Connection au serveur d'activation

Fermé
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 - 31 août 2009 à 23:55
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 - 1 sept. 2009 à 13:12
Bonjour,

Je pense que mon pc est assez vérolé. Les symptomes sont les suivants. En faisant une recherche sur google par exemple, que je clique sur un lien des resultats de recherche, je suis basculé vers un site bidon qui n'a rien a voir avec celui que me proposait google.

Le probleme avec mon anti virus est le suivant, soupconnant d'etre infecté j'ai acheté Kasperski anti virus mais impossible de se connecter au serveur pour activer la licence.

quelqu'un aurait-il une idée pour me sortir de là?
merci d'avance.

(par contre je n'arrive pas a poster le rapport hijackthis! le chargement ne finit pas et on me demade de télécharger "ajout.php3")
A voir également:

14 réponses

Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
1 sept. 2009 à 00:08
Bonjour
Télécharge GenProc http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre
0
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 1
1 sept. 2009 à 00:12
j'ai le contenu du rapport mais quand je veux le poster le chargement ne finit jamais!!
je re tente au cas ou....
0
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 1
1 sept. 2009 à 00:13
Logfile of random's system information tool 1.06 (written by random/random)
Run by Utilisateur at 2009-08-31 23:30:59
Microsoft® Windows Vista™ Professionnel Service Pack 1
System drive C: has 71 GB (60%) free of 119 GB
Total RAM: 3066 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:31:23, on 31/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\ThpSrv.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Labtec NumPad\Magickey.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Utilisateur\Desktop\RSIT.exe
C:\Program Files\trend micro\Utilisateur.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [TPCHWMsg] %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [TNRotate] %ProgramFiles%\TOSHIBA\TNRotate\TNRotate.exe
O4 - HKLM\..\Run: [ThpSrv] C:\Windows\system32\thpsrv /logon
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Active la souris sans fil.lnk = C:\Program Files\Wireless Device\MulMouse.exe
O4 - Global Startup: Enable Labtec NumPad.lnk = C:\Program Files\Labtec NumPad\Magickey.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{B135A6B2-FD8C-4DA1-B218-FDE7EDD9A609}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: G Data Tuner Service - Unknown owner - C:\Program Files\G Data\TotalCare\AVKTuner\AVKTunerService.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\Windows\system32\ThpSrv.exe
O23 - Service: webserver - Unknown owner - C:\Program Files\webserver\webserver.exe (file missing)
0
Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
1 sept. 2009 à 00:25
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 1
1 sept. 2009 à 01:02
rapport TB.txt:
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Professionnel ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T6570 @ 2.10GHz )
BIOS : v2.00
USER : Utilisateur ( Administrator )
BOOT : Fail-safe with network boot
Antivirus : Kaspersky Internet Security 8.0.0.357 (Activated)
Firewall : Kaspersky Internet Security 8.0.0.357 (Activated)
C:\ (Local Disk) - NTFS - Total:116 Go (Free:72 Go)
E:\ (Local Disk) - NTFS - Total:114 Go (Free:110 Go)
F:\ (CD or DVD)
V:\ (CD or DVD)
X:\ (CD or DVD)
Y:\ (CD or DVD)
Z:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 01/09/2009| 0:40 )

[ UAC => 0 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\DAEMON Tools Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.com/webhp?gws_rd=ssl"
"Default_Page_URL"="https://www.google.com/webhp?gws_rd=ssl"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.google.com/webhp?gws_rd=ssl"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\System32\\blank.htm"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\UTILIS~1\AppData\Local\Opera\Opera\profile\images\http%3A%2F%2Fwww.keygen.us%2Ffavicon.ico
C:\Users\UTILIS~1\AppData\Local\Opera\Opera\profile\images\www.keygen.us.idx


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 01/09/2009| 0:40 - Option : [2]

