Rapport Hijackthis

pear · le 28 octobre 2009

Négatif encore!

Je consulte des collègues.

Patience donc !

En attendant:

Télécharger SuperAntispyware

Installez le, acceptez le cluf, aceptez la mise à jour, les options par défaut

et scannez votre pc.

Cliquez Préférences->Statistiques &Logs pour y trouver le rapport à poster.

S'il ne se lançait pas:

Modifié le 28 octobre 2009 par pear

pear · le 28 octobre 2009

Bonsoir,,

Poste de Travail->Votre disque système->Propriétés ->Outils->Vérifier maintenant

Cela fait relancez Mbam et dites ce qu'il en est.

Modifié le 28 octobre 2009 par pear

zahi · le 29 octobre 2009

BOnjour pear

j'ai essayé de faire un disk check mais a chaque fois il me demanadait de rescedhule le check jusqu'a la prochaine star t du pc et j'ai essaye de faire restart et j'ai pas eu un disk check up

j'ai enleve automaticily fix errors alors le check up s'est termine en 5 ou 6 secondes et il m'a rien affiché

et pour le Mbam j'ai essaye de faire un scan et aussi encore une fois le scan s'est devenu hyper lent quand il est arrive à

C:\users\user\appdata\local\microsoft\windowslivecontacts\{45b45c6a-95c9-4097-8947-3e5568b44bdb}\DBStore\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad \

jusqu'a devenir a peu près en pause

et pour le superantispyware j'ai lance et il arrivait toujours a un stade ou il me disait que le programme a rencontre un unexpected error et il m'ont demande mon mail pour me donner un report mais j'ai rien eu et le scann s'arrette mais avant de s'arreter il me signalait qu'il a detecte 33 cookies

MErci encore une fois pear j'attends tes instructions pour la prochaine etape

pear · le 29 octobre 2009

Bonjour,

Tout cela n'est pas normal et fait soupçonner un problème matériel.

Pour vérifier le disque C, utilisons la commande fsutil dirty query C:

Démarrer->Exécuter->cmd /k fsutil dirty query c:

Dans notre exemple, on constate que le volume C: n'est pas intègre.

Afin de solutionner ce problème, on utilise la commande CHKDSK afin de vérifier et réparer le volume.

Démarrer->Exécuter->Chkdsk /f/r

ou, mieux, en consode récupération:

C:\Windows>Chkdsk /p/r

Vous pouvez en faire un diagnostic plus approfondi avec les outils du fabricant:

Diagnostics pour Disques Durs

Au paragraphe"outils de Diagnostics pour Disques Durs"

zahi · le 29 octobre 2009

Salut,

J ai essayé la commande fsutil dans executer. Il me dit que fsutil necessite des privileges de l administrateur, mais il ne me donne pas un message comme quoi que le disque dur n est pas integre.

Dans taskschedule j ai regcure qui fqit quelque chose au demarrage de l ordi.

j ai telechargé l outil de diagnostic des disques durs. mqis le format du fichier est .iso que je n arrive pas a ouvrir.

que dois je faire?

encore merci pear

pear · le 30 octobre 2009

Téléchargez Random's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

Double-cliquez sur RSIT.exe afin de lancer RSIT.

* Cliquez Continue à l'écran Disclaimer.

* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.

* L'analyse terminée, deux fichiers texte s'ouvriront.:

Poster le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).

* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit

Et si vous avez encore le message"Rsit n'est pa etc.."

Attention, par défaut, Firefox ne permet pas le renommage avant sauvegarde, utiliser plutôt IE

Pour renommer:

Clic droit sur Téléchargez Random's system information tool (RSIT)

Choisir "Enregistrer la cible du lien..sous....Winlogon.exe

Choisir le bureau

En bas, à Nom du Fichier:

Vous devez obtenir ->Winlogon.exe

Cliquez enfin sur -> Enregistrer

Lancez winlogon.exe

En cas de problème, :

méthode illustrée

Modifié le 30 octobre 2009 par pear

zahi · le 30 octobre 2009

Bonjour pear

voici le log.txt:

Run by user at 2009-10-30 10:20:30

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 229 GB (75%) free of 304 GB

Total RAM: 3070 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:21:03 AM, on 10/30/2009

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18828)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe

C:\Program Files\Toshiba\Power Saver\TPwrMain.exe

C:\Program Files\Toshiba\SmoothView\SmoothView.exe

C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe

C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Search Guard PlusU\sgpupdaters.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe

C:\Users\user\Desktop\RSIT.exe

C:\Program Files\Trend Micro\HijackThis\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://edition.cnn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = etuproxy.enpc.fr:3128

