ProgramData\PlayFirst
2009-06-23 17:44:08 ----D---- C:\Users\Carole\AppData\Roaming\OpenOffice.org2
2009-06-23 17:34:57 ----A---- C:\Windows\system32\javaws.exe
2009-06-23 17:34:57 ----A---- C:\Windows\system32\javaw.exe
2009-06-23 17:34:57 ----A---- C:\Windows\system32\java.exe
2009-06-23 17:34:57 ----A---- C:\Windows\system32\deploytk.dll
2009-06-23 17:29:55 ----D---- C:\Program Files\OpenOffice.org 2.4
2009-06-23 16:44:35 ----D---- C:\Program Files\Diner Dash - Seasonal Snack Pack
2009-06-23 16:35:25 ----D---- C:\Program Files\Microsoft
2009-06-23 16:35:10 ----D---- C:\Program Files\Windows Live SkyDrive
2009-06-23 16:34:54 ----D---- C:\Program Files\Windows Live
2009-06-23 16:32:37 ----D---- C:\Program Files\Common Files\Windows Live
2009-06-23 16:31:22 ----D---- C:\Users\Carole\AppData\Roaming\Macromedia
2009-06-23 16:20:55 ----D---- C:\Users\Carole\AppData\Roaming\Mozilla
2009-06-23 16:19:34 ----D---- C:\Program Files\Mozilla Firefox
2009-06-23 15:43:56 ----D---- C:\Program Files\Aspyr
2009-06-23 15:35:16 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-23 15:35:15 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-06-23 15:35:06 ----A---- C:\Windows\system32\rpcss.dll
2009-06-23 15:35:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-23 15:35:05 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-23 15:35:04 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-23 15:35:04 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iashost.exe
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iasads.dll
2009-06-23 15:34:59 ----A---- C:\Windows\system32\xolehlp.dll
2009-06-23 15:34:59 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-23 15:34:11 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-23 15:34:09 ----A---- C:\Windows\system32\mf.dll
2009-06-23 15:34:08 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-23 15:34:08 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-23 15:34:08 ----A---- C:\Windows\system32\logagent.exe
2009-06-23 15:34:06 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-23 15:34:00 ----A---- C:\Windows\system32\mshtml.dll
2009-06-23 15:33:59 ----A---- C:\Windows\system32\urlmon.dll
2009-06-23 15:33:59 ----A---- C:\Windows\system32\ieframe.dll
2009-06-23 15:33:58 ----A---- C:\Windows\system32\wininet.dll
2009-06-23 15:33:58 ----A---- C:\Windows\system32\iertutil.dll
2009-06-23 15:33:58 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\occache.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\mstime.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\msfeeds.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\ieUnatt.exe
2009-06-23 15:33:57 ----A---- C:\Windows\system32\ieaksie.dll
2009-06-23 15:33:56 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-23 15:33:56 ----A---- C:\Windows\system32\ieencode.dll
2009-06-23 15:33:48 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-23 15:33:47 ----A---- C:\Windows\system32\kernel32.dll
2009-06-23 15:33:46 ----A---- C:\Windows\system32\secur32.dll
2009-06-23 15:33:46 ----A---- C:\Windows\system32\apilogen.dll
2009-06-23 15:33:46 ----A---- C:\Windows\system32\amxread.dll
2009-06-23 15:33:43 ----A---- C:\Windows\system32\wmp.dll
2009-06-23 15:33:41 ----A---- C:\Windows\system32\spwmp.dll
2009-06-23 15:33:41 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-23 15:33:40 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-23 15:33:39 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-23 15:33:38 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-23 15:33:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-23 15:33:35 ----A---- C:\Windows\system32\shell32.dll
2009-06-23 15:33:30 ----A---- C:\Windows\system32\msxml3.dll
2009-06-23 15:33:29 ----A---- C:\Windows\system32\netapi32.dll
2009-06-23 15:33:28 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-23 15:33:27 ----A---- C:\Windows\system32\winhttp.dll
2009-06-23 15:33:25 ----A---- C:\Windows\system32\gdi32.dll
2009-06-23 15:33:24 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-23 15:33:24 ----A---- C:\Windows\system32\dataclen.dll
2009-06-23 15:33:24 ----A---- C:\Windows\system32\cdd.dll
2009-06-23 15:33:22 ----A---- C:\Windows\system32\win32spl.dll
2009-06-23 15:32:46 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-23 15:31:43 ----A---- C:\Windows\system32\es.dll
2009-06-23 15:31:31 ----A---- C:\Windows\system32\localspl.dll
2009-06-23 15:30:55 ----A---- C:\Windows\explorer.exe
2009-06-23 15:30:21 ----A---- C:\Windows\system32\schannel.dll
2009-06-23 15:30:18 ----A---- C:\Windows\system32\wersvc.dll
2009-06-23 15:30:18 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-23 15:29:54 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-23 15:28:13 ----A---- C:\Windows\system32\connect.dll
2009-06-23 15:24:00 ----A---- C:\Windows\system32\msxml6.dll
2009-06-23 15:23:15 ----D---- C:\Users\Carole\AppData\Roaming\BitDefender
2009-06-23 15:22:51 ----D---- C:\Program Files\BitDefender
2009-06-23 15:21:51 ----D---- C:\Program Files\Common Files\BitDefender
2009-06-23 15:09:14 ----D---- C:\Users\Carole\AppData\Roaming\Adobe
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wups2.dll
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wucltux.dll
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wuaueng.dll
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wuauclt.exe
2009-06-23 15:06:27 ----A---- C:\Windows\system32\wups.dll
2009-06-23 15:06:27 ----A---- C:\Windows\system32\wudriver.dll
2009-06-23 15:06:27 ----A---- C:\Windows\system32\wuapi.dll
2009-06-23 15:05:57 ----A---- C:\Windows\system32\wuwebv.dll
2009-06-23 15:05:57 ----A---- C:\Windows\system32\wuapp.exe
2009-06-23 15:04:03 ----D---- C:\Program Files\Neuf
2009-06-23 15:00:40 ----D---- C:\Users\Carole\AppData\Roaming\Toshiba
2009-06-23 14:58:58 ----D---- C:\Users\Carole\AppData\Roaming\Google
2009-06-23 14:56:17 ----D---- C:\Users\Carole\AppData\Roaming\vlc
2009-06-23 14:54:10 ----D---- C:\Program Files\VideoLAN
2009-06-23 14:51:04 ----D---- C:\ProgramData\BitDefender
2009-06-23 14:44:09 ----SHD---- C:\$RECYCLE.BIN
2009-06-23 14:43:43 ----D---- C:\Users\Carole\AppData\Roaming\Identities
2009-06-23 14:43:35 ----A---- C:\Windows\system32\RtlLib.dll
2009-06-23 14:43:34 ----A---- C:\Windows\system32\libeay32.dll
2009-06-23 14:43:34 ----A---- C:\Windows\system32\IpLib.dll
2009-06-23 14:43:34 ----A---- C:\Windows\system32\EnumDevLib.dll
2009-06-23 14:42:40 ----D---- C:\Windows\system32\en
2009-06-23 14:41:36 ----D---- C:\Program Files\Camera Assistant Software for Toshiba
2009-06-23 14:41:17 ----D---- C:\Users\Carole\AppData\Roaming\InstallShield
2009-06-23 14:39:26 ----D---- C:\ProgramData\ToshibaEurope
2009-06-23 14:38:52 ----SD---- C:\Users\Carole\AppData\Roaming\Microsoft
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Modèles
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Menu Démarrer
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Favoris
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Bureau
2009-06-23 14:35:34 ----SHD---- C:\Program Files\Fichiers communs
2009-06-23 14:31:56 ----D---- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver
2009-06-23 14:31:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-06-23 14:31:26 ----D---- C:\Program Files\Common Files\Toshiba Shared
2009-06-23 14:31:03 ----D---- C:\Program Files\ltmoh
2009-06-23 14:31:03 ----A---- C:\Windows\system32\tosmreg.ini
2009-06-23 14:31:03 ----A---- C:\Windows\system32\tosmreg.exe
2009-06-23 14:31:03 ----A---- C:\Windows\system32\cseltbl.ini
2009-06-23 14:31:03 ----A---- C:\Windows\system32\csellang.ini
2009-06-23 14:31:03 ----A---- C:\Windows\system32\csellang.dll
2009-06-23 14:31:03 ----A---- C:\Windows\system32\cselect.exe
2009-06-23 14:30:51 ----D---- C:\Windows\Options
2009-06-23 14:26:59 ----D---- C:\Windows\system32\RTCOM
2009-06-23 14:26:53 ----A---- C:\Windows\DIFxAPI.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSWOW.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSHP360.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkAPO.dll
2009-06-23 14:26:52 ----A---- C:\Windows\SkyTel.exe
2009-06-23 14:26:52 ----A---- C:\Windows\RtlUpd.exe
2009-06-23 14:26:51 ----A---- C:\Windows\system32\maxxaudioapo.dll
2009-06-23 14:26:51 ----A---- C:\Windows\system32\FMAPO.dll
2009-06-23 14:26:51 ----A---- C:\Windows\RtlExUpd.dll
2009-06-23 14:26:51 ----A---- C:\Windows\RtHDVCpl.exe
2009-06-23 14:26:51 ----A---- C:\Windows\HideWin.exe
2009-06-23 14:26:17 ----A---- C:\Windows\system32\igxpun.exe
2009-06-23 14:26:09 ----D---- C:\Windows\system32\FRA
2009-06-23 14:26:08 ----D---- C:\Windows\system32\Lang
2009-06-23 14:26:08 ----A---- C:\Windows\system32\imsmudlg.exe
2009-06-23 14:26:08 ----A---- C:\Windows\system32\difxapi.dll
2009-06-23 14:25:18 ----D---- C:\Windows\SoftwareDistribution
2009-06-23 14:22:13 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 2 months======

