Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Pas de DNS pour l'accès internet sous VISTA

badak

Par badak
dans Analyses et éradication malwares

 Partager

Messages recommandés

badak Junior Member

badak

Posté(e)
Posté(e) (modifié)

Bonjour

 

J'ai une pc sous vista familiale prénium qui n'accède plus à internet, aucune adresse ne répond, j'utilisae F-secure2009. On est relié au réseau pas cable ethernet, je peux pinger une autre machine du réseau mais Je ne peux même pas ouvrir la page de config de mon routeur par son IP dans IE.

 

J'ai passé d'abord Combofix et hijack, voici les 2 rapports:

 

merci d'avance pour l'aide

Bastien

 

-------------------------------------------------------------------------------

ComboFix 09-05-03.1 - Utilisateur 04/05/2009 8:46.1 - NTFSx86

Microsoft® Windows Vista Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.3326.2200 [GMT 2:00]

Lancé depuis: n:\antivirus\cf.exe

AV: F-Secure Internet Security 2009 9.00 *On-access scanning enabled* (Outdated)

FW: F-Secure Internet Security 2009 9.00 *enabled*

* Resident AV is active

 

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\program files\FlashGet Network

c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log

c:\program files\FlashGet Network\FlashGet universal\fgoption.ini

c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini

c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini

c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini

c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat

c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat

c:\program files\FlashGet Network\FlashGet universal\transaction.log

c:\program files\messengerskinner

c:\program files\messengerskinner\download\defaultPack.cab

c:\program files\messengerskinner\MessengerSkinner.exe

c:\program files\messengerskinner\resources\appconfig.xml

c:\program files\messengerskinner\resources\btn.rgn

c:\program files\messengerskinner\resources\btnBnr.rgn

c:\program files\messengerskinner\resources\btnIn.rgn

c:\program files\messengerskinner\resources\btnInNormal.bmp

c:\program files\messengerskinner\resources\btnInOver.bmp

c:\program files\messengerskinner\resources\btnNormal.bmp

c:\program files\messengerskinner\resources\btnNormal.gif

c:\program files\messengerskinner\resources\btnNormalBnr.bmp

c:\program files\messengerskinner\resources\btnNormalBnr.gif

c:\program files\messengerskinner\resources\btnOver.bmp

c:\program files\messengerskinner\resources\btnOver.gif

c:\program files\messengerskinner\resources\btnOverBnr.bmp

c:\program files\messengerskinner\resources\btnOverBnr.gif

c:\program files\messengerskinner\resources\languages_v2.xml

c:\program files\VirusEffaceur

c:\program files\winvi

c:\program files\winvi\dsktp\AC_RunActiveContent.js

c:\program files\winvi\dsktp\desktop.html

c:\program files\winvi\dsktp\internetDetection.swf

c:\program files\winvi\dsktp\settings.sol

c:\program files\winvi\Uninst.exe

c:\program files\winvi\version.ini

c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox

c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Conditions générales.url

c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Confidentialité.url

c:\programdata\Microsoft\Windows\Start Menu\Programs\InternetGameBox\Website.url

c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner

c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Conditions générales.url

c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Confidentialité.url

c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\MessengerSkinner.lnk

c:\programdata\Microsoft\Windows\Start Menu\Programs\MessengerSkinner\Website.url

c:\users\Utilisateur\AppData\Local\sgucm.dat

c:\users\Utilisateur\AppData\Local\sgucm.exe

c:\users\Utilisateur\AppData\Local\sgucm_nav.dat

c:\users\Utilisateur\AppData\Local\sgucm_navps.dat

c:\users\Utilisateur\AppData\Roaming\BITS

c:\users\Utilisateur\AppData\Roaming\BITS\BITS.ini

c:\users\Utilisateur\AppData\Roaming\BITS\DHTTable.dat

c:\users\Utilisateur\AppData\Roaming\BITS\ProxyList.ini

c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090314145417.torrent

c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090314145417.torrent.~tmp

c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090314145417.torrent.bits

c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090314145417.torrent.filelist

c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent

c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent.~tmp

c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent.bits

c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent.filelist

c:\users\Utilisateur\AppData\Roaming\BITS\Torrent\20090320210955.torrent.seeds

c:\users\Utilisateur\AppData\Roaming\BITS\UPnP.ini

c:\windows\system32\dcads-remove.exe

c:\windows\system32\dFrnx05

c:\windows\system32\pac.txt

c:\windows\system32\superiorads-uninst.exe

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_Boonty Games

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-04 au 2009-05-04 ))))))))))))))))))))))))))))))))))))

.

 

2009-05-04 06:29 . 2009-05-04 06:29 -------- d-----w C:\cmb33

2009-04-26 15:48 . 2009-04-26 15:49 -------- d-----w c:\program files\Personal Media Manager

2009-04-26 15:09 . 2009-04-26 15:10 -------- d-----w c:\program files\jMEnc

2009-04-26 14:44 . 2009-04-26 14:44 -------- d-----w C:\pspvc

2009-04-25 21:11 . 2009-04-25 21:11 -------- d-----r c:\users\Public\Videos

2009-04-25 18:00 . 2009-04-25 18:00 -------- d-----w c:\program files\SAGEM

2009-04-25 18:00 . 2009-04-25 18:00 -------- d-----w c:\users\Utilisateur\AppData\Roaming\InstallShield

2009-04-25 11:18 . 2009-04-25 11:18 -------- d-----w c:\users\Utilisateur\RecordNow!