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE

O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe

O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe

O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe

O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{24A09E8D-8972-431B-B3B8-EB64715BA080}: NameServer = 172.23.0.20,195.221.193.16

O17 - HKLM\System\CS1\Services\Tcpip\..\{24A09E8D-8972-431B-B3B8-EB64715BA080}: NameServer = 172.23.0.20,195.221.193.16

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\Windows\System32\avgrsstx.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

O23 - Service: ConfigFree Service - Unknown owner - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe

O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe

O23 - Service: pinger - Unknown owner - C:\TOSHIBA\IVP\ISM\pinger.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\IVP\swupdate\swupdtmr.exe

O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 13180 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{4D2136D5-DF24-4EC5-BFAC-D615D794CA47}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-03-13 908528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]

Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-07-31 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-15 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-01 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-01 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]

free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]

SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-03-13 165616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-06-15 259696]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-03-13 908528]

{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-10-24 178712]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-11-30 1029416]

"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-10-26 413696]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-29 75136]

"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-18 431456]

"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-11-01 54608]

"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-16 448080]

"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]

"NDSTray.exe"=NDSTray.exe []

"PCMAgent"=C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe [2007-12-14 143360]

"CLMLServer"=C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe [2008-02-14 184320]

"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2007-12-29 430080]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-16 39408]

"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-09-04 95536]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []

"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-10-12 2000112]

"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]

C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-08-13 2007832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-11 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]

C:\Users\user\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]

C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2007-09-04 54576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection]

C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

C:\Program Files\Skype\Phone\Skype.exe [2009-09-02 25623336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartVoip]

C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe -nosplash -minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]

C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe [2009-02-23 111856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk]

C:\PROGRA~1\PALTAL~1\paltalk.exe [2007-12-11 10252288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll C:\Windows\System32\avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rootrepeal.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=

"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\TOSHIBA\ivp\NetInt\Netint.exe"="C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"

"C:\TOSHIBA\Ivp\ISM\pinger.exe"="C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.scr - open - C:\Windows\system32\notepad.exe "%1"

.scr - install -

.scr - config -

======List of files/folders created in the last 1 months======

2009-10-30 10:20:30 ----D---- C:\rsit

2009-10-29 20:45:40 ----D---- C:\Program Files\Conduit

2009-10-29 20:45:39 ----D---- C:\Program Files\free-downloads.net

2009-10-29 20:45:06 ----D---- C:\Program Files\Alcohol Soft

2009-10-29 11:21:46 ----D---- C:\Program Files\Windows Portable Devices

2009-10-29 11:05:56 ----A---- C:\Windows\system32\UIAnimation.dll

2009-10-29 11:05:55 ----A---- C:\Windows\system32\UIRibbonRes.dll

2009-10-29 11:05:55 ----A---- C:\Windows\system32\UIRibbon.dll

2009-10-29 11:05:22 ----A---- C:\Windows\system32\WMPhoto.dll

2009-10-29 11:05:20 ----A---- C:\Windows\system32\cdd.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\XpsRasterService.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\XpsPrint.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\WindowsCodecs.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2009-10-29 11:05:17 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\OpcServices.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\dxdiagn.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\dxdiag.exe

2009-10-29 11:05:17 ----A---- C:\Windows\system32\d3d10warp.dll

2009-10-29 11:05:17 ----A---- C:\Windows\system32\d2d1.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\xpsservices.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\FntCache.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\dxgi.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\DWrite.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d11.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10level9.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10core.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10_1core.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10_1.dll

2009-10-29 11:05:16 ----A---- C:\Windows\system32\d3d10.dll

2009-10-29 11:04:30 ----A---- C:\Windows\system32\WPDShextAutoplay.exe

2009-10-29 11:04:30 ----A---- C:\Windows\system32\wpdbusenum.dll

2009-10-29 11:04:30 ----A---- C:\Windows\system32\BthMtpContextHandler.dll

2009-10-29 11:04:26 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll

2009-10-29 11:04:24 ----A---- C:\Windows\system32\WpdMtpUS.dll

2009-10-29 11:04:24 ----A---- C:\Windows\system32\WpdConns.dll

2009-10-29 11:04:23 ----A---- C:\Windows\system32\WPDSp.dll

2009-10-29 11:04:23 ----A---- C:\Windows\system32\WPDShServiceObj.dll

2009-10-29 11:04:23 ----A---- C:\Windows\system32\wpdshext.dll

2009-10-29 11:04:23 ----A---- C:\Windows\system32\WpdMtp.dll

2009-10-29 11:04:23 ----A---- C:\Windows\system32\wpd_ci.dll

2009-10-29 11:04:23 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll

2009-10-29 11:04:23 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2009-10-29 11:04:23 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2009-10-29 11:04:23 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2009-10-29 11:03:22 ----A---- C:\Windows\system32\UIAutomationCore.dll

