Miiro

Merci Falkra de m'aider. Voilà les 2 logs demandés: 1/ Logfile of random's system information tool 1.05 (written by random/random) Run by julien at 2008-12-23 23:38:11 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 38 GB (25%) free of 154 GB Total RAM: 2936 MB (64% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:38:16, on 23/12/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Toshiba\SmoothView\SmoothView.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Windows\system32\igfxext.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\julien\Desktop\RSIT.exe C:\Users\julien\Documents\programmes installés\julien.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7155 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-07 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-07 34816] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-25 150040] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-25 170520] "Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-25 145944] "ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136] "NDSTray.exe"=NDSTray.exe [] "cfFncEnabler.exe"=cfFncEnabler.exe [] "topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632] "Google EULA Launcher"=c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-29 1029416] "Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-04-29 417792] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-03-19 716800] "HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-04-26 716800] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-07 136600] "Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"=TOSCDSPD.EXE [] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2005-04-12 45056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2008-06-12 208896] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d3f3d2b9-af43-11dd-8f8a-001e689c97d0}] shell\AutoRun\command - D:\launcher.exe ======List of files/folders created in the last 1 months====== 2008-12-23 23:38:11 ----D---- C:\rsit 2008-12-23 19:36:44 ----D---- C:\Windows\Sun 2008-12-22 22:41:08 ----D---- C:\ce496ca3ec0686faa0f5b7034fbe48 2008-12-22 22:15:25 ----A---- C:\Windows\system32\infocardapi.dll 2008-12-22 22:15:24 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2008-12-22 22:15:22 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2008-12-22 22:15:22 ----A---- C:\Windows\system32\icardres.dll 2008-12-22 22:15:22 ----A---- C:\Windows\system32\icardagt.exe 2008-12-22 22:15:13 ----A---- C:\Windows\system32\PresentationNative_v0300.dll 2008-12-22 22:15:05 ----A---- C:\Windows\system32\PresentationHost.exe 2008-12-22 21:55:07 ----A---- C:\Windows\system32\dfshim.dll 2008-12-22 21:55:01 ----A---- C:\Windows\system32\mscoree.dll 2008-12-22 21:55:00 ----A---- C:\Windows\system32\netfxperf.dll 2008-12-22 21:54:40 ----A---- C:\Windows\system32\mscorier.dll 2008-12-22 21:54:30 ----A---- C:\Windows\system32\mscories.dll 2008-12-22 21:48:31 ----RHD---- C:\AHCache 2008-12-18 14:48:21 ----A---- C:\Windows\system32\mshtml.dll 2008-12-17 22:02:49 ----D---- C:\Program Files\Microsoft Works 2008-12-15 20:10:07 ----D---- C:\Poker 2008-12-13 17:08:25 ----D---- C:\Windows\Minidump 2008-12-12 15:20:55 ----D---- C:\Program Files\Foxit Software 2008-12-10 02:36:52 ----D---- C:\Users\julien\AppData\Roaming\vlc 2008-12-10 02:06:00 ----A---- C:\Windows\system32\tzres.dll 2008-12-10 01:54:03 ----A---- C:\Windows\system32\gdi32.dll 2008-12-10 01:53:57 ----A---- C:\Windows\system32\Apphlpdm.dll 2008-12-10 01:53:56 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll 2008-12-10 01:52:53 ----A---- C:\Windows\system32\shell32.dll 2008-12-10 01:52:48 ----A---- C:\Windows\explorer.exe 2008-12-10 01:52:43 ----A---- C:\Windows\system32\urlmon.dll 2008-12-10 01:52:42 ----A---- C:\Windows\system32\ieframe.dll 2008-12-10 01:52:41 ----A---- C:\Windows\system32\wininet.dll 2008-12-10 01:52:41 ----A---- C:\Windows\system32\mstime.dll 2008-12-10 01:52:41 ----A---- C:\Windows\system32\iertutil.dll 2008-12-10 01:52:40 ----A---- C:\Windows\system32\jsproxy.dll 2008-12-10 01:52:30 ----A---- C:\Windows\system32\mf.dll 2008-12-10 01:52:29 ----A---- C:\Windows\system32\WMVCORE.DLL 2008-12-10 01:52:29 ----A---- C:\Windows\system32\WMNetMgr.dll 2008-12-10 01:52:28 ----A---- C:\Windows\system32\logagent.exe 2008-12-07 19:47:28 ----A---- C:\Windows\system32\javaws.exe 2008-12-07 19:47:28 ----A---- C:\Windows\system32\javaw.exe 2008-12-07 19:47:28 ----A---- C:\Windows\system32\java.exe 2008-12-03 13:04:33 ----A---- C:\Windows\system32\wups2.dll 2008-12-03 13:04:33 ----A---- C:\Windows\system32\wucltux.dll 2008-12-03 13:04:33 ----A---- C:\Windows\system32\wuauclt.exe 2008-12-03 13:04:32 ----A---- C:\Windows\system32\wuaueng.dll 2008-12-03 13:04:08 ----A---- C:\Windows\system32\wups.dll 2008-12-03 13:04:08 ----A---- C:\Windows\system32\wudriver.dll 2008-12-03 13:04:08 ----A---- C:\Windows\system32\wuapi.dll 2008-12-03 13:03:59 ----A---- C:\Windows\system32\wuwebv.dll 2008-12-03 13:03:59 ----A---- C:\Windows\system32\wuapp.exe 2008-12-01 01:19:09 ----A---- C:\Windows\IsUninst.exe 