2009-06-30 14:05:18 ----D---- C:\Windows\Temp
2009-06-30 13:59:05 ----D---- C:\Windows\Prefetch
2009-06-30 13:26:10 ----AD---- C:\Windows\System32
2009-06-30 13:25:48 ----RD---- C:\Program Files
2009-06-28 12:17:23 ----D---- C:\Windows\inf
2009-06-28 12:17:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-27 20:30:30 ----D---- C:\Windows\system32\LogFiles
2009-06-27 12:49:32 ----D---- C:\Windows\Logs
2009-06-27 11:05:56 ----D---- C:\Windows
2009-06-27 10:27:54 ----D---- C:\Windows\system32\WDI
2009-06-25 03:01:02 ----D---- C:\Windows\winsxs
2009-06-24 22:33:04 ----HD---- C:\ProgramData
2009-06-24 14:36:56 ----D---- C:\Windows\rescache
2009-06-24 14:14:39 ----D---- C:\Windows\Microsoft.NET
2009-06-24 14:14:15 ----RSD---- C:\Windows\assembly
2009-06-24 09:15:01 ----D---- C:\Windows\system32\drivers
2009-06-24 09:15:01 ----D---- C:\Windows\AppPatch
2009-06-24 09:15:00 ----D---- C:\Windows\system32\fr-FR
2009-06-24 09:15:00 ----D---- C:\Windows\PolicyDefinitions
2009-06-24 09:14:59 ----D---- C:\Program Files\Windows Media Player
2009-06-24 09:14:58 ----D---- C:\Windows\system32\wbem
2009-06-24 09:14:58 ----D---- C:\Program Files\Windows Mail
2009-06-24 09:14:57 ----D---- C:\Windows\system32\manifeststore
2009-06-24 09:14:49 ----D---- C:\Windows\system32\XPSViewer
2009-06-24 09:14:49 ----D---- C:\Windows\system32\en-US
2009-06-24 09:14:43 ----D---- C:\Windows\system32\migration
2009-06-24 09:14:43 ----D---- C:\Program Files\Internet Explorer
2009-06-24 09:12:42 ----SHD---- C:\Windows\Installer
2009-06-24 09:12:38 ----D---- C:\Program Files\Microsoft Works
2009-06-24 09:07:02 ----D---- C:\ProgramData\Microsoft Help
2009-06-24 09:05:50 ----D---- C:\Windows\system32\catroot
2009-06-24 09:05:49 ----D---- C:\Windows\system32\catroot2
2009-06-24 08:59:29 ----HD---- C:\Windows\msdownld.tmp
2009-06-23 23:25:34 ----D---- C:\Program Files\Common Files
2009-06-23 17:34:30 ----D---- C:\Program Files\Java
2009-06-23 17:30:31 ----RSD---- C:\Windows\Fonts
2009-06-23 16:35:15 ----D---- C:\Program Files\Common Files\microsoft shared
2009-06-23 16:32:23 ----SD---- C:\ProgramData\Microsoft
2009-06-23 15:17:56 ----D---- C:\ProgramData\McAfee
2009-06-23 15:16:14 ----D---- C:\Program Files\Google
2009-06-23 15:13:07 ----D---- C:\Windows\Tasks
2009-06-23 15:07:34 ----D---- C:\ProgramData\Google
2009-06-23 14:44:34 ----D---- C:\Toshiba
2009-06-23 14:43:35 ----D---- C:\Program Files\Realtek
2009-06-23 14:43:33 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-23 14:43:18 ----D---- C:\Windows\Help
2009-06-23 14:43:18 ----D---- C:\Program Files\TOSHIBA
2009-06-23 14:42:49 ----D---- C:\Windows\system32\tr
2009-06-23 14:42:49 ----D---- C:\Windows\system32\sv
2009-06-23 14:42:49 ----D---- C:\Windows\system32\ru
2009-06-23 14:42:49 ----D---- C:\Windows\system32\pt
2009-06-23 14:42:49 ----D---- C:\Windows\system32\pl
2009-06-23 14:42:49 ----D---- C:\Windows\system32\no
2009-06-23 14:42:49 ----D---- C:\Windows\system32\nl
2009-06-23 14:42:49 ----D---- C:\Windows\system32\it
2009-06-23 14:42:49 ----D---- C:\Windows\system32\hu
2009-06-23 14:42:49 ----D---- C:\Windows\system32\fr
2009-06-23 14:42:49 ----D---- C:\Windows\system32\fi
2009-06-23 14:42:49 ----D---- C:\Windows\system32\es
2009-06-23 14:42:49 ----D---- C:\Windows\system32\el
2009-06-23 14:42:49 ----D---- C:\Windows\system32\de
2009-06-23 14:42:49 ----D---- C:\Windows\system32\da
2009-06-23 14:42:49 ----D---- C:\Windows\system32\cs
2009-06-23 14:42:47 ----D---- C:\Windows\system32\sk
2009-06-23 14:42:46 ----D---- C:\Windows\system32\zh-TW
2009-06-23 14:42:41 ----D---- C:\Windows\system32\zh-CN
2009-06-23 14:42:41 ----D---- C:\Windows\system32\ko-KR
2009-06-23 14:42:41 ----D---- C:\Windows\system32\ja-JP
2009-06-23 14:38:52 ----RD---- C:\Users
2009-06-23 14:35:34 ----D---- C:\Program Files\Windows NT
2009-06-23 14:35:33 ----D---- C:\Windows\Debug
2009-06-23 14:31:57 ----D---- C:\Windows\system
2009-06-23 14:31:26 ----D---- C:\ProgramData\Toshiba
2009-06-23 14:30:13 ----D---- C:\Windows\system32\restore
2009-06-23 14:29:02 ----D---- C:\Windows\Panther
2009-06-23 14:26:08 ----D---- C:\Program Files\Intel