2009-10-29 11:03:22 ----A---- C:\Windows\system32\oleaccrc.dll

2009-10-29 11:03:22 ----A---- C:\Windows\system32\oleacc.dll

2009-10-28 18:35:33 ----D---- C:\ProgramData\SUPERAntiSpyware.com

2009-10-28 18:33:42 ----D---- C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com

2009-10-28 18:33:42 ----D---- C:\Program Files\SUPERAntiSpyware

2009-10-28 18:32:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2009-10-28 11:45:49 ----A---- C:\Windows\system32\wmp.dll

2009-10-28 11:45:47 ----A---- C:\Windows\system32\unregmp2.exe

2009-10-28 11:45:46 ----A---- C:\Windows\system32\wmploc.DLL

2009-10-27 11:59:42 ----AD---- C:\ProgramData\TEMP

2009-10-26 19:44:33 ----A---- C:\Windows\ntbtlog.txt

2009-10-26 17:37:16 ----A---- C:\RootRepeal report 10-26-09 (17-37-16).txt

2009-10-26 17:14:30 ----A---- C:\RootRepeal report 10-26-09 (17-14-30).txt

2009-10-26 16:26:07 ----A---- C:\RootRepeal report 10-26-09 (16-26-07).txt

2009-10-26 16:24:16 ----A---- C:\RootRepeal report 10-26-09 (16-24-16).txt

2009-10-26 14:35:25 ----D---- C:\Users\user\AppData\Roaming\WinRAR

2009-10-26 14:35:16 ----D---- C:\Program Files\WinRAR

2009-10-25 22:51:52 ----D---- C:\Program Files\CCleaner

2009-10-16 15:32:29 ----D---- C:\Program Files\Zoner

2009-10-15 11:37:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2009-10-15 01:30:38 ----D---- C:\Windows\temp

2009-10-15 01:30:37 ----A---- C:\ComboFix.txt

2009-10-15 01:25:56 ----SHD---- C:\$RECYCLE.BIN

2009-10-15 01:06:38 ----D---- C:\20203-CF143722

2009-10-15 01:06:08 ----A---- C:\Windows\zip.exe

2009-10-15 01:06:08 ----A---- C:\Windows\SWXCACLS.exe

2009-10-15 01:06:08 ----A---- C:\Windows\SWSC.exe

2009-10-15 01:06:08 ----A---- C:\Windows\SWREG.exe

2009-10-15 01:06:08 ----A---- C:\Windows\sed.exe

2009-10-15 01:06:08 ----A---- C:\Windows\PEV.exe

2009-10-15 01:06:08 ----A---- C:\Windows\grep.exe

2009-10-15 01:06:07 ----D---- C:\20203-CF268002

2009-10-15 01:05:41 ----D---- C:\20203-CF64612

2009-10-14 18:15:01 ----A---- C:\Windows\system32\msv1_0.dll

2009-10-14 18:14:55 ----A---- C:\Windows\system32\ntoskrnl.exe

2009-10-14 18:14:54 ----A---- C:\Windows\system32\ntkrnlpa.exe

2009-10-14 18:14:35 ----A---- C:\Windows\system32\mshtml.dll

2009-10-14 18:14:33 ----A---- C:\Windows\system32\ieframe.dll

2009-10-14 18:14:32 ----A---- C:\Windows\system32\wininet.dll

2009-10-14 18:14:32 ----A---- C:\Windows\system32\urlmon.dll

2009-10-14 18:14:32 ----A---- C:\Windows\system32\msfeeds.dll

2009-10-14 18:14:32 ----A---- C:\Windows\system32\iertutil.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\occache.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\msfeedssync.exe

2009-10-14 18:14:31 ----A---- C:\Windows\system32\msfeedsbs.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\jsproxy.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\ieUnatt.exe

2009-10-14 18:14:31 ----A---- C:\Windows\system32\ieui.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\iesysprep.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\iesetup.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\iernonce.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\iepeers.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\iedkcs32.dll

