Aller au contenu

badak

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    15

  • Inscription

  • Dernière visite

Contact Methods

  • Website URL
    http://www.robotechcollections.fr
  • ICQ
    0

badak's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. badak
    C'est l'info que je cherchais merci !
  2. badak
    merci encore
  3. badak
    je n'ai pas pu finir cette dernière manip, le propriétaire était pressé de le récupérer... et l'analyse semblait particulièrement longue :-s Cependant tout avait l'air de fonctionner correctement. Il y a des choses que je peut faire à la main quand j'y repasse dessus ? Merci encore pour l'aide.
  4. badak
    Oui ca semble marcher, j'ai accès au web, merci beaucoup à toi Il y a autres choses à vérifier ?
  5. badak
    oui j'ai viré tout ce qui ressemble à un controle parental. dslé pour le rapport mais quoique je fasse le rapport Hijack me sort toujours la même date et heure alors que mon pc est corretement réglé.. je l'ai réinstallé, voici le nouveau rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:05:55, on 15/05/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\WinTV\EPG Services\System\EPGClient.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing) O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU) O10 - Broken Internet access because of LSP provider 'c:\program files\controle parental\bin\lsp.dll' missing O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...eb-20070115.cab O16 - DPF: {3E9BAF2D-7A79-11D2-9334-0000F875AE17} - http://www.allocam.com/nm30.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222173731753 O17 - HKLM\System\CCS\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure ORSP Client (FSORSPClient) - Unknown owner - C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe -- End of file - 10180 bytes .
  6. badak
    C'est fait, il restait cette ligne dans le registre mais le dossier control parental avait bien été supprimé. La commande Netsh m'avait renvoyé un message d'erreur suivant: chec de la r‚initialisation de Requˆte d'‚cho. L'op‚ration demand‚e n‚cessite une ‚l‚vation. chec de la r‚initialisation de G‚n‚ral. L'op‚ration demand‚e n‚cessite une ‚l‚vation. chec de la r‚initialisation de Interface. L'op‚ration demand‚e n‚cessite une ‚l‚vation. chec de la r‚initialisation de Adresse unicast. L'op‚ration demand‚e n‚cessite une ‚l‚vation. chec de la r‚initialisation de Routage. L'op‚ration demand‚e n‚cessite une ‚l‚vation. Il n'y a aucun paramŠtre sp‚cifi‚ par l'utilisateur … r‚initialiser. Nouveau LOG: --------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:55:18, on 12/05/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\WinTV\EPG Services\System\EPGClient.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Controle Parental\bin\OPTGui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe C:\Windows\system32\conime.exe C:\Windows\System32\mobsync.exe C:\Program Files\F-Secure Internet Security\Common\FSLAUNCHER0.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing) O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU) O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...eb-20070115.cab O16 - DPF: {3E9BAF2D-7A79-11D2-9334-0000F875AE17} - http://www.allocam.com/nm30.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222173731753 O17 - HKLM\System\CCS\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe -- End of file - 13219 bytes
  7. badak
    Aucun problème pour les manips, mais la suppression du control parental ne m'a rien donné de plus. une autre idée? Un autre log après le nettoyage et avec l'antivirus désactivé. ------------------ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:55:18, on 12/05/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\WinTV\EPG Services\System\EPGClient.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Controle Parental\bin\OPTGui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe C:\Windows\system32\conime.exe C:\Windows\System32\mobsync.exe C:\Program Files\F-Secure Internet Security\Common\FSLAUNCHER0.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing) O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU) O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...eb-20070115.cab O16 - DPF: {3E9BAF2D-7A79-11D2-9334-0000F875AE17} - http://www.allocam.com/nm30.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222173731753 O17 - HKLM\System\CCS\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe -- End of file - 13219 bytes
  8. badak
    non, et lorsque j'essaye de le désinstaller, le programme de désinstallation plante.
  9. badak
    Bonjour J'ai une pc sous vista familiale prénium qui n'accède plus à internet, aucune adresse ne répond, j'utilisae F-secure2009. On est relié au réseau pas cable ethernet, je peux pinger une autre machine du réseau mais Je ne peux même pas ouvrir la page de config de mon routeur par son IP dans IE. J'ai passé d'abord Combofix et hijack, voici les 2 rapports: merci d'avance pour l'aide Bastien ------------------------------------------------------------------------------- ComboFix 09-05-03.1 - Utilisateur 04/05/2009 8:46.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.3326.2200 [GMT 2:00] Lancé depuis: n:\antivirus\cf.exe AV: F-Secure Internet Security 2009 9.00 *On-access scanning enabled* (Outdated) FW: F-Secure Internet Security 2009 9.00 *enabled* * Resident AV is active . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\FlashGet Network c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log c:\program files\FlashGet Network\FlashGet universal\fgoption.ini c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat c:\program files\FlashGet Network\FlashGet universal\transaction.log c:\program files\messengerskinner c:\program files\messengerskinner\download\defaultPack.cab c:\program files\messengerskinner\MessengerSkinner.exe c:\program files\messengerskinner\resources\appconfig.xml c:\program files\messengerskinner\resources\btn.rgn c:\program files\messengerskinner\resources\btnBnr.rgn c:\program files\messengerskinner\resources\btnIn.rgn c:\program files\messengerskinner\resources\btnInNormal.bmp c:\program files\messengerskinner\resources\btnInOver.bmp c:\program files\messengerskinner\resources\btnNormal.bmp c:\program files\messengerskinner\resources\btnNormal.gif c:\program files\messengerskinner\resources\btnNormalBnr.bmp c:\program files\messengerskinner\resources\btnNormalBnr.gif c:\program files\messengerskinner\resources\btnOver.bmp c:\program files\messengerskinner\resources\btnOver.gif c:\program files\messengerskinner\resources\btnOverBnr.bmp c:\program files\messengerskinner\resources\btnOverBnr.gif c:\program files\messengerskinner\resources\languages_v2.xml c:\program files\VirusEffaceur c:\program files\winvi c:\program files\winvi\dsktp\AC_RunActiveContent.js c:\program files\winvi\dsktp\desktop.html c:\program files\winvi\dsktp\internetDetection.swf c:\program files\winvi\dsktp\settings.sol c:\program files\winvi\Uninst.exe c:\program files\winvi\version.ini c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Conditions générales.url c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Confidentialité.url c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Website.url c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Conditions générales.url c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Confidentialité.url c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\MessengerSkinner.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Website.url c:\users\Utilisateur\AppData\Local\sgucm.dat c:\users\Utilisateur\AppData\Local\sgucm.exe c:\users\Utilisateur\AppData\Local\sgucm_nav.dat c:\users\Utilisateur\AppData\Local\sgucm_navps.dat c:\users\Utilisateur\AppData\Roaming\BITS c:\users\Utilisateur\AppData\Roaming\BITS\BITS.ini c:\users\Utilisateur\AppData\Roaming\BITS\DHTTable.dat c:\users\Utilisateur\AppData\Roaming\BITS\ProxyList.ini c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090314145417.torrent c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090314145417.torrent.~tmp c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090314145417.torrent.bits c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090314145417.torrent.filelist c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent.~tmp c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent.bits c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent.filelist c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent.seeds c:\users\Utilisateur\AppData\Roaming\BITS\UPnP.ini c:\windows\system32\dcads-remove.exe c:\windows\system32\dFrnx05 c:\windows\system32\pac.txt c:\windows\system32\superiorads-uninst.exe . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Boonty Games ((((((((((((((((((((((((((((( Fichiers créés du 2009-04-04 au 2009-05-04 )))))))))))))))))))))))))))))))))))) . 2009-05-04 06:29 . 2009-05-04 06:29 -------- d-----w C:\cmb33 2009-04-26 15:48 . 2009-04-26 15:49 -------- d-----w c:\program files\Personal Media Manager 2009-04-26 15:09 . 2009-04-26 15:10 -------- d-----w c:\program files\jMEnc 2009-04-26 14:44 . 2009-04-26 14:44 -------- d-----w C:\pspvc 2009-04-25 21:11 . 2009-04-25 21:11 -------- d-----r c:\users\Public\Videos 2009-04-25 18:00 . 2009-04-25 18:00 -------- d-----w c:\program files\SAGEM 2009-04-25 18:00 . 2009-04-25 18:00 -------- d-----w c:\users\Utilisateur\AppData\Roaming\InstallShield 2009-04-25 11:18 . 2009-04-25 11:18 -------- d-----w c:\users\Utilisateur\RecordNow! 2009-04-24 18:34 . 2009-04-24 18:34 -------- d-----w c:\users\Utilisateur\AppData\Local\Aspyr 2009-04-24 18:14 . 2009-04-24 18:14 -------- d-----w c:\program files\Aspyr 2009-04-19 18:00 . 2009-04-19 18:00 -------- d-----w c:\users\Public\CyberLink 2009-04-18 16:07 . 2006-11-28 19:46 28224 ------w c:\windows\system32\drivers\PCAMp50.sys 2009-04-18 16:07 . 2006-11-28 19:46 27072 ------w c:\windows\system32\drivers\PCASp50.sys 2009-04-18 16:05 . 2009-04-26 09:07 -------- d-----w c:\program files\Orange 2009-04-18 15:19 . 2006-11-08 10:46 3224 ------w c:\windows\sporder.zip 2009-04-18 15:19 . 2006-12-19 12:34 163120 ------w c:\windows\OptRemove.exe 2009-04-18 15:19 . 2006-12-19 12:47 228648 ------w c:\windows\OptChecker.exe 2009-04-18 15:19 . 2006-02-08 16:30 8464 ------w c:\windows\sporder.dll 2009-04-18 15:19 . 2009-04-18 15:19 -------- d-----w c:\program files\Controle Parental 2009-04-16 10:10 . 2009-04-16 10:10 -------- d-----w c:\program files\RAR Password Cracker 2009-04-16 10:07 . 2009-04-16 10:07 -------- d-----w c:\program files\ElcomSoft 2009-04-16 07:12 . 2009-04-16 07:12 -------- d-----w c:\program files\CASIO 2009-04-15 06:50 . 2008-06-05 04:50 500736 ----a-w c:\windows\system32\msdtcprx.dll 2009-04-15 06:50 . 2008-06-05 04:50 30208 ----a-w c:\windows\system32\xolehlp.dll 2009-04-15 06:50 . 2008-12-08 04:34 376832 ----a-w c:\windows\system32\winhttp.dll 2009-04-15 06:45 . 2009-03-03 04:22 3505120 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-04-15 06:45 . 2009-03-03 04:22 3471328 ----a-w c:\windows\system32\ntoskrnl.exe 2009-04-15 06:45 . 2009-03-03 04:19 549888 ----a-w c:\windows\system32\rpcss.dll 2009-04-15 06:45 . 2009-03-03 02:40 654336 ----a-w c:\windows\system32\printfilterpipelinesvc.exe 2009-04-15 06:45 . 2009-03-03 04:19 158720 ----a-w c:\windows\system32\sdohlp.dll 2009-04-15 06:45 . 2009-03-03 04:19 24576 ----a-w c:\windows\system32\printfilterpipelineprxy.dll 2009-04-15 06:45 . 2009-03-03 04:16 37888 ----a-w c:\windows\system32\iasdatastore.dll 2009-04-15 06:45 . 2009-03-03 04:16 97280 ----a-w c:\windows\system32\iasrecst.dll 2009-04-15 06:45 . 2009-03-03 04:16 53248 ----a-w c:\windows\system32\iasads.dll 2009-04-15 06:44 . 2009-02-13 07:26 1233408 ----a-w c:\windows\system32\lsasrv.dll 2009-04-15 06:44 . 2009-02-13 07:26 72704 ----a-w c:\windows\system32\secur32.dll 2009-04-15 06:44 . 2009-02-13 07:26 7680 ----a-w c:\windows\system32\lsass.exe 2009-04-15 06:44 . 2009-03-17 03:16 14848 ----a-w c:\windows\system32\apilogen.dll 2009-04-15 06:44 . 2009-03-17 03:16 25600 ----a-w c:\windows\system32\amxread.dll 2009-04-13 18:18 . 2009-04-13 18:18 -------- d-sh--w C:\found.000 2009-04-13 09:26 . 2009-04-13 09:26 -------- d-----w c:\users\Utilisateur\AppData\Roaming\cmw 2009-04-13 08:15 . 2009-04-13 08:15 -------- d-----w c:\users\Utilisateur\AppData\Local\GHISLER 2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\UC.PIF 2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\RAR.PIF 2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\PKZIP.PIF 2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\PKUNZIP.PIF 2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\NOCLOSE.PIF 2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\LHA.PIF 2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\ARJ.PIF 2009-04-13 08:14 . 