2009-04-24 18:34 . 2009-04-24 18:34 -------- d-----w c:\users\Utilisateur\AppData\Local\Aspyr

2009-04-24 18:14 . 2009-04-24 18:14 -------- d-----w c:\program files\Aspyr

2009-04-19 18:00 . 2009-04-19 18:00 -------- d-----w c:\users\Public\CyberLink

2009-04-18 16:07 . 2006-11-28 19:46 28224 ------w c:\windows\system32\drivers\PCAMp50.sys

2009-04-18 16:07 . 2006-11-28 19:46 27072 ------w c:\windows\system32\drivers\PCASp50.sys

2009-04-18 16:05 . 2009-04-26 09:07 -------- d-----w c:\program files\Orange

2009-04-18 15:19 . 2006-11-08 10:46 3224 ------w c:\windows\sporder.zip

2009-04-18 15:19 . 2006-12-19 12:34 163120 ------w c:\windows\OptRemove.exe

2009-04-18 15:19 . 2006-12-19 12:47 228648 ------w c:\windows\OptChecker.exe

2009-04-18 15:19 . 2006-02-08 16:30 8464 ------w c:\windows\sporder.dll

2009-04-18 15:19 . 2009-04-18 15:19 -------- d-----w c:\program files\Controle Parental

2009-04-16 10:10 . 2009-04-16 10:10 -------- d-----w c:\program files\RAR Password Cracker

2009-04-16 10:07 . 2009-04-16 10:07 -------- d-----w c:\program files\ElcomSoft

2009-04-16 07:12 . 2009-04-16 07:12 -------- d-----w c:\program files\CASIO

2009-04-15 06:50 . 2008-06-05 04:50 500736 ----a-w c:\windows\system32\msdtcprx.dll

2009-04-15 06:50 . 2008-06-05 04:50 30208 ----a-w c:\windows\system32\xolehlp.dll

2009-04-15 06:50 . 2008-12-08 04:34 376832 ----a-w c:\windows\system32\winhttp.dll

2009-04-15 06:45 . 2009-03-03 04:22 3505120 ----a-w c:\windows\system32\ntkrnlpa.exe

2009-04-15 06:45 . 2009-03-03 04:22 3471328 ----a-w c:\windows\system32\ntoskrnl.exe

2009-04-15 06:45 . 2009-03-03 04:19 549888 ----a-w c:\windows\system32\rpcss.dll

2009-04-15 06:45 . 2009-03-03 02:40 654336 ----a-w c:\windows\system32\printfilterpipelinesvc.exe

2009-04-15 06:45 . 2009-03-03 04:19 158720 ----a-w c:\windows\system32\sdohlp.dll

2009-04-15 06:45 . 2009-03-03 04:19 24576 ----a-w c:\windows\system32\printfilterpipelineprxy.dll

2009-04-15 06:45 . 2009-03-03 04:16 37888 ----a-w c:\windows\system32\iasdatastore.dll

2009-04-15 06:45 . 2009-03-03 04:16 97280 ----a-w c:\windows\system32\iasrecst.dll

2009-04-15 06:45 . 2009-03-03 04:16 53248 ----a-w c:\windows\system32\iasads.dll

2009-04-15 06:44 . 2009-02-13 07:26 1233408 ----a-w c:\windows\system32\lsasrv.dll

2009-04-15 06:44 . 2009-02-13 07:26 72704 ----a-w c:\windows\system32\secur32.dll

2009-04-15 06:44 . 2009-02-13 07:26 7680 ----a-w c:\windows\system32\lsass.exe

2009-04-15 06:44 . 2009-03-17 03:16 14848 ----a-w c:\windows\system32\apilogen.dll

2009-04-15 06:44 . 2009-03-17 03:16 25600 ----a-w c:\windows\system32\amxread.dll

2009-04-13 18:18 . 2009-04-13 18:18 -------- d-sh--w C:\found.000

2009-04-13 09:26 . 2009-04-13 09:26 -------- d-----w c:\users\Utilisateur\AppData\Roaming\cmw

2009-04-13 08:15 . 2009-04-13 08:15 -------- d-----w c:\users\Utilisateur\AppData\Local\GHISLER

2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\UC.PIF

2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\RAR.PIF

2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\PKZIP.PIF

2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\PKUNZIP.PIF

2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\NOCLOSE.PIF

2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\LHA.PIF

2009-04-13 08:14 . 2008-08-08 05:04 545 ----a-w c:\windows\ARJ.PIF

2009-04-13 08:14 . 2009-04-13 08:14 -------- d-----w c:\users\Utilisateur\AppData\Roaming\GHISLER

2009-04-13 08:14 . 2009-04-26 07:26 -------- d-----w C:\totalcmd

2009-04-13 08:03 . 2009-04-13 08:03 -------- d-----w c:\users\Utilisateur\AppData\Local\tcbackup

2009-04-13 07:19 . 2009-04-13 07:20 -------- d-----w c:\users\Utilisateur\AppData\Local\Songbird2

2009-04-13 07:19 . 2009-04-13 07:19 -------- d-----w c:\users\Utilisateur\AppData\Roaming\Songbird2

2009-04-11 20:53 . 2009-04-25 21:32 -------- d-----w c:\program files\Universal Share Downloader

2009-04-11 18:11 . 2009-04-11 18:11 -------- d-----w c:\users\Utilisateur\AppData\Roaming\FlashGet

2009-04-11 18:11 . 2009-04-12 14:25 -------- d-----w c:\program files\FlashGet

2009-04-10 17:42 . 2009-04-10 17:42 -------- d-----w c:\program files\Steganos Secure FileSharing 6

2009-04-10 17:37 . 2009-04-10 17:37 -------- d-----w c:\windows\IP Changer

2009-04-10 17:37 . 2009-04-10 17:37 -------- d-----w c:\program files\IP Changer

2009-04-10 15:00 . 2008-04-17 10:12 107368 ----a-w c:\windows\system32\GEARAspi.dll

