zahi
-
Compteur de contenus
24 -
Inscription
-
Dernière visite
zahi's Achievements
Member (4/12)
0
Réputation sur la communauté
-
Bonsoir pear , EN fait je n'ai pas mon disque de demarrage ou d'installation donc quoi faire? Merci encore une fois
-
et j'ai encore pas compris c'est quoi la recovery console et comment la lancer
-
Bonjour pear Dans lsip J'ai mis dans remove msdnsnsp.dll et j'ai mis finish Lorsque j'ai redemarre le dans le mode sans echec je n'ai pas trouve le c:\program files\bonjour\mdnsnsp.dll par suite je me suis arrete la J'attends ton aide pour la prochaine etape merci encore
-
pour le Mbam j'ai essaye de faire un scan et aussi encore une fois le scan s'est devenu hyper lent quand il est arrive à C:\users\user\appdata\local\microsoft\windowslivecontacts\{45b45c6a-95c9-4097-8947-3e5568b44bdb}\DBStore\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad \
-
Salut pear, j ai fais ce que tu m'a dit de faire. Hijqck this m'a sorti le message "Hijackthis cannot perform repair O10 winsock LSP entries. you should use LSP fix for that... If the O10 item belongs to webhancer, new.net or co;;on name, spybot S&D can remove it automatically" Puis au redemarrage j ai relance hijackthis, et les elements que tu m avais demande de cocher etaient toujours la. puis j'ai suivi tes instructions dans OTM j ai eu le rapport suivant: All processes killed ========== PROCESSES ========== ========== FILES ========== c:\program files\search guard plusu\sgpUpdaters.exe moved successfully. c:\program files\search guard plusu\uninstalSGPU.exe moved successfully. ========== SERVICES/DRIVERS ========== ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes User: user ->Temp folder emptied: 18683964 bytes File delete failed. C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 67520189 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 12075601 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes Windows Temp folder emptied: 579374 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 94.31 mb OTM by OldTimer - Version 3.0.0.6 log created on 10302009_133635 Files moved on Reboot... Registry entries deleted on Reboot... je suis en train de faire le scan MBAM que je posterai sitot qu'il sera fini Merci pour ta patience
-
Bonjour pear voici le log.txt: Run by user at 2009-10-30 10:20:30 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 229 GB (75%) free of 304 GB Total RAM: 3070 MB (57% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:21:03 AM, on 10/30/2009 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18828) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\SmoothView\SmoothView.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe C:\Windows\ehome\ehtray.exe C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe C:\Program Files\Search Guard PlusU\sgpupdaters.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe C:\Users\user\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\user.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edition.cnn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = etuproxy.enpc.fr:3128 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{24A09E8D-8972-431B-B3B8-EB64715BA080}: NameServer = 172.23.0.20,195.221.193.16 O17 - HKLM\System\CS1\Services\Tcpip\..\{24A09E8D-8972-431B-B3B8-EB64715BA080}: NameServer = 172.23.0.20,195.221.193.16 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\Windows\System32\avgrsstx.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour Service - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing) O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: ConfigFree Service - Unknown owner - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe O23 - Service: pinger - Unknown owner - C:\TOSHIBA\IVP\ISM\pinger.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 13180 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{4D2136D5-DF24-4EC5-BFAC-D615D794CA47}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-03-13 908528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-07-31 1111320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-15 259696] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-01 668656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-01 470512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}] free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-03-13 165616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-15 259696] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-03-13 908528] {ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-10-24 178712] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-30 1029416] "Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-26 413696] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-29 75136] "TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-18 431456] "HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-11-01 54608] "SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-16 448080] "00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704] "NDSTray.exe"=NDSTray.exe [] "PCMAgent"=C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe [2007-12-14 143360] "CLMLServer"=C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe [2008-02-14 184320] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2007-12-29 430080] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-16 39408] "OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-09-04 95536] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background [] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-10-12 2000112] "AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-08-13 2007832] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-11 29744] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk] C:\Users\user\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2007-09-04 54576] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe [2009-09-02 25623336] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartVoip] C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe -nosplash -minimized [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk] C:\PROGRA~1\PALTAL~1\paltalk.exe [2007-12-11 10252288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\Windows\System32\avgrsstx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= [] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rootrepeal.