2008-11-30 22:07:51 ----D---- C:\Program Files\Microsoft Visual Studio 2008-11-30 22:07:50 ----D---- C:\Program Files\Common Files\DESIGNER 2008-11-30 22:07:07 ----D---- C:\Program Files\Microsoft.NET 2008-11-30 22:00:03 ----D---- C:\Program Files\Microsoft Visual Studio 8 2008-11-30 21:57:35 ----RHD---- C:\MSOCache 2008-11-30 19:23:45 ----D---- C:\Program Files\Secunia 2008-11-30 15:12:06 ----D---- C:\Program Files\VS Revo Group 2008-11-29 19:17:29 ----D---- C:\Program Files\Common Files\Adobe 2008-11-29 19:17:28 ----D---- C:\Program Files\Adobe 2008-11-29 19:10:16 ----D---- C:\ProgramData\NOS 2008-11-29 18:57:46 ----A---- C:\Windows\system32\deploytk.dll 2008-11-27 22:01:17 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2008-11-27 22:01:10 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2008-11-27 22:01:09 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2008-11-27 22:01:09 ----A---- C:\Windows\system32\WindowsCodecs.dll 2008-11-27 22:00:59 ----A---- C:\Windows\system32\connect.dll ======List of files/folders modified in the last 1 months====== 2008-12-23 23:38:16 ----D---- C:\Windows\Prefetch 2008-12-23 23:38:15 ----D---- C:\Windows\Temp 2008-12-23 23:30:27 ----D---- C:\Program Files\Mozilla Firefox 2008-12-23 19:36:44 ----AD---- C:\Windows 2008-12-23 17:01:20 ----AD---- C:\Windows\System32 2008-12-23 17:01:20 ----A---- C:\Windows\system32\PerfStringBackup.INI 2008-12-23 17:01:19 ----D---- C:\Windows\inf 2008-12-23 14:10:35 ----SHD---- C:\System Volume Information 2008-12-23 13:22:40 ----D---- C:\Windows\rescache 2008-12-22 23:13:09 ----D---- C:\Windows\Microsoft.NET 2008-12-22 23:12:57 ----RSD---- C:\Windows\assembly 2008-12-22 22:42:42 ----D---- C:\Windows\system32\XPSViewer 2008-12-22 22:42:42 ----D---- C:\Windows\system32\wbem 2008-12-22 22:42:42 ----D---- C:\Windows\system32\en-US 2008-12-22 22:39:52 ----D---- C:\Windows\winsxs 2008-12-22 22:38:48 ----D---- C:\Windows\system32\catroot2 2008-12-22 22:38:48 ----D---- C:\Windows\system32\catroot 2008-12-22 22:27:47 ----SHD---- C:\Windows\Installer 2008-12-22 21:39:59 ----D---- C:\Windows\system32\Tasks 2008-12-22 21:26:12 ----D---- C:\Program Files\Common Files\InstallShield 2008-12-22 21:25:57 ----RD---- C:\Program Files 2008-12-22 21:25:57 ----HD---- C:\Program Files\InstallShield Installation Information 2008-12-22 19:19:44 ----D---- C:\Windows\pss 2008-12-22 19:19:00 ----D---- C:\Windows\system32\LogFiles 2008-12-21 17:03:28 ----D---- C:\Users\julien\AppData\Roaming\dvdcss 2008-12-17 22:03:59 ----D---- C:\ProgramData\Microsoft Help 2008-12-17 21:16:43 ----D---- C:\Program Files\Windows Live Safety Center 2008-12-17 13:21:26 ----D---- C:\Windows\system32\WDI 2008-12-12 01:26:07 ----D---- C:\Windows\Debug 2008-12-10 02:10:43 ----D---- C:\Windows\system32\fr-FR 2008-12-10 02:10:43 ----D---- C:\Windows\AppPatch 2008-12-10 02:10:43 ----D---- C:\Program Files\Windows Mail 2008-12-10 00:24:37 ----A---- C:\Windows\system32\mrt.exe 2008-12-07 19:51:50 ----D---- C:\Program Files\Java 2008-12-05 14:13:35 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2008-12-05 14:13:33 ----D---- C:\Windows\system32\drivers 2008-12-03 18:00:27 ----D---- C:\ProgramData\Adobe 2008-12-02 01:19:54 ----D---- C:\Program Files\Common Files\microsoft shared 2008-12-01 01:00:30 ----HD---- C:\ProgramData 2008-12-01 00:20:55 ----SD---- C:\Users\julien\AppData\Roaming\Microsoft 2008-12-01 00:18:19 ----A---- C:\Windows\win.ini 2008-11-30 22:08:05 ----D---- C:\Program Files\MSBuild 2008-11-30 22:07:54 ----D---- C:\Program Files\Microsoft Office 2008-11-30 22:07:50 ----D---- C:\Program Files\Common Files 2008-11-30 22:07:47 ----D---- C:\Windows\ShellNew 2008-11-30 22:07:19 ----RSD---- C:\Windows\Fonts 2008-11-30 22:07:07 ----SD---- C:\ProgramData\Microsoft 2008-11-30 21:59:17 ----D---- C:\Program Files\Common Files\System 2008-11-30 19:52:12 ----D---- C:\Windows\system32\Macromed 2008-11-30 19:29:38 ----SD---- C:\Windows\Downloaded Program Files 2008-11-28 20:07:18 ----D---- C:\Windows\system32\config 2008-11-28 20:07:15 ----D---- C:\Windows\Tasks 2008-11-28 20:07:15 ----D---- C:\Windows\system32\spool 2008-11-28 20:07:15 ----D---- C:\Windows\system32\Msdtc 2008-11-28 20:07:12 ----D---- C:\Windows\registration 2008-11-27 23:33:15 ----D---- C:\Program Files\Toshiba 2008-11-27 22:09:51 ----D---- C:\Program Files\SlySoft 2008-11-27 21:48:44 ----D---- C:\Windows\Logs 2008-11-25 18:40:45 ----D---- C:\Program Files\CCleaner ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-27 75072] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-12-22 271360] R2 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2008-07-21 24392] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-12-22 18048] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-17 12672] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-17 8704] R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2008-10-15 99904] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416] R3 ElbyDelay;ElbyDelay; C:\Windows\System32\Drivers\ElbyDelay.sys [2007-02-16 