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2009-06-23 137224]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 bdfm;BDFM; C:\Windows\system32\drivers\bdfm.sys [2008-09-18 111112]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2008-12-10 242184]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys [2009-06-23 8832]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-09 2095512]
R3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2008-09-02 13056]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
R3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2009-06-23 39808]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys [2009-06-23 104328]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-04-02 62976]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-17 40960]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2009-06-23 415024]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-02-06 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2009-06-23 1626112]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-23 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\partner.exe [2008-08-13 110576]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504]

-----------------EOF-----------------

   
Répondre à titou57

8

titou57, le 30 jun 2009 à 14:07:50

Merci encore

   
Répondre à titou57

9

sKe69, le 30 jun 2009 à 14:12:56

Bien ....


la suite :

Télécharge UsbFix ( de C_XX, Chimay8 & Chiquitine29 ) sur ton bureau :

> http://sd-1.archive-host.com/membres/up/127028005715545653/UsbFix.exe

! Déconnecte toi d'internet et ferme toutes applications en cours !

--> Double-clique sur l' .exe pour lancer l'installation de l'outil ( ne touche pas aux paramètres d'installe ) .


Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3,carte SD, etc...) succeptibles d'avoir été infectés ( mais sans les ouvrir ! ) .


# Double clique sur le raccourci UsbFix présent sur ton bureau pour lancer l'outil.

# Choisis l' option 1 ( Recherche )

# Laisse travailler l'outil et ne touche à rien pendant le scan .

# Une fois terminé, poste le rapport UsbFix.txt qui apparaitra.

Le rapport est en outre sauvegardé à la racine du disque maitre ( C:\UsbFix.txt ).

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )


Note :
"Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


Site de l'auteur > http://pagesperso-orange.fr/NosTools/usbfix.html

"Baby, I'm going on an airplane, And I don't know if I'll be back again"
IMPORTANT : ne vous croyez pas tiré d'affaire tant qu'on ne 
vous l'a pas dit !