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"= "NoDrives"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\TOSHIBA\ivp\NetInt\Netint.exe"="C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine" "C:\TOSHIBA\Ivp\ISM\pinger.exe"="C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .scr - open - C:\Windows\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2009-10-30 10:20:30 ----D---- C:\rsit 2009-10-29 20:45:40 ----D---- C:\Program Files\Conduit 2009-10-29 20:45:39 ----D---- C:\Program Files\free-downloads.net 2009-10-29 20:45:06 ----D---- C:\Program Files\Alcohol Soft 2009-10-29 11:21:46 ----D---- C:\Program Files\Windows Portable Devices 2009-10-29 11:05:56 ----A---- C:\Windows\system32\UIAnimation.dll 2009-10-29 11:05:55 ----A---- C:\Windows\system32\UIRibbonRes.dll 2009-10-29 11:05:55 ----A---- C:\Windows\system32\UIRibbon.dll 2009-10-29 11:05:22 ----A---- C:\Windows\system32\WMPhoto.dll 2009-10-29 11:05:20 ----A---- C:\Windows\system32\cdd.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\XpsRasterService.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\XpsPrint.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\WindowsCodecs.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2009-10-29 11:05:17 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\OpcServices.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\dxdiagn.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\dxdiag.exe 2009-10-29 11:05:17 ----A---- C:\Windows\system32\d3d10warp.dll 2009-10-29 11:05:17 ----A---- C:\Windows\system32\d2d1.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\xpsservices.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\FntCache.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\dxgi.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\DWrite.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d11.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10level9.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10core.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10_1core.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10_1.dll 2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10.dll 2009-10-29 11:04:30 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2009-10-29 11:04:30 ----A---- C:\Windows\system32\wpdbusenum.dll 2009-10-29 11:04:30 ----A---- C:\Windows\system32\BthMtpContextHandler.dll 2009-10-29 11:04:26 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2009-10-29 11:04:24 ----A---- C:\Windows\system32\WpdMtpUS.dll 2009-10-29 11:04:24 ----A---- C:\Windows\system32\WpdConns.dll 2009-10-29 11:04:23 ----A---- C:\Windows\system32\WPDSp.dll 2009-10-29 11:04:23 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2009-10-29 11:04:23 ----A---- C:\Windows\system32\wpdshext.dll 2009-10-29 11:04:23 ----A---- C:\Windows\system32\WpdMtp.dll 2009-10-29 11:04:23 ----A---- C:\Windows\system32\wpd_ci.dll 2009-10-29 11:04:23 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2009-10-29 11:04:23 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2009-10-29 11:04:23 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2009-10-29 11:04:23 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2009-10-29 11:03:22 ----A---- C:\Windows\system32\UIAutomationCore.dll 2009-10-29 11:03:22 ----A---- C:\Windows\system32\oleaccrc.dll 2009-10-29 11:03:22 ----A---- C:\Windows\system32\oleacc.dll 2009-10-28 18:35:33 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2009-10-28 18:33:42 ----D---- C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com 2009-10-28 18:33:42 ----D---- C:\Program Files\SUPERAntiSpyware 2009-10-28 18:32:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2009-10-28 11:45:49 ----A---- C:\Windows\system32\wmp.dll 2009-10-28 11:45:47 ----A---- C:\Windows\system32\unregmp2.exe 2009-10-28 11:45:46 ----A---- C:\Windows\system32\wmploc.DLL 2009-10-27 11:59:42 ----AD---- C:\ProgramData\TEMP 2009-10-26 19:44:33 ----A---- C:\Windows\ntbtlog.txt 2009-10-26 17:37:16 ----A---- C:\RootRepeal report 10-26-09 (17-37-16).txt 2009-10-26 17:14:30 ----A---- C:\RootRepeal report 10-26-09 (17-14-30).txt 2009-10-26 16:26:07 ----A---- C:\RootRepeal report 10-26-09 (16-26-07).txt 2009-10-26 16:24:16 ----A---- C:\RootRepeal report 10-26-09 (16-24-16).txt 2009-10-26 14:35:25 ----D---- C:\Users\user\AppData\Roaming\WinRAR 2009-10-26 14:35:16 ----D---- C:\Program Files\WinRAR 2009-10-25 22:51:52 ----D---- C:\Program Files\CCleaner 2009-10-16 15:32:29 ----D---- C:\Program Files\Zoner 2009-10-15 11:37:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-10-15 01:30:38 ----D---- C:\Windows\temp 2009-10-15 01:30:37 ----A---- C:\ComboFix.txt 2009-10-15 01:25:56 ----SHD---- C:\$RECYCLE.BIN 2009-10-15 01:06:38 ----D---- C:\20203-CF143722 2009-10-15 01:06:08 ----A---- C:\Windows\zip.exe 2009-10-15 01:06:08 ----A---- C:\Windows\SWXCACLS.exe 2009-10-15 01:06:08 ----A---- C:\Windows\SWSC.exe 2009-10-15 01:06:08 ----A---- C:\Windows\SWREG.exe 2009-10-15 01:06:08 ----A---- C:\Windows\sed.exe 2009-10-15 01:06:08 ----A---- C:\Windows\PEV.exe 2009-10-15 01:06:08 ----A---- C:\Windows\grep.exe 2009-10-15 01:06:07 ----D---- C:\20203-CF268002 2009-10-15 01:05:41 ----D---- C:\20203-CF64612 2009-10-14 18:15:01 ----A---- C:\Windows\system32\msv1_0.dll 2009-10-14 18:14:55 ----A---- C:\Windows\system32\ntoskrnl.exe 2009-10-14 18:14:54 ----A---- C:\Windows\system32\ntkrnlpa.exe 2009-10-14 18:14:35 ----A---- C:\Windows\system32\mshtml.dll 2009-10-14 18:14:33 ----A---- C:\Windows\system32\ieframe.dll 2009-10-14 18:14:32 ----A---- C:\Windows\system32\wininet.dll 2009-10-14 18:14:32 ----A---- C:\Windows\system32\urlmon.dll 2009-10-14 18:14:32 ----A---- C:\Windows\system32\msfeeds.dll 2009-10-14 18:14:32 ----A---- C:\Windows\system32\iertutil.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\occache.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\msfeedssync.exe 2009-10-14 18:14:31 ----A---- C:\Windows\system32\msfeedsbs.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\jsproxy.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\ieUnatt.exe 2009-10-14 18:14:31 ----A---- C:\Windows\system32\ieui.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\iesysprep.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\iesetup.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\iernonce.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\iepeers.