2009-04-10 15:00 . 2009-03-19 14:32 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys

2009-04-10 14:59 . 2009-04-10 14:59 -------- d-----w c:\program files\iPod

2009-04-10 14:59 . 2009-04-10 15:00 -------- d-----w c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

2009-04-10 14:59 . 2009-04-10 15:00 -------- d-----w c:\users\All Users\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

2009-04-10 14:59 . 2009-04-10 15:00 -------- d-----w c:\program files\iTunes

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-05-04 06:52 . 2009-02-18 20:56 520 ----a-w c:\windows\Tasks\Maintenance en 1 clic.job

2009-05-04 06:52 . 2006-11-02 13:01 6 ---ha-w c:\windows\Tasks\SA.DAT

2009-05-04 06:48 . 2007-01-03 00:26 700338 ----a-w c:\windows\system32\perfh00C.dat

2009-05-04 06:48 . 2007-01-03 00:26 121824 ----a-w c:\windows\system32\perfc00C.dat

2009-05-04 06:38 . 2008-09-21 10:12 534 ----a-w c:\windows\Tasks\Scheduled scanning task.job

2009-05-04 06:20 . 2008-05-11 09:21 430 ---ha-w c:\windows\Tasks\User_Feed_Synchronization-{E7A712FE-EAB3-445F-AF00-3CB31235346A}.job

2009-05-04 06:16 . 2009-02-13 15:15 94 ----a-w c:\users\Utilisateur\AppData\Local\cwgqqug.bat

2009-04-29 06:21 . 2009-03-07 19:22 880 ----a-w c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1069653304-4130688360-3652511890-1000.job

2009-04-26 15:10 . 2008-09-13 12:52 -------- d-----w c:\program files\AviSynth 2.5

2009-04-26 14:41 . 2009-01-18 10:02 -------- d-----w c:\program files\EdenSoftware

2009-04-26 07:27 . 2008-09-12 15:05 -------- d-----w c:\program files\Red Kawa

2009-04-26 07:25 . 2007-01-02 16:19 -------- d--h--w c:\program files\InstallShield Installation Information

2009-04-26 07:16 . 2008-04-29 08:49 -------- d-----w c:\program files\LimeWire

2009-04-26 07:16 . 2008-09-27 18:09 -------- d-----w c:\program files\LG Media Center

2009-04-26 07:15 . 2008-05-17 14:51 -------- d-----w c:\program files\Ubisoft

2009-04-25 21:42 . 2009-03-07 14:17 -------- d-----w c:\program files\DAEMON Tools Toolbar

2009-04-25 21:36 . 2009-03-07 14:28 -------- d-----w c:\program files\Playlogic

2009-04-25 21:31 . 2008-09-08 10:52 -------- d-----w c:\program files\World of invalis

2009-04-24 19:55 . 2009-04-24 19:55 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_xusb21_01005.Wdf

2009-04-24 19:55 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infpub.dat

2009-04-24 19:55 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat

2009-04-24 19:55 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat

2009-04-24 12:55 . 2008-04-29 14:32 -------- d-----w c:\program files\F-Secure Internet Security

2009-04-24 10:50 . 2008-08-18 20:41 -------- d-----w c:\program files\Safari

2009-04-16 07:23 . 2008-06-06 09:38 89184 ----a-w c:\users\Utilisateur\AppData\Local\GDIPFONTCACHEV1.DAT

2009-04-16 01:14 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail

2009-04-11 19:58 . 2009-02-16 00:49 -------- d-----w c:\program files\StumbleUpon

2009-04-11 16:37 . 2009-02-17 18:04 107888 ----a-w c:\windows\system32\CmdLineExt.dll

2009-04-10 14:59 . 2008-04-29 10:50 -------- d-----w c:\program files\Common Files\Apple

2009-03-20 21:36 . 2009-03-20 21:36 -------- d-----w c:\program files\ABC Transdict

2009-03-20 18:09 . 2008-08-18 20:57 -------- d-----w c:\program files\QuickTime

2009-03-17 03:16 . 2009-04-15 06:44 40960 ----a-w c:\windows\AppPatch\apihex86.dll

2009-03-16 06:29 . 2008-04-28 16:06 -------- d-----w c:\program files\WinTV

2009-03-08 08:26 . 2009-03-08 08:26 -------- d-----w c:\program files\Electronic Arts

2009-03-08 07:48 . 2008-05-23 17:07 -------- d-----w c:\program files\EA Games

2009-03-08 07:45 . 2009-02-28 18:08 -------- d-----w c:\program files\Common Files\Wise Installation Wizard

2009-03-08 07:45 . 2009-03-01 11:44 -------- d-----w c:\program files\AGEIA Technologies

2009-03-08 07:42 . 2009-03-06 21:44 -------- d-----w c:\program files\Allocam Multi Visio

2009-03-07 19:45 . 2009-03-07 19:45 -------- d-----w c:\program files\WindSolutions

2009-03-07 14:40 . 2009-03-07 14:40 271360 ----a-w c:\windows\system32\drivers\atksgt.sys

2009-03-07 14:40 . 2009-03-07 14:40 18048 ----a-w c:\windows\system32\drivers\lirsgt.sys

2009-03-07 14:17 . 2009-03-07 14:17 -------- d-----w c:\program files\DAEMON Tools Lite

2009-03-07 14:17 . 2009-03-07 14:11 -------- d-----w c:\program files\DAEMON Tools Pro

2009-03-07 14:05 . 2009-03-01 09:46 138464 ----a-w c:\windows\system32\drivers\PnkBstrK.sys

2009-03-07 14:05 . 2009-03-01 09:45 111928 ----a-w c:\windows\system32\PnkBstrB.exe

