Aller au contenu

vpey

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    140

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    francais

vpey's Achievements

Power Member

Power Member (5/12)

0

Réputation sur la communauté

  1. vpey
    Help please. Merci. vpey
  2. vpey
    Bonsoir, Personne pour m'aider car le processus est toujours à 100% et je ne peux rien faire. Merci. Vpey
  3. vpey
    Bonsoir, Je continue les tests. Voici le rapport de Malware bytes: Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Version de la base de données: 6135 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 22/03/2011 22:18:23 mbam-log-2011-03-22 (22-18-23).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 279180 Temps écoulé: 1 heure(s), 13 minute(s), 41 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Si quelqu'un peut m'aider pour me donner des indications. Merci. vpey
  4. vpey
    Bonjour, Pc très lent et ecran qui fige. Ci-dessous rapport Hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:04:03, on 21/03/2011 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Olympus\ib\olycamdetect.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Alice Webmail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60 O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Olympus\ib" UpdateWithCreateOnce "Software\OLYMPUS\ib\1.0" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Olympus ib] "C:\Program Files (x86)\Olympus\ib\olycamdetect.exe" /Startup O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Système') O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O13 - Gopher Prefix: O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11233 bytes Merci de votre aide. vpey
  5. vpey

    Security tool

    vpey a répondu à un(e) sujet de vpey dans Analyses et éradication malwares

    Bonsoir, Tout à l'air Ok. Je te remercie et à une prochaine fois sur le forum. Vpey
  6. vpey