2009-04-13 08:14 -------- d-----w c:\users\Utilisateur\AppData\Roaming\GHISLER 2009-04-13 08:14 . 2009-04-26 07:26 -------- d-----w C:\totalcmd 2009-04-13 08:03 . 2009-04-13 08:03 -------- d-----w c:\users\Utilisateur\AppData\Local\tcbackup 2009-04-13 07:19 . 2009-04-13 07:20 -------- d-----w c:\users\Utilisateur\AppData\Local\Songbird2 2009-04-13 07:19 . 2009-04-13 07:19 -------- d-----w c:\users\Utilisateur\AppData\Roaming\Songbird2 2009-04-11 20:53 . 2009-04-25 21:32 -------- d-----w c:\program files\Universal Share Downloader 2009-04-11 18:11 . 2009-04-11 18:11 -------- d-----w c:\users\Utilisateur\AppData\Roaming\FlashGet 2009-04-11 18:11 . 2009-04-12 14:25 -------- d-----w c:\program files\FlashGet 2009-04-10 17:42 . 2009-04-10 17:42 -------- d-----w c:\program files\Steganos Secure FileSharing 6 2009-04-10 17:37 . 2009-04-10 17:37 -------- d-----w c:\windows\IP Changer 2009-04-10 17:37 . 2009-04-10 17:37 -------- d-----w c:\program files\IP Changer 2009-04-10 15:00 . 2008-04-17 10:12 107368 ----a-w c:\windows\system32\GEARAspi.dll 2009-04-10 15:00 . 2009-03-19 14:32 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys 2009-04-10 14:59 . 2009-04-10 14:59 -------- d-----w c:\program files\iPod 2009-04-10 14:59 . 2009-04-10 15:00 -------- d-----w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-04-10 14:59 . 2009-04-10 15:00 -------- d-----w c:\users\All Users\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-04-10 14:59 . 2009-04-10 15:00 -------- d-----w c:\program files\iTunes . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-04 06:52 . 2009-02-18 20:56 520 ----a-w c:\windows\Tasks\Maintenance en 1 clic.job 2009-05-04 06:52 . 2006-11-02 13:01 6 ---ha-w c:\windows\Tasks\SA.DAT 2009-05-04 06:48 . 2007-01-03 00:26 700338 ----a-w c:\windows\system32\perfh00C.dat 2009-05-04 06:48 . 2007-01-03 00:26 121824 ----a-w c:\windows\system32\perfc00C.dat 2009-05-04 06:38 . 2008-09-21 10:12 534 ----a-w c:\windows\Tasks\Scheduled scanning task.job 2009-05-04 06:20 . 2008-05-11 09:21 430 ---ha-w c:\windows\Tasks\User_Feed_Synchronization-{E7A712FE-EAB3-445F-AF00-3CB31235346A}.job 2009-05-04 06:16 . 2009-02-13 15:15 94 ----a-w c:\users\Utilisateur\AppData\Local\cwgqqug.bat 2009-04-29 06:21 . 2009-03-07 19:22 880 ----a-w c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1069653304-4130688360-3652511890-1000.job 2009-04-26 15:10 . 2008-09-13 12:52 -------- d-----w c:\program files\AviSynth 2.5 2009-04-26 14:41 . 2009-01-18 10:02 -------- d-----w c:\program files\EdenSoftware 2009-04-26 07:27 . 2008-09-12 15:05 -------- d-----w c:\program files\Red Kawa 2009-04-26 07:25 . 2007-01-02 16:19 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-26 07:16 . 2008-04-29 08:49 -------- d-----w c:\program files\LimeWire 2009-04-26 07:16 . 2008-09-27 18:09 -------- d-----w c:\program files\LG Media Center 2009-04-26 07:15 . 2008-05-17 14:51 -------- d-----w c:\program files\Ubisoft 2009-04-25 21:42 . 2009-03-07 14:17 -------- d-----w c:\program files\DAEMON Tools Toolbar 2009-04-25 21:36 . 2009-03-07 14:28 -------- d-----w c:\program files\Playlogic 2009-04-25 21:31 . 2008-09-08 10:52 -------- d-----w c:\program files\World of invalis 2009-04-24 19:55 . 2009-04-24 19:55 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_xusb21_01005.Wdf 2009-04-24 19:55 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infpub.dat 2009-04-24 19:55 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat 2009-04-24 19:55 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat 2009-04-24 12:55 . 2008-04-29 14:32 -------- d-----w c:\program files\F-Secure Internet Security 2009-04-24 10:50 . 2008-08-18 20:41 -------- d-----w c:\program files\Safari 2009-04-16 07:23 . 2008-06-06 09:38 89184 ----a-w c:\users\Utilisateur\AppData\Local\GDIPFONTCACHEV1.DAT 2009-04-16 01:14 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail 2009-04-11 19:58 . 2009-02-16 00:49 -------- d-----w c:\program files\StumbleUpon 2009-04-11 16:37 . 2009-02-17 18:04 107888 ----a-w c:\windows\system32\CmdLineExt.dll 2009-04-10 14:59 . 2008-04-29 10:50 -------- d-----w c:\program files\Common Files\Apple 2009-03-20 21:36 . 2009-03-20 21:36 -------- d-----w c:\program files\ABC Transdict 2009-03-20 18:09 . 2008-08-18 20:57 -------- d-----w c:\program files\QuickTime 2009-03-17 03:16 . 2009-04-15 06:44 40960 ----a-w c:\windows\AppPatch\apihex86.dll 2009-03-16 06:29 . 2008-04-28 16:06 -------- d-----w c:\program files\WinTV 2009-03-08 08:26 . 2009-03-08 08:26 -------- d-----w c:\program files\Electronic Arts 2009-03-08 07:48 . 2008-05-23 17:07 -------- d-----w c:\program files\EA Games 2009-03-08 07:45 . 2009-02-28 18:08 -------- d-----w c:\program files\Common Files\Wise Installation Wizard 2009-03-08 07:45 . 2009-03-01 11:44 -------- d-----w c:\program files\AGEIA Technologies 2009-03-08 07:42 . 2009-03-06 21:44 -------- d-----w c:\program files\Allocam Multi Visio 2009-03-07 19:45 . 2009-03-07 19:45 -------- d-----w c:\program files\WindSolutions 2009-03-07 14:40 . 2009-03-07 14:40 271360 ----a-w c:\windows\system32\drivers\atksgt.sys 2009-03-07 14:40 . 2009-03-07 14:40 18048 ----a-w c:\windows\system32\drivers\lirsgt.sys 2009-03-07 14:17 . 2009-03-07 14:17 -------- d-----w c:\program files\DAEMON Tools Lite 2009-03-07 14:17 . 2009-03-07 14:11 -------- d-----w c:\program files\DAEMON Tools Pro 2009-03-07 14:05 . 2009-03-01 09:46 138464 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2009-03-07 14:05 . 2009-03-01 09:45 111928 ----a-w c:\windows\system32\PnkBstrB.exe 2009-03-07 13:17 . 2009-03-01 09:46 22328 ----a-w c:\users\Utilisateur\AppData\Roaming\PnkBstrK.sys 2009-03-07 13:17 . 2009-03-01 09:45 682280 ----a-w c:\windows\system32\pbsvc.exe 2009-03-07 12:40 . 2009-03-07 12:40 -------- d-----w c:\program files\Activision 2009-03-05 22:59 . 2009-03-05 22:59 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys 2009-03-05 22:59 . 2009-03-05 22:59 1900544 ----a-w c:\windows\system32\usbaaplrc.dll 2009-03-03 04:20 . 2009-04-15 06:43 826368 ----a-w c:\windows\system32\wininet.dll 2009-03-03 04:16 . 2009-04-15 06:43 56320 ----a-w c:\windows\system32\iesetup.dll 2009-03-03 04:16 . 2009-04-15 06:43 78336 ----a-w c:\windows\system32\ieencode.dll 2009-03-03 04:16 . 2009-04-15 06:43 52736 ----a-w c:\windows\AppPatch\iebrshim.dll 2009-03-03 04:15 . 2009-04-15 06:43 72704 ----a-w c:\windows\system32\admparse.dll 2009-03-03 02:08 . 2009-04-15 06:43 26624 ----a-w c:\windows\system32\ieUnatt.exe 2009-03-03 00:44 . 2009-04-15 06:43 48128 ----a-w c:\windows\system32\mshtmler.dll 2009-03-01 09:45 . 2009-03-01 09:45 66872 ----a-w c:\windows\system32\PnkBstrA.exe 2009-02-27 18:13 . 2008-09-02 11:15 2934 ----a-w c:\users\Utilisateur\AppData\Roaming\wklnhst.dat 2009-02-21 21:15 . 2008-07-30 11:28 680 ----a-w c:\users\Utilisateur\AppData\Local\d3d9caps.dat 2009-02-18 20:56 . 2009-02-18 20:56 603904 ----a-w c:\windows\system32\TUProgSt.exe 2009-02-18 20:56 . 2009-02-18 20:56 360192 ----a-w c:\windows\system32\TuneUpDefragService.exe 2009-02-09 01:59 . 2009-03-11 18:27 2028032 ----a-w c:\windows\system32\win32k.sys 2009-02-05 09:54 . 2007-01-02 16:19 453152 ----a-w c:\windows\system32\nvuninst.exe 2008-12-12 02:16 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini 2007-01-03 00:41 . 2007-01-03 00:28 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}] 2008-08-20 14:06 66912 ----a-w c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}] 2009-01-30 14:12 650752 ----a-w c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll" [2009-01-30 650752] [HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-04-28 1232896] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856] "PMCLoader"="c:\program files\Pinnacle\TVCenter Pro\PMCLoader.exe" [2008-01-24 644368] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784] "EPGServiceTool"="c:\progra~1\WinTV\EPG Services\System\EPGClient.exe" [2007-08-01 675840] "CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696] "CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472] "F-Secure Manager"="c:\program files\F-Secure Internet Security\Common\FSM32.EXE" [2008-10-14 182936] "F-Secure TNB"="c:\program files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [2008-10-14 957024] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13683232] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 92704] "OPTENET_GUI"="c:\progra~1\CONTRO~1\bin\optgui.exe" [2006-12-20 404536] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-15 4874240] c:\users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2008-4-28 110647] Pinnacle Streaming Server.lnk - c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe [2007-12-3 599312] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{5849F780-6F5C-478F-8E98-71C9A4F32FF0}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{A654C1BF-B3F9-4BE0-813E-067B6DECF426}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{2DAB83A4-9E15-4CC6-B722-B76DF0C2CFBE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{0D00698C-007A-4986-AB88-D893F5E0AC8D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "TCP Query User{4A03F985-A926-4BF5-8AD9-42EECCD5F3BC}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule "UDP Query User{0C0EC765-5C84-4065-A620-711F345B883B}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule "{44B36E0A-34FC-497B-B5B0-EC19EA750716}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{32EB5459-D34A-47CC-B505-F44ECEB7F25C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{1A08652D-4863-45E2-B16F-885A5A7441E3}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{9D7D035F-8E11-4CF3-AE7B-36B134F2F08D}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{BA719E6D-A427-424E-B1CB-7B3E07B41B38}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{4426DDB6-0D36-426C-94EC-FC25EF53E2C6}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{C38D2A4E-9494-4BB3-90E1-D7655726EC79}"= c:\program files\HP\DVDPlay\DVDPlay.exe:DVD Play "{B01E0A51-8E2A-4DFF-8482-EF377C6AC61A}"= c:\program files\HP\DVDPlay\DPService.exe:DVD Play Resident Program "{C6D35A67-59A9-4DB7-A29B-1514743CCEDE}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{9602C277-D94B-4596-B5D8-8B88D9351A53}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire "{1E9AD83E-17A0-478A-91F4-FCA8A17BC882}"= UDP:c:\program files\DNA\btdna.exe:DNA "{EC127DC9-6ECA-46A5-8958-168A344DCAC2}"= TCP:c:\program files\DNA\btdna.exe:DNA "{ECF3BB4E-CB3D-4222-BD44-FE11A6DFD922}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{F8F3788A-A3E7-47CF-BD52-B924ABAE3008}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{96311221-ED94-437B-B614-2F31FF60B470}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager "{9768D8AA-C3B4-4934-B977-B49C24A8BE6E}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager "{41A61533-1FA4-415E-B84A-D1AEED7BBA97}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile "{D805910E-01C2-49C7-B383-92F53E109BFE}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile "{518EEFD1-12A8-4C54-9733-A947A4E2166E}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi "{9224448A-506B-4FC4-82A1-DA2CCDECE7CA}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi "{802695CE-E533-46ED-8933-D11F4F956ABB}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin "{A0F95DE0-F06F-45A7-B240-8CF7DDBF9647}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin "{4ABF73DD-C3CA-452E-8C06-C388B9F46561}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{451BECF0-3323-4249-A155-CD44607E4193}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{AB073EA7-3687-407E-A4C8-31ED2F7FAB7E}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{E673FC4E-BFF8-416F-8CE6-F1683B69AE7B}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "{7AF878C2-1B73-4168-9164-F7E93F5062AC}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2 "{4F2CE493-6F45-4285-9A24-7689BE680FB7}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2 "{AA31A262-096F-4283-87B2-5048946DFD44}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater "{CAE8F1C4-EB42-4716-909C-6A23000A0670}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater "{79C4088A-655A-4BBE-8365-8967627E70A8}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur "{2CE83250-A7DE-40CC-9904-3629F8E9132E}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur "{D9CCAEF8-05B4-4530-AF63-0A14C5A64BB0}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{36905363-ABF3-4F01-BA4B-80BA79F84604}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{D1E1805B-BCB6-4BE3-A84E-7755BD1C7421}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{D9A80D09-04D1-4793-8A5A-F5FA220E433E}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{D79D3A27-B745-4BE5-86DD-DFB6E21926A5}"= UDP:c:\program files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™ "{BDAFC477-722E-4973-889F-2D37EB1DAC06}"= TCP:c:\program files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge™ "{82AE1679-6705-4D4A-AEE6-6565BA51254C}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{30CB72AB-7A1E-471F-BE97-736BA7A3BA03}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "TCP Query User{85CCF079-E4B2-4870-A451-0CA0BF24E6A9}c:\\program files\\aspyr\\guitar hero iii\\gh3.exe"= UDP:c:\program files\aspyr\guitar hero iii\gh3.exe:Guitar Hero III "UDP Query User{C24BAD9C-7CDA-4191-9886-05D42F3CC234}c:\\program files\\aspyr\\guitar hero iii\\gh3.exe"= TCP:c:\program files\aspyr\guitar hero iii\gh3.exe:Guitar Hero III "TCP Query User{B5608939-E4B2-41B3-B9CA-C44E86AFF345}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager "UDP Query User{549E60E6-5160-46F6-9881-CCA6A3B55E3A}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager "TCP Query User{136F1E63-ADE2-4E4F-8CE7-CB23E2BD4A47}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent "UDP Query User{0048B1D2-6731-4D8F-87E0-41B538AD8F0F}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent "TCP Query User{513DC7DB-CD0F-4989-9844-7FF97D37719C}c:\\program files\\aspyr\\guitar hero iii\\gh3.exe"= UDP:c:\program files\aspyr\guitar hero iii\gh3.exe:Guitar Hero III "UDP Query User{667CDDF8-55F0-4A2C-9669-C8D619E68DA2}c:\\program files\\aspyr\\guitar hero iii\\gh3.exe"= TCP:c:\program files\aspyr\guitar hero iii\gh3.exe:Guitar Hero III "{7898555E-4A21-4B54-BF7B-D901333A66E7}"= UDP:c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe:Pinnacle Streaming Server "{83600087-360C-49CC-A179-102401244D42}"= TCP:c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe:Pinnacle Streaming Server [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent "c:\\Program Files\\FlashGet Network\\FlashGet universal\\FlashGet.exe"= c:\program files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 "c:\\Program Files\\FlashGet Network\\FlashGet universal\\LiveUpdate.exe"= c:\program files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate "c:\\Program Files\\FlashGet Network\\FlashGet universal\\LiveUpdateEx.exe"= c:\program files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx R2 OPTENET_FILTER;Orange Contrôle Parental;c:\program files\Controle Parental\bin\optproxy.exe [2006-12-21 624376] R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [2008-02-15 559616] R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [2008-02-15 15616] R3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\DRIVERS\modrc.sys [2007-07-11 13824] R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224] R3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys [2008-05-07 88704] R3 PVUSB;CESG502 USB Driver;c:\windows\system32\DRIVERS\CESG502.sys [2007-03-13 47648] R3 SkLaggProtocol;Marvell Link Aggregation Protocol;c:\windows\system32\DRIVERS\yk60x32l.sys [2007-12-14 57856] R3 SkVlanProtocol;Marvell VLAN Protocol;c:\windows\system32\DRIVERS\yk60x32v.sys [2007-11-23 20992] R3 SPC1300;USB2.0 PC Camera (SPC1300);c:\windows\system32\DRIVERS\spc1300.sys [2007-11-13 3033728] R3 StumbleUponUpdateService;StumbleUponUpdateService;c:\program files\StumbleUpon\StumbleUponUpdateService.exe [2009-03-24 120168] R4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure Internet Security\Anti-Virus\Win2K\FSfilter.sys [2008-10-14 39776] R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure Internet Security\Anti-Virus\Win2K\FSrec.sys [2008-10-14 25184] S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2009-01-22 33408] S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure Internet Security\HIPS\drivers\fshs.sys [2008-10-14 66720] S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2008-10-14 35552] S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-10-14 70944] S1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsvista.sys [2008-10-14 12384] S2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\HP\DVDPlay\000.fcl [2007-12-18 11:18 39408] S2 EPGService;EPGService;c:\progra~1\WinTV\EPG Services\System\EPGService.exe [2007-11-05 431104] S2 ezntsvc;EasyBits Magic Desktop Services for Windows NT;c:\windows\system32\ezNTSvc.exe [2008-04-30 33792] S2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320] S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-02-18 603904] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys [2009-03-23 84608] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure Internet Security\ORSP Client\fsorsp.exe [2008-10-14 55904] S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2008-02-26 493568] --- Autres Services/Pilotes en mémoire --- *Deregistered* - sptd HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83aa7abb-a8d3-11dd-b6c5-001e8c89f9c5}] \shell\AutoRun\command - M:\InstallTomTomHOME.exe . Contenu du dossier 'Tâches planifiées' 2009-04-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1069653304-4130688360-3652511890-1000.job - c:\users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-07 19:21] 2009-05-04 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04] 2009-05-04 c:\windows\Tasks\Scheduled scanning task.job - c:\progra~1\F-SECU~1\ANTI-V~1\fsav.exe [2008-09-21 13:00] 2009-05-04 c:\windows\Tasks\User_Feed_Synchronization-{E7A712FE-EAB3-445F-AF00-3CB31235346A}.job - c:\windows\system32\msfeedssync.exe [2006-11-02 09:45] . - - - - ORPHELINS SUPPRIMES - - - - Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) . ------- Examen supplémentaire ------- . uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=desktop IE: {{2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - c:\progra~1\ALLOCA~1\allocam.exe LSP: c:\program files\Controle Parental\bin\lsp.dll TCP: {0FFBC165-B82E-4EFF-B67D-EA077B4760A9} = 192.168.1.1,80.10.246.2 FF - ProfilePath - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\ap5otnd7.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p= FF - component: c:\program files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components\pdfforgeToolbarFF.dll FF - component: c:\program files\Mozilla Firefox\extensions\[email protected]\components\SearchSettingsFF.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll FF - plugin: c:\users\Utilisateur\AppData\Local\Google\Update\1.2.141.5\npGoogleOneClick7.dll FF - plugin: c:\users\Utilisateur\Program Files\DNA\plugins\npbtdna.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-04 08:55 Windows 6.0.6000 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-1069653304-4130688360-3652511890-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:f0,f4,c7,7f,ba,21,60,d2,d0,30,b2,e5,25,d9,f9,3b,3b,69,ec,5c,5d,ea,f8, 80,c3,48,f0,0a,24,0c,58,7b,73,01,9b,ca,31,4e,d3,ce,9b,c9,71,95,02,8b,9a,d6,\ "??"=hex:04,db,bb,1e,60,09,b2,fb,c8,16,fb,0e,07,32,5a,19 [HKEY_USERS\S-1-5-21-1069653304-4130688360-3652511890-1000\Software\SecuROM\License information*] "datasecu"=hex:85,30,9e,eb,c8,3f,0a,b2,0a,9f,16,d4,25,4f,11,fd,7b,42,40,ad,59, 42,b4,28,d4,55,e1,60,78,24,30,61,73,a3,61,b1,a4,7d,68,f6,87,5c,12,d6,e7,59,\ "rkeysecu"=hex:3f,72,8e,8d,48,e3,e3,de,a6,12,b7,79,cd,f8,35,b1 [HKEY_USERS\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 [HKEY_USERS\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(776) c:\program files\F-Secure Internet Security\FWES\Program\fsdc32.dll - - - - - - - > 'lsass.exe'(668) c:\program files\Controle Parental\bin\lsp.dll c:\program files\F-Secure Internet Security\FWES\Program\fsdc32.dll - - - - - - - > 'Explorer.exe'(4724) c:\program files\F-Secure Internet Security\Spam Control\fsscoepl.dll c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll - - - - - - - > 'csrss.exe'(548) c:\program files\F-Secure Internet Security\FWES\Program\fsdc32.dll - - - - - - - > 'csrss.exe'(620) c:\program files\F-Secure Internet Security\FWES\Program\fsdc32.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\System32\nvvsvc.exe c:\windows\System32\audiodg.exe c:\windows\System32\rundll32.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe c:\program files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe c:\program files\F-Secure Internet Security\Common\FSMA32.EXE c:\program files\F-Secure Internet Security\Anti-Virus\fsgk32.exe c:\program files\F-Secure Internet Security\Common\FSMB32.EXE c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe c:\program files\Canon\IJPLM\ijplmsvc.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\System32\PnkBstrA.exe c:\windows\System32\WUDFHost.exe c:\program files\F-Secure Internet Security\Common\FCH32.EXE c:\program files\F-Secure Internet Security\Common\FAMEH32.EXE c:\program files\F-Secure Internet Security\Anti-Virus\fsqh.exe c:\program files\F-Secure Internet Security\FSPC\fspc.exe c:\program files\F-Secure Internet Security\Anti-Virus\fssm32.exe c:\program files\F-Secure Internet Security\FSAUA\program\fsaua.exe c:\program files\F-Secure Internet Security\FWES\program\fsdfwd.exe c:\program files\F-Secure Internet Security\FSAUA\program\fsus.exe c:\windows\System32\conime.exe c:\program files\WinTV\EPG Services\System\EPGClient.exe c:\windows\System32\rundll32.exe c:\program files\Controle Parental\bin\OPTGui.exe c:\program files\F-Secure Internet Security\FSGUI\fsguidll.exe c:\program files\Windows Media Player\wmpnscfg.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\F-Secure Internet Security\Anti-Virus\fsav32.exe c:\windows\ehome\ehsched.exe c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe c:\windows\ehome\ehrecvr.exe . ************************************************************************** . Heure de fin: 2009-05-04 9:03 - La machine a redémarré ComboFix-quarantined-files.txt 2009-05-04 07:03 Avant-CF: 246 198 030 336 octets libres Après-CF: 245 977 690 112 octets libres 480 --- E O F --- 2009-05-04 06:30 -------------------------------------------------------------------------------------------------------------------------------------------------------- HIJACK::::::: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:55:18, on 12/05/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\WinTV\EPG Services\System\EPGClient.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Windows\System32\rundll32.exe C:\Program Files\Controle Parental\bin\OPTGui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\TomTom HOME 2\HOMERunner.exe C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe C:\Windows\system32\conime.exe C:\Windows\System32\mobsync.exe C:\Program Files\F-Secure Internet Security\Common\FSLAUNCHER0.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing) O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU) O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU) O13 - Gopher Prefix: O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...eb-20070115.cab O16 - DPF: {3E9BAF2D-7A79-11D2-9334-0000F875AE17} - http://www.allocam.com/nm30.exe O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222173731753 O17 - HKLM\System\CCS\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe -- End of file - 13219 bytes -----------------------------------------------------------------------
  10. badak
    Problème résolu, meci Mr PEAR
  11. badak
    Voici le rapport JE NOTE QUE CMD et REGEDIT fonctionne a nouveau, je vais voir si les détournemensts de liens internet ont disparu aussi. ComboFix 09-03-10.01 - gbean 2009-03-11 9:57:03.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2039.1637 [GMT 1:00] Lancé depuis: c:\documents and settings\GBEAN\Bureau\CF.exe AV: F-Secure Anti-Virus Client Security 6.03 *On-access scanning enabled* (Updated) AV: Trend Micro OfficeScan Client *On-access scanning disabled* (Updated) FW: Pare-feu pour client - version d'entreprise Trend Micro OfficeScan *disabled* * Un nouveau point de restauration a été créé . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\ftg.hyb c:\windows\system32\ntnet.drv c:\windows\system32\win32hlp.cnf . ((((((((((((((((((((((((((((( Fichiers créés du 2009-02-11 au 2009-03-11 )))))))))))))))))))))))))))))))))))) . 2009-03-11 09:00 . 2009-03-11 09:00 <REP> d-------- c:\program files\Enigma Software Group 2009-03-11 08:46 . 2009-03-11 08:46 <REP> d-------- c:\program files\Prevx 2009-03-11 08:46 . 2009-03-11 09:29 <REP> d-------- c:\documents and settings\All Users\Application Data\PrevxCSI 2009-03-11 08:46 . 2009-03-11 08:46 64 --a------ c:\windows\wininit.ini 2009-03-10 11:32 . 2009-03-10 11:26 343,017 --a------ C:\ToolBarSD.exe 2009-03-10 11:31 . 2009-03-11 09:33 <REP> d-------- C:\ToolBar SD 2009-03-09 17:47 . 2009-03-09 17:47 <REP> d-------- C:\fsaua.data 2009-03-09 17:44 . 2009-03-09 17:44 <REP> d--h----- c:\windows\system32\GroupPolicy 2009-03-09 17:39 . 2009-03-09 17:39 <REP> d-------- c:\program files\jv16 PowerTools 2009-03-09 17:15 . 2007-08-03 09:50 <REP> d--h----- c:\documents and settings\Administrateur.PORTABLE_GBEAN.001\Voisinage réseau 2009-03-09 17:15 . 2007-08-03 09:50 <REP> d--h----- c:\documents and settings\Administrateur.PORTABLE_GBEAN.001\Voisinage d'impression 2009-03-09 17:15 . 2007-08-03 09:01 <REP> d--h----- c:\documents and settings\Administrateur.PORTABLE_GBEAN.001\Modèles 2009-03-09 17:15 . 2009-03-09 17:15 <REP> dr------- c:\documents and settings\Administrateur.PORTABLE_GBEAN.001\Mes documents 2009-03-09 17:15 . 2007-08-03 09:50 <REP> dr------- c:\documents and settings\Administrateur.PORTABLE_GBEAN.001\Menu Démarrer 2009-03-09 17:15 . 2009-03-09 17:15 <REP> dr------- c:\documents and settings\Administrateur.PORTABLE_GBEAN.001\Favoris 2009-03-09 17:15 . 2007-08-03 09:50 <REP> d-------- c:\documents and settings\Administrateur.PORTABLE_GBEAN.001\Bureau 2009-03-09 17:15 . 2009-03-09 17:15 <REP> d-------- c:\documents and settings\Administrateur.PORTABLE_GBEAN.001 2009-03-09 17:03 . 2004-08-05 13:00 400,896 --a------ c:\windows\system32\cmd2.exe 2009-03-09 15:48 . 2009-03-09 15:48 <REP> d-------- c:\documents and settings\GBEAN\Application Data\Malwarebytes 2009-03-09 15:48 . 2009-03-09 15:48 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-03-09 15:28 . 2009-03-09 15:28 <REP> d-------- c:\program files\Navilog1 2009-03-09 10:40 . 2009-03-09 10:40 <REP> d-------- c:\program files\Skyline 2009-03-09 10:38 . 2009-03-09 16:00 <REP> d-------- c:\windows\system32\CatRoot_bak 2009-03-09 10:05 . 2009-03-09 10:37 <REP> d-------- c:\windows\LastGood(2) 2009-03-09 09:52 . 2009-03-09 09:52 <REP> d-------- c:\windows\l2schemas 2009-03-09 09:51 . 2009-03-09 09:51 <REP> d-------- c:\windows\ServicePackFiles 2009-03-09 09:49 . 2006-12-29 07:32 67,866 --------- c:\windows\system32\drivers\netwlan5.img 2009-03-09 09:49 . 2006-12-29 07:51 64,352 --------- c:\windows\system32\drivers\ativmc20.cod 2009-03-09 09:49 . 2006-12-28 12:01 19,569 --a------ c:\windows\002936_.tmp 2009-03-09 09:43 . 2009-03-09 10:40 <REP> d-------- c:\documents and settings\Administrateur.PORTABLE_GBEAN.000\Modèles 2009-03-09 09:43 . 2009-03-09 10:40 <REP> d---s---- c:\documents and settings\Administrateur.PORTABLE_GBEAN.000 2009-03-09 09:40 . 2009-03-09 10:40 <REP> d-------- c:\program files\Navilog1(2) 2009-03-05 16:16 . 2009-03-09 10:40 <REP> d-------- c:\documents and settings\Administrateur.PORTABLE_GBEAN\Modèles 2009-03-05 16:16 . 2009-03-09 10:40 <REP> d---s---- c:\documents and settings\Administrateur.PORTABLE_GBEAN 2009-03-05 14:42 . 2009-03-09 10:40 <REP> d-------- c:\program files\Skyline(2) 2009-02-27 09:58 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys 2009-02-27 09:58 . 2004-08-03 23:08 31,616 --a--c--- c:\windows\system32\dllcache\usbccgp.sys 2009-02-27 09:00 . 2009-02-27 09:03 <REP> d-------- c:\documents and settings\GBEAN\Application Data\U3 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-11 09:00 --------- d-----w c:\program files\OCS Inventory Agent 2009-03-11 08:28 --------- d-----w c:\program files\UltraVNC 2009-03-09 09:40 --------- d-----w c:\program files\Spybot - Search & Destroy 2009-03-09 09:40 --------- d-----w c:\program files\Google 2009-03-09 09:40 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-03-09 09:40 --------- d-----w c:\documents and settings\All Users\Application Data\Skyline . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-03 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-03 162584] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-03 138008] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 827392] "Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-01-02 40960] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-05-02 163840] "PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2007-05-08 331552] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448] "PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184] "CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17920] "WatchDog"="c:\program files\InterVideo\DVD Check\DVDCheck.exe" [2007-05-23 192512] "BEWINTERNET-FR-DMESessionManager"="c:\program files\OrangeBS\BEWInternet\SessionManager\SessionManager.exe" [2007-05-15 81920] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "OfficeScanNT Monitor"="c:\program files\Trend Micro\OfficeScan Client\pccntmon.exe" [2005-04-09 335872] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-02-06 561213] LUMIX Simple Viewer.lnk - c:\program files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [2008-03-09 57344] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2007-02-07 00:30 74240 c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=APSHook.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli ASWLNPkg [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3914406163-798979396-1827139313-1163\Scripts\Logon\0\0] "Script"=\\192.168.33.1\netlogon\srv-com.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\OrangeBS\\BEWInternet\\Connectivity\\ConnectivityManager.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 R2 ASBroker;Courtier de session de connexion;c:\windows\System32\svchost.exe -k Cognizance [2004-08-05 14336] R2 ASChannel;Canal de communication local;c:\windows\System32\svchost.exe -k Cognizance [2004-08-05 14336] R2 OCS INVENTORY;OCS INVENTORY SERVICE;c:\program files\OCS Inventory Agent\OcsService.exe [2008-04-21 69632] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2007-08-10 540448] R2 TmFilter;Trend Micro Filter;c:\program files\Trend Micro\OfficeScan Client\tmxpflt.sys [2005-02-18 205328] R2 TmPreFilter;Trend Micro PreFilter;c:\program files\Trend Micro\OfficeScan Client\tmpreflt.sys [2005-02-18 36368] R3 Eacfilt;Eacfilt Miniport;c:\windows\system32\drivers\eacfilt.sys [2008-02-07 11113] S0 upekuorf;upekuorf;c:\windows\system32\drivers\djeunmm.sys --> c:\windows\system32\drivers\djeunmm.sys [?] S3 GTFFBUS;GT FF BUS;c:\windows\system32\drivers\gtffbus.sys [2007-10-25 17152] S3 GTMNDISIRPXP;GT M 3G+ IRP NDIS;c:\windows\system32\drivers\Gtm51Irp.sys [2007-10-25 122240] S3 GTPTSER;GT PT SER;c:\windows\system32\drivers\gtptser.sys [2007-10-25 8064] S3 GTUQBUS;GT UQ BUS;c:\windows\system32\drivers\gtuqbus.sys [2007-10-25 36992] S3 HP24X;HP PC Card Smart Card Reader;c:\windows\system32\drivers\HP24X.sys [2007-08-03 33024] S3 IPSECEXT;Nortel Extranet Access Protocol;c:\windows\system32\drivers\ipsecw2k.sys [2008-02-07 216459] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Cognizance REG_MULTI_SZ ASBroker ASChannel . Contenu du dossier 'Tâches planifiées' 2009-01-29 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 14:21] . - - - - ORPHELINS SUPPRIMES - - - - HKLM-Run-Logitech Hardware Abstraction Layer - KHALMNPR.EXE . ------- Examen supplémentaire ------- . uStart Page = www.google.fr/ . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-11 10:00:33 Windows 5.1.2600 Service Pack 2 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe??????????????@? ????N????????@???????@ Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1692) c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll - - - - - - - > 'lsass.exe'(1748) c:\program files\Hewlett-Packard\IAM\bin\ASWLNPkg.dll c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll . ------------------------ Autres processus actifs ------------------------ . c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\windows\system32\scardsvr.exe c:\program files\Canon\DIAS\CnxDIAS.exe c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe c:\program files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe c:\program files\Trend Micro\OfficeScan Client\NTRtScan.exe c:\program files\Trend Micro\OfficeScan Client\TmListen.exe c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe c:\program files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe c:\windows\temp\YEFBBB.EXE c:\windows\system32\userinit.exe c:\program files\Hewlett-Packard\IAM\Bin\asghost.exe c:\windows\system32\igfxsrvc.exe c:\program files\OrangeBS\BEWInternet\Launcher\Launcher.exe c:\progra~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe c:\program files\OrangeBS\BEWInternet\Systray\SystrayApp.exe c:\program files\OrangeBS\BEWInternet\Connectivity\ConnectivityManager.exe c:\program files\OrangeBS\BEWInternet\Phonetools\TextMessaging.exe c:\program files\OrangeBS\BEWInternet\Deskboard\Deskboard.exe c:\program files\OrangeBS\BEWInternet\Connectivity\corecom\CoreCom.exe c:\progra~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe c:\program files\OrangeBS\BEWInternet\Connectivity\corecom\OraConfigRecover.exe . ************************************************************************** . Heure de fin: 2009-03-11 10:03:28 - La machine a redémarré ComboFix-quarantined-files.txt 2009-03-11 09:03:25 Avant-CF: 129 839 652 864 octets libres Après-CF: 129,858,265,088 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect 206 --- E O F --- 2008-12-16 18:18:08
  12. badak
    merci pour vos réponses. Quand j'exécute Toolbar-S&D en mode sans échec (en mode normal aussi), il s'arrête à chaque fois sur le scan de la base de registre. le pc n'est pas bloqué mais le scan n'avance plus.
  13. badak
    Problème: Impossible de lancer certains programmes comme REGEDIT, CMD, ou même l'utilitaire de nettoyage "navilog" A chaque fois qu'on essaye, explorer.exe se réinitialise en effaçant le bureau pendant 1 ou 2 secondes. Par contre, je peux accéder à la base de registre avec un autre programme si nécessaire, ou au gestionanire des taches, ainsi qu'à MSconfig Par IE7, certains liens Internet sont détournés vers ce site (entre autres): http://stabilityscandirect.co........ J'ai fait du nettoyage tmp, réinitialisé IE7, j'ai passé l'antivirus "trend micro office scan" et aussi "Malwarebytes' Anti-Malware", les 2 ont nettoyés des éléments (Trojan.FakeAlert et TRojan.alert) mais j'ai toujours les mêmes problèmes. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:02:39, on 09/03/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe C:\Program Files\Canon\DIAS\CnxDIAS.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\GBEAN\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll O4 - HKLM\..\Run: [soundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper O4 - HKLM\..\Run: [bEWINTERNET-FR-DMESessionManager] C:\Program Files\OrangeBS\BEWInternet\SessionManager\SessionManager.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: LUMIX Simple Viewer.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = michel.com O17 - HKLM\Software\..\Telephony: DomainName = michel.com O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = michel.com O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = michel.com O20 - AppInit_DLLs: APSHook.dll O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Scan en temps réel OfficeScanNT (ntrtscan) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe O23 - Service: OCS INVENTORY SERVICE (OCS INVENTORY) - http://www.ocsinventory-ng.org - C:\Program Files\OCS Inventory Agent\ocsservice.exe O23 - Service: Pare-feu OfficeScanNT (OfcPfwSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe O23 - Service: OfficeScanNT Listener (tmlisten) - Trend Micro Inc. - C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe -- End of file - 8115 bytes
  14. badak

    Ouverture de session disparu!

    badak a répondu à un(e) sujet de badak dans Software

    Négatif ça donne rien mais je retient l'info ca pourra me servir. Une autre idée?
  15. badak
    salut cela fait déjà deux foix que je rencontre ce problème sur des 98 (première édition). Généralement suite à l'installation d'une carte réseau la boite de dialogue d'ouverture de session pour les réseau microsoft n'apparait plus et j'arrive direct sur le bureau. Le probleme est bien évidement que je n'ai plus accès au réseau. J'ai bien sur, essayer de virer tout le réseau et de le réinstaller, de virer tous les *.pwl, etc, etc... Enfin bref même si je me met sur "ouverture de session windows", c'est pareil...ya surement une clef dans le registre qui commande l'apparition de cette boite de dialogue d'ouverture de session... Si quelqu'un peut me dire? MERCI D'AVANCE (c'est hyper urgent)
×
×
  • Créer...