2009-03-07 13:17 . 2009-03-01 09:46 22328 ----a-w c:\users\Utilisateur\AppData\Roaming\PnkBstrK.sys

2009-03-07 13:17 . 2009-03-01 09:45 682280 ----a-w c:\windows\system32\pbsvc.exe

2009-03-07 12:40 . 2009-03-07 12:40 -------- d-----w c:\program files\Activision

2009-03-05 22:59 . 2009-03-05 22:59 36864 ----a-w c:\windows\system32\drivers\usbaapl.sys

2009-03-05 22:59 . 2009-03-05 22:59 1900544 ----a-w c:\windows\system32\usbaaplrc.dll

2009-03-03 04:20 . 2009-04-15 06:43 826368 ----a-w c:\windows\system32\wininet.dll

2009-03-03 04:16 . 2009-04-15 06:43 56320 ----a-w c:\windows\system32\iesetup.dll

2009-03-03 04:16 . 2009-04-15 06:43 78336 ----a-w c:\windows\system32\ieencode.dll

2009-03-03 04:16 . 2009-04-15 06:43 52736 ----a-w c:\windows\AppPatch\iebrshim.dll

2009-03-03 04:15 . 2009-04-15 06:43 72704 ----a-w c:\windows\system32\admparse.dll

2009-03-03 02:08 . 2009-04-15 06:43 26624 ----a-w c:\windows\system32\ieUnatt.exe

2009-03-03 00:44 . 2009-04-15 06:43 48128 ----a-w c:\windows\system32\mshtmler.dll

2009-03-01 09:45 . 2009-03-01 09:45 66872 ----a-w c:\windows\system32\PnkBstrA.exe

2009-02-27 18:13 . 2008-09-02 11:15 2934 ----a-w c:\users\Utilisateur\AppData\Roaming\wklnhst.dat

2009-02-21 21:15 . 2008-07-30 11:28 680 ----a-w c:\users\Utilisateur\AppData\Local\d3d9caps.dat

2009-02-18 20:56 . 2009-02-18 20:56 603904 ----a-w c:\windows\system32\TUProgSt.exe

2009-02-18 20:56 . 2009-02-18 20:56 360192 ----a-w c:\windows\system32\TuneUpDefragService.exe

2009-02-09 01:59 . 2009-03-11 18:27 2028032 ----a-w c:\windows\system32\win32k.sys

2009-02-05 09:54 . 2007-01-02 16:19 453152 ----a-w c:\windows\system32\nvuninst.exe

2008-12-12 02:16 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini

2007-01-03 00:41 . 2007-01-03 00:28 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT

.

 

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]

2008-08-20 14:06 66912 ----a-w c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]

2009-01-30 14:12 650752 ----a-w c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\WidgiToolbarIE.dll" [2009-01-30 650752]

 

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-04-28 1232896]

"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856]

"PMCLoader"="c:\program files\Pinnacle\TVCenter Pro\PMCLoader.exe" [2008-01-24 644368]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]

"EPGServiceTool"="c:\progra~1\WinTV\EPG Services\System\EPGClient.exe" [2007-08-01 675840]

"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]

"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-04 1603152]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]

"F-Secure Manager"="c:\program files\F-Secure Internet Security\Common\FSM32.EXE" [2008-10-14 182936]

"F-Secure TNB"="c:\program files\F-Secure Internet Security\FSGUI\TNBUtil.exe" [2008-10-14 957024]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13683232]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 92704]

"OPTENET_GUI"="c:\progra~1\CONTRO~1\bin\optgui.exe" [2006-12-20 404536]

"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-15 4874240]

 

c:\users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2007 - Capture d'‚cran et lancement.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2008-4-28 110647]

Pinnacle Streaming Server.lnk - c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe [2007-12-3 599312]

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{5849F780-6F5C-478F-8E98-71C9A4F32FF0}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector

"{A654C1BF-B3F9-4BE0-813E-067B6DECF426}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{2DAB83A4-9E15-4CC6-B722-B76DF0C2CFBE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{0D00698C-007A-4986-AB88-D893F5E0AC8D}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

"TCP Query User{4A03F985-A926-4BF5-8AD9-42EECCD5F3BC}c:\\program files\\emule\\emule.exe"= UDP:c:\program files\emule\emule.exe:eMule

"UDP Query User{0C0EC765-5C84-4065-A620-711F345B883B}c:\\program files\\emule\\emule.exe"= TCP:c:\program files\emule\emule.exe:eMule

"{44B36E0A-34FC-497B-B5B0-EC19EA750716}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{32EB5459-D34A-47CC-B505-F44ECEB7F25C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{1A08652D-4863-45E2-B16F-885A5A7441E3}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes

"{9D7D035F-8E11-4CF3-AE7B-36B134F2F08D}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

"{BA719E6D-A427-424E-B1CB-7B3E07B41B38}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"{4426DDB6-0D36-426C-94EC-FC25EF53E2C6}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"{C38D2A4E-9494-4BB3-90E1-D7655726EC79}"= c:\program files\HP\DVDPlay\DVDPlay.exe:DVD Play

"{B01E0A51-8E2A-4DFF-8482-EF377C6AC61A}"= c:\program files\HP\DVDPlay\DPService.exe:DVD Play Resident Program

"{C6D35A67-59A9-4DB7-A29B-1514743CCEDE}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"{9602C277-D94B-4596-B5D8-8B88D9351A53}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"{1E9AD83E-17A0-478A-91F4-FCA8A17BC882}"= UDP:c:\program files\DNA\btdna.exe:DNA

"{EC127DC9-6ECA-46A5-8958-168A344DCAC2}"= TCP:c:\program files\DNA\btdna.exe:DNA

"{ECF3BB4E-CB3D-4222-BD44-FE11A6DFD922}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{F8F3788A-A3E7-47CF-BD52-B924ABAE3008}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{96311221-ED94-437B-B614-2F31FF60B470}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager

"{9768D8AA-C3B4-4934-B977-B49C24A8BE6E}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager

"{41A61533-1FA4-415E-B84A-D1AEED7BBA97}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile

"{D805910E-01C2-49C7-B383-92F53E109BFE}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exe:PMSRegisterFile

"{518EEFD1-12A8-4C54-9733-A947A4E2166E}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi

"{9224448A-506B-4FC4-82A1-DA2CCDECE7CA}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\umi.exe:umi

"{802695CE-E533-46ED-8933-D11F4F956ABB}"= UDP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin

"{A0F95DE0-F06F-45A7-B240-8CF7DDBF9647}"= TCP:c:\program files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:Pinnacle VideoSpin

"{4ABF73DD-C3CA-452E-8C06-C388B9F46561}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{451BECF0-3323-4249-A155-CD44607E4193}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{AB073EA7-3687-407E-A4C8-31ED2F7FAB7E}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)

"{E673FC4E-BFF8-416F-8CE6-F1683B69AE7B}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)

"{7AF878C2-1B73-4168-9164-F7E93F5062AC}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2

"{4F2CE493-6F45-4285-9A24-7689BE680FB7}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FarCry2.exe:Far Cry 2

"{AA31A262-096F-4283-87B2-5048946DFD44}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater

"{CAE8F1C4-EB42-4716-909C-6A23000A0670}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Launcher.exe:Far Cry 2 Updater

"{79C4088A-655A-4BBE-8365-8967627E70A8}"= UDP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur

"{2CE83250-A7DE-40CC-9904-3629F8E9132E}"= TCP:c:\program files\Ubisoft\Far Cry 2\bin\FC2Editor.exe:Editeur

"{D9CCAEF8-05B4-4530-AF63-0A14C5A64BB0}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{36905363-ABF3-4F01-BA4B-80BA79F84604}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA

"{D1E1805B-BCB6-4BE3-A84E-7755BD1C7421}"= UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"{D9A80D09-04D1-4793-8A5A-F5FA220E433E}"= TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB

"{D79D3A27-B745-4BE5-86DD-DFB6E21926A5}"= UDP:c:\program files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge

"{BDAFC477-722E-4973-889F-2D37EB1DAC06}"= TCP:c:\program files\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe:Mirror's Edge

"{82AE1679-6705-4D4A-AEE6-6565BA51254C}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes

"{30CB72AB-7A1E-471F-BE97-736BA7A3BA03}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

"TCP Query User{85CCF079-E4B2-4870-A451-0CA0BF24E6A9}c:\\program files\\aspyr\\guitar hero iii\\gh3.exe"= UDP:c:\program files\aspyr\guitar hero iii\gh3.exe:Guitar Hero III

"UDP Query User{C24BAD9C-7CDA-4191-9886-05D42F3CC234}c:\\program files\\aspyr\\guitar hero iii\\gh3.exe"= TCP:c:\program files\aspyr\guitar hero iii\gh3.exe:Guitar Hero III

"TCP Query User{B5608939-E4B2-41B3-B9CA-C44E86AFF345}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager

"UDP Query User{549E60E6-5160-46F6-9881-CCA6A3B55E3A}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager

"TCP Query User{136F1E63-ADE2-4E4F-8CE7-CB23E2BD4A47}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent

"UDP Query User{0048B1D2-6731-4D8F-87E0-41B538AD8F0F}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

"TCP Query User{513DC7DB-CD0F-4989-9844-7FF97D37719C}c:\\program files\\aspyr\\guitar hero iii\\gh3.exe"= UDP:c:\program files\aspyr\guitar hero iii\gh3.exe:Guitar Hero III

"UDP Query User{667CDDF8-55F0-4A2C-9669-C8D619E68DA2}c:\\program files\\aspyr\\guitar hero iii\\gh3.exe"= TCP:c:\program files\aspyr\guitar hero iii\gh3.exe:Guitar Hero III

"{7898555E-4A21-4B54-BF7B-D901333A66E7}"= UDP:c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe:Pinnacle Streaming Server

"{83600087-360C-49CC-A179-102401244D42}"= TCP:c:\program files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe:Pinnacle Streaming Server

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]

"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

"c:\\Program Files\\FlashGet Network\\FlashGet universal\\FlashGet.exe"= c:\program files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2

"c:\\Program Files\\FlashGet Network\\FlashGet universal\\LiveUpdate.exe"= c:\program files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate

"c:\\Program Files\\FlashGet Network\\FlashGet universal\\LiveUpdateEx.exe"= c:\program files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx

 

R2 OPTENET_FILTER;Orange Contrôle Parental;c:\program files\Controle Parental\bin\optproxy.exe [2006-12-21 624376]

R3 hcw95bda;Hauppauge MOD7700 Tuner Driver;c:\windows\system32\Drivers\hcw95bda.sys [2008-02-15 559616]

R3 hcw95rc;Hauppauge MOD7700 IR Driver;c:\windows\system32\DRIVERS\hcw95rc.sys [2008-02-15 15616]

R3 MODRC;DiBcom Infrared Receiver;c:\windows\system32\DRIVERS\modrc.sys [2007-07-11 13824]

R3 PCAMp50;PCAMp50 NDIS Protocol Driver;c:\windows\system32\Drivers\PCAMp50.sys [2006-11-28 28224]

R3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys [2008-05-07 88704]

R3 PVUSB;CESG502 USB Driver;c:\windows\system32\DRIVERS\CESG502.sys [2007-03-13 47648]