-----------\\ Fin du rapport a 0:40:55,52
0
Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
1 sept. 2009 à 01:05
poste le rapport de genproc
0
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 1
1 sept. 2009 à 01:09
rapport hijackthis :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Utilisateur at 2009-09-01 00:50:25
Microsoft® Windows Vista™ Professionnel Service Pack 1
System drive C: has 71 GB (60%) free of 119 GB
Total RAM: 3066 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:50:27, on 01/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\ThpSrv.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Labtec NumPad\Magickey.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Opera\opera.exe
C:\rsit\RSIT.exe
C:\Program Files\trend micro\Utilisateur.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [TPCHWMsg] %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [TNRotate] %ProgramFiles%\TOSHIBA\TNRotate\TNRotate.exe
O4 - HKLM\..\Run: [ThpSrv] C:\Windows\system32\thpsrv /logon
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Active la souris sans fil.lnk = C:\Program Files\Wireless Device\MulMouse.exe
O4 - Global Startup: Enable Labtec NumPad.lnk = C:\Program Files\Labtec NumPad\Magickey.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{B135A6B2-FD8C-4DA1-B218-FDE7EDD9A609}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: G Data Tuner Service - Unknown owner - C:\Program Files\G Data\TotalCare\AVKTuner\AVKTunerService.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\Windows\system32\ThpSrv.exe
O23 - Service: webserver - Unknown owner - C:\Program Files\webserver\webserver.exe (file missing)
0
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 1
1 sept. 2009 à 01:10
rapport gen proc :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:53:51, on 01/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\ThpSrv.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Labtec NumPad\Magickey.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\cmd.exe
C:\GenProc\outil\Utilisateur_GenProc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\partner.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [TPCHWMsg] %ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe
O4 - HKLM\..\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [TNRotate] %ProgramFiles%\TOSHIBA\TNRotate\TNRotate.exe
O4 - HKLM\..\Run: [ThpSrv] C:\Windows\system32\thpsrv /logon
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Active la souris sans fil.lnk = C:\Program Files\Wireless Device\MulMouse.exe
O4 - Global Startup: Enable Labtec NumPad.lnk = C:\Program Files\Labtec NumPad\Magickey.exe
O8 - Extra context menu item: Ajouter à Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr (file missing)
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{B135A6B2-FD8C-4DA1-B218-FDE7EDD9A609}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: G Data Tuner Service - Unknown owner - C:\Program Files\G Data\TotalCare\AVKTuner\AVKTunerService.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - TOSHIBA Corporation - C:\Windows\system32\ThpSrv.exe
O23 - Service: webserver - Unknown owner - C:\Program Files\webserver\webserver.exe (file missing)
0
Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
1 sept. 2009 à 01:19
Télécharge tdss http://www.genproc.com/tdss.exe sur ton bureau
double clique dessus, poste le rapport
0
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 1
1 sept. 2009 à 01:33
je double clique desus, une fenêtre noire apparait, puis disaprait presque instantanément... sans laisser de rapport!

que dois-je faire?

(désolé pour le temps de réponse mon pc buggue...)
0
Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
1 sept. 2009 à 01:36
[*] Télécharge combofix (sUBs) http://download.bleepingcomputer.com/sUBs/ComboFix.exe sur ton Bureau
[*] Double clique combofix.exe et suis les instructions.
[*] Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt
0
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 1
1 sept. 2009 à 12:25
désolé après le redémarrage impossible de se re connecter (accès réseau local seulement!).
je vous envoi donc le rapport combofix depuis un autre ordinateur :

ComboFix 09-08-31.03 - Utilisateur 01/09/2009 1:40.1.2 - NTFSx86
Microsoft® Windows Vista™ Professionnel 6.0.6001.1.1252.33.1036.18.3066.1942 [GMT 2:00]
Running from: c:\users\Utilisateur\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Internet Security *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\DDnsFilter
c:\program files\DDnsFilter\DDnsFilter.dll
c:\windows\010112010146101105.te
c:\windows\0101120101464857.xe
c:\windows\Installer\100f6.msi

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SfX
-------\Service_ddnsfilter


((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-31 )))))))))))))))))))))))))))))))
.