11984] R3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312] R3 NETw5v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752] R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-04-15 51160] R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-09 8192] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-29 196144] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128] R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216] R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-04-04 310272] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf.sys [2008-11-18 7808] S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys [] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-11-02 68865] R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-11-02 151297] R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960] R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-12 65536] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456] R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-04-11 124264] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-17 386560] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF----------------- 2/ info.txt logfile of random's system information tool 1.05 2008-12-23 23:38:20 ======Uninstall list====== -->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1} 2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7} Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD" Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x040c CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2" Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ITE1HERza.INF eMule-->"C:\Program Files\eMule\Uninstall.exe" Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3} HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179\UIU32m.exe -U -ITE1HERzm.INF HDMI Control Manager-->C:\Program Files\InstallShield Installation Information\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}\setup.exe -runfromtemp -l0x040c -removeonly HijackThis 2.0.2-->"C:\Users\julien\Documents\programmes installés\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe" Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Manuels TOSHIBA-->C:\Program Files\InstallShield Installation Information\{5B0202A8-CC6B-4443-AD73-FE9DF1FC1622}\setup.exe -runfromtemp -l0x040c -removeonly Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE} Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE} Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE} Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB} Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE} Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE} Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE} Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE} Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MySQL Connector/ODBC 3.51-->MsiExec.exe /I{0CB3C535-1171-4A20-B549-E2CB5DEB9723} O2Micro Flash Memory Card Reader Driver (x86)-->MsiExec.exe /X{156E98D0-1AEC-4013-A41A-94A1A01BFD68} PDFCreator-->C:\Program Files\PDFCreator\unins000.exe Réducteur de bruit du lecteur de CD/DVD-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x040c -removeonly Revo Uninstaller 1.75-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe Secunia PSI-->"C:\Program Files\Secunia\PSI\uninstall.exe" Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85} Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7} Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2} Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B} Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77} Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85} Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F} Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC} Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C} Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Titan Poker-->"C:\Poker\Titan Poker\_Setup titanPoker.exe" /uninstall TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x040c -removeonly TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755} TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x040c TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B} /l1036 Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x040c -removeonly TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7} TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{491DD193-1B57-4D1C-8B14-18B96992A89F} /l1036 TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x040c TRDCReminder-->C:\Program Files\InstallShield Installation Information\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}\setup.exe -runfromtemp -l0x040c TRORDCLauncher-->C:\Program Files\InstallShield Installation Information\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}\setup.exe -runfromtemp -l0x040c Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498} Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756} Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118} Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278} Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302} VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe VirtualCloneDrive-->"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe" Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D} =====HijackThis Backups===== O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing) O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-...1&site=home (file missing) ======Security center information====== AS: Windows Defender System event log Computer Name: PC-de-julien Event Code: 102 Message: Le service a momentanément arrêté la publication à cause d’un événement d’alimentation. Record Number: 51906 Source Name: Microsoft-Windows-ResourcePublication Time Written: 20081223215113.150253-000 Event Type: Information User: AUTORITE NT\SERVICE LOCAL Computer Name: PC-de-julien Event Code: 4201 Message: Le système a détecté que la carte réseau Connexion réseau sans fil était connectée au réseau, et a lancé une opération normale. Record Number: 51907 Source Name: Tcpip Time Written: 20081223220338.951253-000 Event Type: Information User: Computer Name: PC-de-julien Event Code: 4201 Message: Le système a détecté que la carte réseau Connexion réseau sans fil était connectée au réseau, et a lancé une opération normale. Record Number: 51908 Source Name: Tcpip Time Written: 20081223220338.951253-000 Event Type: Information User: Computer Name: PC-de-julien Event Code: 1103 Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs. Record Number: 51909 Source Name: Microsoft-Windows-Dhcp-Client Time Written: 20081223220344.000000-000 Event Type: Information User: Computer Name: PC-de-julien Event Code: 104 Message: Le service effectue la publication sur le réseau. Record Number: 51910 Source Name: Microsoft-Windows-ResourcePublication Time Written: 20081223220352.037253-000 Event Type: Information User: AUTORITE NT\SERVICE LOCAL Application event log Computer Name: PC-de-julien Event Code: 302 Message: msnmsgr (2656) \\.\C:\Users\julien\AppData\Local\Microsoft\Messenger\ohh_miiro@msn.com\SharingMetadata\Working\database_F236_C199_36C1_5F6B\dfsr.db: Le moteur de la base de données a terminé les étapes de récupération avec succès. Record Number: 10872 Source Name: ESENT Time Written: 20081223172546.000000-000 Event Type: Information User: Computer Name: PC-de-julien Event Code: 8224 Message: Le service VSS s’arrête, car le délai d’inactivité est dépassé. Record Number: 10873 Source Name: VSS Time Written: 20081223194755.000000-000 Event Type: Information User: Computer Name: PC-de-julien Event Code: 103 Message: msnmsgr (2656) \\.\C:\Users\julien\AppData\Local\Microsoft\Messenger\ohh_miiro@msn.com\SharingMetadata\Working\database_F236_C199_36C1_5F6B\dfsr.db: Le moteur de la base de données a arrêté l'instance (0). Record Number: 10874 Source Name: ESENT Time Written: 20081223215149.000000-000 Event Type: Information User: Computer Name: PC-de-julien Event Code: 102 Message: msnmsgr (2656) \\.\C:\Users\julien\AppData\Local\Microsoft\Messenger\ohh_miiro@msn.com\SharingMetadata\Working\database_F236_C199_36C1_5F6B\dfsr.db: Le moteur de la base de données (6.00.6001.0000) a démarré une nouvelle instance (0). Record Number: 10875 Source Name: ESENT Time Written: 20081223220553.000000-000 Event Type: Information User: Computer Name: PC-de-julien Event Code: 103 Message: msnmsgr (2656) \\.\C:\Users\julien\AppData\Local\Microsoft\Messenger\ohh_miiro@msn.com\SharingMetadata\Working\database_F236_C199_36C1_5F6B\dfsr.db: Le moteur de la base de données a arrêté l'instance (0). Record Number: 10876 Source Name: ESENT Time Written: 20081223222103.000000-000 Event Type: Information User: Security event log Computer Name: PC-de-julien Event Code: 4672 Message: Privilèges spéciaux attribués à la nouvelle ouverture de session. Sujet : ID de sécurité : S-1-5-18 Nom du compte : SYSTEM Domaine du compte : AUTORITE NT ID d’ouverture de session : 0x3e7 Privilèges : SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 15801 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081223194450.881653-000 Event Type: Succès de l'audit User: Computer Name: PC-de-julien Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 15802 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081223220340.262253-000 Event Type: Échec de l'audit User: Computer Name: PC-de-julien Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 15803 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081223220342.217253-000 Event Type: Échec de l'audit User: Computer Name: PC-de-julien Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 15804 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081223220342.231253-000 Event Type: Échec de l'audit User: Computer Name: PC-de-julien Event Code: 5032 Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau. Code d’erreur : 2 Record Number: 15805 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20081223220342.232253-000 Event Type: Échec de l'audit User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel "PROCESSOR_REVISION"=1706 "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE -----------------EOF-----------------