R3 SkLaggProtocol;Marvell Link Aggregation Protocol;c:\windows\system32\DRIVERS\yk60x32l.sys [2007-12-14 57856]

R3 SkVlanProtocol;Marvell VLAN Protocol;c:\windows\system32\DRIVERS\yk60x32v.sys [2007-11-23 20992]

R3 SPC1300;USB2.0 PC Camera (SPC1300);c:\windows\system32\DRIVERS\spc1300.sys [2007-11-13 3033728]

R3 StumbleUponUpdateService;StumbleUponUpdateService;c:\program files\StumbleUpon\StumbleUponUpdateService.exe [2009-03-24 120168]

R4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure Internet Security\Anti-Virus\Win2K\FSfilter.sys [2008-10-14 39776]

R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure Internet Security\Anti-Virus\Win2K\FSrec.sys [2008-10-14 25184]

S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2009-01-22 33408]

S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure Internet Security\HIPS\drivers\fshs.sys [2008-10-14 66720]

S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2008-10-14 35552]

S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-10-14 70944]

S1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsvista.sys [2008-10-14 12384]

S2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\HP\DVDPlay\000.fcl [2007-12-18 11:18 39408]

S2 EPGService;EPGService;c:\progra~1\WinTV\EPG Services\System\EPGService.exe [2007-11-05 431104]

S2 ezntsvc;EasyBits Magic Desktop Services for Windows NT;c:\windows\system32\ezNTSvc.exe [2008-04-30 33792]

S2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]

S2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\System32\TUProgSt.exe [2009-02-18 603904]

S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys [2009-03-23 84608]

S3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure Internet Security\ORSP Client\fsorsp.exe [2008-10-14 55904]

S3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]

 

 

--- Autres Services/Pilotes en mémoire ---

 

*Deregistered* - sptd

 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

UxTuneUp

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{83aa7abb-a8d3-11dd-b6c5-001e8c89f9c5}]

\shell\AutoRun\command - M:\InstallTomTomHOME.exe

.

Contenu du dossier 'Tâches planifiées'

 

2009-04-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1069653304-4130688360-3652511890-1000.job

- c:\users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [2009-03-07 19:21]

 

2009-05-04 c:\windows\Tasks\Maintenance en 1 clic.job

- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 14:04]

 

2009-05-04 c:\windows\Tasks\Scheduled scanning task.job

- c:\progra~1\F-SECU~1\ANTI-V~1\fsav.exe [2008-09-21 13:00]

 

2009-05-04 c:\windows\Tasks\User_Feed_Synchronization-{E7A712FE-EAB3-445F-AF00-3CB31235346A}.job

- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]

.

- - - - ORPHELINS SUPPRIMES - - - -

 

Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)

 

 

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fr_fr&c=81&bd=Pavilion&pf=desktop

IE: {{2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - c:\progra~1\ALLOCA~1\allocam.exe

LSP: c:\program files\Controle Parental\bin\lsp.dll

TCP: {0FFBC165-B82E-4EFF-B67D-EA077B4760A9} = 192.168.1.1,80.10.246.2

FF - ProfilePath - c:\users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\ap5otnd7.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/

FF - prefs.js: keyword.URL - hxxp://fr.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p=

FF - component: c:\program files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components\pdfforgeToolbarFF.dll

FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll

FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll

FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll

FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll

FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll

FF - plugin: c:\users\Utilisateur\AppData\Local\Google\Update\1.2.141.5\npGoogleOneClick7.dll

FF - plugin: c:\users\Utilisateur\Program Files\DNA\plugins\npbtdna.dll

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-05-04 08:55

Windows 6.0.6000 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_USERS\S-1-5-21-1069653304-4130688360-3652511890-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:f0,f4,c7,7f,ba,21,60,d2,d0,30,b2,e5,25,d9,f9,3b,3b,69,ec,5c,5d,ea,f8,

80,c3,48,f0,0a,24,0c,58,7b,73,01,9b,ca,31,4e,d3,ce,9b,c9,71,95,02,8b,9a,d6,\

"??"=hex:04,db,bb,1e,60,09,b2,fb,c8,16,fb,0e,07,32,5a,19

 

[HKEY_USERS\S-1-5-21-1069653304-4130688360-3652511890-1000\Software\SecuROM\License information*]

"datasecu"=hex:85,30,9e,eb,c8,3f,0a,b2,0a,9f,16,d4,25,4f,11,fd,7b,42,40,ad,59,

42,b4,28,d4,55,e1,60,78,24,30,61,73,a3,61,b1,a4,7d,68,f6,87,5c,12,d6,e7,59,\

"rkeysecu"=hex:3f,72,8e,8d,48,e3,e3,de,a6,12,b7,79,cd,f8,35,b1

 

[HKEY_USERS\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:00000000

 

[HKEY_USERS\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:00000000

.

--------------------- DLLs chargées dans les processus actifs ---------------------

 

- - - - - - - > 'winlogon.exe'(776)

c:\program files\F-Secure Internet Security\FWES\Program\fsdc32.dll

 

- - - - - - - > 'lsass.exe'(668)

c:\program files\Controle Parental\bin\lsp.dll

c:\program files\F-Secure Internet Security\FWES\Program\fsdc32.dll

 

- - - - - - - > 'Explorer.exe'(4724)

c:\program files\F-Secure Internet Security\Spam Control\fsscoepl.dll

c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll

 

- - - - - - - > 'csrss.exe'(548)

c:\program files\F-Secure Internet Security\FWES\Program\fsdc32.dll

 

- - - - - - - > 'csrss.exe'(620)

c:\program files\F-Secure Internet Security\FWES\Program\fsdc32.dll

.