    Security tool

    vpey a répondu à un(e) sujet de vpey dans Analyses et éradication malwares

    Bonsoir, ça va beaucoup mieux. Je n'ai plus de message de la part de security tool. Voici le log.txt comme demandé : ******************************* Logfile of random's system information tool 1.08 (written by random/random) Run by SEPT at 2010-10-04 22:07:46 Microsoft Windows 7 Édition Familiale Premium Service Pack 2 System drive C: has 122 GB (80%) free of 153 GB Total RAM: 3838 MB (64% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:07:54, on 04/10/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files\trend micro\SEPT.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60 O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Système') O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe -- End of file - 23187 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" atieclxx C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" "taskhost.exe" "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" "C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe" "C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe" "C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" "C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe" "C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe" C:\Windows\system32\TODDSrv.exe "C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe" "C:\Program Files\TOSHIBA\TECO\TecoService.exe" C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "C:\Program Files\TOSHIBA\TECO\TEco.exe" /r "C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe" "C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe" "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe" "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "C:\Program Files\Synaptics\SynTP\SynTPHelper.exe" "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Internet Explorer\iexplore.exe" C:\Windows\system32\SearchIndexer.exe /Embedding taskeng.exe {772B0AC8-2460-4260-B833-F6925F6BDE48} "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0 "C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3172 CREDAT:79873 "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe" "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe" "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe" "C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe" "C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe" "C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe" C:\Windows\system32\sppsvc.exe "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\system32\wbem\wmiprvse.exe "C:\Program Files (x86)\Internet Explorer\iexplore.exe" SCODEF:3172 CREDAT:145409 C:\Windows\servicing\TrustedInstaller.exe "C:\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-07-14 371888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll [2010-09-10 317496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-10 842296] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-09 41368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-07-14 371888] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Toshiba TEMPRO"=C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2009-08-06 1050000] "TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-06 596328] "TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-06 35160] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-05 497504] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-05 909624] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-28 7982112] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-20 1815848] "SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-29 238080] "TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-03 709976] "Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-08-26 1481568] "TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-04 711000] "Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2009-07-30 134032] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSHIBA Online Product Information"=C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [2009-08-12 6203296] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-09-09 39408] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-29 98304] "SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-07-09 352256] "HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936] "KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088] "TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe autorun [] "ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-17 1294136] "avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-10-04 22:07:46 ----D---- C:\rsit 2010-10-04 22:07:46 ----D---- C:\Program Files\trend micro 2010-10-04 22:06:23 ----A---- C:\RSITx64.exe 2010-10-02 19:18:33 ----A---- C:\RKreport.txt 2010-10-02 19:18:30 ----A---- C:\RogueKiller.exe 2010-10-02 19:18:30 ----A---- C:\Firefox.exe 2010-10-01 22:01:14 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2010-10-01 22:01:14 ----A---- C:\Windows\system32\drivers\ks.sys 2010-10-01 21:41:59 ----A---- C:\Windows\SYSWOW64\tzres.dll 2010-10-01 21:41:59 ----A---- C:\Windows\system32\tzres.dll 2010-10-01 21:34:47 ----A---- C:\SHDownloader.exe 2010-10-01 20:58:36 ----D---- C:\Users\SEPT\AppData\Roaming\Malwarebytes 2010-10-01 20:58:28 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys 2010-10-01 20:58:27 ----D---- C:\ProgramData\Malwarebytes 2010-10-01 20:58:27 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2010-10-01 20:58:27 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-09-26 01:06:35 ----D---- C:\Windows\pss 2010-09-26 00:33:34 ----A---- C:\Windows\ntbtlog.txt 2010-09-16 16:47:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2010-09-16 16:47:21 ----A---- C:\Windows\system32\iertutil.dll 2010-09-15 19:44:51 ----A---- C:\Windows\system32\spoolsv.exe ======List of files/folders modified in the last 1 months====== 2010-10-04 22:07:48 ----D---- C:\Windows\Temp 2010-10-04 22:07:46 ----RD---- C:\Program Files 2010-10-04 22:07:11 ----D---- C:\Windows\System32 2010-10-04 22:07:11 ----D---- C:\Windows\inf 2010-10-04 22:07:11 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-10-04 22:06:29 ----D---- C:\Windows\system32\config 2010-10-03 13:40:26 ----SHD---- C:\System Volume Information 2010-10-02 19:05:31 ----D---- C:\Windows\winsxs 2010-10-02 19:04:11 ----D---- C:\Windows\SYSWOW64\fr-FR 2010-10-02 19:04:11 ----D---- C:\Windows\SysWOW64 2010-10-02 19:04:11 ----D---- C:\Windows\system32\fr-FR 2010-10-02 19:04:11 ----D---- C:\Program Files (x86)\Internet Explorer 2010-10-02 19:04:10 ----D---- C:\Windows\system32\drivers 2010-10-02 19:04:10 ----D---- C:\Program Files\Internet Explorer 2010-10-02 19:04:08 ----D---- C:\Windows\system32\DriverStore 2010-10-01 22:01:18 ----D---- C:\Windows\system32\catroot 2010-10-01 20:58:28 ----D---- C:\Windows\SYSWOW64\drivers 2010-10-01 20:58:27 ----RD---- C:\Program Files (x86) 2010-10-01 20:58:27 ----HD---- C:\ProgramData 2010-10-01 20:37:57 ----SD---- C:\Users\SEPT\AppData\Roaming\Microsoft 2010-10-01 20:31:05 ----D---- C:\Windows\system32\catroot2 2010-09-26 01:06:35 ----D---- C:\Windows 2010-09-16 12:54:27 ----A---- C:\Windows\system32\MRT.exe 2010-09-12 22:45:42 ----D---- C:\Windows\system32\NDF ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amdxata;amdxata; C:\Windows\system32\DRIVERS\amdxata.sys [2009-07-14 28752] R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440] R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys [2009-07-14 460504] R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys [2009-09-26 223448] R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys [2009-07-14 14416] R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [2009-12-11 153160] R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2009-07-02 44912] R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys [2009-07-14 50768] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096] R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys [2009-07-24 482384] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840] R0 vdrvroot;Pilote d’énumérateur de lecteur virtuel Microsoft; C:\Windows\system32\DRIVERS\vdrvroot.sys [2009-07-14 36432] R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys [2009-07-14 40448] R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys [2009-07-14 8192] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys [2009-07-14 12800] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-04-19 74880] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472] R3 AmdPPM;Pilote de processeur AMD; C:\Windows\system32\DRIVERS\amdppm.sys [2009-07-14 60928] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6037504] R3 CompositeBus;Pilote de l’énumérateur de bus composite; C:\Windows\system32\DRIVERS\CompositeBus.sys [2009-07-14 38912] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-07-28 1966624] R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008] R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 60416] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-05-22 215040] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2010-01-29 1089056] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-20 274480] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784] R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2010-03-04 184832] R3 vwifibus;Pilote de bus WiFi virtuel; C:\Windows\system32\DRIVERS\vwifibus.sys [2009-07-14 24576] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 112128] S3 1394ohci;Contrôleur d’hôte compatible OHCI 1394; C:\Windows\system32\DRIVERS\1394ohci.sys [2009-07-14 227840] S3 AcpiPmi;Jauge d’alimentation ACPI; C:\Windows\system32\DRIVERS\acpipmi.sys [2009-07-14 12288] S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys [2009-07-14 106576] S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys [2009-07-14 194128] S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys [2009-07-14 61440] S3 athr;Pilote de périphérique de réseau sans fil extensible Atheros; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688] S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys [2009-06-10 468480] S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2009-06-10 270848] S3 drmkaud;Pilotes audio approuvés par Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2009-07-14 5632] S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys [2009-06-10 3286016] S3 ErrDev;Pilote de périphérique d’erreur matérielle Microsoft; C:\Windows\system32\DRIVERS\errdev.sys [2009-07-14 9728] S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys [2009-07-14 55376] S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys [2009-06-10 31232] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-07-14 350208] S3 HidBatt;Pilote de batterie onduleur HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2009-07-14 26624] S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys [2009-07-14 77888] S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 65600] S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys [2009-07-14 284736] S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys [2009-07-14 8192] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2009-07-14 11136] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2009-07-14 7168] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2009-07-14 6784] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2009-07-14 8064] S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys [2009-07-14 15360] S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys [2009-07-14 35328] S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys [2009-07-14 24064] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-07-30 222208] S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys [] S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys [2009-07-14 29696] S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys [2009-07-14 24656] S3 UmPass;Pilote Microsoft UMPass; C:\Windows\system32\DRIVERS\umpass.sys [2009-07-14 9728] S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys [] S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys [2009-07-14 217680] S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 22096] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 172544] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-30 203264] R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-04-19 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-04-19 185089] R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688] R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368] R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448] R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe [2009-07-14 3524608] R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-08-27 251760] R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560] R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-06 135664] S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe [2009-07-14 31232] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [2009-05-22 250616] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-09 182768] S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992] S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe [2009-07-14 31232] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-05 1255736] S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 27136] -----------------EOF----------------- Pour le info.txt le lien est le suivant : Cijoint.fr - Service gratuit de dépôt de fichiers Vpey
  7. vpey