2009-10-14 18:14:31 ----A---- C:\Windows\system32\ie4uinit.exe

2009-10-14 18:14:28 ----A---- C:\Windows\system32\msasn1.dll

2009-10-14 18:14:26 ----A---- C:\Windows\system32\WMSPDMOD.DLL

2009-10-14 01:20:10 ----D---- C:\20203-CF188572

2009-10-14 01:13:52 ----D---- C:\20203-CF69692

2009-10-14 01:07:46 ----D---- C:\20203-CF

2009-10-14 00:13:12 ----A---- C:\Windows\NIRCMD.exe

2009-10-14 00:12:19 ----D---- C:\Windows\ERDNT

2009-10-14 00:11:40 ----D---- C:\Qoobox

2009-10-08 10:46:08 ----D---- C:\Users\user\AppData\Roaming\Malwarebytes

2009-10-08 10:46:01 ----D---- C:\ProgramData\Malwarebytes

2009-10-08 09:19:54 ----D---- C:\_OTM

2009-10-07 09:10:18 ----D---- C:\Program Files\Trend Micro

2009-10-02 19:26:59 ----N---- C:\Windows\system32\MpSigStub.exe

======List of files/folders modified in the last 1 months======

2009-10-30 10:20:44 ----D---- C:\Windows\Prefetch

2009-10-30 10:20:32 ----SHD---- C:\System Volume Information

2009-10-30 10:19:12 ----AD---- C:\Windows\System32

2009-10-30 10:19:12 ----A---- C:\Windows\system32\PerfStringBackup.INI

2009-10-30 10:19:11 ----D---- C:\Windows\inf

2009-10-30 10:12:28 ----A---- C:\Windows\system32\rpcnetp.exe

2009-10-30 10:12:16 ----A---- C:\Windows\system32\rpcnetp.dll

2009-10-30 10:12:16 ----A---- C:\Windows\system32\rpcnet.dll

2009-10-29 20:46:16 ----D---- C:\Program Files\Mozilla Firefox

2009-10-29 20:45:40 ----RD---- C:\Program Files

2009-10-29 20:41:41 ----D---- C:\Windows\system32\drivers

2009-10-29 11:40:44 ----D---- C:\Windows\rescache

2009-10-29 11:25:46 ----D---- C:\Windows\system32\Tasks

2009-10-29 11:21:55 ----D---- C:\Windows

2009-10-29 11:21:48 ----D---- C:\Windows\system32\en-US

2009-10-29 11:21:46 ----D---- C:\Windows\system32\wbem

2009-10-29 11:21:44 ----D---- C:\Windows\system32\pt-PT

2009-10-29 11:21:44 ----D---- C:\Windows\system32\pt-BR

2009-10-29 11:21:44 ----D---- C:\Windows\system32\it-IT

2009-10-29 11:21:44 ----D---- C:\Windows\system32\he-IL

2009-10-29 11:21:44 ----D---- C:\Windows\system32\bg-BG

2009-10-29 11:21:43 ----D---- C:\Windows\system32\zh-TW

2009-10-29 11:21:43 ----D---- C:\Windows\system32\zh-HK

2009-10-29 11:21:43 ----D---- C:\Windows\system32\zh-CN

2009-10-29 11:21:43 ----D---- C:\Windows\system32\uk-UA

2009-10-29 11:21:43 ----D---- C:\Windows\system32\tr-TR

2009-10-29 11:21:43 ----D---- C:\Windows\system32\th-TH

2009-10-29 11:21:43 ----D---- C:\Windows\system32\sv-SE

2009-10-29 11:21:43 ----D---- C:\Windows\system32\sr-Latn-CS

2009-10-29 11:21:43 ----D---- C:\Windows\system32\sl-SI

2009-10-29 11:21:43 ----D---- C:\Windows\system32\sk-SK

2009-10-29 11:21:43 ----D---- C:\Windows\system32\ru-RU

2009-10-29 11:21:43 ----D---- C:\Windows\system32\ro-RO

2009-10-29 11:21:43 ----D---- C:\Windows\system32\pl-PL

2009-10-29 11:21:43 ----D---- C:\Windows\system32\nl-NL

2009-10-29 11:21:43 ----D---- C:\Windows\system32\nb-NO

2009-10-29 11:21:43 ----D---- C:\Windows\system32\lv-LV

2009-10-29 11:21:43 ----D---- C:\Windows\system32\lt-LT

2009-10-29 11:21:43 ----D---- C:\Windows\system32\ko-KR

2009-10-29 11:21:43 ----D---- C:\Windows\system32\ja-JP

2009-10-29 11:21:43 ----D---- C:\Windows\system32\hu-HU

2009-10-29 11:21:43 ----D---- C:\Windows\system32\hr-HR

2009-10-29 11:21:43 ----D---- C:\Windows\system32\fr-FR

2009-10-29 11:21:43 ----D---- C:\Windows\system32\fi-FI

2009-10-29 11:21:43 ----D---- C:\Windows\system32\et-EE

2009-10-29 11:21:43 ----D---- C:\Windows\system32\es-ES

2009-10-29 11:21:43 ----D---- C:\Windows\system32\el-GR

2009-10-29 11:21:43 ----D---- C:\Windows\system32\de-DE

2009-10-29 11:21:43 ----D---- C:\Windows\system32\da-DK

2009-10-29 11:21:43 ----D---- C:\Windows\system32\cs-CZ

2009-10-29 11:21:43 ----D---- C:\Windows\system32\ar-SA

2009-10-29 11:21:43 ----D---- C:\Program Files\Internet Explorer

2009-10-29 11:21:34 ----D---- C:\Program Files\Windows Media Player

2009-10-29 11:06:07 ----D---- C:\Windows\winsxs

2009-10-29 11:06:05 ----D---- C:\Windows\system32\catroot

2009-10-29 11:05:44 ----D---- C:\Windows\system32\catroot2

2009-10-29 11:03:16 ----SHD---- C:\Windows\Installer

2009-10-28 18:35:33 ----D---- C:\ProgramData

2009-10-28 18:32:50 ----D---- C:\Program Files\Common Files

2009-10-26 01:09:26 ----D---- C:\ProgramData\Yahoo! Companion

2009-10-25 22:56:30 ----D---- C:\Windows\system32\LogFiles