------------------------ Autres processus actifs ------------------------

.

c:\windows\System32\nvvsvc.exe

c:\windows\System32\audiodg.exe

c:\windows\System32\rundll32.exe

c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

c:\program files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe

c:\program files\F-Secure Internet Security\Common\FSMA32.EXE

c:\program files\F-Secure Internet Security\Anti-Virus\fsgk32.exe

c:\program files\F-Secure Internet Security\Common\FSMB32.EXE

c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

c:\program files\Canon\IJPLM\ijplmsvc.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\windows\System32\PnkBstrA.exe

c:\windows\System32\WUDFHost.exe

c:\program files\F-Secure Internet Security\Common\FCH32.EXE

c:\program files\F-Secure Internet Security\Common\FAMEH32.EXE

c:\program files\F-Secure Internet Security\Anti-Virus\fsqh.exe

c:\program files\F-Secure Internet Security\FSPC\fspc.exe

c:\program files\F-Secure Internet Security\Anti-Virus\fssm32.exe

c:\program files\F-Secure Internet Security\FSAUA\program\fsaua.exe

c:\program files\F-Secure Internet Security\FWES\program\fsdfwd.exe

c:\program files\F-Secure Internet Security\FSAUA\program\fsus.exe

c:\windows\System32\conime.exe

c:\program files\WinTV\EPG Services\System\EPGClient.exe

c:\windows\System32\rundll32.exe

c:\program files\Controle Parental\bin\OPTGui.exe

c:\program files\F-Secure Internet Security\FSGUI\fsguidll.exe

c:\program files\Windows Media Player\wmpnscfg.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\program files\F-Secure Internet Security\Anti-Virus\fsav32.exe

c:\windows\ehome\ehsched.exe

c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe

c:\windows\ehome\ehrecvr.exe

.

**************************************************************************

.

Heure de fin: 2009-05-04 9:03 - La machine a redémarré

ComboFix-quarantined-files.txt 2009-05-04 07:03

 

Avant-CF: 246 198 030 336 octets libres

Après-CF: 245 977 690 112 octets libres

 

480 --- E O F --- 2009-05-04 06:30

--------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

HIJACK:::::::

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 08:55:18, on 12/05/2009

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\WinTV\EPG Services\System\EPGClient.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files\Controle Parental\bin\OPTGui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\TomTom HOME 2\HOMERunner.exe

C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

C:\Windows\system32\conime.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\F-Secure Internet Security\Common\FSLAUNCHER0.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)

O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll

O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe

O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)

O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll

O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll

O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)

O13 - Gopher Prefix:

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab

O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...eb-20070115.cab

O16 - DPF: {3E9BAF2D-7A79-11D2-9334-0000F875AE17} - http://www.allocam.com/nm30.exe

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222173731753

O17 - HKLM\System\CCS\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe

O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

 

--

End of file - 13219 bytes

-----------------------------------------------------------------------

Modifié par badak

Loup blanc Godlike Member

Loup blanc

Posté(e)
Posté(e)

Bonsoir Badak,

 

Pour commencer, il vaut mieux éviter d'utiliser Combofix comme un simple logiciel tout public, C'est un outil puissant qui peut faire des dégâts si il est mal utilisé, il ne doit être utilisé qui si il a été expressément recommandé par un helpeur formé à cet outil.

 

Dans ton cas, c'est comme utiliser un tank pour tuer un moustique.

 

Il reste quelques saletés mais on va commencer à règler ton problème de connexion.

 

Je vois que tu as installer le contrôle parental de Orange, est-ce qu'il fonctionne, est-ce que tu peux accéder à sa configuration ?

Loup blanc Godlike Member

Loup blanc

Posté(e)
Posté(e)

Ok, alors c'est bien lui le responsable de tes problèmes.

 

Suis très précisement ce tuto pour le désinstaller manuellement :

http://forums.degroupnews.com/fournisseur-...-parasite-.html

 

Si tu n'est pas à l'aise pour manipuler la base de registre, ne fait rien pour l'instant, je te préparerais un programme qui fera la procédure pour toi.

badak Junior Member

badak

Posté(e)
  • Auteur
Posté(e) (modifié)

Aucun problème pour les manips, mais la suppression du control parental ne m'a rien donné de plus.

 

une autre idée?

 

 

Un autre log après le nettoyage et avec l'antivirus désactivé.

 

------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 08:55:18, on 12/05/2009

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\WinTV\EPG Services\System\EPGClient.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files\Controle Parental\bin\OPTGui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\TomTom HOME 2\HOMERunner.exe

C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

C:\Windows\system32\conime.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\F-Secure Internet Security\Common\FSLAUNCHER0.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)

O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll

O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe

O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)

O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll

O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll

O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)

O13 - Gopher Prefix:

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab

O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...eb-20070115.cab

O16 - DPF: {3E9BAF2D-7A79-11D2-9334-0000F875AE17} - http://www.allocam.com/nm30.exe

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222173731753

O17 - HKLM\System\CCS\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe

O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

 

--

End of file - 13219 bytes

Modifié par badak
Loup blanc Godlike Member

Loup blanc

Posté(e)
Posté(e) (modifié)

Est-ce que tu as fait la partie avec les commande netsh ?

 

Edit : Je vois dans le rapport Hijackthis que le service optproxy est toujours actif, tu peux le désactiver depuis le Panneau de configuration, Outils d'administration, Service.

Tu localises la ligne OPTENET_FILTER et tu fais un double clic dessus.

Tu clique sur le bouton Arrêter, puis en type de démarrage tu choisis "Désactivé" et tu valide avec OK.