2009-08-31 23:46 . 2009-08-31 23:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-31 23:46 . 2009-08-31 23:46 -------- d-----w- c:\users\Administrateur\AppData\Local\temp
2009-08-31 23:24 . 2009-08-31 23:34 -------- d-----w- C:\tdss
2009-08-31 22:39 . 2009-08-31 22:40 -------- d-----w- C:\ToolBar SD
2009-08-31 22:27 . 2009-08-31 22:52 -------- d-----w- C:\GenProc
2009-08-31 21:30 . 2009-08-31 22:50 -------- d-----w- c:\program files\trend micro
2009-08-31 21:30 . 2009-08-31 22:08 -------- d-----w- C:\rsit
2009-08-31 18:21 . 2009-08-31 18:21 96645 ----a-w- c:\windows\system32\drivers\klin.dat
2009-08-31 18:21 . 2009-08-31 18:21 87941 ----a-w- c:\windows\system32\drivers\klick.dat
2009-08-31 18:21 . 2009-08-31 23:47 286752 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-08-31 18:21 . 2009-08-31 23:47 1670176 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-08-31 18:21 . 2009-08-31 22:48 -------- d-----w- c:\programdata\Kaspersky Lab
2009-08-31 18:21 . 2009-08-31 18:21 -------- d-----w- c:\program files\Kaspersky Lab
2009-08-31 18:19 . 2009-08-31 18:19 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-08-31 15:42 . 2009-08-31 15:42 101048 ----a-w- c:\users\Administrateur\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-31 15:42 . 2009-08-31 15:42 -------- d-----w- c:\users\Administrateur\AppData\Local\Google
2009-08-31 11:49 . 2009-08-31 11:49 29128 ----a-w- c:\windows\system32\drivers\GRD.sys
2009-08-31 00:05 . 2009-08-31 00:05 50632 ----a-w- c:\windows\system32\drivers\MiniIcpt.sys
2009-08-31 00:05 . 2009-08-31 00:05 51656 ----a-w- c:\windows\system32\drivers\PktIcpt.sys
2009-08-31 00:04 . 2009-08-31 00:04 40392 ----a-w- c:\windows\system32\drivers\gdwfpcd32.sys
2009-08-31 00:04 . 2009-08-31 00:04 -------- d-sh--w- C:\#GDATA.Trash.Store#
2009-08-31 00:04 . 2009-08-31 16:26 -------- d-----w- c:\programdata\G DATA
2009-08-31 00:04 . 2009-08-31 16:26 -------- d-----w- c:\program files\G Data
2009-08-31 00:04 . 2009-08-31 16:26 -------- d-----w- c:\program files\Common Files\G DATA
2009-08-30 23:56 . 2009-08-30 23:56 -------- d-----w- c:\users\Utilisateur\AppData\Local\Downloaded Installations
2009-08-30 17:44 . 2009-08-30 17:44 37760 ----a-w- c:\windows\system32\drivers\Filter.sys
2009-08-27 10:12 . 2009-08-27 10:12 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\BraCa_Soft
2009-08-27 10:10 . 2009-08-27 10:10 -------- d-----w- c:\users\Utilisateur\AppData\Local\BraCa_Soft
2009-08-27 01:00 . 2009-06-22 10:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-08-26 15:43 . 2009-08-26 15:43 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\Canneverbe_Limited
2009-08-26 15:43 . 2009-08-26 15:43 -------- d-----w- c:\programdata\Canneverbe Limited
2009-08-26 15:43 . 2009-08-26 15:43 -------- d-----w- c:\program files\CDBurnerXP
2009-08-26 15:02 . 2009-06-05 12:34 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-26 15:02 . 2009-06-05 10:08 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-24 21:07 . 2009-08-24 21:07 2899968 ----a-w- c:\programdata\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Asightforsoreeyes.tls.dll
2009-08-24 11:46 . 2002-08-18 17:43 794624 ----a-w- c:\windows\system32\spr32d35.dll
2009-08-24 11:37 . 2009-08-24 12:11 -------- d-----w- c:\program files\Architecte_3D_Platinium
2009-08-24 11:30 . 2009-08-24 11:30 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-08-24 11:30 . 2009-08-24 11:30 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-08-24 11:25 . 2009-08-24 11:36 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\DAEMON Tools Lite
2009-08-24 11:25 . 2009-08-24 11:25 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-20 19:18 . 2009-08-21 14:16 -------- d-----w- c:\users\Utilisateur\AppData\Local\Microsoft Games
2009-08-20 19:14 . 2009-08-20 19:14 -------- d-----w- c:\program files\Microsoft Games
2009-08-20 19:03 . 2009-07-17 14:35 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-20 19:03 . 2009-06-10 12:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-08-20 19:03 . 2009-06-10 12:12 160256 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-20 19:03 . 2009-06-04 12:34 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-08-20 19:03 . 2009-07-14 13:00 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-20 19:03 . 2009-07-14 12:58 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-20 19:03 . 2009-07-14 12:59 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-20 19:03 . 2009-07-14 10:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-10 23:53 . 2009-08-10 23:53 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\FastStone
2009-08-05 15:44 . 2009-08-05 15:44 0 ----a-w- c:\windows\nsreg.dat
2009-08-05 15:44 . 2009-08-05 15:44 -------- d-----w- c:\users\Utilisateur\AppData\Local\Mozilla