   
Répondre à sKe69

10

titou57, le 30 jun 2009 à 14:23:29

Je ne met plus la main sur mon dd externe, c'est l'horreur!Est ce impératif ou peut on fr qqch dautr en attendant?

   
Répondre à titou57

11

sKe69, le 30 jun 2009 à 14:26:07

Je ne met plus la main sur mon dd externe

-> il y a de très forte chance qu'il soit vérolé ! ... dès qu'il est connecté au PC , il transmetra l'infection ...


Fais la manipe d'usbFix tout de même ... ( et tu la referas une fois que tu auras récupéré ton DD externe ) ...



j'attends le rapport demandé ...


"Baby, I'm going on an airplane, And I don't know if I'll be back again"
IMPORTANT : ne vous croyez pas tiré d'affaire tant qu'on ne 
vous l'a pas dit !

   
Répondre à sKe69

12

titou57, le 30 jun 2009 à 14:35:05

Le logiciel m'a mis "accès refusé" une fois que j'ai cliqué sur 1 recherche

   
Répondre à titou57

13

titou57, le 30 jun 2009 à 14:38:26

J'ai retrouvé mon dd!
je fais la manip

   
Répondre à titou57

14

titou57, le 30 jun 2009 à 14:40:30

IDEM accès refusé

   
Répondre à titou57

15

sKe69, le 30 jun 2009 à 14:43:07
  • +2

Re,

j'ai oublié de préciser ceci :


pour lancer usbFix , fait clique droit / "executer entant qu'admin..." sur le raccourci ... ^^


"Baby, I'm going on an airplane, And I don't know if I'll be back again"
IMPORTANT : ne vous croyez pas tiré d'affaire tant qu'on ne 
vous l'a pas dit !

   
Répondre à sKe69

16

titou57, le 30 jun 2009 à 14:57:09

A la fin de l'analyse, c'était écrit recherche de crack et keygen veuillez patienter
ensuite plus rien et pas de doc text...
je recommence?

   
Répondre à titou57

17

titou57, le 30 jun 2009 à 15:00:25

Autant pr moi j'ai trouvé le doc txt


############################## | UsbFix V3.034 |

# User : Carole (Administrateurs) # PC-DE-CAROLE
# Update on 29/06/09 by Chiquitine29 & C_XX
# Start at: 14:43:49 | 30/06/2009
# Website : http://pagesperso-orange.fr/NosTools/usbfix.html

#
#
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Enabled



############################## | Processus actifs |

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\mobsync.exe

################## | Registre Startup |

HKCU_Main: "Local Page"="C:\\Windows\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://recherche.neuf.fr/"
HKCU_Main: "Start Page"="http://www.google.com/"
HKLM_logon: "Userinit"="C:\\Windows\\system32\\userinit.exe,"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: Windows Defender=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
HKLM_Run: SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
HKLM_Run: SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
HKLM_Run: NDSTray.exe=NDSTray.exe
HKLM_Run: cfFncEnabler.exe=cfFncEnabler.exe
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
HKLM_Run: Google EULA Launcher=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
HKLM_Run: Toshiba TEMPO=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
HKLM_Run: topi=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
HKLM_Run: IgfxTray=C:\Windows\system32\igfxtray.exe
HKLM_Run: HotKeysCmds=C:\Windows\system32\hkcmd.exe
HKLM_Run: Persistence=C:\Windows\system32\igfxpers.exe
HKLM_Run: RtHDVCpl=RtHDVCpl.exe
HKLM_Run: Skytel=Skytel.exe
HKLM_Run: TPwrMain=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM_Run: HSON=%ProgramFiles%\TOSHIBA\TBS\HSON.exe
HKLM_Run: SmoothView=%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
HKLM_Run: 00TCrdMain=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
HKLM_Run: Toshiba Registration=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
HKLM_Run: Camera Assistant Software="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
HKLM_Run: BDAgent="C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
HKLM_Run: BitDefender Antiphishing Helper="C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: TOSCDSPD=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
HKCU_Run: swg=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

################## | Fichiers # Dossiers infectieux |

Présent ! C:\Users\Carole\AppData\Local\Temp\Temp1_bitdefender2009.zip\install.exe
Présent ! D:\temp.txt

################## | Registre # Clés Run infectieuses |

Présent ! HKLM\software\microsoft\security center\Svc "AntiVirusOverride" ( 0x1 )

################## | Registre # Mountpoints2 |

HKCU\...\Explorer\MountPoints2\{54c25470-5ff1-11de-a40e-806e6f6e6963}\Shell\AutoRun\Command

################## | Etat / Services / Informations |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# Uac : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Wlansvc -> Start = 2 ( Good = 2 | Bad = 4 )
# (!) SharedAccess -> Start = 4 ( Good = 2 | Bad = 4 )
# windefend -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | Cracks / Keygens / Serials |

   
Répondre à titou57

18

sKe69, le 30 jun 2009 à 15:15:39

Bien ...


la suite :


1- ! Déconnecte toi d'internet et ferme toutes applications en cours !

Impératif :
Branche toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3,carte SD, etc...) succeptibles d'avoir été infectés ( mais sans les ouvrir ! ) .

# Relance UsbFix ( "entant qu'admin...") .

# Cette fois ci , tu choisis l' option 2 ( Suppression ) .

> Ton bureau disparaitra et le pc redémarrera ( c'est normal ).

# Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil et ne touche à rien .

# Une fois terminé, poste le nouveau rapport UsbFix.txt qui apparaitra avec le bureau .


( Le rapport est en outre sauvegardé à la racine du disque maitre > C:\UsbFix.txt ).


==============


2- Refais un scan Rsit , poste le nouveau rapport "Log.txt" obtenu et attends la suite ...


"Baby, I'm going on an airplane, And I don't know if I'll be back again"
IMPORTANT : ne vous croyez pas tiré d'affaire tant qu'on ne 
vous l'a pas dit !