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\iedkcs32.dll 2009-10-14 18:14:31 ----A---- C:\Windows\system32\ie4uinit.exe 2009-10-14 18:14:28 ----A---- C:\Windows\system32\msasn1.dll 2009-10-14 18:14:26 ----A---- C:\Windows\system32\WMSPDMOD.DLL 2009-10-14 01:20:10 ----D---- C:\20203-CF188572 2009-10-14 01:13:52 ----D---- C:\20203-CF69692 2009-10-14 01:07:46 ----D---- C:\20203-CF 2009-10-14 00:13:12 ----A---- C:\Windows\NIRCMD.exe 2009-10-14 00:12:19 ----D---- C:\Windows\ERDNT 2009-10-14 00:11:40 ----D---- C:\Qoobox 2009-10-08 10:46:08 ----D---- C:\Users\user\AppData\Roaming\Malwarebytes 2009-10-08 10:46:01 ----D---- C:\ProgramData\Malwarebytes 2009-10-08 09:19:54 ----D---- C:\_OTM 2009-10-07 09:10:18 ----D---- C:\Program Files\Trend Micro 2009-10-02 19:26:59 ----N---- C:\Windows\system32\MpSigStub.exe ======List of files/folders modified in the last 1 months====== 2009-10-30 10:20:44 ----D---- C:\Windows\Prefetch 2009-10-30 10:20:32 ----SHD---- C:\System Volume Information 2009-10-30 10:19:12 ----AD---- C:\Windows\System32 2009-10-30 10:19:12 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-10-30 10:19:11 ----D---- C:\Windows\inf 2009-10-30 10:12:28 ----A---- C:\Windows\system32\rpcnetp.exe 2009-10-30 10:12:16 ----A---- C:\Windows\system32\rpcnetp.dll 2009-10-30 10:12:16 ----A---- C:\Windows\system32\rpcnet.dll 2009-10-29 20:46:16 ----D---- C:\Program Files\Mozilla Firefox 2009-10-29 20:45:40 ----RD---- C:\Program Files 2009-10-29 20:41:41 ----D---- C:\Windows\system32\drivers 2009-10-29 11:40:44 ----D---- C:\Windows\rescache 2009-10-29 11:25:46 ----D---- C:\Windows\system32\Tasks 2009-10-29 11:21:55 ----D---- C:\Windows 2009-10-29 11:21:48 ----D---- C:\Windows\system32\en-US 2009-10-29 11:21:46 ----D---- C:\Windows\system32\wbem 2009-10-29 11:21:44 ----D---- C:\Windows\system32\pt-PT 2009-10-29 11:21:44 ----D---- C:\Windows\system32\pt-BR 2009-10-29 11:21:44 ----D---- C:\Windows\system32\it-IT 2009-10-29 11:21:44 ----D---- C:\Windows\system32\he-IL 2009-10-29 11:21:44 ----D---- C:\Windows\system32\bg-BG 2009-10-29 11:21:43 ----D---- C:\Windows\system32\zh-TW 2009-10-29 11:21:43 ----D---- C:\Windows\system32\zh-HK 2009-10-29 11:21:43 ----D---- C:\Windows\system32\zh-CN 2009-10-29 11:21:43 ----D---- C:\Windows\system32\uk-UA 2009-10-29 11:21:43 ----D---- C:\Windows\system32\tr-TR 2009-10-29 11:21:43 ----D---- C:\Windows\system32\th-TH 2009-10-29 11:21:43 ----D---- C:\Windows\system32\sv-SE 2009-10-29 11:21:43 ----D---- C:\Windows\system32\sr-Latn-CS 2009-10-29 11:21:43 ----D---- C:\Windows\system32\sl-SI 2009-10-29 11:21:43 ----D---- C:\Windows\system32\sk-SK 2009-10-29 11:21:43 ----D---- C:\Windows\system32\ru-RU 2009-10-29 11:21:43 ----D---- C:\Windows\system32\ro-RO 2009-10-29 11:21:43 ----D---- C:\Windows\system32\pl-PL 2009-10-29 11:21:43 ----D---- C:\Windows\system32\nl-NL 2009-10-29 11:21:43 ----D---- C:\Windows\system32\nb-NO 2009-10-29 11:21:43 ----D---- C:\Windows\system32\lv-LV 2009-10-29 11:21:43 ----D---- C:\Windows\system32\lt-LT 2009-10-29 11:21:43 ----D---- C:\Windows\system32\ko-KR 2009-10-29 11:21:43 ----D---- C:\Windows\system32\ja-JP 2009-10-29 11:21:43 ----D---- C:\Windows\system32\hu-HU 2009-10-29 11:21:43 ----D---- C:\Windows\system32\hr-HR 2009-10-29 11:21:43 ----D---- C:\Windows\system32\fr-FR 2009-10-29 11:21:43 ----D---- C:\Windows\system32\fi-FI 2009-10-29 11:21:43 ----D---- C:\Windows\system32\et-EE 2009-10-29 11:21:43 ----D---- C:\Windows\system32\es-ES 2009-10-29 11:21:43 ----D---- C:\Windows\system32\el-GR 2009-10-29 11:21:43 ----D---- C:\Windows\system32\de-DE 2009-10-29 11:21:43 ----D---- C:\Windows\system32\da-DK 2009-10-29 11:21:43 ----D---- C:\Windows\system32\cs-CZ 2009-10-29 11:21:43 ----D---- C:\Windows\system32\ar-SA 2009-10-29 11:21:43 ----D---- C:\Program Files\Internet Explorer 2009-10-29 11:21:34 ----D---- C:\Program Files\Windows Media Player 2009-10-29 11:06:07 ----D---- C:\Windows\winsxs 2009-10-29 11:06:05 ----D---- C:\Windows\system32\catroot 2009-10-29 11:05:44 ----D---- C:\Windows\system32\catroot2 2009-10-29 11:03:16 ----SHD---- C:\Windows\Installer 2009-10-28 18:35:33 ----D---- C:\ProgramData 2009-10-28 18:32:50 ----D---- C:\Program Files\Common Files 2009-10-26 01:09:26 ----D---- C:\ProgramData\Yahoo! Companion 2009-10-25 22:56:30 ----D---- C:\Windows\system32\LogFiles 2009-10-25 22:56:28 ----D---- C:\Windows\Debug 2009-10-22 12:37:19 ----D---- C:\ProgramData\Microsoft Help 2009-10-22 12:37:11 ----RSD---- C:\Windows\assembly 2009-10-22 12:36:07 ----D---- C:\Program Files\Common Files\microsoft shared 2009-10-22 12:35:56 ----RSD---- C:\Windows\Fonts 2009-10-22 12:33:14 ----A---- C:\Windows\win.ini 2009-10-22 12:33:13 ----D---- C:\Program Files\Common Files\System 2009-10-16 13:01:23 ----D---- C:\Program Files\Windows Live 2009-10-15 11:27:38 ----D---- C:\Windows\Microsoft.NET 2009-10-15 07:29:20 ----D---- C:\Windows\ehome 2009-10-15 07:29:20 ----D---- C:\Program Files\Windows Mail 2009-10-15 07:29:08 ----D---- C:\Windows\system32\migration 2009-10-15 01:25:52 ----A---- C:\Windows\system.ini 2009-10-15 01:10:28 ----D---- C:\Windows\AppPatch 2009-10-14 14:10:06 ----D---- C:\Windows\Tasks 2009-10-12 23:36:14 ----D---- C:\Users\user\AppData\Roaming\Skype 2009-10-08 18:05:31 ----D---- C:\SYSTEM 2009-10-02 19:01:57 ----A---- C:\Windows\system32\mrt.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-07-31 335240] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-07-31 27784] R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-06-18 108552] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-10-12 9968] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-10-12 74480] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-31 3483648] R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208] R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2008-02-01 187904] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600] R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896] R3 NETw4v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776] R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-01-15 48472] R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-10 8192] R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-10-12 7408] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-30 196144] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128] R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264] R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496] S3 a2yk2cbv;a2yk2cbv; C:\Windows\system32\drivers\a2yk2cbv.sys [] S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456] S3 catchme;catchme; \??\C:\20203-CF143722\catchme.sys [] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 rootrepeal;rootrepeal; \??\C:\Windows\system32\drivers\rootrepeal.sys [] S3 SysProtDrv.sys;SysProtDrv.sys; \??