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-31 23:47 . 2009-08-31 18:21 2060 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-08-31 23:47 . 2009-08-31 18:21 16224 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-08-31 22:53 . 2008-01-21 07:42 672322 ----a-w- c:\windows\system32\perfh00C.dat
2009-08-31 22:53 . 2008-01-21 07:42 124434 ----a-w- c:\windows\system32\perfc00C.dat
2009-08-31 22:33 . 2009-07-15 15:41 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\vlc
2009-08-31 21:27 . 2009-07-15 15:28 42953 ----a-w- c:\programdata\nvModes.dat
2009-08-31 18:24 . 2009-07-15 21:10 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\Free Download Manager
2009-08-31 17:25 . 2009-07-15 22:22 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\Pro Cycling Manager 2009
2009-08-30 22:45 . 2009-07-15 21:23 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\dvdcss
2009-08-24 11:37 . 2008-07-02 07:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-21 22:13 . 2008-07-02 07:48 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-20 19:36 . 2008-07-02 07:51 -------- d-----w- c:\programdata\Microsoft Help
2009-08-20 19:35 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-10 23:57 . 2009-07-19 16:50 -------- d-----w- c:\program files\CamStudio
2009-08-01 18:29 . 2009-08-01 10:46 -------- d-----w- c:\program files\ZipZag
2009-08-01 10:46 . 2009-08-01 10:46 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\ZipZag
2009-07-31 17:29 . 2009-07-16 12:35 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-27 19:14 . 2009-07-27 19:14 -------- d-----w- c:\programdata\eMule
2009-07-27 19:14 . 2009-07-27 19:14 -------- d-----w- c:\program files\eMule
2009-07-27 19:05 . 2009-07-27 18:56 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\LimeWire
2009-07-23 19:40 . 2009-07-23 19:40 -------- d-----w- c:\programdata\Diskeeper Corporation
2009-07-23 19:40 . 2009-07-23 19:40 -------- d-----w- c:\program files\Common Files\Diskeeper Corporation
2009-07-23 19:40 . 2009-07-23 19:40 -------- d-----w- c:\program files\Diskeeper Corporation
2009-07-23 14:22 . 2009-07-17 23:06 -------- d-----w- c:\program files\OO Software
2009-07-21 21:52 . 2009-07-28 18:45 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 18:45 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 18:45 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 18:45 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-19 16:49 . 2009-07-19 16:49 -------- d-----w- c:\program files\FastStone Capture
2009-07-18 09:49 . 2009-07-18 00:34 -------- d-----w- c:\programdata\TuneUp Software
2009-07-18 00:35 . 2009-07-18 00:35 -------- d-----w- c:\program files\TuneUp Utilities 2007
2009-07-18 00:35 . 2009-07-18 00:35 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\TuneUp Software
2009-07-18 00:34 . 2008-07-02 07:58 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-18 00:34 . 2009-07-18 00:34 -------- d-----w- c:\program files\CCleaner
2009-07-17 23:06 . 2009-07-17 23:06 292878 ----a-r- c:\users\Utilisateur\AppData\Roaming\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_exe.53480420_ED54_41F1_B802_5A3B83DAF067.exe
2009-07-17 23:06 . 2009-07-17 23:06 292878 ----a-r- c:\users\Utilisateur\AppData\Roaming\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\oodcnt_ds.53480420_ED54_41F1_B802_5A3B83DAF067.exe
2009-07-17 23:06 . 2009-07-17 23:06 292878 ----a-r- c:\users\Utilisateur\AppData\Roaming\Microsoft\Installer\{53480330-E1D1-41CA-B8F8-7F78644F7F50}\ARPPRODUCTICON.exe
2009-07-17 21:57 . 2009-07-17 21:57 -------- d-----w- c:\program files\Labtec NumPad
2009-07-17 21:57 . 2009-07-17 21:57 -------- d-----w- c:\program files\Wireless Device
2009-07-17 11:47 . 2009-07-15 15:01 101048 ----a-w- c:\users\Utilisateur\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-16 11:00 . 2008-07-02 07:54 -------- d-----w- c:\program files\Microsoft Works
2009-07-16 10:53 . 2009-07-16 10:53 -------- d-----w- c:\programdata\IsolatedStorage
2009-07-16 10:33 . 2009-07-16 10:33 -------- d-----w- c:\programdata\Messenger Plus!
2009-07-16 00:16 . 2009-07-16 00:16 3033712 ----a-w- c:\windows\system32\drivers\appdrv01.sys
2009-07-16 00:16 . 2009-07-16 00:16 316816 ----a-w- c:\windows\system32\appdrvrem01.exe
2009-07-15 22:16 . 2009-07-15 21:52 -------- d-----w- c:\program files\Cyanide
2009-07-15 21:37 . 2009-07-15 21:37 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-15 21:32 . 2009-07-15 21:31 -------- d-----w- c:\program files\Microsoft
2009-07-15 21:32 . 2009-07-15 21:32 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-07-15 21:31 . 2009-07-15 21:30 -------- d-----w- c:\program files\Windows Live
2009-07-15 21:31 . 2009-07-15 21:31 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-07-15 21:24 . 2009-07-15 21:24 -------- d-----w- c:\program files\Common Files\Windows Live
2009-07-15 21:10 . 2009-07-15 21:10 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\Software Informer
2009-07-15 21:10 . 2009-07-15 21:10 -------- d-----w- c:\program files\Free Download Manager
2009-07-15 21:10 . 2009-07-15 21:10 -------- d-----w- c:\program files\Software Informer
2009-07-15 21:10 . 2009-07-15 21:10 -------- d-----w- c:\programdata\FreeDownloadManager.ORG
2009-07-15 20:54 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2009-07-15 20:51 . 2009-07-15 20:51 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-07-15 20:31 . 2009-07-15 20:31 -------- d-----w- c:\program files\Opera
2009-07-15 19:31 . 2009-07-15 19:31 -------- d-----w- c:\program files\Alwil Software
2009-07-15 19:24 . 2008-07-02 07:57 -------- d-----w- c:\program files\Google
2009-07-15 17:25 . 2008-07-02 07:55 -------- d-----w- c:\programdata\McAfee
2009-07-15 16:59 . 2009-07-15 16:59 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-07-15 15:57 . 2009-07-15 15:49 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\Sports Interactive
2009-07-15 15:57 . 2009-07-15 15:57 -------- d-----w- c:\programdata\Sports Interactive
2009-07-15 15:51 . 2009-07-15 15:49 -------- d--h--w- c:\program files\Zero G Registry
2009-07-15 15:49 . 2009-07-15 15:49 -------- d-----w- c:\program files\Sports Interactive
2009-07-15 15:47 . 2009-07-15 15:47 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\Toshiba
2009-07-15 15:40 . 2009-07-15 15:40 -------- d-----w- c:\program files\VideoLAN
2009-07-15 15:27 . 2009-07-15 15:26 -------- d-----w- c:\programdata\NVIDIA
2009-07-15 15:26 . 2008-07-02 07:18 -------- d-----w- c:\program files\TOSHIBA
2009-07-15 15:08 . 2009-07-15 15:08 -------- d-----w- c:\programdata\TrueSuite Access Manager
2009-07-15 15:08 . 2009-07-15 15:01 680 ----a-w- c:\users\Utilisateur\AppData\Local\d3d9caps.dat
2009-07-15 15:05 . 2009-07-15 15:05 -------- d-----w- c:\program files\Camera Assistant Software for Toshiba
2009-07-15 15:05 . 2009-07-15 15:04 -------- d-----w- c:\program files\Common Files\Toshiba Shared
2009-07-15 15:05 . 2008-07-02 07:35 -------- d-----w- c:\programdata\Toshiba
2009-07-15 15:04 . 2009-07-15 15:04 -------- d-----w- c:\users\Utilisateur\AppData\Roaming\InstallShield
2009-07-15 15:01 . 2009-07-15 15:01 -------- d-----w- c:\programdata\ToshibaEurope
2009-07-15 14:59 . 2009-07-15 14:59 -------- d-sh--we c:\programdata\Modèles
2009-07-15 14:59 . 2009-07-15 14:59 -------- d-sh--we c:\programdata\Menu Démarrer
2009-07-15 14:59 . 2009-07-15 14:59 -------- d-sh--we c:\programdata\Favoris
2009-07-15 14:59 . 2009-07-15 14:59 -------- d-sh--we c:\programdata\Bureau
2009-07-15 14:59 . 2009-07-15 14:59 -------- d-sh--we c:\program files\Fichiers communs
2009-07-15 14:57 . 2008-07-02 07:57 157168 ----a-w- c:\programdata\Partner\partner.dll
2009-07-15 14:57 . 2008-07-02 07:57 110576 ----a-w- c:\programdata\Partner\partner.exe
2009-07-15 14:54 . 2009-07-15 14:54 0 --sha-r- c:\windows\system32\drivers\TOSHIBA_TECRA S10_07847-FR_PTSB3E-09P00.MRK
2009-07-15 14:51 . 2009-07-15 14:51 -------- d-----w- c:\program files\TrueSuite Access Manager
2009-07-15 14:51 . 2009-07-15 14:51 -------- d-----w- c:\program files\NewSoft
2009-07-15 14:50 . 2008-07-02 07:11 -------- d-----w- c:\program files\Intel
2009-07-15 14:50 . 2009-07-15 14:50 -------- d-----w- c:\program files\Common Files\postureAgent
2009-07-15 14:50 . 2009-07-15 14:50 -------- d-----w- c:\program files\Common Files\Intel
2009-07-15 14:50 . 2009-07-15 14:50 -------- d-----w- c:\program files\ltmoh
2009-06-15 15:24 . 2009-07-15 15:50 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-15 15:50 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-15 15:50 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-15 15:50 289792 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
2009-07-15 14:57 157168 ----a-w- c:\programdata\Partner\partner.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOvrly1]
@="{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}"
[HKEY_CLASSES_ROOT\CLSID\{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}]
2008-07-25 13:41 118784 ----a-w- c:\program files\TrueSuite Access Manager\IconOvrly.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-02 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-07-02 29744]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"TPCHWMsg"="c:\program files\TOSHIBA\TPHM\TPCHWMsg.exe" [2008-05-27 451944]
"Toshiba TEMPO"="c:\program files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe" [2008-04-24 103824]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"TNRotate"="c:\program files\TOSHIBA\TNRotate\TNRotate.exe" [2008-06-12 607616]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-22 13552160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 201992]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-13 6139904]

c:\users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Active la souris sans fil.lnk - c:\program files\Wireless Device\MulMouse.exe [2009-7-17 249856]
Enable Labtec NumPad.lnk - c:\program files\Labtec NumPad\Magickey.exe [2009-7-17 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll c:\progra~1\KASPER~1\KASPER~1\adialhk.dll c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS\0autocheck OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Toshiba Registration"=c:\program files\Toshiba\Registration\ToshibaRegistration.exe
"UsbMonitor"="c:\program files\TrueSuite Access Manager\usbnotify.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2724903334-958253879-2847049408-1000]
"EnableNotificationsRef"=dword:00000002

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{C0594261-2054-4805-B16A-445E94FB8FF5}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{7422B3F0-76A3-479E-824F-61883BC18169}"= UDP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{78B76E08-D63C-49A9-95C6-5990DFE1DC22}"= TCP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009
"{BEA32FF0-00E6-472A-B6B7-34408BE38F16}"= UDP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{A9C21D4F-9B22-4D2C-8681-D01CC457E4DE}"= TCP:c:\program files\Cyanide\GameCenter\GameCenter.exe:GameCenter
"{6C7C618A-EE9D-44E0-BA9E-35F1E236CD75}"= UDP:c:\program files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe:Pro Cycling Manager - Season 2009
"{CB773E60-C7FB-47A8-98F4-52B119869458}"= TCP:c:\program files\Cyanide\Pro Cycling Manager - Season 2009\PCM.exe:Pro Cycling Manager - Season 2009
"{BE162704-0391-4181-A54A-A4E916A7849C}"= UDP:c:\program files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2009 - AutoRun
"{FAEA9455-DD2A-4C93-8C8B-25477218E483}"= TCP:c:\program files\Cyanide\Pro Cycling Manager - Season 2009\Autorun\Exe\Autorun.exe:Pro Cycling Manager - Season 2009 - AutoRun
"TCP Query User{C062E285-86EA-4A39-8802-7DB6904D1E6B}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule
"UDP Query User{0620135E-B118-487C-A5DF-5605597D424B}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule
"TCP Query User{EEF83171-76AA-4C44-AD75-7A9A898AD025}c:\\program files\\cyanide\\pro cycling manager - season 2009\\pcm.exe"= UDP:c:\program files\cyanide\pro cycling manager - season 2009\pcm.exe:Pro Cycling Manager
"UDP Query User{939281DF-535A-4C17-BAEF-93B080F1D33F}c:\\program files\\cyanide\\pro cycling manager - season 2009\\pcm.exe"= TCP:c:\program files\cyanide\pro cycling manager - season 2009\pcm.exe:Pro Cycling Manager
"{041633BB-A512-4BB5-B524-D494142B5C03}"= UDP:80:webserver
"{EE75A2B6-A44D-476D-999E-488E14F0ED85}"= UDP:53:webserver
"{5F6D566B-25EE-4E29-A218-47E27D0448E0}"= UDP:8085:ddnsfilter

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 AlfaFF;AlfaFF mini-filter driver;c:\windows\System32\drivers\AlfaFF.sys [15/07/2009 16:51 42608]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [29/01/2008 18:29 32784]
R0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\System32\drivers\thpdrv.sys [21/08/2008 10:35 28792]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\System32\drivers\Thpevm.sys [04/09/2007 10:30 13336]
R1 appdrv01;Application Driver (01);c:\windows\System32\drivers\appdrv01.sys [16/07/2009 02:16 3033712]
R1 Filter;Filter;c:\windows\System32\drivers\Filter.sys [30/08/2009 19:44 37760]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [26/03/2008 13:10 20496]
R2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [10/07/2008 17:58 40960]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\System32\drivers\TVALZFL.sys [30/04/2008 21:11 6144]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\System32\drivers\e1y6032.sys [02/07/2008 18:31 224384]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [13/03/2008 19:02 26640]
R3 NETw5v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits ;c:\windows\System32\drivers\NETw5v32.sys [02/07/2008 09:43 3658752]
S2 webserver;webserver;c:\program files\webserver\webserver.exe --> c:\program files\webserver\webserver.exe [?]
S3 G Data Tuner Service;G Data Tuner Service;c:\program files\G Data\TotalCare\AVKTuner\AVKTunerService.exe --> c:\program files\G Data\TotalCare\AVKTuner\AVKTunerService.exe [?]
S4 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S4 Authentec memory manager;Authentec memory manager service;c:\windows\System32\TAMSvr.exe [15/07/2009 16:51 49152]
S4 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [02/07/2008 09:58 29744]
S4 Partner Service;Partner Service;c:\programdata\Partner\partner.exe [02/07/2008 09:57 110576]
S4 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [25/08/2008 09:58 77824]
S4 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\Toshiba TEMPRO\TempoSVC.exe [24/04/2008 10:21 99720]
S4 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [06/02/2008 14:12 126976]
S4 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [27/05/2008 13:12 628072]
S4 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [15/07/2009 16:50 2058776]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
ddnsfilter REG_MULTI_SZ ddnsfilter

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-21 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 22:10]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-TOSCDSPD - TOSCDSPD.EXE


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
mWindow Title =
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Tout télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Télécharger avec Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Télécharger la sélection avec Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Télécharger la vidéo avec Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - https://www.ebay.fr
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - https://www.amazon.fr/exec/obidos/subst/home/home.html/262-6263521-6325360?_encoding=UTF8&link_code=hom&tag=Toshibafrbholink-21
TCP: {B135A6B2-FD8C-4DA1-B218-FDE7EDD9A609} = 192.168.1.1
FF - ProfilePath - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\19yhnafv.default\
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2724903334-958253879-2847049408-1000\Software\G*e*n*i*e*"!\FM Genie Scout 2009 XE]
"GameDir"="c:\\Users\\Utilisateur\\Documents\\Sports Interactive\\Football Manager 2009\\games"
"ShortlistDir"=""
"ScreenshotsDir"="c:\\Users\\Utilisateur\\Documents\\Sports Interactive\\Football Manager 2009"
"SaveDir"="c:\\Users\\Utilisateur\\Documents\\Sports Interactive\\Football Manager 2009\\"
"HistoryDir"="c:\\Users\\Utilisateur\\Desktop\\FM Genie Scout\\History Points"
"LangDB"="c:\\Program Files\\Sports Interactive\\Football Manager 2009\\data\\updates\\update-930\\db\\930\\lang_db.dat"
"LastSaveGame"="c:\\Users\\Utilisateur\\Documents\\Sports Interactive\\Football Manager 2009\\games\\barcelona.fm"
"Language"="English"
"LoadLangDB"=dword:00000001
"CompressHistoryPoints"=dword:00000000
"HighlightedAttributes"=dword:00000000
"MinCondition"=dword:00000050
"GraphStep"=dword:00000000
"SkinName"="Champions League"
"LastUpdateCheck"=dword:00000000
"HighQualityGUI"=dword:00000001
"AutomaticallyUpdateCheck"=dword:00000001
"AdvancedGeneration"=dword:00000000
"TranslateStaffSkills"=dword:00000001
"TranslatePlayerSkills"=dword:00000001
"TranslatePositions"=dword:00000001
"ShowHistory"=dword:00000001
"Version"=dword:00000067
"UniqueID"="05-AB80-E24F"
"UseProxy"=dword:00000000
"ProxyHost"=""
"ProxyPort"=""
"UseAuthentication"=dword:00000000
"UserName"=""
"UserPassword"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="3DF87FD1B7039EB174F038C6E964A29F7C3B47A238C99422B66947A8AF1544DDF0DC37741D6C0F68FA7EC99C35D96D8C50CDBE213CC19766C5404EACC629B74CD9E69DA487FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D1407A6A0AC4980AC7933A9C6AECB7A5D14077CA81F35104D6E7D55ECF52164B7F2C8FD035AEBE5CD211D498F9789A1ACDE8E2C9CD2B5DD93C46A005073BB47D62C841E2DD8C672F19315BC63E4501E1E4EA8A9B752905D7D831F4AF0618976567F38F0DF4A19A85DD3B2046B0CA1B58E497B6D388042BD9A1D6AE7584699EBDE1595878EF99FF471DEA7A8233E0BDE3ABE5820C112C6A49F145F3D707DF81B3EA30F250E081B34B440E96EE87E9E858033D49D5D1122A9630155E60CB53D6963F9DEBF976750B8D01C32C7FDA7F008E23C4D79745B5B58E29067B35D72FC2DE5F8FE06C86008C914A6FDDE0A659CB90A86DE795823FCB13E02F3A37E0AD3B57B16B1D4A2108E206F2D0E8E1738BEE13FCFEA94BA6C15A7B7AB206F6AA5E14404DA7AC00C64B46AF80B666814F5F93B72ED197AB214B5A438F350808347CA0CFEE22011CBA0CEC86C34D1B1D1C6F1F3B645530DBD45F6844CD7B2F68CBEB53790E1B04111DEB5D3A4AEDD6108A65231C0D2465F3A827315226734A3AE34CEE2831BFA816D0946152615D9A451E648086E2664BD6B21489C1047080DF5214520C36814B4D45FE08894155B5B2AAE05043DE165A378CC1AD20C2FA66FD2D64D73E1B6D272A176EAA23C70BD9BF7F1BE25503D4244EC010E62B16BCA3799F51E561389D48612B5CB480AFD9B2DFD022E5C6E033903B8124F6CC25DF208827573B5B0F27AEF465871548FA8568B69FD919202144D7CAE230C052278E139AAA10E71B69E66E2C3ED4B9382ED94E8C659AA239AE143FA062E783457C421D39118AF60C6C880C674DA4FC83DE0BDA7885EBEDB6CF32682DB03C9750F5FF8179DCB214BA543F7B62658742ABDA6816386A9977F4BE6C4C62D423BB89877FAF41403AD6EBCF23902096E3960A5FA4EE57A2C834534E9AF325E610B6268D1F815A3D825FA97D0FAAC33809C8BBAAA5A3102AAD3D946BE3DE2B7AAFBCA954789D05CBCDA16E86AB46E1E41A4BC67981F79A0BCDD5AC23D892963BB55BD5DC309B6B1F027D88361A1B2A637D9F9B83A5AA7BBD07B5A92D1EF0BF18660FA1E47960BFD8CE550E16AC2990F3FC7BC621C8A569EA60A61BE7A15C2D5CF6D375CE59442FB79757D20CFDC75FB89007338D9F7D8F653EBE977CADCBCE5B2CD9941C72B084BF7B954006DF64EF6191701B4A72AB158BE85638FEAF39A5F1DD83F16AB44BA72991C40E535DDDE6E45253AF64BEE9AB7A7C1B07C94C632E0CFE9B64D5D106B5945"
"OODEFRAG11.00.00.01WORKSTATION"="399F0A1B3D3E8AE998166DECB99E5A4AA6954E9D7250F51C2BE11059CFD903B4DBBAC121C574FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D14075D575E7D6A3B9808A2D97226D213B555B3B89221624E52BF693D8E2B8D41B9DE2D1EB18EFE6E1CA9E44B463F8773771A5374562D0DF73E1782BD2D66A663B6DC08FA904E04A1277A157F5BDC277AD0DC55F962ED6B7ABCE522E5A42CDE625C177F0953FAE8B86F516F0227FE4654449891E67EACCC0DC2F29372DAEB0AE94CCF72C59F4EA56F630708B2A6499E6D2C5FF09BA692D0EEB5A83667E8794D299969557549E18584649889B48E4043365766F1BE0DACEB61F1167D091D0CA2514BEC301E5C38273D46A7B07045CB15A38787A63915EFE72A456E70E2F63ED7195F05218C9635FCE0D3F7CE1368BBCCADF2C1B6375631609272882B43AD8F8D3C4402564EEAA14D3A4772C88CC6C0F6D143B7DAAA9EABC7E831605BBAABE4BA79DE58953700293399D3A5191162EFF290162DE1C7EEFC617E2D12C6200C042992061F36DF30DC1E521F40CB96F442736E7D8CAE88FAA7C5A88462C10E2299764F8792A3A00A3050BC3F1982DCE7950173806437A9AB92E3424A39B963733394782314601A507DE034C327F261DBABF72E9866842D1D87F9A60620ABC0B7C649DE8B25FEAFF87EB997AD89E4E9A429082C33E837D620B51EB9B2C42E0D5E2A2DD3E9EEA988AED59BCB70FE38FCC9193484B3E47FB038AEB7DF3EFCE5F208972FAED8BC1A0F51079637F5EDDB678666554FEEF8A488206A86838CBD0F5F0B311149EA7F2273717A93459C5F56BA49E3952AAE66006E42C01892F422F805EFF8E803A1C925A8D5FC4B6832FEC04837C7F5B3B214813840F2D27D43E807D9F4569E3EF5D41D65F93E4F917E9EC8AB28A9C991AB8B2AFD6EA0EFBA3475B0198B94F2E0D37B94A30CD200B8B9B2AD3E2588B96C3FF8911E55D2FA437C4F00BFD76375571CBDACA46EB3965A1154C721EFC3C0710931DFB83171551642211690B5D50C0E2340996BB8BC1BF52440FD387C232E5016A855B373CC34332138A411B164F1F92ECAA33D33AEEC8E0A574E2DEF4F263EE7F842B83F969F212888720C0DE8B390FBC826275E2EC0AC4B1FCAE9A7D42173F4608FB3ED657469D9295D8F3DA3B24CBBC993786CC21B5B644096A0B226EAADA7C0B4568BB3E31AAED5D26D6B38A5AB9103ED4243D8D8AAC607ED43D496A2ACDD204295D95EF1C40FEB56BBF62D1633144B4EDCFDC2272D56641C0C85623B35E929592BCB2AF8FD5C6EFED56F6F62E6D19FE1E3E93208FBEDEE82766FA6FE0F9028B0138B3DA3616985F8D79ACB3BD3C91EE6B68A4155B159DC974272E287880D0F9110F420748A7B7B0326"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(2920)
c:\program files\TrueSuite Access Manager\IconOvrly.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\program files\Diskeeper Corporation\Diskeeper\DkService.exe
c:\windows\System32\ThpSrv.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Completion time: 2009-08-31 1:53 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-31 23:53

Pre-Run: 74 486 853 632 octets libres
Post-Run: 74 783 150 080 octets libres

384 --- E O F --- 2009-08-27 01:00
0
Narco!4 Messages postés 2385 Date d'inscription dimanche 25 janvier 2009 Statut Contributeur Dernière intervention 25 octobre 2012 467
1 sept. 2009 à 12:37
Si, par malchance, tu n'as plus accès à ta connexion Internet après avoir fait tourner ComboFix, la première chose à faire est de redémarrer ton PC.
Cette seule manip devrait corriger la grande majorité des problèmes de non-connexion à Internet après l'utilisation de ComboFix..
Si tu n'as toujours pas de connexion Internet après avoir redémarré, exécute les étapes suivantes :
1. Clique sur le bouton Démarrer > Paramètres > Panneau de configuration ;
2. Après l'ouverture du Panneau de configuration, fais un double clic sur l'icône Connexions réseau ;
3. Si ton Panneau de configuration est paramétré pour un affichage en catégories, fais un double clic sur Connexions réseau et Internet puis, clique sur Connexions réseau tout en bas.
4. Tu verras alors, une liste de toutes les connexions réseau disponibles. Repère la connexion vers ton adaptateur Sans Fil ou Réseau local et fais un clic droit dessus.
5. Ensuite, tu verras un menu . Clique simplement sur l'option de menu Réparer.
6. Laisse le processus de réparation se dérouler et, lorsqu'il a terminé, ta connexion Internet devrait être de nouveau opérationnelle.
Sinon, si une icône de ton réseau apparaît aussi dans la barre des tâches Windows, tu peux la réparer en faisant un clic droit sur l'icône et en choisissant Réparer
0
pipou12 Messages postés 22 Date d'inscription mercredi 27 août 2008 Statut Membre Dernière intervention 25 décembre 2009 1
1 sept. 2009 à 13:12
"impossible d'executer diagnostic réseau, car le service de stratégie de diagnostics n'est pas en cours d'exécution"

edit : j'ai cherché apparement il faudrait faire une restauration système, mais je n'ai pas de point de restauration...
0