2009-10-25 22:56:28 ----D---- C:\Windows\Debug

2009-10-22 12:37:19 ----D---- C:\ProgramData\Microsoft Help

2009-10-22 12:37:11 ----RSD---- C:\Windows\assembly

2009-10-22 12:36:07 ----D---- C:\Program Files\Common Files\microsoft shared

2009-10-22 12:35:56 ----RSD---- C:\Windows\Fonts

2009-10-22 12:33:14 ----A---- C:\Windows\win.ini

2009-10-22 12:33:13 ----D---- C:\Program Files\Common Files\System

2009-10-16 13:01:23 ----D---- C:\Program Files\Windows Live

2009-10-15 11:27:38 ----D---- C:\Windows\Microsoft.NET

2009-10-15 07:29:20 ----D---- C:\Windows\ehome

2009-10-15 07:29:20 ----D---- C:\Program Files\Windows Mail

2009-10-15 07:29:08 ----D---- C:\Windows\system32\migration

2009-10-15 01:25:52 ----A---- C:\Windows\system.ini

2009-10-15 01:10:28 ----D---- C:\Windows\AppPatch

2009-10-14 14:10:06 ----D---- C:\Windows\Tasks

2009-10-12 23:36:14 ----D---- C:\Users\user\AppData\Roaming\Skype

2009-10-08 18:05:31 ----D---- C:\SYSTEM

2009-10-02 19:01:57 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-07-31 335240]

R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-07-31 27784]

R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-06-18 108552]

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-10-12 9968]

R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-10-12 74480]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-31 3483648]

R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]

R3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2008-02-01 187904]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]

R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]

R3 NETw4v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-26 2251776]

R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-01-15 48472]

R3 QIOMem;Generic IO & Memory Access; C:\Windows\system32\DRIVERS\QIOMem.sys [2007-04-10 8192]

R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-10-12 7408]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-11-30 196144]

R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]

R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-12-17 18432]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496]

S3 a2yk2cbv;a2yk2cbv; C:\Windows\system32\drivers\a2yk2cbv.sys []

S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]

S3 catchme;catchme; \??\C:\20203-CF143722\catchme.sys []

S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 rootrepeal;rootrepeal; \??\C:\Windows\system32\drivers\rootrepeal.sys []

S3 SysProtDrv.sys;SysProtDrv.sys; \??\C:\Users\user\Desktop\SysProt\SysProt\SysProtDrv.sys []

S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []

S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-24 9216]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-11-09 219264]

S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-11-09 211072]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-01-30 643072]

R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-10-24 358936]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]

R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2007-02-13 65536]

R2 pinger;pinger; C:\TOSHIBA\IVP\ISM\pinger.exe [2007-01-26 136816]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328]

R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2009-08-13 56680]

R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]

R2 Swupdtmr;Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [2007-10-24 66928]

R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-22 83312]

R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-22 129632]

R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-18 431456]

R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-29 128360]

R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-04 126976]

R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-24 49152]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]

R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]

S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe []

S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []

S2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe []

S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-10-11 85096]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 GameConsoleService;GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [2008-10-03 242424]