\C:\Users\user\Desktop\SysProt\SysProt\SysProtDrv.sys [] S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys [] S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-24 9216] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-11-09 219264] S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-11-09 211072] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-01-30 643072] R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-10-24 358936] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-13 65536] R2 pinger;pinger; C:\TOSHIBA\IVP\ISM\pinger.exe [2007-01-26 136816] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328] R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2009-08-13 56680] R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968] R2 Swupdtmr;Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [2007-10-24 66928] R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-22 83312] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-22 129632] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-18 431456] R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-29 128360] R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976] R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-24 49152] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560] R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392] S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-11 85096] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] S3 GameConsoleService;GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [2008-10-03 242424] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-11 29744] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] -----------------EOF----------------- et voici le info text info.txt logfile of random's system information tool 1.06 2009-10-30 10:21:06 ======Uninstall list====== -->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72} -->"C:\Program Files\TOSHIBA Games\Bejeweled 2 Deluxe\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Blackhawk Striker 2\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Build in Time\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Dream Day Wedding 2 - Married in Manhattan\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\FATE\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Go Go Gourmet - Chef of the Year\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Hide and Secret\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Mah Jong Quest\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Mystery P.I. - The Lottery Ticket\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Penguins!\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Polar Bowler\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Polar Golfer\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Sea Life Safari\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\The Great Chocolate Chase - A Chocolatier Twist\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Virtual Villagers - A New Home\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Wedding Dash 2 - Rings Around the World\Uninstall.exe" -->"C:\Program Files\TOSHIBA Games\Wedding Dash\Uninstall.exe" -->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE -->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801 -->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057} -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9 ACDSee Photo Editor-->MsiExec.exe /I{2C6D03AC-02ED-4417-9F40-6A0CB55CEF2B} Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003} Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415} Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} AutoCAD 2009 - English-->C:\Program Files\AutoCAD 2009\Setup\Setup.exe /P {5783F2D7-7001-0409-0002-0060B0CE6BBA} /M ACAD Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057} AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL Bibliorom-->"C:\Program Files\Microsoft Référence\Bibliorom\Setup\install.exe" Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0009 Catalyst Control Center - Branding-->MsiExec.exe /I{D58A1E94-9EEA-4C6E-B9FB-D7C63DC6C941} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CD/DVD Drive Acoustic Silencer-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x0009 -removeonly Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ITE1HERza.INF CyberLink PowerCinema for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" /z-uninstall DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9 EL MOTARGEM ELKAFI-->C:\Windows\uninst.exe -f"C:\Program Files\ARASOFT\EL MOTARGEM ELKAFI\DeIsL1.isu" -cC:\PROGRA~1\ARASOFT\ELMOTA~1\_ISREG32.DLL EPANET 2.0-->C:\Windows\GPInstall.exe "/UNINST=C:\Program Files\EPANET2\UnInst.log" "/APPNAME=EPANET 2.0" FLV Player 2.0 (build 25)-->C:\Program Files\FLV Player\uninst.exe free-downloads.net Toolbar-->C:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE /U C:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23} Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179\UIU32m.exe -U -ITE1HERzm.INF HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Intel® PROSet/Wireless Software-->C:\Windows\Installer\iProInst.exe Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall iTunes-->MsiExec.exe /I{EC2A8F27-4FBF-4E41-B27B-FE822511B761} Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B} mCorev32.ism_new-->MsiExec.exe /I{A945BD16-4774-4A1F-96A7-118BEC004881} mCPlug-->MsiExec.exe /I{F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F} Memeo AutoBackup-->C:\Program Files\InstallShield Installation Information\{03240EBA-04F2-4652-BC7F-B055902BDCD3}\setup.exe -runfromtemp -l0x0409 mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E} Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E} Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE} Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE} Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE} Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC} Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787} Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9} Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8} mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC} Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1} Napster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe" -l0x9 -removeonly NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly NOD32 FiX v2.1-->"C:\Program Files\Eset\unins000.exe" Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8} O2Micro Flash Memory Card Reader Driver (x86)-->MsiExec.exe /X{372B31CF-77FB-4E29-860C-A0EA2985AB7F} OLYMPUS Master 2-->MsiExec.exe /X{45FCADDB-0B29-457E-83A1-D245C62A716C} OLYMPUS muvee theaterPack-->MsiExec.exe /X{B3282FB8-874B-4054-8356-9EB391A826F9} PaltalkScene-->"C:\Windows\PaltalkScene\uninstall.exe" "/U:C:\Program Files\Paltalk Messenger\irunin.xml" Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe" Programmes pour le projet de batiment 1.00-->C:\Program Files\Zahi AWWAD - Sami CHACAR\Programmes pour le projet de batiment\Uninstall.exe QuickBooks Financial Center-->MsiExec.exe /I{890EF3F8-742F-46BD-9E8E-084B3A1F4364} QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD} Search