Bonsoir, Merci d'avoir répondu En fait C:/ et E:/ correspondent à mes disques durs F:/ est mon lecteur/graveur DVD et il est bien vide! Ok je prends mon mal en patience et j'espère que qql'un voudra bien m'aider....

Re Je vois qu' il n'y a pas de réponses à mon pb... Peut être me suis je mal expliqué ? OU es ce que je me serais tromper de topic/forum ? si c'est le cas dsl et quelle est le marche à suivre ? En tout cas le ou les pb empirent car je viens de mon rendre compte que le scan de Antivir et celui de Windows Defender se bloquent lors de leur exécution. Je viens d'avoir le pb avec Antivir qui s'est bloqué durant l'analyse vers 75% dans le system32, exactement sur cryptext.dll Le PC se bloque complètement même clt + alt + supp n'a aucun effet ! Es ce que tout est normal sur mon log Hijackthis ci-dessus ? SVP aidez moi car je ne sais plus quoi faire ou je n'ai pas les compétences pour trouver le pb. Merci

Salut Je voudrais avoir l'avis de personnes compétentes dans les problèmes PC. C'est pour cela que j'expose mon pb ici. J ai un PC portable Toshiba avec Vista qui a 3 mois et qui devrait tourner mieux que ce n est le cas actuellement Depuis quelques semaines il se comporte bizarrement je trouve ! Rien de grave qui empêche l'utilisation du PC a proprement dite mais cela commence a m'énerver car je ne comprends pas. Je présume fortement qu'il y a qql chose qui rend mon PC instable et fait bloquer l exécution de certains programmes de façon aléatoire. Pourtant j utilise plusieurs fois par semaine ccleaner, antivir gratuit, malawarebytes, windows defender principalement. Et je fais attention le plus possible quand je surf sur internet ... Aucun de ces programmes après un scan ne m indique un problème ou un fichier infecté Selon eux tout va bien.. les symptômes que j ai noté: + blocages / bugs -- l'exécution d'un programme se fige et j'ai beaucoup de mal à le fermer après même avec clt + alt + supp + souvent lorsque je demande au PC de s éteindre il ne le fait pas du 1er coup mais il redémarre plutôt et je suis obligé de lui demander une 2eme voir une 3eme fois avant qu'il ne s éteingne vraiment.. c très chiant + pour un PC avec 4Giga de Ram ou même 3Giga il me parait des fois mouliner comme si il n y avait que 512Mo de RAM. Mon PC fixe avec 1Giga j'ai l'impression kil rame pas plus...!!! + il y a aussi certaines icônes de la barre des taches qui ne s'affichent pas des fois comme l'indicateur de l'alimentation ou l'icône parapluie d'antivir. Mais elles réapparaissent lors du prochain démarrage. + il y a aussi lors du démarrage l'écran qui devient noir puis le bureau revient, comme si on changeait la résolution graphique de l'écran. Voilà les principaux désagréments. J'aimerai bien retrouver un PC stable comme au début même si Vista ne m'as jamais paru irréprochable Je joins un log HijackThis Je ne sais pas si mon PC est infecté ou pas mais il y a clairement quelque chose qui ne va pas. Merci d'avance à ceux qui voudront se pencher sur mon cas. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:38:33, on 22/12/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\SmoothView\SmoothView.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\igfxext.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\julien\AppData\Local\Temp\mia1\DotNetFx35ClientSetup.exe e:\32c1ff21f5d14d1dfda7f7\setup.exe C:\Users\julien\AppData\Local\Temp\dotnetfx35setup.exe e:\99ab3cd4fea269ad491d\setup.exe C:\Windows\system32\conime.exe C:\Windows\system32\wuauclt.exe C:\Users\julien\AppData\Local\Temp\dotnetfx3530729.01\1033\dotnetfx35\x86\dotnetfx35langpack_x86fr.exe e:\5ddd62f8070609635db77eb0c6e7\setup.exe C:\Windows\system32\WUSA.exe C:\Windows\system32\wuauclt.exe C:\Users\julien\Documents\programmes installés\hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7586 bytes

OK Merci pour ton aide. Salut

RE, Es ce que qql un pourrait m eclairer sur le contenu de mon log HijacThis svp cf exemple dans mon poste ci dessus Merci d avance les zebulioniens

salut Apollo, J ai mis à jour ce que tu ma indiqué.. + Voila le rapport JAVA: JavaRa 1.11 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Sat Nov 29 18:55:16 2008 Found and removed: C:\Program Files\Java\jre1.6.0_06 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Classes\JavaPlugin.160_06 Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_06 Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_06 Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610006 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160060} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\JavaPlugin.160_06 Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_06\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_06\bin\ Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_06.b02\ Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01 Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_06 Found and removed: Software\JavaSoft\Java2D\1.6.0_06 Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA} Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB} ------------------------------------ Finished reporting. + Sinon a quoi sert exactement PSI de SECUNIA ? + mon log HijackThis est il normal ? A quoi correspondent les extra button ? Ebay ? Amazon ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing) O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-...1&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: Merci de tes conseils. Cordialement