S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-10-11 29744]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 182768]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

et voici le info text

info.txt logfile of random's system information tool 1.06 2009-10-30 10:21:06

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}

-->"C:\Program Files\TOSHIBA Games\Bejeweled 2 Deluxe\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Blackhawk Striker 2\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Build in Time\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Dream Day Wedding 2 - Married in Manhattan\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\FATE\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Go Go Gourmet - Chef of the Year\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Hide and Secret\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Mah Jong Quest\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Mystery P.I. - The Lottery Ticket\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Penguins!\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Polar Bowler\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Polar Golfer\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Sea Life Safari\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\The Great Chocolate Chase - A Chocolatier Twist\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Virtual Villagers - A New Home\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Wedding Dash 2 - Rings Around the World\Uninstall.exe"

-->"C:\Program Files\TOSHIBA Games\Wedding Dash\Uninstall.exe"

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801

-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9

ACDSee Photo Editor-->MsiExec.exe /I{2C6D03AC-02ED-4417-9F40-6A0CB55CEF2B}

Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}

Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415}

Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

AutoCAD 2009 - English-->C:\Program Files\AutoCAD 2009\Setup\Setup.exe /P {5783F2D7-7001-0409-0002-0060B0CE6BBA} /M ACAD

Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}

AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL

Bibliorom-->"C:\Program Files\Microsoft Référence\Bibliorom\Setup\install.exe"

Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}

Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}

Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0009

Catalyst Control Center - Branding-->MsiExec.exe /I{D58A1E94-9EEA-4C6E-B9FB-D7C63DC6C941}

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

CD/DVD Drive Acoustic Silencer-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x0009 -removeonly

Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}

Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ITE1HERza.INF

CyberLink PowerCinema for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" /z-uninstall

DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9

EL MOTARGEM ELKAFI-->C:\Windows\uninst.exe -f"C:\Program Files\ARASOFT\EL MOTARGEM ELKAFI\DeIsL1.isu" -cC:\PROGRA~1\ARASOFT\ELMOTA~1\_ISREG32.DLL

EPANET 2.0-->C:\Windows\GPInstall.exe "/UNINST=C:\Program Files\EPANET2\UnInst.log" "/APPNAME=EPANET 2.0"

FLV Player 2.0 (build 25)-->C:\Program Files\FLV Player\uninst.exe

free-downloads.net Toolbar-->C:\PROGRA~1\FREE-D~1.NET\UNWISE.EXE /U C:\PROGRA~1\FREE-D~1.NET\INSTALL.LOG

GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG

GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}

Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_9DE96A29E721D90A.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179\UIU32m.exe -U -ITE1HERzm.INF

HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Intel® PROSet/Wireless Software-->C:\Windows\Installer\iProInst.exe

Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall

iTunes-->MsiExec.exe /I{EC2A8F27-4FBF-4E41-B27B-FE822511B761}

Java 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}

Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}

mCorev32.ism_new-->MsiExec.exe /I{A945BD16-4774-4A1F-96A7-118BEC004881}

mCPlug-->MsiExec.exe /I{F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F}

Memeo AutoBackup-->C:\Program Files\InstallShield Installation Information\{03240EBA-04F2-4652-BC7F-B055902BDCD3}\setup.exe -runfromtemp -l0x0409

mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}

Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}

Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}

Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}

Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}

Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}

Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}

mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}

Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}

Napster Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}

Napster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe" -l0x9 -removeonly

NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly

NOD32 FiX v2.1-->"C:\Program Files\Eset\unins000.exe"

Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}

O2Micro Flash Memory Card Reader Driver (x86)-->MsiExec.exe /X{372B31CF-77FB-4E29-860C-A0EA2985AB7F}

OLYMPUS Master 2-->MsiExec.exe /X{45FCADDB-0B29-457E-83A1-D245C62A716C}

OLYMPUS muvee theaterPack-->MsiExec.exe /X{B3282FB8-874B-4054-8356-9EB391A826F9}

PaltalkScene-->"C:\Windows\PaltalkScene\uninstall.exe" "/U:C:\Program Files\Paltalk Messenger\irunin.xml"

Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"

Programmes pour le projet de batiment 1.00-->C:\Program Files\Zahi AWWAD - Sami CHACAR\Programmes pour le projet de batiment\Uninstall.exe

QuickBooks Financial Center-->MsiExec.exe /I{890EF3F8-742F-46BD-9E8E-084B3A1F4364}

QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}

Search Guard Plus (My Tattoons)-->C:\Program Files\Search Guard Plus\uninstalSGP.exe

Search Guard Plus Updater (My Tattoons)-->C:\Program Files\Search Guard PlusU\uninstalSGPU.exe

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}

Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}

Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}

Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}

Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb

Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}

Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}

SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}

Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

Tactical Ops 2-->C:\UNREAL~1\UNWISE.EXE C:\UNREAL~1\INSTALL.LOG

TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x0009 -removeonly

TOSHIBA ConfigFree-->MsiExec.exe /X{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}

TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}

TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly

TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0409

TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x0409 -removeonly

TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B}

TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B} /l1033

Toshiba Registration-->MsiExec.exe /I{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}

TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}

TOSHIBA Software Upgrades-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe" -l0x9 -removeonly

TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9

TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL

TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9

TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{491DD193-1B57-4D1C-8B14-18B96992A89F} /l1033

TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}

Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}

Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}

Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}

Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}

Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}

Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}

Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}

Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}

Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}

Update for Outlook 2007 Junk Email Filter (KB974810)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C05FBAD5-A211-4E86-BB51-7E07B80C9233}

WildTangent Games-->"C:\Program Files\TOSHIBA Games\Uninstall.exe"

Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}

Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE

Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE

Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

Zoner Panorama Maker-->"C:\Program Files\Zoner\Panorama Maker\unins000.exe"

======Security center information======

AS: Windows Defender

AS: SUPERAntiSpyware

======System event log======

Computer Name: user-PC

Event Code: 55

Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume SQ004660V08.

Record Number: 238828

Source Name: Ntfs

Time Written: 20090916063800.607257-000

Event Type: Error

User:

Computer Name: user-PC

Event Code: 55

Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

Record Number: 238827

Source Name: Ntfs

Time Written: 20090916063800.513657-000

Event Type: Error

User:

Computer Name: user-PC

Event Code: 55

Message: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

Record Number: 238826

Source Name: Ntfs

Time Written: 20090916063800.498057-000

Event Type: Error

User:

Computer Name: user-PC

Event Code: 7000

Message: The ConfigFree Service service failed to start due to the following error:

The system cannot find the file specified.

Record Number: 238775

Source Name: Service Control Manager

Time Written: 20090916063800.000000-000

Event Type: Error

User:

Computer Name: user-PC

Event Code: 7000

Message: The Parallel port driver service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Record Number: 238772

Source Name: Service Control Manager

Time Written: 20090916063800.000000-000

Event Type: Error

User:

=====Application event log=====

Computer Name: user-PC

Event Code: 10010

Message: Application 'C:\Program Files\Common Files\Symantec Shared\ccApp.exe' (pid 3012) cannot be restarted - Application SID does not match Conductor SID..

Record Number: 1249

Source Name: Microsoft-Windows-RestartManager

Time Written: 20081011024636.943913-000

Event Type: Warning

User: user-PC\user

Computer Name: user-PC

Event Code: 10010

Message: Application 'C:\Program Files\Common Files\Symantec Shared\ccApp.exe' (pid 3012) cannot be restarted - Application SID does not match Conductor SID..

Record Number: 1235

Source Name: Microsoft-Windows-RestartManager

Time Written: 20081011024626.862913-000

Event Type: Warning

User: user-PC\user

Computer Name: user-PC

Event Code: 10010

Message: Application 'C:\Program Files\Common Files\Symantec Shared\ccApp.exe' (pid 3012) cannot be restarted - Application SID does not match Conductor SID..

Record Number: 1221

Source Name: Microsoft-Windows-RestartManager

Time Written: 20081011024539.778913-000

Event Type: Warning

User: user-PC\user

Computer Name: user-PC

Event Code: 10

Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Record Number: 1178

Source Name: Microsoft-Windows-WMI

Time Written: 20081011020440.000000-000

Event Type: Error

User:

Computer Name: user-PC

Event Code: 1008

Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 1171

Source Name: Microsoft-Windows-Search

Time Written: 20081011120422.000000-000

Event Type: Warning

User:

=====Security event log=====

Computer Name: user-PC

Event Code: 5032

Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.

Error Code: 2

Record Number: 18888

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090329154155.989359-000

Event Type: Audit Failure

User:

Computer Name: user-PC

Event Code: 5032

Message: Windows Firewall was unable to notify the user that it blocked an application from accepting incoming connections on the network.

Error Code: 2

Record Number: 18887

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090329154056.220359-000

Event Type: Audit Failure

User:

Computer Name: user-PC

Event Code: 5038

Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\Temp\INSTB32.SYS

Record Number: 18886

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090329105819.996359-000

Event Type: Audit Failure

User:

Computer Name: user-PC

Event Code: 4672

Message: Special privileges assigned to new logon.

Subject:

Security ID: S-1-5-18

Account Name: SYSTEM

Account Domain: NT AUTHORITY

Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 18885

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090329104224.576359-000

Event Type: Audit Success

User:

Computer Name: user-PC

Event Code: 4624

Message: An account was successfully logged on.