Tu redémarres ton PC et tu essaye de nouveau de supprimer le dossier C:\Program Files\Controle Parental

Modifié par Loup blanc
Loup blanc Godlike Member

Loup blanc

Posté(e)
Posté(e) (modifié)

Je flood un peu mais je vois encore un truc que j'ai raté :

 

  • Relance Hijackthis et cliques sur 'Do a system scan only"
  • Coche la ligne suivante :
  • O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
  • Clique sur le bouton "Fix checked"

Modifié par Loup blanc
badak Junior Member

badak

Posté(e)
  • Auteur
Posté(e)
Je flood un peu mais je vois encore un truc que j'ai raté :

 

  • Relance Hijackthis et cliques sur 'Do a system scan only"
  • Coche la ligne suivante :
  • O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe
  • Clique sur le bouton "Fix checked"

 

 

C'est fait, il restait cette ligne dans le registre mais le dossier control parental avait bien été supprimé. La commande Netsh m'avait renvoyé un message d'erreur suivant:

 

chec de la r‚initialisation de Requˆte d'‚cho.

L'op‚ration demand‚e n‚cessite une ‚l‚vation.

chec de la r‚initialisation de G‚n‚ral.

L'op‚ration demand‚e n‚cessite une ‚l‚vation.

chec de la r‚initialisation de Interface.

L'op‚ration demand‚e n‚cessite une ‚l‚vation.

chec de la r‚initialisation de Adresse unicast.

L'op‚ration demand‚e n‚cessite une ‚l‚vation.

chec de la r‚initialisation de Routage.

L'op‚ration demand‚e n‚cessite une ‚l‚vation.

Il n'y a aucun paramŠtre sp‚cifi‚ par l'utilisateur … r‚initialiser.

 

Nouveau LOG:

 

 

 

---------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 08:55:18, on 12/05/2009

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\WinTV\EPG Services\System\EPGClient.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files\Controle Parental\bin\OPTGui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\TomTom HOME 2\HOMERunner.exe

C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

C:\Windows\system32\conime.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\F-Secure Internet Security\Common\FSLAUNCHER0.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Windows\system32\SearchFilterHost.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)

O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)

O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll

O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll

O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [OPTENET_GUI] C:\PROGRA~1\CONTRO~1\bin\optgui.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe

O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

O9 - Extra 'Tools' menuitem: Parental... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)

O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll

O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll

O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)

O13 - Gopher Prefix:

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab

O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...eb-20070115.cab

O16 - DPF: {3E9BAF2D-7A79-11D2-9334-0000F875AE17} - http://www.allocam.com/nm30.exe

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222173731753

O17 - HKLM\System\CCS\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe

O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - C:\Program Files\Controle Parental\bin\optproxy.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program Files\StumbleUpon\StumbleUponUpdateService.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

 

--

End of file - 13219 bytes

Loup blanc Godlike Member

Loup blanc

Posté(e)
Posté(e) (modifié)

Ok, je vois,

 

Pour que netsh fonctionne, il faut que tu ouvres une console en mode administrateur :

Ouvre le menu "démarrer", Tous les programmes", "Accessoires" et tu fais un clic droit sur l'icône de la console et tu choisis "lancer en tant qu'administrateur", puis tu recommences la procédure avec netsh.

 

Pour le service Orange Contrôle Parental (OPTENET_FILTER) est-ce que tu l'as bien désactivé ?

 

Edit : le rapport Hijackthis date d'hier, il faut que tu en édite un nouveau à chaque fois sinon il ne sert à rien.

Modifié par Loup blanc
badak Junior Member

badak

Posté(e)
  • Auteur
Posté(e) (modifié)
Ok, je vois,

 

Pour que netsh fonctionne, il faut que tu ouvres une console en mode administrateur :

Ouvre le menu "démarrer", Tous les programmes", "Accessoires" et tu fais un clic droit sur l'icône de la console et tu choisis "lancer en tant qu'administrateur", puis tu recommences la procédure avec netsh.

 

Pour le service Orange Contrôle Parental (OPTENET_FILTER) est-ce que tu l'as bien désactivé ?

 

Edit : le rapport Hijackthis date d'hier, il faut que tu en édite un nouveau à chaque fois sinon il ne sert à rien.

 

oui j'ai viré tout ce qui ressemble à un controle parental.

 

dslé pour le rapport mais quoique je fasse le rapport Hijack me sort toujours la même date et heure alors que mon pc est corretement réglé..

 

je l'ai réinstallé, voici le nouveau rapport:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:05:55, on 15/05/2009

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\WinTV\EPG Services\System\EPGClient.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\TomTom HOME 2\HOMERunner.exe

C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Iminent.SearchTheWeb.HelperObject - {0E896FCA-D07E-45FE-901F-6A26FCF59C02} - mscoree.dll (file missing)

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe

O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon

O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"

O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe

O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)

O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing)

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)

O10 - Broken Internet access because of LSP provider 'c:\program files\controle parental\bin\lsp.dll' missing

O13 - Gopher Prefix:

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab

O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175/7d/ru...eb-20070115.cab

O16 - DPF: {3E9BAF2D-7A79-11D2-9334-0000F875AE17} - http://www.allocam.com/nm30.exe

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222173731753

O17 - HKLM\System\CCS\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2

O17 - HKLM\System\CS1\Services\Tcpip\..\{0FFBC165-B82E-4EFF-B67D-EA077B4760A9}: NameServer = 192.168.1.1,80.10.246.2

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe

O23 - Service: EasyBits Magic Desktop Services for Windows NT (ezntsvc) - EasyBits Software Corp. - C:\Windows\system32\ezNTSvc.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: F-Secure ORSP Client (FSORSPClient) - Unknown owner - C:\Program Files\F-Secure Internet Security\ORSP Client\fsorsp.exe (file missing)

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

 

--

End of file - 10180 bytes

.

Modifié par badak

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...