   
Répondre à sKe69

19

titou57, le 30 jun 2009 à 18:23:02

Ca a été très long,c'est terminé et là pas de fichier txt! voila le log


Logfile of random's system information tool 1.06 (written by random/random)
Run by Carole at 2009-06-30 18:19:57
WIN_VISTA Service Pack 1
System drive C: has 15 GB (26%) free of 57 GB
Total RAM: 1915 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:20:04, on 30/06/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Carole\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\Carole.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: C:\Windows\system32\gsf83iujid.dll - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\Windows\system32\gsf83iujid.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-2283063892-3141148937-3368011838-1000\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [] C:\Windows\TEMP\sh7p3.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [] C:\Windows\TEMP\sh7p3.exe (User 'Default user')
O4 - S-1-5-21-2283063892-3141148937-3368011838-1000 Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe (User '?')
O4 - S-1-5-21-2283063892-3141148937-3368011838-1000 Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User '?')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-home?tag=Toshibafrbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: reset5c - C:\Windows\SYSTEM32\reset5c.dll
O22 - SharedTaskScheduler: hs837hiudjgfo9s8gjio4gfd - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\Windows\system32\gsf83iujid.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\partner.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: Notebook Performance Tuning Service (TempoMonitoringService) - Toshiba Europe GmbH - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
End of file - 9065 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-30 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2C7B2A1-00F3-42BD-F434-00AABA2C8952}]
C:\Windows\system32\gsf83iujid.dll - C:\Windows\system32\gsf83iujid.dll [2009-06-24 15000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll [2009-06-23 95536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-06-23 148888]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]
"Toshiba TEMPO"=C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe [2008-04-24 103824]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-25 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-25 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-25 145944]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-08 6037504]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-06-24 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-05-09 716800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792]
"BDAgent"=C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe [2009-06-23 778240]
"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe [2009-06-23 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2008-04-24 430080]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-08-13 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

C:\Users\Carole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
TRDCReminder.lnk - C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-12 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\reset5c]
C:\Windows\system32\reset5c.dll [2008-01-21 8704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
hs837hiudjgfo9s8gjio4gfd - {B2C7B2A1-00F3-42BD-F434-00AABA2C8952} - C:\Windows\system32\gsf83iujid.dll [2009-06-24 15000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegedit"=0
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableRegedit"=0
"UacDisableNotify"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFind"=0
"NoFolderOptions"=0
"NoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 2 months======

2009-06-30 17:28:10 ----RASHD---- C:\autorun.inf
2009-06-30 15:27:37 ----A---- C:\UsbFix.txt
2009-06-30 15:24:32 ----D---- C:\Windows\Minidump
2009-06-30 14:29:53 ----D---- C:\UsbFix
2009-06-30 13:29:15 ----D---- C:\rsit
2009-06-30 13:25:48 ----D---- C:\Program Files\Trend Micro
2009-06-30 12:38:07 ----A---- C:\TB.txt
2009-06-30 12:37:35 ----D---- C:\ToolBar SD
2009-06-27 11:05:56 ----D---- C:\Windows\Sun
2009-06-27 10:39:03 ----A---- C:\Windows\ntbtlog.txt
2009-06-26 22:20:25 ----D---- C:\Users\Carole\AppData\Roaming\WinRAR
2009-06-26 22:19:52 ----D---- C:\Program Files\WinRAR
2009-06-24 22:33:04 ----D---- C:\ProgramData\Azureus
2009-06-24 22:32:59 ----D---- C:\Users\Carole\AppData\Roaming\Azureus
2009-06-24 22:30:35 ----D---- C:\Program Files\Vuze
2009-06-24 09:05:15 ----A---- C:\Windows\system32\msshooks.dll
2009-06-24 09:05:15 ----A---- C:\Windows\system32\msscb.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\wsepno.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-24 09:05:13 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\propsys.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\propdefs.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\offfilt.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\msstrc.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\msshsq.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-24 09:05:13 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\tquery.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-24 09:05:12 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-24 09:05:12 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssvp.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssrch.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\mssph.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-24 09:05:12 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-24 09:04:10 ----A---- C:\Windows\system32\tzres.dll
2009-06-24 08:46:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-24 08:46:21 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-24 08:46:21 ----A---- C:\Windows\system32\icardagt.exe
2009-06-24 08:46:20 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-24 08:46:20 ----A---- C:\Windows\system32\icardres.dll
2009-06-24 08:46:19 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-24 08:46:18 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-24 08:42:16 ----A---- C:\Windows\system32\dfshim.dll
2009-06-24 08:42:14 ----A---- C:\Windows\system32\netfxperf.dll
2009-06-24 08:42:14 ----A---- C:\Windows\system32\mscoree.dll
2009-06-24 08:42:08 ----A---- C:\Windows\system32\mscorier.dll
2009-06-24 08:42:05 ----A---- C:\Windows\system32\mscories.dll
2009-06-24 08:35:53 ----A---- C:\Windows\system32\reset5c.dll
2009-06-24 08:35:53 ----A---- C:\Windows\system32\gsf83iujid.dll
2009-06-24 08:35:52 ----A---- C:\vicgfdbf.exe
2009-06-24 08:35:52 ----A---- C:\ksai.exe
2009-06-24 08:35:52 ----A---- C:\dekyu.exe
2009-06-24 08:35:51 ----A---- C:\lcwyjx.exe
2009-06-24 08:35:51 ----A---- C:\jwyuclmh.exe
2009-06-24 08:35:43 ----A---- C:\Windows\system32\samsvc.exe
2009-06-23 23:25:34 ----D---- C:\Program Files\Common Files\DivX Shared
2009-06-23 23:25:33 ----D---- C:\Program Files\DivX
2009-06-23 17:45:12 ----D---- C:\Users\Carole\AppData\Roaming\PlayFirst
2009-06-23 17:45:12 ----D---- C:\ProgramData\PlayFirst
2009-06-23 17:44:08 ----D---- C:\Users\Carole\AppData\Roaming\OpenOffice.org2
2009-06-23 17:34:57 ----A---- C:\Windows\system32\javaws.exe
2009-06-23 17:34:57 ----A---- C:\Windows\system32\javaw.exe
2009-06-23 17:34:57 ----A---- C:\Windows\system32\java.exe
2009-06-23 17:34:57 ----A---- C:\Windows\system32\deploytk.dll
2009-06-23 17:29:55 ----D---- C:\Program Files\OpenOffice.org 2.4
2009-06-23 16:44:35 ----D---- C:\Program Files\Diner Dash - Seasonal Snack Pack
2009-06-23 16:35:25 ----D---- C:\Program Files\Microsoft
2009-06-23 16:35:10 ----D---- C:\Program Files\Windows Live SkyDrive
2009-06-23 16:34:54 ----D---- C:\Program Files\Windows Live
2009-06-23 16:32:37 ----D---- C:\Program Files\Common Files\Windows Live
2009-06-23 16:31:22 ----D---- C:\Users\Carole\AppData\Roaming\Macromedia
2009-06-23 16:20:55 ----D---- C:\Users\Carole\AppData\Roaming\Mozilla
2009-06-23 16:19:34 ----D---- C:\Program Files\Mozilla Firefox
2009-06-23 15:43:56 ----D---- C:\Program Files\Aspyr
2009-06-23 15:35:16 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-23 15:35:15 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-06-23 15:35:06 ----A---- C:\Windows\system32\rpcss.dll
2009-06-23 15:35:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-23 15:35:05 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-23 15:35:04 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-23 15:35:04 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iashost.exe
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-23 15:35:03 ----A---- C:\Windows\system32\iasads.dll
2009-06-23 15:34:59 ----A---- C:\Windows\system32\xolehlp.dll
2009-06-23 15:34:59 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-23 15:34:11 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-23 15:34:09 ----A---- C:\Windows\system32\mf.dll
2009-06-23 15:34:08 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-23 15:34:08 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-23 15:34:08 ----A---- C:\Windows\system32\logagent.exe
2009-06-23 15:34:06 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-23 15:34:00 ----A---- C:\Windows\system32\mshtml.dll
2009-06-23 15:33:59 ----A---- C:\Windows\system32\urlmon.dll
2009-06-23 15:33:59 ----A---- C:\Windows\system32\ieframe.dll
2009-06-23 15:33:58 ----A---- C:\Windows\system32\wininet.dll
2009-06-23 15:33:58 ----A---- C:\Windows\system32\iertutil.dll
2009-06-23 15:33:58 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\occache.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\mstime.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\msfeeds.dll
2009-06-23 15:33:57 ----A---- C:\Windows\system32\ieUnatt.exe
2009-06-23 15:33:57 ----A---- C:\Windows\system32\ieaksie.dll
2009-06-23 15:33:56 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-23 15:33:56 ----A---- C:\Windows\system32\ieencode.dll
2009-06-23 15:33:48 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-23 15:33:47 ----A---- C:\Windows\system32\kernel32.dll
2009-06-23 15:33:46 ----A---- C:\Windows\system32\secur32.dll
2009-06-23 15:33:46 ----A---- C:\Windows\system32\apilogen.dll
2009-06-23 15:33:46 ----A---- C:\Windows\system32\amxread.dll
2009-06-23 15:33:43 ----A---- C:\Windows\system32\wmp.dll
2009-06-23 15:33:41 ----A---- C:\Windows\system32\spwmp.dll
2009-06-23 15:33:41 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-23 15:33:40 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-23 15:33:39 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-23 15:33:38 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-23 15:33:38 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-23 15:33:35 ----A---- C:\Windows\system32\shell32.dll
2009-06-23 15:33:30 ----A---- C:\Windows\system32\msxml3.dll
2009-06-23 15:33:29 ----A---- C:\Windows\system32\netapi32.dll
2009-06-23 15:33:28 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-23 15:33:27 ----A---- C:\Windows\system32\winhttp.dll
2009-06-23 15:33:25 ----A---- C:\Windows\system32\gdi32.dll
2009-06-23 15:33:24 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-23 15:33:24 ----A---- C:\Windows\system32\dataclen.dll
2009-06-23 15:33:24 ----A---- C:\Windows\system32\cdd.dll
2009-06-23 15:33:22 ----A---- C:\Windows\system32\win32spl.dll
2009-06-23 15:32:46 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-23 15:31:43 ----A---- C:\Windows\system32\es.dll
2009-06-23 15:31:31 ----A---- C:\Windows\system32\localspl.dll
2009-06-23 15:30:55 ----A---- C:\Windows\explorer.exe
2009-06-23 15:30:21 ----A---- C:\Windows\system32\schannel.dll
2009-06-23 15:30:18 ----A---- C:\Windows\system32\wersvc.dll
2009-06-23 15:30:18 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-23 15:29:54 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-23 15:28:13 ----A---- C:\Windows\system32\connect.dll
2009-06-23 15:24:00 ----A---- C:\Windows\system32\msxml6.dll
2009-06-23 15:23:15 ----D---- C:\Users\Carole\AppData\Roaming\BitDefender
2009-06-23 15:22:51 ----D---- C:\Program Files\BitDefender
2009-06-23 15:21:51 ----D---- C:\Program Files\Common Files\BitDefender
2009-06-23 15:09:14 ----D---- C:\Users\Carole\AppData\Roaming\Adobe
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wups2.dll
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wucltux.dll
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wuaueng.dll
2009-06-23 15:07:29 ----A---- C:\Windows\system32\wuauclt.exe
2009-06-23 15:06:27 ----A---- C:\Windows\system32\wups.dll
2009-06-23 15:06:27 ----A---- C:\Windows\system32\wudriver.dll
2009-06-23 15:06:27 ----A---- C:\Windows\system32\wuapi.dll
2009-06-23 15:05:57 ----A---- C:\Windows\system32\wuwebv.dll
2009-06-23 15:05:57 ----A---- C:\Windows\system32\wuapp.exe
2009-06-23 15:04:03 ----D---- C:\Program Files\Neuf
2009-06-23 15:00:40 ----D---- C:\Users\Carole\AppData\Roaming\Toshiba
2009-06-23 14:58:58 ----D---- C:\Users\Carole\AppData\Roaming\Google
2009-06-23 14:56:17 ----D---- C:\Users\Carole\AppData\Roaming\vlc
2009-06-23 14:54:10 ----D---- C:\Program Files\VideoLAN
2009-06-23 14:51:04 ----D---- C:\ProgramData\BitDefender
2009-06-23 14:44:09 ----SHD---- C:\$RECYCLE.BIN
2009-06-23 14:43:43 ----D---- C:\Users\Carole\AppData\Roaming\Identities
2009-06-23 14:43:35 ----A---- C:\Windows\system32\RtlLib.dll
2009-06-23 14:43:34 ----A---- C:\Windows\system32\libeay32.dll
2009-06-23 14:43:34 ----A---- C:\Windows\system32\IpLib.dll
2009-06-23 14:43:34 ----A---- C:\Windows\system32\EnumDevLib.dll
2009-06-23 14:42:40 ----D---- C:\Windows\system32\en
2009-06-23 14:41:36 ----D---- C:\Program Files\Camera Assistant Software for Toshiba
2009-06-23 14:41:17 ----D---- C:\Users\Carole\AppData\Roaming\InstallShield
2009-06-23 14:39:26 ----D---- C:\ProgramData\ToshibaEurope
2009-06-23 14:38:52 ----SD---- C:\Users\Carole\AppData\Roaming\Microsoft
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Modèles
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Menu Démarrer
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Favoris
2009-06-23 14:35:34 ----SHD---- C:\ProgramData\Bureau
2009-06-23 14:35:34 ----SHD---- C:\Program Files\Fichiers communs
2009-06-23 14:31:56 ----D---- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver
2009-06-23 14:31:35 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-06-23 14:31:26 ----D---- C:\Program Files\Common Files\Toshiba Shared
2009-06-23 14:31:03 ----D---- C:\Program Files\ltmoh
2009-06-23 14:31:03 ----A---- C:\Windows\system32\tosmreg.ini
2009-06-23 14:31:03 ----A---- C:\Windows\system32\tosmreg.exe
2009-06-23 14:31:03 ----A---- C:\Windows\system32\cseltbl.ini
2009-06-23 14:31:03 ----A---- C:\Windows\system32\csellang.ini
2009-06-23 14:31:03 ----A---- C:\Windows\system32\csellang.dll
2009-06-23 14:31:03 ----A---- C:\Windows\system32\cselect.exe
2009-06-23 14:30:51 ----D---- C:\Windows\Options
2009-06-23 14:26:59 ----D---- C:\Windows\system32\RTCOM
2009-06-23 14:26:53 ----A---- C:\Windows\DIFxAPI.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSWOW.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSTSHD.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\SRSHP360.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkApoApi.dll
2009-06-23 14:26:52 ----A---- C:\Windows\system32\RtkAPO.dll
2009-06-23 14:26:52 ----A---- C:\Windows\SkyTel.exe
2009-06-23 14:26:52 ----A---- C:\Windows\RtlUpd.exe
2009-06-23 14:26:51 ----A---- C:\Windows\system32\maxxaudioapo.dll
2009-06-23 14:26:51 ----A---- C:\Windows\system32\FMAPO.dll
2009-06-23 14:26:51 ----A---- C:\Windows\RtlExUpd.dll
2009-06-23 14:26:51 ----A---- C:\Windows\RtHDVCpl.exe
2009-06-23 14:26:51 ----A---- C:\Windows\HideWin.exe
2009-06-23 14:26:17 ----A---- C:\Windows\system32\igxpun.exe
2009-06-23 14:26:09 ----D---- C:\Windows\system32\FRA
2009-06-23 14:26:08 ----D---- C:\Windows\system32\Lang
2009-06-23 14:26:08 ----A---- C:\Windows\system32\imsmudlg.exe
2009-06-23 14:26:08 ----A---- C:\Windows\system32\difxapi.dll
2009-06-23 14:25:18 ----D---- C:\Windows\SoftwareDistribution
2009-06-23 14:22:13 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 2 months======

2009-06-30 18:19:59 ----D---- C:\Windows\Temp
2009-06-30 18:17:59 ----AD---- C:\Windows\System32
2009-06-30 17:33:29 ----D---- C:\Windows\Prefetch
2009-06-30 15:24:32 ----D---- C:\Windows
2009-06-30 15:24:11 ----D---- C:\Program Files\Google
2009-06-30 13:25:48 ----RD---- C:\Program Files
2009-06-28 12:17:23 ----D---- C:\Windows\inf
2009-06-28 12:17:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-27 20:30:30 ----D---- C:\Windows\system32\LogFiles
2009-06-27 12:49:32 ----D---- C:\Windows\Logs
2009-06-27 10:27:54 ----D---- C:\Windows\system32\WDI
2009-06-25 03:01:02 ----D---- C:\Windows\winsxs
2009-06-24 22:33:04 ----HD---- C:\ProgramData
2009-06-24 14:36:56 ----D---- C:\Windows\rescache
2009-06-24 14:14:39 ----D---- C:\Windows\Microsoft.NET
2009-06-24 14:14:15 ----RSD---- C:\Windows\assembly
2009-06-24 09:15:01 ----D---- C:\Windows\system32\drivers
2009-06-24 09:15:01 ----D---- C:\Windows\AppPatch
2009-06-24 09:15:00 ----D---- C:\Windows\system32\fr-FR
2009-06-24 09:15:00 ----D---- C:\Windows\PolicyDefinitions
2009-06-24 09:14:59 ----D---- C:\Program Files\Windows Media Player
2009-06-24 09:14:58 ----D---- C:\Windows\system32\wbem
2009-06-24 09:14:58 ----D---- C:\Program Files\Windows Mail
2009-06-24 09:14:57 ----D---- C:\Windows\system32\manifeststore
2009-06-24 09:14:49 ----D---- C:\Windows\system32\XPSViewer
2009-06-24 09:14:49 ----D---- C:\Windows\system32\en-US
2009-06-24 09:14:43 ----D---- C:\Windows\system32\migration
2009-06-24 09:14:43 ----D---- C:\Program Files\Internet Explorer
2009-06-24 09:12:42 ----SHD---- C:\Windows\Installer
2009-06-24 09:12:38 ----D---- C:\Program Files\Microsoft Works
2009-06-24 09:07:02 ----D---- C:\ProgramData\Microsoft Help
2009-06-24 09:05:50 ----D---- C:\Windows\system32\catroot
2009-06-24 09:05:49 ----D---- C:\Windows\system32\catroot2
2009-06-24 08:59:29 ----HD---- C:\Windows\msdownld.tmp
2009-06-23 23:25:34 ----D---- C:\Program Files\Common Files
2009-06-23 17:34:30 ----D---- C:\Program Files\Java
2009-06-23 17:30:31 ----RSD---- C:\Windows\Fonts
2009-06-23 16:35:15 ----D---- C:\Program Files\Common Files\microsoft shared
2009-06-23 16:32:23 ----SD---- C:\ProgramData\Microsoft
2009-06-23 15:17:56 ----D---- C:\ProgramData\McAfee
2009-06-23 15:13:07 ----D---- C:\Windows\Tasks
2009-06-23 15:07:34 ----D---- C:\ProgramData\Google
2009-06-23 14:44:34 ----D---- C:\Toshiba
2009-06-23 14:43:35 ----D---- C:\Program Files\Realtek
2009-06-23 14:43:33 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-23 14:43:18 ----D---- C:\Windows\Help
2009-06-23 14:43:18 ----D---- C:\Program Files\TOSHIBA
2009-06-23 14:42:49 ----D---- C:\Windows\system32\tr
2009-06-23 14:42:49 ----D---- C:\Windows\system32\sv
2009-06-23 14:42:49 ----D---- C:\Windows\system32\ru
2009-06-23 14:42:49 ----D---- C:\Windows\system32\pt
2009-06-23 14:42:49 ----D---- C:\Windows\system32\pl
2009-06-23 14:42:49 ----D---- C:\Windows\system32\no
2009-06-23 14:42:49 ----D---- C:\Windows\system32\nl
2009-06-23 14:42:49 ----D---- C:\Windows\system32\it
2009-06-23 14:42:49 ----D---- C:\Windows\system32\hu
2009-06-23 14:42:49 ----D---- C:\Windows\system32\fr
2009-06-23 14:42:49 ----D---- C:\Windows\system32\fi
2009-06-23 14:42:49 ----D---- C:\Windows\system32\es
2009-06-23 14:42:49 ----D---- C:\Windows\system32\el
2009-06-23 14:42:49 ----D---- C:\Windows\system32\de
2009-06-23 14:42:49 ----D---- C:\Windows\system32\da
2009-06-23 14:42:49 ----D---- C:\Windows\system32\cs
2009-06-23 14:42:47 ----D---- C:\Windows\system32\sk
2009-06-23 14:42:46 ----D---- C:\Windows\system32\zh-TW
2009-06-23 14:42:41 ----D---- C:\Windows\system32\zh-CN
2009-06-23 14:42:41 ----D---- C:\Windows\system32\ko-KR
2009-06-23 14:42:41 ----D---- C:\Windows\system32\ja-JP
2009-06-23 14:38:52 ----RD---- C:\Users
2009-06-23 14:35:34 ----D---- C:\Program Files\Windows NT
2009-06-23 14:35:33 ----D---- C:\Windows\Debug
2009-06-23 14:31:57 ----D---- C:\Windows\system
2009-06-23 14:31:26 ----D---- C:\ProgramData\Toshiba
2009-06-23 14:30:13 ----D---- C:\Windows\system32\restore
2009-06-23 14:29:02 ----D---- C:\Windows\Panther
2009-06-23 14:26:08 ----D---- C:\Program Files\Intel