Guard Plus (My Tattoons)-->C:\Program Files\Search Guard Plus\uninstalSGP.exe Search Guard Plus Updater (My Tattoons)-->C:\Program Files\Search Guard PlusU\uninstalSGPU.exe Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08} Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780} Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0} Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D} Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E} Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF} Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C} Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC} Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D} Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050} Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748} Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall Tactical Ops 2-->C:\UNREAL~1\UNWISE.EXE C:\UNREAL~1\INSTALL.LOG TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x0009 -removeonly TOSHIBA ConfigFree-->MsiExec.exe /X{78C6A78A-8B03-48C8-A47C-78BA1FCA2307} TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0} TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0409 TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B} TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B} /l1033 Toshiba Registration-->MsiExec.exe /I{C53D16CC-E56F-47B8-906E-70AAF8EABB4F} TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7} TOSHIBA Software Upgrades-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe" -l0x9 -removeonly TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9 TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9 TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{491DD193-1B57-4D1C-8B14-18B96992A89F} /l1033 TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409 Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42} Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987} Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9} Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63} Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245} Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784} Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876} Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F} Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C} Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726} Update for Outlook 2007 Junk Email Filter (KB974810)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C05FBAD5-A211-4E86-BB51-7E07B80C9233} WildTangent Games-->"C:\Program Files\TOSHIBA Games\Uninstall.exe" Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE Zoner Panorama Maker-->"C:\Program Files\Zoner\Panorama Maker\unins000.exe" ======Security center information====== AS: Windows Defender AS: SUPERAntiSpyware ======System event log====== Computer Name: user-PC Event Code: 55 Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume SQ004660V08. Record Number: 238828 Source Name: Ntfs Time Written: 20090916063800.607257-000 Event Type: Error User: Computer Name: user-PC Event Code: 55 Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Record Number: 238827 Source Name: Ntfs Time Written: 20090916063800.513657-000 Event Type: Error User: Computer Name: user-PC Event Code: 55 Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Record Number: 238826 Source Name: Ntfs Time Written: 20090916063800.498057-000 Event Type: Error User: Computer Name: user-PC Event Code: 7000 Message: The ConfigFree Service service failed to start due to the following error: The system cannot find the file specified. Record Number: 238775 Source Name: Service Control Manager Time Written: 20090916063800.000000-000 Event Type: Error User: Computer Name: user-PC Event Code: 7000 Message: The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Record Number: 238772 Source Name: Service Control Manager Time Written: 20090916063800.000000-000 Event Type: Error User: =====Application event log===== Computer Name: user-PC Event Code: 10010 Message: Application 'C:\Program Files\Common Files\Symantec Shared\ccApp.exe' (pid 3012) cannot be restarted - Application SID does not match Conductor SID.. Record Number: 1249 Source Name: Microsoft-Windows-RestartManager Time Written: 20081011024636.943913-000 Event Type: Warning User: user-PC\user Computer Name: user-PC Event Code: 10010 Message: Application 'C:\Program Files\Common Files\Symantec Shared\ccApp.exe' (pid 3012) cannot be restarted - Application SID does not match Conductor SID.. Record Number: 1235 Source Name: Microsoft-Windows-RestartManager Time Written: 20081011024626.862913-000 Event Type: Warning User: user-PC\user Computer Name: user-PC Event Code: 10010 Message: Application 'C:\Program Files\Common Files\Symantec Shared\ccApp.exe' (pid 3012) cannot be restarted - Application SID does not match Conductor SID.. Record Number: 1221 Source Name: Microsoft-Windows-RestartManager Time Written: 20081011024539.778913-000 Event Type: Warning User: user-PC\user Computer Name: user-PC Event Code: 10 Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Record Number: 1178 Source Name: Microsoft-Windows-WMI Time Written: 20081011020440.000000-000 Event Type: Error User: Computer Name: user-PC Event Code: 1008 Message: The Windows Search Service is attempting to remove the old catalog. Record Number: 1171 Source Name: Microsoft-Windows-Search Time Written: 20081011120422.000000-000 Event Type: Warning User: =====Security event log===== Computer Name: user-PC Event Code: 5032 Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network. Error Code: 2 Record Number: 18888 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090329154155.989359-000 Event Type: Audit Failure User: Computer Name: user-PC Event Code: 5032 Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network. Error Code: 2 Record Number: 18887 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090329154056.220359-000 Event Type: Audit Failure User: Computer Name: user-PC Event Code: 5038 Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error. File Name: \Device\HarddiskVolume2\Windows\Temp\INSTB32.SYS Record Number: 18886 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090329105819.996359-000 Event Type: Audit Failure User: Computer Name: user-PC Event Code: 4672 Message: Special privileges assigned to new logon. Subject: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Privileges: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 18885 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090329104224.576359-000 Event Type: Audit Success User: Computer Name: user-PC Event Code: 4624 Message: An account was successfully logged on. Subject: Security ID: S-1-5-18 Account Name: USER-PC$ Account Domain: WORKGROUP Logon ID: 0x3e7 Logon Type: 5 New Logon: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Logon GUID: {00000000-0000-0000-0000-000000000000} Process Information: Process ID: 0x2a8 Process Name: C:\Windows\System32\services.exe Network Information: Workstation Name: Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: Advapi Authentication Package: Negotiate Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon session is created. It is generated on the computer that was accessed. The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network). The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on. The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Record Number: 18884 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090329104224.576359-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip -----------------EOF-----------------