Subject:

Security ID: S-1-5-18

Account Name: USER-PC$

Account Domain: WORKGROUP

Logon ID: 0x3e7

Logon Type: 5

New Logon:

Security ID: S-1-5-18

Account Name: SYSTEM

Account Domain: NT AUTHORITY

Logon ID: 0x3e7

Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:

Process ID: 0x2a8

Process Name: C:\Windows\System32\services.exe

Network Information:

Workstation Name:

Source Network Address: -

Source Port: -

Detailed Authentication Information:

Logon Process: Advapi

Authentication Package: Negotiate

Transited Services: -

Package Name (NTLM only): -

Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.

- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.

- Transited services indicate which intermediate services have participated in this logon request.

- Package name indicates which sub-protocol was used among the NTLM protocols.

- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.

Record Number: 18884

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090329104224.576359-000

Event Type: Audit Success

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel

"PROCESSOR_REVISION"=0f0d

"NUMBER_OF_PROCESSORS"=2

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------

pear · le 30 octobre 2009

Ca avance , on dirait:

Dans Hijackthis, cochez ces lignes puis clic sur fix checked.

O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing

O23 - Service: Bonjour Service - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

rkill.comTélécharger Rkill de Grinler sur le bureau,

double clic pour le lancer.

Une fenêtre (très rapide) indiquera que tout s'est bien déroulé.

Pour Vista, faire un clic droit sur le fichier rkill téléchargé puis choisir "Exécuter en tant qu'Administrateur" pour lancer l'outil.

Java n'est pas à jour,donc vulnérable.

Téléchargez Javara

ou là:

Javara

clic sur Download Windows binary.zip vers le bureau.

Dézippez.

lancez Javara.exe

clic sur mise à jour via jucheck

clic sur installer

Revenez dans JavaRa

Cliquez Effacer les anciennes versions

Puis..... Autres Options ->Cocher Effacer les fichiers JRE Inutiles ->Exécuter

Télécharger sur le bureauOTM by OldTimer .

Double-clic sur OTM.exe pour le lancer.

Sous Vista,Clic droit sur le fichier ->Choisir Exécuter en tant qu' Administrateur

Vérifier que Unregister Dll's and Ocx's soit coché.

* Copiez /Collez les lignes ci dessous):

:Processes

:Files

c:\program files\search guard plusu\sgpupdaters.exe

c:\program files\search guard plusu\uninstalsgpu.exe

:Services

:Reg

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}]

:Commands

[purity]

[emptytemp]

[Reboot]

Revenez dans OTM,

Clic droit sur la fenêtre "Paste Instructions for Items to be Moved" sous la barre jaune et choisir Coller(Paste).

* Click le bouton rouge Moveit!

* Fermez OTM

Votre Pc va redémarrer.

Rendez vous dans le dossier C:\_OTM\MovedFiles ,

ouvrez le dernier fichier .log

Copiez/collez en le contenu dans votre prochaine réponse

Désinstallez Mbam et réinstallez une version fraiche .

Lancez le.

zahi · le 30 octobre 2009

Salut pear,

j ai fais ce que tu m'a dit de faire. Hijqck this m'a sorti le message

"Hijackthis cannot perform repair O10 winsock LSP entries. you should use LSP fix for that... If the O10 item belongs to webhancer, new.net or co;;on name, spybot S&D can remove it automatically"

Puis au redemarrage j ai relance hijackthis, et les elements que tu m avais demande de cocher etaient toujours la.

puis j'ai suivi tes instructions dans OTM j ai eu le rapport suivant:

All processes killed

========== PROCESSES ==========

========== FILES ==========

c:\program files\search guard plusu\sgpUpdaters.exe moved successfully.

c:\program files\search guard plusu\uninstalSGPU.exe moved successfully.

========== SERVICES/DRIVERS ==========

========== REGISTRY ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\ not found.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Public

->Temp folder emptied: 0 bytes

User: user

->Temp folder emptied: 18683964 bytes

File delete failed. C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.

->Temporary Internet Files folder emptied: 67520189 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 12075601 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

Windows Temp folder emptied: 579374 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 94.31 mb

OTM by OldTimer - Version 3.0.0.6 log created on 10302009_133635

Files moved on Reboot...

Registry entries deleted on Reboot...

je suis en train de faire le scan MBAM que je posterai sitot qu'il sera fini

Merci pour ta patience

zahi · le 30 octobre 2009

pour le Mbam j'ai essaye de faire un scan et aussi encore une fois le scan s'est devenu hyper lent quand il est arrive à

C:\users\user\appdata\local\microsoft\windowslivecontacts\{45b45c6a-95c9-4097-8947-3e5568b44bdb}\DBStore\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad\dsad \

Connexion

Pas encore inscrit ?

Rapport Hijackthis

Messages recommandés

pear

pear

zahi

pear

zahi

pear

zahi

pear

zahi

zahi

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer