Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

Problème de connection internet - Club-internet

 

Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

Problème de connection internet - Club-internet

Prévenir les modérateurs en cas d'abus 
faiwong
faiwong
  1. Posté le 20/01/2009 à 14:15:06  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour,

 Un ami m'a confié son pc portable dont il était connecté sur club-internet par un modem BeWan. Il n'avait ni anti-virus ni parefeu.
 La connection internet a disparu et malgré mes "bidouilles", je suis incapable d'en venir à bout ni même accéder à internet sur ma connection Free.
 J'ai pensé au premier abord à des virus ou trojan, je suis passé par avast puis avg mise à jour en mode sans échec qui m'ont éliminé quelques virus ; spybot et mis le parfeu sunbelt. Le pc semble clean sauf peut-etre au niveau des ports.
 l'icone de skype semble connecter, pour msn lorsque je me connecte, après diagnostique, il semblerait qu'il y ait des problemes sur les fichiers host / dns / ports principaux. J'ai essayé de mettre mon dns mais pas de connection.
 Par contre, ils y a bien des paquets de données entrants et sortant...
 de plus un moment le pc portable m'a installé le sp3 tout seul...

 Merci d'avance pour votre aide !

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 21/01/2009 à 23:45:25  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut faiwong


 On va vérifier si le problème est viral, sinon je te transfère dans la section Télécom et Réseaux du Forum.

 Télécharge RSIT (de random/random) sur le bureau ici :
 http://images.malwareremoval.com/random/RSIT.exe

 - Double clique sur RSIT.exe qui est sur le bureau
 - Clique sur Continue dans la fenêtre
 - RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
 - Poste le contenue des deux rapports, log.txt et info.txt à la fin de l’analyse


 @++   :)

(Publicité)
faiwong
  1. Posté le 22/01/2009 à 09:36:25  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Dédétraqué !

 Merci de m'avoir répondu aussi rapidement !  :youpi:
 Ci-joints les 2 fichiers après l'analyse :

 log.txt

 Logfile of random's system information tool 1.05 (written by random/random)
 Run by Mister LE at 2009-01-22 09:27:22
 Microsoft Windows XP Professional Service Pack 3
 System drive C: has 18 GB (52%) free of 36 GB
 Total RAM: 495 MB (15% free)

 Logfile of Trend Micro HijackThis v2.0.2
 Scan saved at 09:28:02, on 22/01/2009
 Platform: Windows XP SP3 (WinNT 5.01.2600)
 MSIE: Internet Explorer v8.00 (8.00.6001.18241)
 Boot mode: Normal

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.e​xe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\WINDOWS\Explorer.EXE
 C:\PROGRA~1\AVG\AVG8\avgwdsvc.​exe
 C:\Program Files\TOSHIBA\ConfigFree\CFSvc​s.exe
 C:\WINDOWS\system32\DVDRAMSV.e​xe
 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
 C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
 C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
 C:\PROGRA~1\AVG\AVG8\avgtray.e​xe
 C:\Program Files\TOSHIBA\TOSCDSPD\toscdsp​d.exe
 C:\Program Files\MSN Messenger\MsnMsgr.Exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\PROGRA~1\AVG\AVG8\avgrsx.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\ThpSrv.exe
 C:\Program Files\Skype\Phone\Skype.exe
 C:\Program Files\TOSHIBA\TME3\Tmesrv31.ex​e
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
 C:\PROGRA~1\AVG\AVG8\avgemc.ex​e
 C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
 C:\WINDOWS\system32\LVComsX.ex​e
 C:\PROGRA~1\AVG\AVG8\avgscanx.​exe
 C:\Documents and Settings\Mister LE\Desktop\Securite\RSIT.exe
 C:\Documents and Settings\Mister LE\Desktop\Securite\Mister LE.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://www.club-internet.fr/
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Search_U​RL = http://go.microsoft.com/fwlink/?LinkId=54896
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Window Title = Internet Explorer avec Club-Internet
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyServer = http=proxy.club-internet.fr:80​80
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;192.168.1.1;localhos​t;club-internet.fr;*.club-inte​rnet.fr;grolier.fr;*.grolier.f​r
 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6​BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
 O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E​497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
 O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-00123​4567890} - C:\WINDOWS\system32\dla\tfswsh​x.dll
 O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC​4DFA408} - (no file)
 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5​E23E045} - (no file)
 O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: BHO Barre de Confiance CM-CIC - {988B07F5-7392-455A-8A1F-64935​CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dl​l
 O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A18​7E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.​DLL
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - c:\program files\google\googletoolbar2.dl​l
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\2.0.301.7164\swg.dll
 O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9​BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Tool​band.dll
 O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - c:\program files\google\googletoolbar2.dl​l
 O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
 O3 - Toolbar: Barre de confiance CM-CIC - {55BDF3B0-C0A8-481A-B8A6-01CD2​BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dl​l
 O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA} - (no file)
 O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A18​7E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.​DLL
 O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.e​xe
 O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdsp​d.exe
 O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestE​ngine.exe" boot
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
 O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
 O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
 O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_AddToList.html
 O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_HSPrint.html
 O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_Preview.html
 O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_Print.html
 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msnta​bres.dll.mui/229?c72904945f754​d28bacda9c481e27614
 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msnta​bres.dll.mui/230?c72904945f754​d28bacda9c481e27614
 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\np​jpi142_05.dll
 O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401​C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\np​jpi142_05.dll
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba3​8496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
 O14 - IERESET.INF: START_PAGE_URL=http://home.fre​e.fr/
 O16 - DPF: {493ACF15-5CD9-4474-82A6-91670​C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/Li [...] ontrol.cab
 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-44455​3540000} (Shockwave Flash Object) - https://download.macromedia.co [...] wflash.cab
 O17 - HKLM\System\CCS\Services\Tcpip​\..\{BABA8213-7B4F-485A-B7E3-6​EBBF9D4795A}: NameServer = 212.27.40.241,212.27.40.240
 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE​494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
 O20 - AppInit_DLLs: avgrsstx.dll
 O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.ex​e
 O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.​exe
 O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvc​s.exe
 O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.e​xe
 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.e​xe
 O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
 O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
 O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\​CCPD-LC\symlcsvc.exe
 O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe
 O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.ex​e

 --
 End of file - 9683 bytes

 ======Scheduled tasks folder======

 C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

 ======Registry dump======

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
 Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{2F85D76C-0569-466F-A488-493E6BD0E955}]
 dsWebAllowBHO Class - C:\Program Files\Windows Desktop Search\dsWebAllow.dll [2006-03-26 265432]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
 AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-01-05 455960]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
 DriveLetterAccess - C:\WINDOWS\system32\dla\tfswsh​x.dll [2004-09-28 118842]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
 Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 324416]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{988B07F5-7392-455A-8A1F-64935CB8B6ED}]
 BHO Barre de Confiance CM-CIC - C:\Program Files\BarreConfCMCIC\TAPBar.dl​l [2007-04-12 221184]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
 AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.​DLL [2009-01-05 2055960]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
 Google Toolbar Helper - c:\program files\google\googletoolbar2.dl​l [2007-01-19 2436160]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
 Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNoti​fier\2.0.301.7164\swg.dll [2007-08-09 325048]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
 Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Toolbar]
 {327C2873-E90D-4c37-AA9D-10AC9​BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Tool​band.dll [2004-04-16 405504]
 {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - &Google - c:\program files\google\googletoolbar2.dl​l [2007-01-19 2436160]
 {BDAD1DAD-C946-4A17-ADC1-64B5B​4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
 {55BDF3B0-C0A8-481A-B8A6-01CD2​BE0F3FD} - Barre de confiance CM-CIC - C:\Program Files\BarreConfCMCIC\TAPBar.dl​l [2007-04-12 221184]
 {7FEBEFE3-6B19-4349-98D2-FFB09​D4B49CA}
 {A057A204-BACC-4D26-9990-79A18​7E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.​DLL [2009-01-05 2055960]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Run]
 "AVG8_TRAY"=C:\PROGRA~1\AVG\AV​G8\avgtray.exe [2009-01-05 1261336]

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Run]
 "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdsp​d.exe [2003-09-05 65536]
 "LogitechSoftwareUpdate"=C:\Pr​ogram Files\Logitech\Video\ManifestE​ngine.exe [2004-06-01 196608]
 "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
 "ctfmon.exe"=C:\WINDOWS\system​32\ctfmon.exe [2008-04-14 15360]
 "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2006-02-06 19490344]
 "swg"=C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe [2007-08-09 68856]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\AVP]
 C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\ctfmon.exe]
 C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\KernelFaultCheck]
 C:\WINDOWS\system32\dumprep 0 -k []

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\TOSCDSPD]
 C:\Program Files\TOSHIBA\TOSCDSPD\toscdsp​d.exe [2003-09-05 65536]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupfolder\C​:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
 C:\PROGRA~1\Adobe\ACROBA~2.0\R​eader\READER~1.EXE [2008-04-23 29696]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupfolder\C​:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
 C:\PROGRA~1\Logitech\DESKTO~1\​8876480\Program\LDMConf.exe [2004-09-10 450560]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupfolder\C​:^Documents and Settings^All Users^Start Menu^Programs^Startup^RAMASST.lnk]
 C:\WINDOWS\system32\RAMASST.ex​e [2003-03-14 155648]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupfolder\C​:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]
 C:\PROGRA~1\WI459E~1\WINDOW~3.​EXE [2006-03-26 257752]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Windows]
 "AppInit_DLLS"="avgrsstx.dll"

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
 C:\WINDOWS\system32\igfxsrvc.d​ll [2004-10-25 348160]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
 C:\WINDOWS\system32\WgaLogon.d​ll [2008-09-05 241704]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\ShellExecuteHooks]
 "{56F9679E-7826-4C84-81F3-5320​71A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-03-13 233472]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\Lsa]
 "authentication packages"=msv1_0
 nwprovau

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\nm]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\nm.sys]

 [HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Control\SafeBoot​\network\vsmon]

 [HKEY_LOCAL_MACHINE\Software\Mi​crosoft\Windows\CurrentVersion​\Policies\System]
 "dontdisplaylastusername"=0
 "legalnoticecaption"=
 "legalnoticetext"=
 "shutdownwithoutlogon"=1
 "undockwithoutlogon"=1

 [HKEY_CURRENT_USER\Software\Mic​rosoft\Windows\CurrentVersion\​Policies\explorer]
 "NoDriveTypeAutoRun"=145

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\standardprofile\authorizedap​plications\list]
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"
 "C:\Program Files\Internet Explorer\iexplore.exe"="C:\Pro​gram Files\Internet Explorer\iexplore.exe:*:Enable​d:Internet Explorer"
 "C:\Program Files\AVG\AVG8\avgemc.exe"="C:​\Program Files\AVG\AVG8\avgemc.exe:*:En​abled:avgemc.exe"
 "C:\Program Files\AVG\AVG8\avgupd.exe"="C:​\Program Files\AVG\AVG8\avgupd.exe:*:En​abled:avgupd.exe"
 "C:\Program Files\Skype\Phone\Skype.exe"="​C:\Program Files\Skype\Phone\Skype.exe:*:​Enabled:Skype"

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\services\shareda​ccess\parameters\firewallpolic​y\domainprofile\authorizedappl​ications\list]
 "%windir%\system32\sessmgr.exe​"="%windir%\system32\sessmgr.e​xe:*:enabled:@xpsp2res.dll,-22​019"

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\D]
 shell\AutoRun\command - D:\AUTORUN.EXE

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\{71bbe00​0-7d5b-11dc-9ec1-000e7bfdbe60}​]
 shell\AutoRun\command - E:\Drive.exe
 shell\explore\command - E:\Drive.exe
 shell\open\command - E:\Drive.exe


 ======List of files/folders created in the last 1 months======

 2009-01-22 09:25:22 ----D---- C:\rsit
 2009-01-07 10:25:15 ----HDC---- C:\WINDOWS\ie8
 2009-01-05 18:24:28 ----HD---- C:\$AVG8.VAULT$
 2009-01-05 17:02:50 ----A---- C:\WINDOWS\system32\avgrsstx.d​ll
 2009-01-05 17:02:18 ----D---- C:\Program Files\AVG
 2009-01-05 17:02:17 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
 2009-01-05 16:53:54 ----D---- C:\Program Files\Sunbelt Software
 2009-01-05 16:45:14 ----D---- C:\Documents and Settings\Mister LE\Application Data\AVGTOOLBAR
 2009-01-05 10:06:34 ----D---- C:\Program Files\Spybot - Search & Destroy
 2009-01-05 10:06:34 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
 2009-01-03 20:34:38 ----HDC---- C:\WINDOWS\$NtUninstallKB95864​4$
 2009-01-03 20:34:23 ----HDC---- C:\WINDOWS\$NtUninstallKB95709​7$
 2009-01-03 20:34:09 ----HDC---- C:\WINDOWS\$NtUninstallKB95709​5$
 2009-01-03 20:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB95684​1$
 2009-01-03 20:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB95680​3$
 2009-01-03 20:33:21 ----HDC---- C:\WINDOWS\$NtUninstallKB95680​2$
 2009-01-03 20:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB95506​9$
 2009-01-03 20:32:47 ----HDC---- C:\WINDOWS\$NtUninstallKB95460​0$
 2009-01-03 20:32:32 ----HDC---- C:\WINDOWS\$NtUninstallKB95421​1$
 2009-01-03 20:32:16 ----HDC---- C:\WINDOWS\$NtUninstallKB95295​4$
 2009-01-03 20:32:02 ----HDC---- C:\WINDOWS\$NtUninstallKB95228​7$
 2009-01-03 20:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB95174​8$
 2009-01-03 20:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB95169​8$
 2009-01-03 20:31:16 ----HDC---- C:\WINDOWS\$NtUninstallKB95137​6-v2$
 2009-01-03 20:31:02 ----HDC---- C:\WINDOWS\$NtUninstallKB95137​6$
 2009-01-03 20:30:45 ----HDC---- C:\WINDOWS\$NtUninstallKB95106​6$
 2009-01-03 20:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB95097​4$
 2009-01-03 20:30:15 ----HDC---- C:\WINDOWS\$NtUninstallKB95076​2$
 2009-01-03 20:29:59 ----HDC---- C:\WINDOWS\$NtUninstallKB94664​8$
 2009-01-03 20:29:45 ----HDC---- C:\WINDOWS\$NtUninstallKB93846​4$
 2009-01-03 20:21:22 ----D---- C:\WINDOWS\system32\scripting
 2009-01-03 20:21:20 ----D---- C:\WINDOWS\l2schemas
 2009-01-03 20:21:19 ----D---- C:\WINDOWS\system32\en
 2009-01-03 20:21:18 ----D---- C:\WINDOWS\system32\bits
 2009-01-03 20:16:03 ----D---- C:\WINDOWS\ServicePackFiles
 2009-01-03 20:05:03 ----HDC---- C:\WINDOWS\$NtServicePackUnins​tall$
 2009-01-03 19:04:35 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
 2009-01-03 19:03:53 ----A---- C:\WINDOWS\system32\SpOrder.dl​l
 2009-01-03 17:39:11 ----D---- C:\Program Files\Alwil Software
 2009-01-03 17:21:48 ----D---- C:\WINDOWS\Internet Logs
 2009-01-03 17:17:55 ----D---- C:\WINDOWS\pss
 2009-01-02 19:00:02 ----RA---- C:\WINDOWS\system32\pppoe32.dl​l

 ======List of files/folders modified in the last 1 months======

 2009-01-22 09:28:02 ----D---- C:\WINDOWS\Temp
 2009-01-22 09:23:29 ----D---- C:\Documents and Settings\Mister LE\Application Data\Skype
 2009-01-20 13:59:10 ----A---- C:\WINDOWS\SchedLgU.Txt
 2009-01-20 13:30:57 ----D---- C:\WINDOWS\system32\CatRoot2
 2009-01-20 13:15:23 ----D---- C:\WINDOWS
 2009-01-20 13:09:58 ----A---- C:\WINDOWS\ntbtlog.txt
 2009-01-20 13:09:48 ----D---- C:\WINDOWS\system32\drivers
 2009-01-20 13:09:48 ----D---- C:\WINDOWS\system32
 2009-01-20 13:01:45 ----D---- C:\WINDOWS\network diagnostic
 2009-01-20 12:39:47 ----HD---- C:\WINDOWS\inf
 2009-01-07 10:38:53 ----A---- C:\WINDOWS\system32\PerfString​Backup.INI
 2009-01-07 10:30:49 ----D---- C:\WINDOWS\system32\en-US
 2009-01-07 10:30:47 ----D---- C:\WINDOWS\Media
 2009-01-07 10:30:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
 2009-01-07 10:30:46 ----D---- C:\WINDOWS\Help
 2009-01-07 10:30:46 ----D---- C:\Program Files\Internet Explorer
 2009-01-05 17:31:26 ----D---- C:\WINDOWS\Prefetch
 2009-01-05 17:02:18 ----RD---- C:\Program Files
 2009-01-05 17:01:48 ----SHD---- C:\WINDOWS\Installer
 2009-01-05 17:01:48 ----SHD---- C:\Config.Msi
 2009-01-05 16:31:14 ----D---- C:\Program Files\Mozilla Firefox
 2009-01-05 11:23:13 ----D---- C:\WINDOWS\WinSxS
 2009-01-04 01:17:38 ----D---- C:\Program Files\MSN Messenger
 2009-01-04 01:16:04 ----A---- C:\WINDOWS\OEWABLog.txt
 2009-01-03 20:39:34 ----A---- C:\WINDOWS\setuplog.txt
 2009-01-03 20:37:45 ----D---- C:\WINDOWS\system32\Setup
 2009-01-03 20:37:44 ----D---- C:\WINDOWS\AppPatch
 2009-01-03 20:37:43 ----D---- C:\WINDOWS\system32\wbem
 2009-01-03 20:37:43 ----D---- C:\Program Files\Common Files\System
 2009-01-03 20:37:41 ----RSD---- C:\WINDOWS\Fonts
 2009-01-03 20:35:15 ----D---- C:\WINDOWS\security
 2009-01-03 20:34:46 ----A---- C:\WINDOWS\imsins.BAK
 2009-01-03 20:34:41 ----D---- C:\WINDOWS\system32\CatRoot
 2009-01-03 20:30:00 ----D---- C:\Program Files\Messenger
 2009-01-03 20:21:51 ----D---- C:\WINDOWS\system32\inetsrv
 2009-01-03 20:21:50 ----D---- C:\WINDOWS\ime
 2009-01-03 20:21:24 ----D---- C:\WINDOWS\system32\usmt
 2009-01-03 20:21:18 ----D---- C:\WINDOWS\PeerNet
 2009-01-03 20:21:18 ----D---- C:\Program Files\Movie Maker
 2009-01-03 20:15:40 ----D---- C:\WINDOWS\system32\Restore
 2009-01-03 20:15:40 ----D---- C:\WINDOWS\system32\npp
 2009-01-03 20:15:39 ----D---- C:\WINDOWS\mui
 2009-01-03 20:15:37 ----D---- C:\WINDOWS\msagent
 2009-01-03 20:15:34 ----D---- C:\WINDOWS\srchasst
 2009-01-03 20:15:33 ----D---- C:\Program Files\NetMeeting
 2009-01-03 20:15:30 ----D---- C:\WINDOWS\system32\Com
 2009-01-03 20:14:59 ----D---- C:\Program Files\Windows Media Player
 2009-01-03 20:14:55 ----D---- C:\Program Files\Windows NT
 2009-01-03 20:14:55 ----D---- C:\Program Files\Outlook Express
 2009-01-03 20:14:28 ----D---- C:\WINDOWS\system32\oobe
 2009-01-03 20:14:23 ----D---- C:\WINDOWS\system
 2009-01-03 20:09:40 ----D---- C:\WINDOWS\system32\ReinstallB​ackups
 2009-01-03 20:04:57 ----D---- C:\WINDOWS\ehome
 2009-01-03 19:26:23 ----A---- C:\WINDOWS\system.ini
 2009-01-03 19:09:01 ----D---- C:\WINDOWS\system32\config
 2009-01-03 17:18:54 ----RASH---- C:\boot.ini
 2009-01-03 17:18:54 ----A---- C:\WINDOWS\win.ini
 2009-01-03 17:09:38 ----D---- C:\WINDOWS\Minidump

 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AF​S2K.sys [2004-10-08 35840]
 R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\av​gldx86.sys [2009-01-05 97928]
 R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\av​gmfx86.sys [2009-01-05 26824]
 R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\in​telppm.sys [2008-04-13 36352]
 R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\me​iudf.sys [2004-01-30 90480]
 R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\Sb​Fw.sys [2008-10-31 270888]
 R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sb​hips.sys [2008-06-21 66600]
 R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\ss​cdbhk5.sys [2004-09-29 5627]
 R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ss​rtln.sys [2004-09-29 23545]
 R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SY​MTDI.SYS [2007-08-13 188464]
 R1 TMEI3E;TMEI3E; C:\WINDOWS\System32\Drivers\TM​EI3E.SYS [2004-06-16 5888]
 R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\av​gtdix.sys [2009-01-05 76040]
 R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\dr​vnddm.sys [2004-08-13 40544]
 R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\ir​da.sys [2008-04-13 88192]
 R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\ne​tdevio.sys [2003-01-29 12032]
 R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nw​lnkipx.sys [2008-04-13 88320]
 R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nw​lnknb.sys [2004-08-04 63232]
 R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nw​lnkspx.sys [2004-08-04 55936]
 R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnbo​io.sys [2004-09-28 25947]
 R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsnco​fs.sys [2004-09-28 34843]
 R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndr​ct.sys [2004-09-28 4123]
 R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndr​es.sys [2004-09-28 2239]
 R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnif​s.sys [2004-09-28 86458]
 R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnop​io.sys [2004-09-28 15131]
 R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpo​ol.sys [2004-09-28 6363]
 R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnud​f.sys [2004-09-28 98714]
 R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnud​fa.sys [2004-09-28 100603]
 R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AG​RSM.sys [2004-07-22 1268234]
 R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\ar​p1394.sys [2008-04-13 60800]
 R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\Cm​Batt.sys [2008-04-13 13952]
 R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e1​00b325.sys [2003-12-29 153088]
 R3 fhlppppoe;PPPOE/ADSL miniport; C:\WINDOWS\system32\DRIVERS\fh​lpppoe.sys [2002-10-03 49200]
 R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ia​lmnt5.sys [2004-10-25 751933]
 R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\ni​c1394.sys [2008-04-13 61824]
 R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\ra​sirda.sys [2001-08-17 19584]
 R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sb​fwim.sys [2008-06-21 65576]
 R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sd​bus.sys [2008-04-13 79232]
 R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\sm​cirda.sys [2001-09-11 38425]
 R3 STAC97;SigmaTel C-Major Audio; C:\WINDOWS\system32\drivers\ST​AC97.sys [2004-09-08 274032]
 R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SY​MDNS.SYS [2007-08-13 13616]
 R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Driver​s\SYMEVENT.SYS []
 R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SY​MFW.SYS [2007-08-13 96432]
 R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SY​MIDS.SYS [2007-08-13 38576]
 R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\Sy​mIM.sys [2007-08-09 31280]
 R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SY​MNDIS.SYS [2007-08-13 37424]
 R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SY​MREDRV.SYS [2007-08-13 22320]
 R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\Sy​nTP.sys [2004-01-22 178816]
 R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\us​behci.sys [2008-04-13 30208]
 R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\us​bhub.sys [2008-04-13 59520]
 R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\us​buhci.sys [2008-04-13 20608]
 S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CC​DECODE.sys [2008-04-13 17024]
 S3 CE3;Xircom Ethernet Adapter 10/100 Service; C:\WINDOWS\system32\DRIVERS\ce​3n5.sys [2001-08-17 27164]
 S3 CnxTrLan;Olitec Router (via USB); C:\WINDOWS\system32\DRIVERS\Cn​xTrLan.sys [2003-02-04 22656]
 S3 CnxTrUsb;Olitec Router (via USB) Driver; C:\WINDOWS\system32\DRIVERS\Cn​xTrUsb.sys [2003-02-04 47360]
 S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hi​dusb.sys [2008-04-13 10368]
 S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HP​Zid412.sys [2004-01-05 51056]
 S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HP​Zipr12.sys [2004-01-05 16496]
 S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HP​Zius12.sys [2004-01-05 21488]
 S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lv​usbsta.sys [2004-05-27 19968]
 S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mo​uhid.sys [2001-08-17 12160]
 S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MS​TEE.sys [2008-04-13 5504]
 S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NA​BTSFEC.sys [2008-04-13 85248]
 S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\Nd​isIP.sys [2008-04-13 10880]
 S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NM​nt.sys [2008-04-13 40320]
 S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nw​rdr.sys [2008-04-13 163584]
 S3 QCMerced;Logitech QuickCam Communicate; C:\WINDOWS\system32\DRIVERS\LV​CM.sys [2004-05-21 471232]
 S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SL​IP.sys [2008-04-13 11136]
 S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\St​reamIP.sys [2008-04-13 15232]
 S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\Sy​mIM.sys [2007-08-09 31280]
 S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\system32\DRIVERS\to​srfec.sys [2004-05-17 8573]
 S3 USB_RNDIS;RNDIS/BeWAN ADSL2+; C:\WINDOWS\system32\DRIVERS\us​b8023.sys [2008-04-13 12800]
 S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\us​baudio.sys [2008-04-13 60032]
 S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\us​bccgp.sys [2008-04-13 32128]
 S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\us​bprint.sys [2008-04-13 25856]
 S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\us​bscan.sys [2008-04-13 15104]
 S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\US​BSTOR.SYS [2008-04-13 26368]
 S3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w2​9n51.sys [2004-08-07 3210496]
 S3 Wdm1;USB Bridge Cable Driver; C:\WINDOWS\System32\Drivers\us​bbc.sys [2001-01-08 15576]
 S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WS​TCODEC.SYS [2008-04-13 19200]

 ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.ex​e [2009-01-05 875288]
 R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.​exe [2009-01-05 231704]
 R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvc​s.exe [2004-11-10 36864]
 R2 DVD-RAM_Service;DVD-RAM_Servic​e; C:\WINDOWS\system32\DVDRAMSV.e​xe [2003-05-23 106496]
 R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
 R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
 R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
 R2 Thpsrv;TOSHIBA HDD Protection; C:\WINDOWS\system32\ThpSrv.exe [2004-11-14 167936]
 R2 Tmesrv;Tmesrv3; C:\Program Files\TOSHIBA\TME3\Tmesrv31.ex​e [2004-11-11 126976]
 R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
 S2 NWCWorkstation;Client Service for NetWare; C:\WINDOWS\system32\svchost.ex​e [2008-04-14 14336]
 S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Frame​work\v1.1.4322\aspnet_state.ex​e [2004-07-15 32768]
 S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe [2007-02-01 138168]
 S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
 S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.e​xe [2004-01-05 65795]
 S3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\​CCPD-LC\symlcsvc.exe [2008-02-03 1251720]
 S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

 -----------------EOF----------​-------


 info.txt

 info.txt logfile of random's system information tool 1.05 2009-01-22 09:26:12

 ======Uninstall list======

 -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
 -->C:\WINDOWS\system32\\MSIEXE​C.EXE /x {1206EF92-2E83-4859-ACCB-2048C​3CB7DA6}
 -->C:\WINDOWS\system32\\MSIEXE​C.EXE /x {9541FED0-327F-4df0-8B96-EF57E​F622F19}
 -->rundll32.exe setupapi.dll,InstallHinfSectio​n DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
 Adobe Acrobat 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
 Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\​Macromed\Flash\FlashUtil9b.exe -uninstallDelete
 Adobe Flash Player ActiveX-->C:\WINDOWS\system32\​Macromed\Flash\uninstall_activ​eX.exe
 Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71​000000002}
 Adobe Reader Japanese Fonts-->MsiExec.exe /I{AC76BA86-7AD7-5760-0000-705​000000001}
 Adobe® Photoshop® Album Starter Edition 3.0-->MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3​D1F10D79B}
 AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
 Barre de confiance CM-CIC-->"C:\Program Files\BarreConfCMCIC\Setup.exe​" -u
 Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2​600E01EF6}
 Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9​BFDE7DDEE}
 Canon PIXMA iP1500-->C:\WINDOWS\system32\C​NMCP5y.exe "-PRINTERNAMECanon PIXMA iP1500" "-HELPERDLLC:\BJPrinter\CNMWIN​DOWS\Canon PIXMA iP1500 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS​\Canon PIXMA iP1500 Installer\Inst2\cnmi0409.dll"
 Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\un​inst.exe C:\Program Files\Canon\Easy-PhotoPrint\un​inst.ini
 Canon Utilities Easy-PrintToolBox-->C:\WINDOWS​\BJPSUNST.EXE
 CD/DVD Drive Acoustic Silencer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E7​9-93E7-BFC6A2DC5C5D}\Setup.exe​" -l0x9
 C-Major Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\09\01\Intel32​\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C​2-9A60-7BDD4D4B0B17}\setup.exe​" -l0x9 -remove
 Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBF​CAE852976}
 DVD-RAM Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40A​F-8145-50808F9BDF4E}\Setup.exe​" DVD-RAM Driver
 Easy-WebPrint-->C:\WINDOWS\IsU​ninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Unin​st.isu"
 Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{0CA6047C-D28B-4295-834A-07C​52BA20C2D}
 Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dl​l"
 HijackThis 2.0.2-->"C:\Documents and Settings\Mister LE\Desktop\HijackThis.exe" /uninstall
 Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7up​dates\KB947864-IE7\spuninst\sp​uninst.exe"
 Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUn​installKB952287$\spuninst\spun​inst.exe"
 HP Image Zone 3.5-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
 HP PSC & OfficeJet 3.5-->"C:\Program Files\HP\Digital Imaging\{0FABD3D7-3036-4e78-B2​9D-58957ADB0A12}\setup\hpzscr0​1.exe" -datfile hposcr03.dat
 HP Software Update-->MsiExec.exe /X{34957B51-9676-41CE-9E52-44A​E91B73F1C}
 Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dl​l,UninstallW2KIGfx PCI\VEN_8086&DEV_3582
 Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
 InterVideo WinDVD for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EB​A-A5AA-B198BBC81144}\setup.exe​" REMOVEALL
 Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B​0D0142050}
 Kit Club Internet V6-->"C:\Program Files\Club-Internet\Lanceur\un​install.exe"
 Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F4​6-A882-2CFFFE2EEDCB}\Setup.exe​" -l0x40c UNINSTALL
 Logitech Print Service-->C:\PROGRA~1\Logitech​\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\​INSTALL.LOG
 Logitech QuickCam-->MsiExec.exe /I{0496D9E9-224B-4AFA-8F37-23B​98D52F1EB}
 Logitech® Camera Driver-->"C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP​.EXE" UNINSTALL REMOVEPROMPT
 Memories Disc Creator 2.0-->MsiExec.exe /X{2E132061-C78A-48D4-A899-1D1​3B9D189FA}
 Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86F​FD98EC929}
 Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52E​AE172A1}
 Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F5​2EAE172A1}
 Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallIDNMitigationAPIs$​\spuninst\spuninst.exe"
 Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServiceP​ackUninstallNLSDownlevelMappin​g$\spuninst\spuninst.exe"
 Microsoft Office OneNote 2003-->MsiExec.exe /I{91A10409-6000-11D3-8CFE-015​0048383C9}
 Microsoft Office Standard Edition 2003-->MsiExec.exe /I{9112040C-6000-11D3-8CFE-015​0048383C9}
 Microsoft Sites publics français-->MsiExec.exe /I{B72B0ECE-F41E-4EC4-AA37-1A0​0640680BF}
 Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-181​8da5d550d}
 MSN-->C:\Program Files\MSN\MsnInstaller\msninst​.exe /Action:ARP
 Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E916E61F-DE9D-4EAF-91E1-CEB​50016326A}
 Olitec Router (via USB)-->C:\Program Files\Olitec\Olitec Router via USB\CnxUnist.exe -w7 Conexant\Conexant USB Network
 PC-Linq-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{808FAA20-4C3A-11D​4-8A57-00201853C903}\Setup.exe​"
 PPP over Ethernet-->rundll32.exe pppoe32.dll,Uninstall
 SD Secure Module-->MsiExec.exe /X{C45F4811-31D5-4786-801D-F79​CD06EDD85}
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038​BD3F1FB2A}
 Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUn​installKB898458$\spuninst\spun​inst.exe"
 Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUn​installKB923723$\spuninst\spun​inst.exe"
 Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7up​dates\KB928090-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7up​dates\KB929969\spuninst\spunin​st.exe"
 Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7up​dates\KB931768-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7up​dates\KB933566-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7up​dates\KB937143-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7up​dates\KB938127-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7up​dates\KB939653-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7up​dates\KB942615-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7up​dates\KB944533-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7up​dates\KB950759-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7up​dates\KB953838-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7up​dates\KB956390-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7up​dates\KB958215-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7up​dates\KB960714-IE7\spuninst\sp​uninst.exe"
 Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUn​installKB952069_WM9$\spuninst\​spuninst.exe"
 Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUn​installKB911565$\spuninst\spun​inst.exe"
 Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUn​installKB917734_WMP10$\spunins​t\spuninst.exe"
 Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUn​installKB936782_WMP10$\spunins​t\spuninst.exe"
 Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUn​installKB938464$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUn​installKB941569$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUn​installKB946648$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUn​installKB950760$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUn​installKB950762$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUn​installKB950974$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUn​installKB951066$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUn​installKB951376$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$N​tUninstallKB951376-v2$\spunins​t\spuninst.exe"
 Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUn​installKB951698$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUn​installKB951748$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUn​installKB952954$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUn​installKB953839$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUn​installKB954211$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUn​installKB954600$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUn​installKB955069$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUn​installKB956391$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUn​installKB956802$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUn​installKB956803$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUn​installKB956841$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUn​installKB957095$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUn​installKB957097$\spuninst\spun​inst.exe"
 Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUn​installKB958644$\spuninst\spun​inst.exe"
 Skype 2.0-->"C:\Program Files\Skype\Phone\unins000.exe​"
 Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-204​8C3CB7DA6}
 Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF5​7EF622F19}
 Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
 Sunbelt Personal Firewall-->MsiExec.exe /X{82B1150E-9B37-49FC-83EB-D52​197D900D0}
 Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL​.dll",standAloneUninstall
 TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-461​9-9A2A-C6DB151D8D67}\Setup.exe​" -l0x9
 TOSHIBA ConfigFree-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​PROFES~1\RunTime\0701\Intel32\​Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-465​4-A5DA-CC46C250088D}\setup.exe​" -l0x9 UNINSTALL
 TOSHIBA Controls-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0​F-A8EB-D5B332454AC6}\Setup.exe​" -l0x9 UNINSTALL
 TOSHIBA Display Devices Change Utility-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TDspBtn.inf,Def​aultUninstall,5
 TOSHIBA HDD Protection-->MsiExec.exe /X{94A90C69-71C1-470A-88F5-AA4​7ECC96B40}
 TOSHIBA Hotkey Utility for Display Devices-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\TFNF5Wxp.inf,De​faultUninstall,5
 TOSHIBA Mobile Extension3 for Windows XP V3.67.00.XP-->C:\WINDOWS\IsUni​nst.exe -f"C:\Program Files\TOSHIBA\TME3\Uninst.isu" -c"C:\Program Files\TOSHIBA\TME3\uninstx.dll​"
 TOSHIBA Password Utility-->C:\Program Files\Common Files\InstallShield\Driver\8\I​ntel 32\IDriver.exe /M{C0FC3B56-E345-40CD-A5CB-7EB​791CE3E74} /l1033
 TOSHIBA PC Diagnostic Tool-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\PCDiag\Uninst.is​u"
 TOSHIBA Power Saver-->C:\WINDOWS\IsUninst.ex​e -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.​dll"
 TOSHIBA SD Memory Boot Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{F816A1EB-392D-459​C-A5A2-8C8B9CD75446}\Setup.exe​"
 TOSHIBA SD Memory Card Format-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-402​5-ABD0-B3A3FA095A59}\Setup.exe​"
 TOSHIBA Software Modem-->Tosmreg -U
 TOSHIBA TouchPad On/Off Utility V2.05.00-->C:\WINDOWS\IsUninst​.exe -f"C:\Program Files\TOSHIBA\TouchED\Uninst.i​su" -c"C:\Program Files\TOSHIBA\TouchED\tpedinst​.dll"
 TOSHIBA Utilities-->C:\Program Files\Common Files\InstallShield\Driver\8\I​ntel 32\IDriver.exe /M{56190F69-01D3-46CA-9861-433​77C5E9B87} /l1033
 TOSHIBA Zooming Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3​F-AECA-6D34A7EF82DF}\Setup.exe​"
 Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$N​tUninstallKB951072-v2$\spunins​t\spuninst.exe"
 Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUn​installKB955839$\spuninst\spun​inst.exe"
 Windows Desktop Search -->"C:\WINDOWS\$NtUninstallKB9​11993-V2$\spuninst\spuninst.ex​e"
 Windows Internet Explorer 8 Beta 2-->"C:\WINDOWS\ie8\spuninst\s​puninst.exe"
 Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7​404F44411}
 Windows Live Sign-in Assistant-->MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F57​1FDF5D66D}
 Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {0A8C97AD-DEED-4894-B446-3ABA9​5A77D0D}
 Windows Live Toolbar-->MsiExec.exe /X{0A8C97AD-DEED-4894-B446-3AB​A95A77D0D}
 Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
 Windows Media Player 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
 Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePack​Uninstall$\spuninst\spuninst.e​xe"
 Wireless Hotkey-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\​engine\6\INTEL3~1\Ctor.dll,Lau​nchSetup "C:\Program Files\InstallShield Installation Information\{7862BAD8-A379-412​8-8AA1-EFD5A9603C53}\Setup.exe​"

 ======Hosts File======

 127.0.0.1 www.007guard.com
 127.0.0.1 007guard.com
 127.0.0.1 008i.com
 127.0.0.1 www.008k.com
 127.0.0.1 008k.com
 127.0.0.1 www.00hq.com
 127.0.0.1 00hq.com
 127.0.0.1 010402.com
 127.0.0.1 www.032439.com
 127.0.0.1 032439.com

 ======Security center information======

 AV: AVG Anti-Virus Free (outdated)
 FW: Sunbelt Personal Firewall

 System event log

 Computer Name: KARATEKA
 Event Code: 7036
 Message: The Fast User Switching Compatibility service entered the running state.

 Record Number: 5
 Source Name: Service Control Manager
 Time Written: 20090102190214.000000+060
 Event Type: information
 User:

 Computer Name: KARATEKA
 Event Code: 7035
 Message: The Fast User Switching Compatibility service was successfully sent a start control.

 Record Number: 4
 Source Name: Service Control Manager
 Time Written: 20090102190214.000000+060
 Event Type: information
 User: NT AUTHORITY\SYSTEM

 Computer Name: KARATEKA
 Event Code: 1001
 Message: The computer has rebooted from a bugcheck.  The bugcheck was:
 0x000000d1 (0x00000079, 0x00000002, 0x00000000, 0xee46880e).
 A dump was saved in: C:\WINDOWS\MEMORY.DMP.

 Record Number: 3
 Source Name: Save Dump
 Time Written: 20090102190152.000000+060
 Event Type: information
 User:

 Computer Name: KARATEKA
 Event Code: 6005
 Message: The Event log service was started.

 Record Number: 2
 Source Name: EventLog
 Time Written: 20090102190146.000000+060
 Event Type: information
 User:

 Computer Name: KARATEKA
 Event Code: 6009
 Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.

 Record Number: 1
 Source Name: EventLog
 Time Written: 20090102190146.000000+060
 Event Type: information
 User:

 Application event log

 Computer Name: KARATEKA
 Event Code: 11707
 Message: Product: Symantec Real Time Storage Protection Component -- Installation operation completed successfully.

 Record Number: 18547
 Source Name: MsiInstaller
 Time Written: 20080820162333.000000+120
 Event Type: information
 User: KARATEKA\Mister LE

 Computer Name: KARATEKA
 Event Code: 11707
 Message: Product: Norton AntiVirus -- Installation operation completed successfully.

 Record Number: 18546
 Source Name: MsiInstaller
 Time Written: 20080820162321.000000+120
 Event Type: information
 User: KARATEKA\Mister LE

 Computer Name: KARATEKA
 Event Code: 11707
 Message: Product: Norton AntiVirus Help -- Installation operation completed successfully.

 Record Number: 18545
 Source Name: MsiInstaller
 Time Written: 20080820162320.000000+120
 Event Type: information
 User: KARATEKA\Mister LE

 Computer Name: KARATEKA
 Event Code: 11707
 Message: Product: Norton Confidential Core -- Installation operation completed successfully.

 Record Number: 18544
 Source Name: MsiInstaller
 Time Written: 20080820162311.000000+120
 Event Type: information
 User: KARATEKA\Mister LE

 Computer Name: KARATEKA
 Event Code: 11707
 Message: Product: Norton Protection Center -- Installation operation completed successfully.

 Record Number: 18543
 Source Name: MsiInstaller
 Time Written: 20080820162246.000000+120
 Event Type: information
 User: KARATEKA\Mister LE

 ======Environment variables======

 "ComSpec"=%SystemRoot%\system3​2\cmd.exe
 "Path"=%SystemRoot%\system32;%​SystemRoot%;%SystemRoot%\Syste​m32\Wbem
 "windir"=%SystemRoot%
 "FP_NO_HOST_CHECK"=NO
 "OS"=Windows_NT
 "PROCESSOR_ARCHITECTURE"=x86
 "PROCESSOR_LEVEL"=6
 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 6, GenuineIntel
 "PROCESSOR_REVISION"=0d06
 "NUMBER_OF_PROCESSORS"=1
 "PATHEXT"=.COM;.EXE;.BAT;.CMD;​.VBS;.VBE;.JS;.JSE;.WSF;.WSH
 "TEMP"=%SystemRoot%\TEMP
 "TMP"=%SystemRoot%\TEMP

 -----------------EOF----------​-------

 @++  :hello:

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 22/01/2009 à 12:15:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut faiwong


 Télécharge combofix.exe (de sUBs) sur le bureau :

 http://download.bleepingcomput [...] mboFix.exe
 http://subs.geekstogo.com/ComboFix.exe

 Important Désactive ton Antivirus et antispyware avant le scan avec Combofix :
 http://forum.pcastuces.com/des [...] -f31s4.htm


 ==> Sauvegarde ton travail et ferme toutes les fenêtres actives, il peut y avoir un redémarrage du PC. Ne lance aucun programme tant que Combofix n’est pas fini. <==

 Double clique sur combofix.exe, clique sur OUI et valide par Entrée

 Il te sera demandé d’installer la console si elle n’est pas installer, clique sur NON

 Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

 NOTE : Le rapport se trouve également ici : C:\ Combofix.txt

 Combofix est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure


 @++   :)

faiwong
  1. Posté le 23/01/2009 à 10:49:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Dédétraqué !

 Voici le rapport de ComboFix : Merki !

 ComboFix 09-01-21.04 - Mister LE 2009-01-23 10:22:55.1 - NTFSx86
 Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.495.​114 [GMT 1:00]
 Running from: c:\documents and settings\Mister LE\Desktop\ComboFix.exe
 AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated)
 FW: Sunbelt Personal Firewall *enabled*
 * Created a new restore point

 WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
 .

 ((((((((((((((((((((((((((((((​(((((((((   Other Deletions   ))))))))))))))))))))))))))))))​)))))))))))))))))))
 .

 c:\windows\IE4 Error Log.txt

 .
 (((((((((((((((((((((((((   Files Created from 2008-12-23 to 2009-01-23  ))))))))))))))))))))))))))))))​)
 .

 2009-01-22 11:02 . 2009-01-22 11:02 268 --ah----- C:\sqmdata10.sqm
 2009-01-22 11:02 . 2009-01-22 11:02 244 --ah----- C:\sqmnoopt10.sqm
 2009-01-20 13:05 . 2009-01-20 13:05 268 --ah----- C:\sqmdata09.sqm
 2009-01-20 13:05 . 2009-01-20 13:05 244 --ah----- C:\sqmnoopt09.sqm
 2009-01-07 10:25 . 2009-01-07 10:26 <DIR> d--h-c--- c:\windows\ie8
 2009-01-05 18:24 . 2009-01-05 18:24 <DIR> d--h----- C:\$AVG8.VAULT$
 2009-01-05 17:02 . 2009-01-05 19:41 <DIR> d-------- c:\windows\system32\drivers\Av​g
 2009-01-05 17:02 . 2009-01-05 17:02 <DIR> d-------- c:\program files\AVG
 2009-01-05 17:02 . 2009-01-05 17:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
 2009-01-05 17:02 . 2009-01-05 17:02 97,928 --a------ c:\windows\system32\drivers\av​gldx86.sys
 2009-01-05 17:02 . 2009-01-05 17:02 76,040 --a------ c:\windows\system32\drivers\av​gtdix.sys
 2009-01-05 17:02 . 2009-01-05 17:02 10,520 --a------ c:\windows\system32\avgrsstx.d​ll
 2009-01-05 16:54 . 2008-10-31 07:09 270,888 -ra------ c:\windows\system32\drivers\Sb​Fw.sys
 2009-01-05 16:54 . 2008-06-21 04:54 65,576 --a------ c:\windows\system32\drivers\Sb​FwIm.sys
 2009-01-05 16:53 . 2009-01-05 16:53 <DIR> d-------- c:\program files\Sunbelt Software
 2009-01-05 16:45 . 2009-01-08 14:27 <DIR> d-------- c:\documents and settings\Mister LE\Application Data\AVGTOOLBAR
 2009-01-05 10:06 . 2009-01-05 10:06 <DIR> d-------- c:\program files\Spybot - Search & Destroy
 2009-01-05 10:06 . 2009-01-05 10:52 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
 2009-01-05 09:55 . 2009-01-05 09:55 268 --ah----- C:\sqmdata08.sqm
 2009-01-05 09:55 . 2009-01-05 09:55 244 --ah----- C:\sqmnoopt08.sqm
 2009-01-03 20:21 . 2009-01-03 20:21 <DIR> d-------- c:\windows\system32\scripting
 2009-01-03 20:21 . 2009-01-03 20:21 <DIR> d-------- c:\windows\system32\en
 2009-01-03 20:21 . 2009-01-03 20:21 <DIR> d-------- c:\windows\system32\bits
 2009-01-03 20:21 . 2009-01-03 20:21 <DIR> d-------- c:\windows\l2schemas
 2009-01-03 20:16 . 2009-01-03 20:22 <DIR> d-------- c:\windows\ServicePackFiles
 2009-01-03 19:04 . 2009-01-03 19:04 <DIR> d-------- c:\documents and settings\All Users\Application Data\MailFrontier
 2009-01-03 19:04 . 2009-01-03 19:07 4,212 ---h----- c:\windows\system32\zllictbl.d​at
 2009-01-03 19:03 . 2004-04-27 04:40 11,264 --a------ c:\windows\system32\SpOrder.dl​l
 2009-01-03 17:39 . 2009-01-03 17:39 <DIR> d-------- c:\program files\Alwil Software
 2009-01-03 17:21 . 2009-01-05 16:52 <DIR> d-------- c:\windows\Internet Logs
 2009-01-02 19:00 . 2002-04-02 16:04 147,456 -ra------ c:\windows\system32\pppoe32.dl​l
 2009-01-02 19:00 . 2002-10-03 15:14 49,200 -ra------ c:\windows\system32\drivers\fh​lpppoe.sys

 .
 ((((((((((((((((((((((((((((((​((((((((((   Find3M Report   ))))))))))))))))))))))))))))))​))))))))))))))))))))))
 .
 2009-01-23 09:11 --------- d-----w c:\documents and settings\Mister LE\Application Data\Skype
 2009-01-04 00:17 --------- d-----w c:\program files\MSN Messenger
 .

 ((((((((((((((((((((((((((((((​(((((((   Reg Loading Points   ))))))))))))))))))))))))))))))​))))))))))))))))))))
 .
 .
 *Note* empty entries & legit default entries are not shown
 REGEDIT4

 [HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run]
 "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdsp​d.exe" [2003-09-05 65536]
 "LogitechSoftwareUpdate"="c:\p​rogram files\Logitech\Video\ManifestE​ngine.exe" [2004-06-01 196608]
 "MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
 "ctfmon.exe"="c:\windows\syste​m32\ctfmon.exe" [2008-04-14 15360]
 "Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-02-06 19490344]
 "swg"="c:\program files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​" [2007-08-09 68856]

 [HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Run]
 "AVG8_TRAY"="c:\progra~1\AVG\A​VG8\avgtray.exe" [2009-01-05 1261336]

 [HKEY_USERS\.DEFAULT\Software\M​icrosoft\Windows\CurrentVersio​n\Run]
 "CTFMON.EXE"="c:\windows\syste​m32\CTFMON.EXE" [2008-04-14 15360]

 [hkey_local_machine\software\mi​crosoft\windows\currentversion​\explorer\ShellExecuteHooks]
 "{56F9679E-7826-4C84-81F3-5320​71A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-03-13 233472]

 [HKEY_LOCAL_MACHINE\system\curr​entcontrolset\control\lsa]
 Authentication Packages REG_MULTI_SZ    msv1_0 nwprovau

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
 path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
 backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
 path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
 backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Start Menu^Programs^Startup^RAMASST.lnk]
 path=c:\documents and settings\All Users\Start Menu\Programs\Startup\RAMASST.​lnk
 backup=c:\windows\pss\RAMASST.​lnkCommon Startup

 [HKLM\~\startupfolder\C:^Docume​nts and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]
 path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Desktop Search.lnk
 backup=c:\windows\pss\Windows Desktop Search.lnkCommon Startup

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\KernelFaultCheck]
 c:\windows\system32\dumprep 0 -k [X]

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\ctfmon.exe]
 --a------ 2008-04-14 01:12 15360 c:\windows\system32\ctfmon.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\shared tools\msconfig\startupreg\TOSCDSPD]
 --a------ 2003-09-05 12:24 65536 c:\program files\Toshiba\TOSCDSPD\TOSCDSP​D.exe

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center]
 "AntiVirusDisableNotify"=dword​:00000001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecAntiVirus]
 "DisableMonitoring"=dword:0000​0001

 [HKEY_LOCAL_MACHINE\software\mi​crosoft\security center\Monitoring\SymantecFirewall]
 "DisableMonitoring"=dword:0000​0001

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile]
 "EnableFirewall"= 0 (0x0)

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\AuthorizedApplicati​ons\List]
 "%windir%\\system32\\sessmgr.e​xe"=
 "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
 "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
 "c:\\Program Files\\Skype\\Phone\\Skype.exe​"=

 [HKLM\~\services\sharedaccess\p​arameters\firewallpolicy\stand​ardprofile\GloballyOpenPorts\L​ist]
 "80:TCP"= 80:TCP:HTTP
 "443:TCP"= 443:TCP:HTTPS
 "21:TCP"= 21:TCP:FTP

 R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\dri​vers\thpdrv.sys [11/8/2004 8:33:04 PM 13824]
 R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\dri​vers\Thpevm.sys [11/23/2004 1:51:14 AM 6144]
 R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\driver​s\avgldx86.sys [1/5/2009 5:02:43 PM 97928]
 R1 SbFw;SbFw;c:\windows\system32\​drivers\SbFw.sys [1/5/2009 4:54:07 PM 270888]
 R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\dri​vers\sbhips.sys [6/21/2008 4:54:54 AM 66600]
 R1 TMEI3E;TMEI3E;c:\windows\syste​m32\drivers\TMEI3E.sys [11/22/2004 9:18:08 PM 5888]
 R3 fhlppppoe;PPPOE/ADSL miniport;c:\windows\system32\d​rivers\fhlpppoe.sys [1/2/2009 7:00:02 PM 49200]
 R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\d​rivers\SbFwIm.sys [1/5/2009 4:54:08 PM 65576]
 R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\a​vgemc.exe [1/5/2009 5:02:20 PM 875288]
 R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\​avgwdsvc.exe [1/5/2009 5:02:19 PM 231704]
 R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32​\drivers\avgtdix.sys [1/5/2009 5:02:49 PM 76040]
 R4 SbPF.Launcher;SbPF.Launcher;c:​\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [10/31/2008 7:24:28 AM 95528]
 R4 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [10/31/2008 7:24:28 AM 1365288]
 R4 Tmesrv;Tmesrv3;c:\program files\Toshiba\TME3\TMESRV31.ex​e [11/22/2004 9:18:08 PM 126976]
 S3 Wdm1;USB Bridge Cable Driver;c:\windows\system32\dri​vers\usbbc.sys [9/11/2004 5:51:26 PM 15576]

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\D]
 \Shell\AutoRun\command - D:\AUTORUN.EXE

 [HKEY_CURRENT_USER\software\mic​rosoft\windows\currentversion\​explorer\mountpoints2\{71bbe00​0-7d5b-11dc-9ec1-000e7bfdbe60}​]
 \Shell\AutoRun\command - E:\Drive.exe
 \Shell\explore\Command - E:\Drive.exe
 \Shell\open\Command - E:\Drive.exe
 .
 Contents of the 'Scheduled Tasks' folder

 2009-01-20 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
 - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
 .
 - - - - ORPHANS REMOVED - - - -

 MSConfigStartUp-AVP - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe


 .
 ------- Supplementary Scan -------
 .
 uStart Page = hxxp://www.club-internet.fr/
 uSearchMigratedDefaultURL = hxxp://search.live.com/results​.aspx?q={searchTerms}&src={ref​errer:source?}
 uInternet Settings,ProxyServer = http=proxy.club-internet.fr:80​80
 uInternet Settings,ProxyOverride = 127.0.0.1;192.168.1.1;localhos​t;club-internet.fr;*.club-inte​rnet.fr;grolier.fr;*.grolier.f​r
 uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01​?FORM=TOOLBR
 IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
 IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\​EXCEL.EXE/3000
 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Reso​urce.dll/RC_AddToList.html
 IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Reso​urce.dll/RC_HSPrint.html
 IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Reso​urce.dll/RC_Preview.html
 IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Reso​urce.dll/RC_Print.html
 IE: Ouvrir dans un nouvel onglet d'arrière-plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msnta​bres.dll.mui/229?c72904945f754​d28bacda9c481e27614
 IE: Ouvrir dans un nouvel onglet de premier plan - c:\program files\Windows Live Toolbar\Components\fr-fr\msnta​bres.dll.mui/230?c72904945f754​d28bacda9c481e27614
 TCP: {BABA8213-7B4F-485A-B7E3-6EBBF​9D4795A} = 212.27.40.241,212.27.40.240
 .

 ******************************​******************************​**************

 catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
 Rootkit scan 2009-01-23 10:35:25
 Windows 5.1.2600 Service Pack 3 NTFS

 scanning hidden processes ...  

 scanning hidden autostart entries ...

 scanning hidden files ...  

 scan completed successfully
 hidden files: 0

 ******************************​******************************​**************
 .
 --------------------- LOCKED REGISTRY KEYS ---------------------

 [HKEY_USERS\S-1-5-21-2834917755​-2763215294-1792253536-1005\So​ftware\Microsoft\SystemCertifi​cates\AddressBook*]
 @Allowed: (Read) (RestrictedCode)
 @Allowed: (Read) (RestrictedCode)

 [HKEY_LOCAL_MACHINE\software\Mi​crosoft\Windows\CurrentVersion​\Installer\UserData\LocalSyste​m\Components\Ø•€|ÿÿÿÿ•&e​uro;|ù•A~*]
 "C040211900063D11C8EF100540383​89C"="C?\\WINDOWS\\system32\\F​M20ENU.DLL"
 .
 ------------------------ Other Running Processes ------------------------
 .
 c:\program files\Toshiba\ConfigFree\CFSvc​s.exe
 c:\windows\system32\DVDRAMSV.e​xe
 c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
 c:\program files\AVG\AVG8\avgrsx.exe
 c:\windows\system32\ThpSrv.exe
 c:\windows\system32\wdfmgr.exe
 c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
 .
 ******************************​******************************​**************
 .
 Completion time: 2009-01-23 10:40:58 - machine was rebooted
 ComboFix-quarantined-files.txt  2009-01-23 09:40:49

 Pre-Run: 19 563 085 824 bytes free
 Post-Run: 19,717,386,240 bytes free

 189 --- E O F --- 2009-01-03 19:34:50

 @++  :hello:

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 23/01/2009 à 12:22:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut faiwong


 Rien de bien spécial dans les rapports, essaie une réparation avec Winsockfix :

 -Télécharge Winsockfix sur le bureau :
 http://www.softpedia.com/get/T [...] kFix.shtml
 http://www.snapfiles.com/get/winsockxpfix.html

 - lance  Winsockfix
 - clique sur ReG-Backup pour créer une sauvegarde du registre, dans un dossier de ton choix.

 - Une fois la sauvegarde éffectuée, clique sur Fix , au message WinsockFix will now attempt to Repair your connection Clique sur  "OUI"

 - Patiente le temps que la réparation se fasse,à la fin des corrections au méssage suivant Repair completed Please Reboot , cliques sur OK ton Pc va redémarrer.


 Tiens moi au courant


 @++   :)

faiwong
  1. Posté le 23/01/2009 à 23:45:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Dédétraqué !

 No toujours pas d'internet...

 Après Winsockfix, Sunbelt Firewall ne marche plus au démarrage et renvoi un message d'erreur, par contre, msn se lance et on peut voir les pubs (amis hors ligne).

 Sur la page blanche d'internet en faisant diagnostic, windows a essayé de réparer la connection et ça a rebooté.

 Au niveau de l'Etat de la connection local j'ai remarqué qu'il y avait beaucoup plus de paquets recus que de paquets envoyés...

 :hebe:

 @++ :hello:

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 24/01/2009 à 00:05:36  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut faiwong


 Télécharge DiagHelp sur le bureau ici :

 http://www.malekal.com/download/DiagHelp.zip

 Lire et suivre attentivement le tutoriel ici :

 http://www.malekal.com/DiagHelp/DiagHelp.php


 - Choisi l'option 1 (Lister Fichiers), enregistre-le sur le bureau.

 ---

 Utilise ensuite cjoint.com http://cjoint.com/ pour poster en lien ton rapport

 - Clique sur Parcourir pour aller chercher le rapport
 - Clique sur Ouvrir ensuite sur Créer le lien Cjoint

 - Fais un copier/coller du lien qui est devant Le lien a été créé: dans ta prochaine réponse.


 @++   :)

(Publicité)
faiwong
  1. Posté le 24/01/2009 à 14:23:43  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Dédétraqué !

 Y a avast qui detecte un trojan sur le fichier zip, en supprimant à l'extraction le go.cmd ne marche plus, c'est normal ?

 @++ :hello:

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 24/01/2009 à 15:16:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut faiwong


 C'est un faux positif, ne pas en tenir compte, désactive-le.


 @++  :)

faiwong
  1. Posté le 24/01/2009 à 20:37:35  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Dédétraqué !

 Voici le lien du rapport DiagHelp : http://cjoint.com/?bAuIvxvh8E
 J'ai aussi lancé l'option 2, faut-il que je fasse également un lien ?
 Merki !!!

 @++  :hello:

(Publicité)
Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 24/01/2009 à 20:56:37  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut faiwong


 Bonne idée, poste-le ici  :super:  


 @++  :)

faiwong
  1. Posté le 26/01/2009 à 09:32:32  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut Dédétraqué !

 Lien option 2 DiagHelp : http://cjoint.com/?bCjFJVNgUd
 Merki !

 @++  :hello:

Profil : Equipe sécurité
dedetraque
Célèbre sur tout le forum (de 30 000 à 99 999 messages postés)
  1. Posté le 27/01/2009 à 04:03:04  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut faiwong


 Voir dans cette section du forum Télécom et Réseaux pour t'aider avec la connexion internet.


 @++  :)

(Publicité)
 Page :
1

Aller à :
 

Sujets relatifs
mon pc est infecté plus de connection internet puresafetyhere : j'ai rejoint le club
Problème runtime error et visual basic....... Gros problème à l'aide!
[ résolu ] probléme avec virus my album 2007 gros probleme de virus depuis 20/06/07
contaminé par album 2007 gros problème depuis... virus ou autre ? malgrès le blocage trafic internet continue
Plus de sujets relatifs à : Problème de connection internet - Club-internet

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Redémarrage du pc de manière intempestive suite à un virus 3
virus l'ordi se coupe 0
AU SECOURS!!! Win32 trojan-gen 0
Symptomes 3
comment venir à bout d'Adober voir autre virus 3