Salut Je voudrais avoir un avis sur mon log HijackThis. N y aurait il pas un nettoyage a faire ? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:33:31, on 28/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\ConfigFree\NDSTray.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\SmoothView\SmoothView.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\igfxext.exe C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\julien\Documents\programmes installés\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/709-44555-9400-3/4 (file missing) O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.fr/exec/obidos/redirect-...1&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7445 bytes Merci de votre aide Cordialement

Merci pour vos conseils J ai réussis à supprimer ce que je voulais avec Total Unistall cordialement

salut je voudrais désinstaller des programmes récalcitrants sur mon pc avec un logiciel plus puissant que ccleaner ou le désinstalleur de programme windows. Quoi utiliser pour être sur de tout supprimer?? merci de m aider.

"il y a une tonne de logiciels installés quand la machine est livrée: démo de McAfee (vite remplacée par Kaspersky), démo de Microsoft Office, une trouzaine d'utilitaires Toshiba, une pub eBay, une pub Amazon, une trouzaine d'utilitaires Google,... j'ai vite fais de désinstaller tout ça mis à part quelques utilitaires Toshiba utiles". Salut il est vrai qu'il y a plein de logiciels préinstallés sur le pc qu'il faut désinstallés quels utilitaires interessant a tu garder ????

Re, - Clavier correct mais les touches s'enfoncent légèrement - Le PC est très silencieux et chauffe raisonnablement (le ventilo à l'air de bien faire son travail) - Du coté esthétique je préfère sans hésiter le design Toshiba par rapport à Samnsung - Concernant le site internet LDLC apparait effectivement un peu plus interessant au niveau de la garantie (2 ans contre 1 an) Pour ma part j ai commandé chez PIXMANIA car le pc etait dispo le lendemain à leur showroom et qui est à 10 min à peine de chez moi En plus il y a la possibilité de bénéficier de code promo chez pix jusqu'à 5 %

Salut à tous ca y es j ai le M800 - 10 C entre les mains.... depuis 2 jours c est un tres bel objet ( sobre et classe) et je ne regrette pas mon achat pour l instant.. au niveau de la batterie, l autonomie maximum est de 3h30 en mode bureautique (comme indiqué dans les differentes descriptions techniques) les plastiques blancs de la coque sont d 'assez bonne qualité selon moi je n ai pas encore vraiment eu le temps de decouvrir le pc en details mais je formulerai une seule réserve sur le CLAVIER qui me semble pas tres resistant et moyennement agreable........; dommage mais pas redibitoire!! existe t il vraiment une machine parfaite dans cet categorie de produit ? Si vous avez des questions

Salut Merci pour cette analyse complète du M800 - 10C J ai moi meme essayer de trouver des infos sur ce PC et j ai pas trouver plus ou mieux que toi Je pense qu 'il est encore difficile de trouver des tests sur ce modele recent... mais bon du peu que l on a il a l air globalement de bonne qualité. Je vais me lancer tenter dans les jours qui viennent je crois Ldlc ou Pixmania ? 2 ans de garanti chez ldlc mais dispo en 24h chez Pix Le premier qui l a en main donne ses impressions !!!

Salut Merci pour les infos données Tu m'as un peu soulager par rapport à mes hesitations au point de vue technologique j'aimerai bien aussi avoir ton retour concernant la qualité de la coque et les finitions du PC . Merci d'avance

Merci pour ta réponse saladin En fait je cherche un portable de 13 pouces maxi avec un processeur centrino 2 de préférence J'utilise principalement mon pc comme centre multimedia + bureautique + internet Je n 'est pas besoin d'une bete de course mais je voudrais une machine rapide avec des composants relativement performents Voila je n'ai pas trouvé d'autre pc avec le meme rapport qualité/prix que le toshiba M800-10 C... si qql un aurait des idées pour moi.

Y a surement qql un qui pourrait m orienter svp allez les gars.... car je ne sais toujours pas quel pc portable acheter...

Bonsoir Zonk, Merci pour le tuto, ca va m aider deja à mieux comprendre. Cordialement.