    Security tool

    vpey a répondu à un(e) sujet de vpey dans Analyses et éradication malwares

    Ouf, J'ai enfin pu ouvrir MBAM. Voici le rapport ci-dessous : ******************************************* Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4736 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 03/10/2010 14:08:52 mbam-log-2010-10-03 (14-08-52).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 227374 Temps écoulé: 29 minute(s), 12 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\$RECYCLE.BIN\S-1-5-21-2124669902-3242346353-4074783929-1000\$R9GZJIY.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Users\SEPT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> Quarantined and deleted successfully. ************************************************ J'attends vos instructions. Vpey
  8. vpey

    Security tool

    vpey a répondu à un(e) sujet de vpey dans Analyses et éradication malwares

    Bonjour Appolo, Merci de ta réponse rapide mais en mode normal impossible de lancer une restauration car j'ai sans arret des blocages de la part de Security Tool qui me dit que l'executable que je veux lancer est infecté. Faut-il que j'essaie une restauration en mode sans echec ou autre chose ? Merci. Vpey.
  9. vpey
    Bonjour, J'ai un portable sous Windows 7 qui est infecté par Security tool. Impossible de lancer une appli en mode normal. J'ai essayé de lancer Hijacthis ou bien Malwarebyte's. Toujours les messages de security tool. En mode sans echec, j'ai lancé Malwarebyte's. Il me trouve un fichier infecté que je supprime mais lorsque je redemarre en mode normal, j'ai toujours le même problème. Si vous pouvier m'aider. Vpey
  10. vpey
    C'est bon, j'ai trouvé. En fait je les recevais au format brut car mon expéditeur m'avait déclaré en envoi texte brut dans ces contacts.
  11. vpey
    Bonjour à tous, J'utilise Outlook 2003 et lorsque je recois des mails au format HTLM, il ne m'affiche pas les images mais les liens. Si quelqu'un peut m'aider pour trouver une solution à mon problème.
  12. vpey
    Bonjour Pear, On peut considerer que le problème est résolu. Je vous remercie de votre aide et vous dit à bientot sur le forum. vpey
  13. vpey
    Comme vous dites ça va dejà mieux. Je ne trouve pas le fichier que vous me demandez d'analyser. Voici mon rapport Hijack : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:50:07, on 22/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Dit.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Nosibay\Widget LEquipe.fr\LWidget LEquipe.fr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Documents and Settings\Mathieu\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files\Nosibay\Widget LEquipe.fr\Widget LEquipe.fr.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Documents and Settings\Mathieu\Bureau\jaco.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 213.244.15.6:3128 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Dit] Dit.exe O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU\..\Run: [Widget LEquipe.fr] "C:\Program Files\Nosibay\Widget LEquipe.fr\LWidget LEquipe.fr.exe" /winstartup O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\Mathieu\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?5f3ee3af792a4ca8bdda5594e283aa17 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?5f3ee3af792a4ca8bdda5594e283aa17 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - http://www.solidworks.com/plugins/edrawing...cfm?Release=rel O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1135259235239 O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (OD2 Music Manager) - http://sib1.od2.com/common/musicmanager/in...nagerPlugin.CAB O18 - Protocol: leq - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O24 - Desktop Component 0: (no name) - http://www.horlogeparlante.com/js/fond_applet.png -- End of file - 8505 bytes
  14. vpey
    Bonjour, Rapport de combofix : ComboFix 09-07-21.03 - Mathieu 22/07/2009 10:28.1.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1279.878 [GMT 2:00] Running from: c:\documents and settings\Mathieu\Bureau\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\98985456.ini c:\documents and settings\Mathieu\autorun.inf c:\windows\Installer\83682.msi c:\windows\Installer\df88de.msi c:\windows\Installer\WMEncoder.msi c:\windows\pack.epk c:\windows\system32\UACamljlvthpahtlgk.db c:\windows\system32\UACehntmkuvbbyktem.log c:\windows\system32\uactmp.db c:\windows\system32\UACvmynsxwvapptkcl.dat . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_SKYNETjgsycrkp -------\Service_UACd.sys ((((((((((((((((((((((((( Files Created from 2009-06-22 to 2009-07-22 ))))))))))))))))))))))))))))))) . 2009-07-21 07:44 . 2009-07-21 07:44 3775175 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-07-21 07:43 . 2009-07-21 07:43 -------- d-----w- c:\documents and settings\Mathieu\Application Data\Malwarebytes 2009-07-21 07:43 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-21 07:43 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-21 07:43 . 2009-07-21 07:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-21 07:43 . 2009-07-21 07:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-07-20 14:57 . 2009-07-20 15:02 -------- d-----w- C:\gamer 2009-07-20 13:44 . 2009-07-20 13:45 -------- d-----w- C:\gmer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-22 08:34 . 2005-12-25 17:16 17408 ----a-w- c:\windows\system32\drivers\USBCRFT.SYS 2009-07-21 08:25 . 2007-05-08 15:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-07-20 13:31 . 2008-05-15 17:03 -------- d-----w- c:\documents and settings\Mathieu\Application Data\Azureus 2009-07-20 13:23 . 2005-12-27 12:51 -------- d-----w- c:\program files\Java 2009-07-20 12:42 . 2007-01-15 18:23 -------- d-----w- c:\program files\ESET 2009-07-07 07:54 . 2006-08-16 11:38 -------- d-----w- c:\documents and settings\Mathieu\Application Data\Image Zone Express 2009-06-18 11:24 . 2006-12-25 16:57 -------- d-----w- c:\program files\zooporno 2009-06-18 10:33 . 2009-06-18 10:33 -------- d-----w- c:\program files\Avira 2009-06-18 10:33 . 2009-06-18 10:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-06-16 14:40 . 2004-08-05 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:40 . 2004-08-05 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-03 19:10 . 2004-08-05 12:00 1297408 ----a-w- c:\windows\system32\quartz.dll 2009-05-13 05:04 . 2004-08-05 12:00 915456 ----a-w- c:\windows\system32\wininet.dll 2009-05-07 15:33 . 2004-08-05 12:00 348672 ----a-w- c:\windows\system32\localspl.dll 2009-05-06 13:00 . 2004-08-05 12:00 85404 ----a-w- c:\windows\system32\perfc00C.dat 2009-05-06 13:00 . 2004-08-05 12:00 513080 ----a-w- c:\windows\system32\perfh00C.dat 2009-05-04 13:34 . 2006-02-03 12:24 75592 ----a-w- c:\documents and settings\Mathieu\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-30 18:45 . 2009-04-30 18:45 86576 ----a-w- c:\documents and settings\Mathieu\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe 2009-04-30 18:45 . 2009-04-30 18:45 392728 ----a-w- c:\documents and settings\Mathieu\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll 2009-04-30 18:45 . 2009-04-30 18:45 135680 ----a-w- c:\documents and settings\Mathieu\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe 2009-04-30 18:45 . 2009-04-30 18:45 132672 ----a-w- c:\documents and settings\Mathieu\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe 2009-04-29 16:15 . 2009-04-29 16:15 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe 2006-11-08 12:22 . 2006-11-08 12:22 8 --sh--r- c:\windows\system32\3D499B2BB9.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-11-17 49152] "Widget LEquipe.fr"="c:\program files\Nosibay\Widget LEquipe.fr\LWidget LEquipe.fr.exe" [2009-04-15 435728] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-08 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-11-17 3022848] "AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "Dit"="Dit.exe" - c:\windows\Dit.exe [2004-08-05 90112] c:\documents and settings\Mathieu\Menu D‚marrer\Programmes\D‚marrage\ Notification de cadeaux MSN.lnk - c:\documents and settings\Mathieu\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2009-4-30 135680] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Acc‚l‚rateur de d‚marrage AutoCAD.lnk - c:\program files\Fichiers communs\Autodesk Shared\acstart16.exe [2005-3-5 10872] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [18/06/2009 12:34 108289] S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [25/12/2005 19:16 17408] S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [16/09/2006 13:19 52384] S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [16/09/2006 13:20 6096] S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [16/09/2006 13:20 87456] S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [16/09/2006 13:21 79248] S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [16/09/2006 13:20 77072] S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);c:\windows\system32\drivers\v800bus.sys [21/03/2006 21:42 52416] S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;c:\windows\system32\drivers\v800mdfl.sys [21/03/2006 21:43 6160] S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;c:\windows\system32\drivers\v800mdm.sys [21/03/2006 21:43 84544] S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\v800mgmt.sys [21/03/2006 21:47 77760] S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;c:\windows\system32\drivers\v800obex.sys [21/03/2006 21:45 75584] . Contents of the 'Scheduled Tasks' folder 2009-07-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 10:34] 2009-07-22 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-08 11:14] 2009-07-22 c:\windows\Tasks\User_Feed_Synchronization-{62A0F9CF-1931-4246-AFF5-6B63AD86BEC8}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] 2009-07-21 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.orange.fr/ uInternet Settings,ProxyServer = 213.244.15.6:3128 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?5f3ee3af792a4ca8bdda5594e283aa17 IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?5f3ee3af792a4ca8bdda5594e283aa17 DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - hxxps://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-22 10:34 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" "C040111900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3952) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\eappprxy.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\rundll32.exe c:\program files\Nosibay\Widget LEquipe.fr\Widget LEquipe.fr.exe c:\program files\HP\Digital Imaging\bin\hpqste08.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2009-07-22 10:43 - machine was rebooted ComboFix-quarantined-files.txt 2009-07-22 08:43 Pre-Run: 13 887 176 704 octets libres Post-Run: 14 151 974 912 octets libres 181 --- E O F --- 2009-06-11 21:26
  15. vpey
    Bonjour, Voici le rapport mbam : Malwarebytes' Anti-Malware 1.39 Version de la base de données: 2468 Windows 5.1.2600 Service Pack 3 21/07/2009 19:06:25 mbam-log-2009-07-21 (19-06-25).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 152663 Temps écoulé: 1 hour(s), 0 minute(s), 11 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 2 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 57 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AlerterALG (Trojan.Downloader) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\windows\temp\SKYNETmbhtethvbq.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETmlqwpfxqxn.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETmqyeobghaq.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETmrvjkbxxnq.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETnbdmdiemqx.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETnkipmpexnm.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETnmexxounqv.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETnpypptwacu.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETfjixfxelci.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETnsevxyctce.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETrpphoisvbq.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETxthwmcethp.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETrtdtemubge.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETrvfjomoyap.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETrxviwtspyf.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETryksnyvlib.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETsiwtxtuesn.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETsotojjorfy.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETstvpjnfuct.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETsvirbqornm.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETthtspwphfj.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETtpprpqgdli.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETtqbminxwhp.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETtrbxdcxnnd.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETtutkimclbd.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETtwokfipokk.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETufndfbvcuy.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETvnldqwtikn.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETvrxtccdbdw.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETvtvpebolpr.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETwdfwmyticq.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETwehmdrioti.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETwfhtibcrtq.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETwiworpgxne.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETwucbvspquf.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETxevxpjrkog.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETxiosiwwbbu.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETxrpqxterxm.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETbiwmcegabv.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETbktaibtenk.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETbyxxycitne.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETccrpvldtij.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETcgpufgeole.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETcwgdjbkrwi.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETdbdxsqypyy.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETdcwefksrxl.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETdhmufroanx.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETdsoosycvvo.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETfdxvnmnwpc.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\SKYNETfeqvccrjib.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\system volume information\_restore{0c7c7f7f-be5a-42d6-8e24-3829300b8f9b}\rp878\A0080358.dll (Trojan.TDSS) -> Quarantined and deleted successfully. c:\system volume information\_restore{0c7c7f7f-be5a-42d6-8e24-3829300b8f9b}\rp878\A0080360.dll (Trojan.TDSS) -> Quarantined and deleted successfully. C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\SKYNETucpkbthr.dat (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\SKYNETwkqiwelj.dat (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\drivers\UACyibrrnswwkrvmko.sys (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\drivers\SKYNETnxjetmcn.sys (Trojan.Agent) -> Quarantined and deleted successfully.
×
×
  • Créer...