-
Salut, J ai essayé la commande fsutil dans executer. Il me dit que fsutil necessite des privileges de l administrateur, mais il ne me donne pas un message comme quoi que le disque dur n est pas integre. Dans taskschedule j ai regcure qui fqit quelque chose au demarrage de l ordi. j ai telechargé l outil de diagnostic des disques durs. mqis le format du fichier est .iso que je n arrive pas a ouvrir. que dois je faire? encore merci pear
-
BOnjour pear j'ai essayé de faire un disk check mais a chaque fois il me demanadait de rescedhule le check jusqu'a la prochaine star t du pc et j'ai essaye de faire restart et j'ai pas eu un disk check up j'ai enleve automaticily fix errors alors le check up s'est termine en 5 ou 6 secondes et il m'a rien affiché et pour le Mbam j'ai essaye de faire un scan et aussi encore une fois le scan s'est devenu hyper lent quand il est arrive à C:\users\user\appdata\local\microsoft\windowslivecontacts\{45b45c6a-95c9-4097-8947-3e5568b44bdb}\DBStore\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad \ jusqu'a devenir a peu près en pause et pour le superantispyware j'ai lance et il arrivait toujours a un stade ou il me disait que le programme a rencontre un unexpected error et il m'ont demande mon mail pour me donner un report mais j'ai rien eu et le scann s'arrette mais avant de s'arreter il me signalait qu'il a detecte 33 cookies MErci encore une fois pear j'attends tes instructions pour la prochaine etape
-
BOnjour pear voici le rapport Running from: C:\Users\user\Desktop\Win32kDiag.exe Log file at : C:\Users\user\Desktop\Win32kDiag.txt WARNING: Could not get backup privileges! Searching 'C:\Windows'... Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl [1] 2009-10-28 11:35:04 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl [1] 2009-10-28 11:34:47 0 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl [1] 2009-10-28 11:34:54 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl [1] 2009-10-28 11:34:53 64 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession.etl [1] 2009-10-28 11:35:59 0 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession.etl () Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl [1] 2009-10-28 11:35:10 0 C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl () Finished! J'attends tes consignes pour la prochaine etape merci encore une fois
-
Dear Pear J'ai effectué 3 ou 4 fois le scan et à chaque fois j'attendais 2 ou 3heures sans qu'il se termine et à chque fois que j'appuis ok ( mais sans que le scan soit terminé après 3 heures d'attentes) j'obtiens le rapport suivant SysProt AntiRootkit v1.0.1.0 by swatkat ******************************************************************************** ********** ******************************************************************************** ********** No Hidden Processes found ******************************************************************************** ********** ******************************************************************************** ********** Kernel Modules: Module Name: \SystemRoot\System32\Drivers\dump_iaStor.sys Service Name: --- Module Base: 8A72D000 Module End: 8A7F5000 Hidden: Yes ******************************************************************************** ********** ******************************************************************************** ********** No SSDT Hooks found ******************************************************************************** ********** ******************************************************************************** ********** No Kernel Hooks found ******************************************************************************** ********** ******************************************************************************** ********** No IRP Hooks found ******************************************************************************** ********** ******************************************************************************** ********** Ports: Local Address: USER-PC.ENPC.FR:49356 Remote Address: ETUPROXY2.ENPC.FR:3128 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC.ENPC.FR:49355 Remote Address: ETUPROXY2.ENPC.FR:3128 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC.ENPC.FR:49350 Remote Address: ETUPROXY2.ENPC.FR:3128 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: CLOSE_WAIT Local Address: USER-PC.ENPC.FR:49344 Remote Address: ETUPROXY2.ENPC.FR:3128 Type: TCP Process: [system Idle Process] State: TIME_WAIT Local Address: USER-PC.ENPC.FR:49342 Remote Address: ETUPROXY2.ENPC.FR:3128 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC.ENPC.FR:49340 Remote Address: ETUPROXY2.ENPC.FR:3128 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC.ENPC.FR:49322 Remote Address: ETUPROXY2.ENPC.FR:3128 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: CLOSE_WAIT Local Address: USER-PC.ENPC.FR:49315 Remote Address: ETUPROXY2.ENPC.FR:3128 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC.ENPC.FR:49310 Remote Address: ETUPROXY2.ENPC.FR:3128 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: CLOSE_WAIT Local Address: USER-PC.ENPC.FR:NETBIOS-SSN Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: USER-PC:49354 Remote Address: LOCALHOST:13128 Type: TCP Process: C:\Program Files\Internet Explorer\iexplore.exe State: ESTABLISHED Local Address: USER-PC:49353 Remote Address: LOCALHOST:13128 Type: TCP Process: C:\Program Files\Internet Explorer\iexplore.exe State: ESTABLISHED Local Address: USER-PC:49349 Remote Address: LOCALHOST:13128 Type: TCP Process: C:\Program Files\Windows Defender\MSASCui.exe State: CLOSE_WAIT Local Address: USER-PC:49343 Remote Address: LOCALHOST:13128 Type: TCP Process: [system Idle Process] State: TIME_WAIT Local Address: USER-PC:49341 Remote