Bonjour Wong, OK pour les mises à jours j ai reussi.!! En fait j avais un executable d Antivir qui etait obsolette. Maintenant c reglé. A+

Bonjour Zonk, Merci pour l explication C etait bien ca le probleme : l executable que j avais etait obsolette.. -------------------------------------------------------------------------------------------------- Serais tu comment bien configurer le pare-feux Comodo stp ? Je viens de l installer en remplacement de celui de windows... Comodo a l air de bien fonctionner mais il me demande d autoriser l execution de certains programmes, alors que je lui ai deja demandé de se souvenir de cette autorisation .. Merci d avance Cordialement

Bonjour a tous, Mais jai un probleme avec la mise a jour de ANTIVIR version freeware Je ne comprend pas pourquoi l antivirus me dit que ma "key is not valid" alors qu' il est normalement gratuit........... ????? J ai essayé plusieur fois l update sans succes donc je ne suis pas protegé actuellement.... Quoi faire ???????????? J ai egalement charger l update manuellement et essayé de l installer par "Update VDF" == sans succes Je ne comprend pas le probleme ? En regardant un peu le forum jai vu que je ne suis pas le seul a avoir eu ce probleme mais meme avec les sujets existants je n est pas réussi à installer corectement Antivir Merci de votre aide.. Cordialement

Bonjour Wong, La desinstallation de Norton s'est bien passé Jai commencé a installer la nouvelle configuration de protection sur mon pc Merci pour la desinfection. Mais jai un probleme avec la mise a jour de ANTIVIR Je ne comprend pas pourquoi l antivirus me dit que ma "key is not valid" alors qu' il est normalement gratuit........... ????? J ai essayé plusieur fois l update sans succes donc je ne suis pas protegé actuellement.... Quoi faire ???????????? J ai egalement charger l update manuellement et essayé de l installer par "Update VDF" == sans succes Si tu pouvais aussi m aider sur ce probleme la Cordialement

Bonjour Wong, Le nettoyage est fait. Le point de restauration aussi. HijackThis est toujours present sur mon bureaux. Je te remercie pour ton aide concernant mon infection.. ------------------------------------------------------------------------------------------------ Concernant Norton je veux bien le desinstaller completement..!! Indique moi stp la procedure a suivre pour le supprimer completement. Que me propose tu alors comme protection ?? Je me suis un peu renseigner de moi meme sur la question Que pense tu de cette configuration possible : * Je remplace Norton Antivirus 2007 (payant) par Antivir (gratuit) * Je remplace le pare-feux Windows (fournis d'office avec Windows SP2) par le pare-feux Comodo (gratuit) Mais es ce possible de desinstaller completement le pare-feux Windows ?? * A niveau des logiciels de protection: - en temps reel : je garde Windows Defender(gratuit) et AVG Antispyware (gratuit) - pas en temps reel : je garde Ccleaner + Spybot + Ad Aware SE Si il ya plus judicieux comme configuration j attend tes propositions. -------------------------------------------------------------------------------------------- Ok aussi pour la procedure de denonciation de l infection sur le site internet. Cordialement,

Bonsoir Wong, Effectivement je n'utilise plus ce serveur FTP. C:\Documents and Settings\Miiro\Mes documents\Programmes\Rhinosoft_Serv-U_Corporate_v5.0\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX Je le supprime car il peut etre une menace d infection..? 1) Rapport ToolsCleaner: -->- Recherche: C:\Qoobox: trouvé ! C:\_OtMoveIt: trouvé ! C:\Documents and Settings\Miiro\Bureau\DiagHelp.zip: trouvé ! C:\Documents and Settings\Miiro\Bureau\OtMoveIt.exe: trouvé ! C:\Documents and Settings\Miiro\Bureau\ComboFix.exe: trouvé ! C:\Documents and Settings\Miiro\Bureau\DiagHelp: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\Miiro\Bureau\DiagHelp.zip: supprimé ! C:\Documents and Settings\Miiro\Bureau\OtMoveIt.exe: supprimé ! C:\Documents and Settings\Miiro\Bureau\ComboFix.exe: supprimé ! C:\Qoobox: supprimé ! C:\_OtMoveIt: supprimé ! C:\Documents and Settings\Miiro\Bureau\DiagHelp: supprimé ! 2) Rapport Norton: Statistiques sur l'analyse : Temps d'analyse : 1467 Options d'analyse : Cibles d'analyse : C: Décompte : Total des éléments analysés : 124785 - Fichiers et répertoires : 122478 - Entrées de registre : 206 - Processus et éléments de démarrage : 2055 - Eléments réseau et navigateur : 40 - Menaces inconnues potentielles : 1 - Autres : 5 Total des risques de sécurité détectés : 0 Total des éléments corrigés : 0 Total des éléments à vérifier : 0 menaces résolues : Menaces non résolues : Je precise qu'à la fin du scan de Norton, l antivirus m indique que tout va bien et qu'il n y a pas de menaces..!! Y a t il encore des trace du virus dans mon pc ? Cordialement,