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys [2009-06-23 137224]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R2 BDVEDISK;BDVEDISK; \??\C:\Program Files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 bdfm;BDFM; C:\Windows\system32\drivers\bdfm.sys [2008-09-18 111112]
R3 bdfsfltr;bdfsfltr; C:\Windows\system32\DRIVERS\bdfsfltr.sys [2008-12-10 242184]
R3 BDSelfPr;BDSelfPr; \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys [2009-06-23 8832]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-09 2095512]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
R3 RTL8187B;Adaptateur réseau USB 2.0 54Mbps, 802.11b/g sans fil Realtek RTL8187B; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-12-26 290304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\bdfndisf.sys [2009-06-23 104328]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Profos;Profos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys [2008-09-02 13056]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-04-02 62976]
S3 Trufos;Trufos; \??\C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys [2009-06-23 39808]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-17 40960]
R2 LIVESRV;BitDefender Desktop Update Service; C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe [2009-06-23 415024]
R2 TempoMonitoringService;Notebook Performance Tuning Service ; C:\Program Files\Toshiba TEMPRO\TempoSVC.exe [2008-04-24 99720]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [2009-06-23 1626112]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-02-06 126976]
S3 Arrakis3;BitDefender Arrakis Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2008-07-17 118784]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-23 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\partner.exe [2008-08-13 110576]
S3 scan;BitDefender Threat Scanner; C:\Windows\System32\svchost.exe [2008-01-21 21504]

-----------------EOF-----------------

   
Répondre à titou57
60 réponses 123 Suivant
Posez votre question Répondre
Ils ont besoin de votre aide
Collection CommentÇaMarche.net