Address: LOCALHOST:13128 Type: TCP Process: C:\Program Files\Internet Explorer\iexplore.exe State: ESTABLISHED Local Address: USER-PC:49339 Remote Address: LOCALHOST:13128 Type: TCP Process: C:\Program Files\Internet Explorer\iexplore.exe State: ESTABLISHED Local Address: USER-PC:49321 Remote Address: LOCALHOST:13128 Type: TCP Process: C:\Program Files\Internet Explorer\iexplore.exe State: CLOSE_WAIT Local Address: USER-PC:49313 Remote Address: LOCALHOST:13128 Type: TCP Process: C:\Program Files\Internet Explorer\iexplore.exe State: ESTABLISHED Local Address: USER-PC:49309 Remote Address: LOCALHOST:13128 Type: TCP Process: C:\Program Files\Internet Explorer\iexplore.exe State: CLOSE_WAIT Local Address: USER-PC:27015 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe State: LISTENING Local Address: USER-PC:18080 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: LISTENING Local Address: USER-PC:15190 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: LISTENING Local Address: USER-PC:15050 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: LISTENING Local Address: USER-PC:13128 Remote Address: LOCALHOST:49354 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC:13128 Remote Address: LOCALHOST:49353 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC:13128 Remote Address: LOCALHOST:49349 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: FIN_WAIT2 Local Address: USER-PC:13128 Remote Address: LOCALHOST:49341 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC:13128 Remote Address: LOCALHOST:49339 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC:13128 Remote Address: LOCALHOST:49337 Type: TCP Process: [system Idle Process] State: TIME_WAIT Local Address: USER-PC:13128 Remote Address: LOCALHOST:49335 Type: TCP Process: [system Idle Process] State: TIME_WAIT Local Address: USER-PC:13128 Remote Address: LOCALHOST:49333 Type: TCP Process: [system Idle Process] State: TIME_WAIT Local Address: USER-PC:13128 Remote Address: LOCALHOST:49328 Type: TCP Process: [system Idle Process] State: TIME_WAIT Local Address: USER-PC:13128 Remote Address: LOCALHOST:49321 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: FIN_WAIT2 Local Address: USER-PC:13128 Remote Address: LOCALHOST:49313 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: ESTABLISHED Local Address: USER-PC:13128 Remote Address: LOCALHOST:49309 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: FIN_WAIT2 Local Address: USER-PC:13128 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: LISTENING Local Address: USER-PC:11863 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: LISTENING Local Address: USER-PC:10080 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\PROGRA~1\AVG\AVG8\avgnsx.exe State: LISTENING Local Address: USER-PC:49159 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\services.exe State: LISTENING Local Address: USER-PC:49156 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: USER-PC:49155 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\lsass.exe State: LISTENING Local Address: USER-PC:49154 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: USER-PC:49153 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: USER-PC:49152 Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\wininit.exe State: LISTENING Local Address: USER-PC:5357 Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: USER-PC:MICROSOFT-DS Remote Address: 0.0.0.0:0 Type: TCP Process: System State: LISTENING Local Address: USER-PC:EPMAP Remote Address: 0.0.0.0:0 Type: TCP Process: C:\Windows\System32\svchost.exe State: LISTENING Local Address: USER-PC.ENPC.FR:50094 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC.ENPC.FR:SSDP Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC.ENPC.FR:138 Remote Address: NA Type: UDP Process: System State: NA Local Address: USER-PC.ENPC.FR:NETBIOS-NS Remote Address: NA Type: UDP Process: System State: NA Local Address: USER-PC:58666 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC:58665 Remote Address: NA Type: UDP Process: C:\Program Files\Internet Explorer\iexplore.exe State: NA Local Address: USER-PC:58664 Remote Address: NA Type: UDP Process: C:\Program Files\Internet Explorer\iexplore.exe State: NA Local Address: USER-PC:50095 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC:49773 Remote Address: NA Type: UDP Process: C:\Program Files\Internet Explorer\iexplore.exe State: NA Local Address: USER-PC:SSDP Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC:54549 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC:LLMNR Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC:IPSEC-MSFT Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC:UPNP-DISCOVERY Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC:UPNP-DISCOVERY Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC:500 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA Local Address: USER-PC:123 Remote Address: NA Type: UDP Process: C:\Windows\System32\svchost.exe State: NA ******************************************************************************** ********** ******************************************************************************** ********** Hidden files/folders: Object: C:\Users\user\Documents\zahi university docs\France ENPC\Anciens documents\presetti_entreprises\Affiche A3-Ponts et Chausse´es-16octobre2008.pdf.zip Status: Hidden Object: C:\Users\user\Documents\zahi university docs\Lebanon (ESIB)\Projet seismes\zahi projet exel\projet seisme\projet numerique\The Laplace transform is an integral transform perhaps second only to the Fourier transform in its utility in solving physical probl Status: Hidden Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl Status: Access denied Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl Status: Access denied Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl Status: Access denied Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl Status: Access denied Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession.etl Status: Access denied MErci encor une fois, j'attends que tu me guide dans la prochaine etape
-