Bonjour Wong, 1) J ai bien envoyé le fichier à Malekal_morte. 2) Mon PC se comporte bien Beaucoup qu'avant ton intervention..! Pour preuve mon indicateur de la charge UC en % utilisée ne varie plus constament et reste faible lorsqu'aucun programme ne fonctionne..! 3) Le nettoyage avec Ccleaner s'est bien passé. 4) Rapport KASPERSKY : ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Sunday, November 18, 2007 6:41:17 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 18/11/2007 Kaspersky Anti-Virus database records: 461311 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ Scan Statistics: Total number of scanned objects: 43894 Number of viruses found: 4 Number of infected objects: 20 Number of suspicious objects: 0 Duration of the scan process: 00:52:27 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-11142007-131613.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-11-18_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\2FB830B2.TMP Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Symantec\SubEng\submissions.idx Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Miiro\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Miiro\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Miiro\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Miiro\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Miiro\Local Settings\Application Data\Yahoo\Widget Engine\Widgets DB\widgets.db Object is locked skipped C:\Documents and Settings\Miiro\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Miiro\Local Settings\Historique\History.IE5\MSHist012007111820071119\index.dat Object is locked skipped C:\Documents and Settings\Miiro\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Miiro\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Miiro\Mes documents\Programmes\Rhinosoft_Serv-U_Corporate_v5.0\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\susetup.exe/SERVUDAEMON.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.5000 skipped C:\Documents and Settings\Miiro\Mes documents\Programmes\Rhinosoft_Serv-U_Corporate_v5.0\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\susetup.exe/SERVUTRAY.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.5201 skipped C:\Documents and Settings\Miiro\Mes documents\Programmes\Rhinosoft_Serv-U_Corporate_v5.0\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\Rhinosoft_Serv-U_Corporate_v5.0-PARADOX\susetup.exe ZIP: infected - 2 skipped C:\Documents and Settings\Miiro\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Miiro\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\NFWEVT.LOG Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDALRT.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDCON.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDDBG.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDFW.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDIDS.log Object is locked skipped C:\Program Files\Fichiers communs\Symantec Shared\SNDSYS.log Object is locked skipped C:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped C:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{3BB14DDE-0943-4EB0-BEE2-4A07F2DF71EE}\RP123\A0006241.exe/SERVUDAEMON.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.5000 skipped C:\System Volume Information\_restore{3BB14DDE-0943-4EB0-BEE2-4A07F2DF71EE}\RP123\A0006241.exe/SERVUTRAY.EXE Infected: not-a-virus:Server-FTP.Win32.Serv-U.5201 skipped C:\System Volume Information\_restore{3BB14DDE-0943-4EB0-BEE2-4A07F2DF71EE}\RP123\A0006241.exe ZIP: infected - 2 skipped C:\System Volume Information\_restore{3BB14DDE-0943-4EB0-BEE2-4A07F2DF71EE}\RP125\A0008568.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped C:\System Volume Information\_restore{3BB14DDE-0943-4EB0-BEE2-4A07F2DF71EE}\RP126\A0008768.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ahr skipped C:\System Volume Information\_restore{3BB14DDE-0943-4EB0-BEE2-4A07F2DF71EE}\RP135\change.log Object is locked skipped C:\upload_moi_SKUNK.tar.gz/upload_moi.tar/WINDOWS/System32/epwxhxrj.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped C:\upload_moi_SKUNK.tar.gz/upload_moi.tar/WINDOWS/System32/ufnyaaja.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped C:\upload_moi_SKUNK.tar.gz/upload_moi.tar/WINDOWS/System32/cutdtimt.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped C:\upload_moi_SKUNK.tar.gz/upload_moi.tar/WINDOWS/System32/iiffdaa.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ahr skipped C:\upload_moi_SKUNK.tar.gz/upload_moi.tar/WINDOWS/System32/xxywwwx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ahr skipped C:\upload_moi_SKUNK.tar.gz/upload_moi.tar Infected: not-a-virus:AdWare.Win32.Virtumonde.ahr skipped C:\upload_moi_SKUNK.tar.gz GZIP: infected - 6 skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped C:\WINDOWS\system32\config\OSession.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped C:\_OTMoveIt\MovedFiles\WINDOWS\System32\cutdtimt.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped C:\_OTMoveIt\MovedFiles\WINDOWS\System32\epwxhxrj.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped C:\_OTMoveIt\MovedFiles\WINDOWS\System32\iiffdaa.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ahr skipped C:\_OTMoveIt\MovedFiles\WINDOWS\System32\ufnyaaja.dll Infected: not-a-virus:AdWare.Win32.SecToolBar.k skipped C:\_OTMoveIt\MovedFiles\WINDOWS\System32\xxywwwx.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ahr skipped Scan process completed. Cordialement