BOnsoir pear J'ai essayé de faire le scan plusieurs fois mais a chaque fois il s'arrrtait affichait qu'il y a un error et il me donne le rapport suivant: OOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2009/10/26 17:15 Program Version: Version 1.3.5.0 Windows Version: Windows Vista SP2 ================================================== Drivers ------------------- Name: dump_iaStor.sys Image Path: C:\Windows\System32\Drivers\dump_iaStor.sys Address: 0x8A728000 Size: 819200 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\Windows\system32\drivers\rootrepeal.sys Address: 0x9F5DF000 Size: 49152 File Visible: No Signed: - Status: - Hidden/Locked Files ------------------- Path: C:\System Volume Information\{0171caaf-af4b-11de-8eb7-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{45375cf1-ba44-11de-a324-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{45375cf5-ba44-11de-a324-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{45375cf9-ba44-11de-a324-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{97faa01d-b8ea-11de-8e98-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{a5dccf92-ac20-11de-889f-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{b013cb71-bd97-11de-aee5-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{c3d6e08f-befd-11de-bfff-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{cdb9c177-b7e8-11de-a4ce-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{ce1f3a93-b951-11de-b694-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{D9E5A~1 Status: Locked to the Windows API! Path: C:\System Volume Information\{e796a010-aed6-11de-bb60-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{eae3db9e-b442-11de-80d7-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{ed88cb88-b1cb-11de-ac98-001e685bc773}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: c:\windows\temp\26548a93-ac3b-4de4-86fc-76a76b87a7e0.tmp Status: Allocation size mismatch (API: 65536, Raw: 0) Path: C:\Program Files\Windows Media Player\Network Sharing\RENDER~1.XML Status: Locked to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\cfwanimage Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\cs-CZ Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\da-DK Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\de-de Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\el-GR Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\en Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\es-es Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\FaceInstallAssist.dll Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\FaceLib Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\fi-FI Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\fr-FR Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\Guides Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\Help Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\hu-HU Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\it-IT Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\ja-JP Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\ko-kr Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\nb-NO Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\nl-nl Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\pl-PL Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\pt-PT Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\ru-RU Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\sk-SK Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\SmartFaceV.ini Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\SmartFaceVLogOn.dll Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\SmartFaceVSetting.exe Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\sv-se Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\tr-tr Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\zh-cn Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\zh-tw Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\NotifyTZU.dll Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\SmoothView.chm Status: Invisible to the Windows API! Path: C:\Program Files\Toshiba\ConfigFree\SmoothView.exe Status: Invisible to the Windows API! Path: C:\Windows\System32\XPSViewer\XPSVIE~1.XML Status: Locked to the Windows API! Path: C:\Windows\System32\wbem\MSFEED~1.MOF Status: Locked to the Windows API! Path: C:\Windows\System32\wbem\PORTAB~1.MOF Status: Locked to the Windows API! Path: C:\Windows\System32\wbem\PORTAB~2.MOF Status: Locked to the Windows API! Path: C:\Windows\System32\wbem\PORTAB~3.MOF Status: Locked to the Windows API! Path: C:\Windows\System32\wbem\PRINTF~1.MOF Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9818.0_none_b7e811947b297f6d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea 1.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003 bc63e949f6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df5 6e60dc5df.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d21850 4d2.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3c e6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_765 8964504b9f3b6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_ab ac38a907ee8801.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.c at Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad. cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2. cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_54c11d f268b7c6d9.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc 0ea08098.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddf c6cd11929a02.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1. cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cd a6db.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d 131.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8d d7dea5d5a7a18a.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_58b19c 2866332652.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_588 43c41d2730d3f.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e5070 87.cat Status: Locked to the Windows API! Processes ------------------- Path: System PID: 4 Status: Locked to the Windows API! Path: C:\Windows\System32\audiodg.exe PID: 1272 Status: Locked to the Windows API! ==EOF== j'attends ta reponse pour la prochaine etape merci d'avance
-
BOnjour pear la démarche des connexions internet a bien passé je l'ai appliqué et ca a l'air de bien marcher mais pour le telechargement de rootrepeal j'ai eu le meme probleme que j'ai eu avant avec les programmes que vous m'avez dit de telecharger comme je les telecharge et je les recois sous forme "rar " MErci pour tes solutions pear et j;attends ta reponse pour la prochaine etape
-
EN dehors de ce problème j'ai pas senti un progrès dans la performance en fait j'ai maintenant de plus un grand problème avec la connection sur internet explorer disions chaque 30 minutes ou 1h ce fichier deviend (not responding) et je suis obligé de l'ouvrir de nouveau
-
Bonjour pear j'ai eu ca comme reponse: "0 bytes size received / Se ha recibido un archivo vacio" J'attends tes instructions pour la prochiane etape Merci d'avance
-
Je viens de l'essayer et cette fois le scan s'est arrete au fil C:\users\user\appdata\local\microsoft\windowsdefender\filetracker\{9C6422DE-454F-4B35-B732-902AA7A215BE} j'attends tes instructions pour la prochaine etape merci