jcld

Membres

Afficher le profil Afficher son activité

Compteur de contenus
31
Inscription
le 5 avril 2004
Dernière visite
le 9 septembre 2013

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par jcld

PC qui se bloque - wmplayer.exe

jcld a répondu à un(e) sujet de jcld dans Analyses et éradication malwares

re, comment puis-je être informé par mail de tes réponses? jcld
- le 27 août 2009
- 32 réponses
PC qui se bloque - wmplayer.exe

jcld a répondu à un(e) sujet de jcld dans Analyses et éradication malwares

re, ci-joint rapports: Fichier CF21290.exe reçu le 2009.08.27 13:22:33 (UTC) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/41 (0%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: ___. L'heure estimée de démarrage est entre ___ et ___ . Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Formaté Impression des résultats Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.24 2009.08.27 - AhnLab-V3 5.0.0.2 2009.08.27 - AntiVir 7.9.1.7 2009.08.27 - Antiy-AVL 2.0.3.7 2009.08.24 - Authentium 5.1.2.4 2009.08.27 - Avast 4.8.1335.0 2009.08.26 - AVG 8.5.0.406 2009.08.27 - BitDefender 7.2 2009.08.27 - CAT-QuickHeal 10.00 2009.08.27 - ClamAV 0.94.1 2009.08.27 - Comodo 2114 2009.08.27 - DrWeb 5.0.0.12182 2009.08.27 - eSafe 7.0.17.0 2009.08.27 - eTrust-Vet 31.6.6704 2009.08.27 - F-Prot 4.5.1.85 2009.08.26 - F-Secure 8.0.14470.0 2009.08.27 - Fortinet 3.120.0.0 2009.08.27 - GData 19 2009.08.27 - Ikarus T3.1.1.68.0 2009.08.27 - Jiangmin 11.0.800 2009.08.27 - K7AntiVirus 7.10.828 2009.08.26 - Kaspersky 7.0.0.125 2009.08.27 - McAfee 5721 2009.08.26 - McAfee+Artemis 5721 2009.08.26 - McAfee-GW-Edition 6.8.5 2009.08.27 - Microsoft 1.4903 2009.08.27 - NOD32 4373 2009.08.27 - Norman 2009.08.26 - nProtect 2009.1.8.0 2009.08.27 - Panda 10.0.2.2 2009.08.27 - PCTools 4.4.2.0 2009.08.27 - Prevx 3.0 2009.08.27 - Rising 21.44.11.00 2009.08.25 - Sophos 4.45.0 2009.08.27 - Sunbelt 3.2.1858.2 2009.08.26 - Symantec 1.4.4.12 2009.08.27 - TheHacker 6.3.4.3.388 2009.08.25 - TrendMicro 8.950.0.1094 2009.08.27 - VBA32 3.12.10.10 2009.08.27 - ViRobot 2009.8.27.1905 2009.08.27 - VirusBuster 4.6.5.0 2009.08.26 - Information additionnelle File size: 401408 bytes MD5...: c152deef8bb93dc9fccb0f2183c2e44e SHA1..: 4b719ca19b58053ad1b24bb2d0660090f01436f5 SHA256: 6d45f4c3c849cc7f37da79992d8ac82d3ff788b43214405a65f58dbc988b1bd5 ssdeep: 3072:whRx1S315oF8opcnD1hOOrWGzN2lcR2u8JnxIaU+JQ2cMSTNwbT5:GkF5oX pcFb5DRsNxIaU2 PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x5046 timedatestamp.....: 0x48025baf (Sun Apr 13 19:14:55 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x1f620 0x1f800 6.58 574e33dd0fe9ac878f0245da2551993e .data 0x21000 0x1ca24 0x1ca00 0.17 ac08e12c2ca9c0b872b354378edde336 .rsrc 0x3e000 0x25930 0x25a00 3.83 f6932e238a82125fbc94b720ea1ac767 ( 3 imports ) > KERNEL32.dll: FlushConsoleInputBuffer, LoadLibraryA, InterlockedExchange, FreeLibrary, LocalAlloc, GetVDMCurrentDirectories, CmdBatNotification, GetModuleHandleA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetThreadLocale, GetDiskFreeSpaceExW, CompareFileTime, RemoveDirectoryW, GetCurrentDirectoryW, SetCurrentDirectoryW, TerminateProcess, WaitForSingleObject, GetExitCodeProcess, CopyFileW, SetFileAttributesW, DeleteFileW, SetFileTime, CreateDirectoryW, FillConsoleOutputAttribute, SetConsoleTextAttribute, ScrollConsoleScreenBufferW, FormatMessageW, DuplicateHandle, FlushFileBuffers, HeapReAlloc, HeapSize, GetFileAttributesExW, LocalFree, GetDriveTypeW, InitializeCriticalSection, SetConsoleCtrlHandler, GetWindowsDirectoryW, GetConsoleTitleW, GetModuleFileNameW, GetVersion, EnterCriticalSection, LeaveCriticalSection, ExpandEnvironmentStringsW, SearchPathW, WriteFile, GetVolumeInformationW, SetLastError, MoveFileW, SetConsoleTitleW, MoveFileExW, GetBinaryTypeW, GetFileAttributesW, GetCurrentThreadId, CreateProcessW, LoadLibraryW, ReadProcessMemory, SetErrorMode, GetConsoleMode, SetConsoleMode, VirtualAlloc, VirtualFree, SetEnvironmentVariableW, GetEnvironmentVariableW, GetCommandLineW, GetEnvironmentStringsW, GetLocalTime, GetTimeFormatW, FileTimeToLocalFileTime, GetDateFormatW, GetLastError, CloseHandle, SetThreadLocale, GetProcAddress, GetModuleHandleW, SetFilePointer, lstrcmpW, lstrcmpiW, HeapAlloc, GetProcessHeap, HeapFree, MultiByteToWideChar, ReadFile, WriteConsoleW, FillConsoleOutputCharacterW, SetConsoleCursorPosition, ReadConsoleW, GetConsoleScreenBufferInfo, GetStdHandle, GetFileType, VirtualQuery, RaiseException, GetCPInfo, GetConsoleOutputCP, WideCharToMultiByte, GetFileSize, CreateFileW, FindClose, FindNextFileW, FindFirstFileW, GetFullPathNameW, GetUserDefaultLCID, GetLocaleInfoW, SetLocalTime, SystemTimeToFileTime, GetSystemTime, FileTimeToSystemTime > msvcrt.dll: __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, __initenv, _cexit, _XcptFilter, _exit, _c_exit, calloc, _wcslwr, qsort, _vsnwprintf, wcsstr, _dup2, _dup, _open_osfhandle, _close, swscanf, _ultoa, _pipe, _seh_longjmp_unwind, _setmode, wcsncmp, iswxdigit, fflush, exit, _wtol, time, srand, __set_app_type, wcsrchr, malloc, free, wcstoul, _errno, iswalpha, printf, rand, swprintf, _iob, fprintf, towlower, realloc, setlocale, _snwprintf, wcscat, _wcsupr, wcsncpy, _wpopen, fgets, _pclose, memmove, wcschr, iswspace, _tell, longjmp, wcscmp, _wcsnicmp, _wcsicmp, wcstol, iswdigit, _getch, _get_osfhandle, _controlfp, _setjmp3, _except_handler3, wcscpy, wcslen, wcsspn, towupper > USER32.dll: GetUserObjectInformationW, GetThreadDesktop, MessageBeep, GetProcessWindowStation ( 0 exports ) RDS...: NSRL Reference Data Set - trid..: Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) pdfid.: - ATENTION Fichier CF17084.exe reçu le 2009.08.27 13:28:33 (UTC) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/41 (0%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: 4. L'heure estimée de démarrage est entre 70 et 100 secondes. Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Formaté Impression des résultats Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.24 2009.08.27 - AhnLab-V3 5.0.0.2 2009.08.27 - AntiVir 7.9.1.7 2009.08.27 - Antiy-AVL 2.0.3.7 2009.08.24 - Authentium 5.1.2.4 2009.08.27 - Avast 4.8.1335.0 2009.08.26 - AVG 8.5.0.406 2009.08.27 - BitDefender 7.2 2009.08.27 - CAT-QuickHeal 10.00 2009.08.27 - ClamAV 0.94.1 2009.08.27 - Comodo 2114 2009.08.27 - DrWeb 5.0.0.12182 2009.08.27 - eSafe 7.0.17.0 2009.08.27 - eTrust-Vet 31.6.6704 2009.08.27 - F-Prot 4.5.1.85 2009.08.26 - F-Secure 8.0.14470.0 2009.08.27 - Fortinet 3.120.0.0 2009.08.27 - GData 19 2009.08.27 - Ikarus T3.1.1.68.0 2009.08.27 - Jiangmin 11.0.800 2009.08.27 - K7AntiVirus 7.10.828 2009.08.26 - Kaspersky 7.0.0.125 2009.08.27 - McAfee 5721 2009.08.26 - McAfee+Artemis 5721 2009.08.26 - McAfee-GW-Edition 6.8.5 2009.08.27 - Microsoft 1.4903 2009.08.27 - NOD32 4373 2009.08.27 - Norman 2009.08.26 - nProtect 2009.1.8.0 2009.08.27 - Panda 10.0.2.2 2009.08.27 - PCTools 4.4.2.0 2009.08.27 - Prevx 3.0 2009.08.27 - Rising 21.44.11.00 2009.08.25 - Sophos 4.45.0 2009.08.27 - Sunbelt 3.2.1858.2 2009.08.26 - Symantec 1.4.4.12 2009.08.27 - TheHacker 6.3.4.3.388 2009.08.25 - TrendMicro 8.950.0.1094 2009.08.27 - VBA32 3.12.10.10 2009.08.27 - ViRobot 2009.8.27.1905 2009.08.27 - VirusBuster 4.6.5.0 2009.08.26 - Information additionnelle File size: 401408 bytes MD5...: c152deef8bb93dc9fccb0f2183c2e44e SHA1..: 4b719ca19b58053ad1b24bb2d0660090f01436f5 SHA256: 6d45f4c3c849cc7f37da79992d8ac82d3ff788b43214405a65f58dbc988b1bd5 ssdeep: 3072:whRx1S315oF8opcnD1hOOrWGzN2lcR2u8JnxIaU+JQ2cMSTNwbT5:GkF5oX pcFb5DRsNxIaU2 PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x5046 timedatestamp.....: 0x48025baf (Sun Apr 13 19:14:55 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x1f620 0x1f800 6.58 574e33dd0fe9ac878f0245da2551993e .data 0x21000 0x1ca24 0x1ca00 0.17 ac08e12c2ca9c0b872b354378edde336 .rsrc 0x3e000 0x25930 0x25a00 3.83 f6932e238a82125fbc94b720ea1ac767 ( 3 imports ) > KERNEL32.dll: FlushConsoleInputBuffer, LoadLibraryA, InterlockedExchange, FreeLibrary, LocalAlloc, GetVDMCurrentDirectories, CmdBatNotification, GetModuleHandleA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetThreadLocale, GetDiskFreeSpaceExW, CompareFileTime, RemoveDirectoryW, GetCurrentDirectoryW, SetCurrentDirectoryW, TerminateProcess, WaitForSingleObject, GetExitCodeProcess, CopyFileW, SetFileAttributesW, DeleteFileW, SetFileTime, CreateDirectoryW, FillConsoleOutputAttribute, SetConsoleTextAttribute, ScrollConsoleScreenBufferW, FormatMessageW, DuplicateHandle, FlushFileBuffers, HeapReAlloc, HeapSize, GetFileAttributesExW, LocalFree, GetDriveTypeW, InitializeCriticalSection, SetConsoleCtrlHandler, GetWindowsDirectoryW, GetConsoleTitleW, GetModuleFileNameW, GetVersion, EnterCriticalSection, LeaveCriticalSection, ExpandEnvironmentStringsW, SearchPathW, WriteFile, GetVolumeInformationW, SetLastError, MoveFileW, SetConsoleTitleW, MoveFileExW, GetBinaryTypeW, GetFileAttributesW, GetCurrentThreadId, CreateProcessW, LoadLibraryW, ReadProcessMemory, SetErrorMode, GetConsoleMode, SetConsoleMode, VirtualAlloc, VirtualFree, SetEnvironmentVariableW, GetEnvironmentVariableW, GetCommandLineW, GetEnvironmentStringsW, GetLocalTime, GetTimeFormatW, FileTimeToLocalFileTime, GetDateFormatW, GetLastError, CloseHandle, SetThreadLocale, GetProcAddress, GetModuleHandleW, SetFilePointer, lstrcmpW, lstrcmpiW, HeapAlloc, GetProcessHeap, HeapFree, MultiByteToWideChar, ReadFile, WriteConsoleW, FillConsoleOutputCharacterW, SetConsoleCursorPosition, ReadConsoleW, GetConsoleScreenBufferInfo, GetStdHandle, GetFileType, VirtualQuery, RaiseException, GetCPInfo, GetConsoleOutputCP, WideCharToMultiByte, GetFileSize, CreateFileW, FindClose, FindNextFileW, FindFirstFileW, GetFullPathNameW, GetUserDefaultLCID, GetLocaleInfoW, SetLocalTime, SystemTimeToFileTime, GetSystemTime, FileTimeToSystemTime > msvcrt.dll: __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, __initenv, _cexit, _XcptFilter, _exit, _c_exit, calloc, _wcslwr, qsort, _vsnwprintf, wcsstr, _dup2, _dup, _open_osfhandle, _close, swscanf, _ultoa, _pipe, _seh_longjmp_unwind, _setmode, wcsncmp, iswxdigit, fflush, exit, _wtol, time, srand, __set_app_type, wcsrchr, malloc, free, wcstoul, _errno, iswalpha, printf, rand, swprintf, _iob, fprintf, towlower, realloc, setlocale, _snwprintf, wcscat, _wcsupr, wcsncpy, _wpopen, fgets, _pclose, memmove, wcschr, iswspace, _tell, longjmp, wcscmp, _wcsnicmp, _wcsicmp, wcstol, iswdigit, _getch, _get_osfhandle, _controlfp, _setjmp3, _except_handler3, wcscpy, wcslen, wcsspn, towupper > USER32.dll: GetUserObjectInformationW, GetThreadDesktop, MessageBeep, GetProcessWindowStation ( 0 exports ) RDS...: NSRL Reference Data Set - pdfid.: - trid..: Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) Fichier CF19259.exe reçu le 2009.08.27 13:30:39 (UTC) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 0/41 (0%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: ___. L'heure estimée de démarrage est entre ___ et ___ . Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Formaté Impression des résultats Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.24 2009.08.27 - AhnLab-V3 5.0.0.2 2009.08.27 - AntiVir 7.9.1.7 2009.08.27 - Antiy-AVL 2.0.3.7 2009.08.24 - Authentium 5.1.2.4 2009.08.27 - Avast 4.8.1335.0 2009.08.26 - AVG 8.5.0.406 2009.08.27 - BitDefender 7.2 2009.08.27 - CAT-QuickHeal 10.00 2009.08.27 - ClamAV 0.94.1 2009.08.27 - Comodo 2114 2009.08.27 - DrWeb 5.0.0.12182 2009.08.27 - eSafe 7.0.17.0 2009.08.27 - eTrust-Vet 31.6.6704 2009.08.27 - F-Prot 4.5.1.85 2009.08.26 - F-Secure 8.0.14470.0 2009.08.27 - Fortinet 3.120.0.0 2009.08.27 - GData 19 2009.08.27 - Ikarus T3.1.1.68.0 2009.08.27 - Jiangmin 11.0.800 2009.08.27 - K7AntiVirus 7.10.828 2009.08.26 - Kaspersky 7.0.0.125 2009.08.27 - McAfee 5721 2009.08.26 - McAfee+Artemis 5721 2009.08.26 - McAfee-GW-Edition 6.8.5 2009.08.27 - Microsoft 1.4903 2009.08.27 - NOD32 4373 2009.08.27 - Norman 2009.08.26 - nProtect 2009.1.8.0 2009.08.27 - Panda 10.0.2.2 2009.08.27 - PCTools 4.4.2.0 2009.08.27 - Prevx 3.0 2009.08.27 - Rising 21.44.11.00 2009.08.25 - Sophos 4.45.0 2009.08.27 - Sunbelt 3.2.1858.2 2009.08.26 - Symantec 1.4.4.12 2009.08.27 - TheHacker 6.3.4.3.388 2009.08.25 - TrendMicro 8.950.0.1094 2009.08.27 - VBA32 3.12.10.10 2009.08.27 - ViRobot 2009.8.27.1905 2009.08.27 - VirusBuster 4.6.5.0 2009.08.26 - Information additionnelle File size: 401408 bytes MD5...: c152deef8bb93dc9fccb0f2183c2e44e SHA1..: 4b719ca19b58053ad1b24bb2d0660090f01436f5 SHA256: 6d45f4c3c849cc7f37da79992d8ac82d3ff788b43214405a65f58dbc988b1bd5 ssdeep: 3072:whRx1S315oF8opcnD1hOOrWGzN2lcR2u8JnxIaU+JQ2cMSTNwbT5:GkF5oX pcFb5DRsNxIaU2 PEiD..: - PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x5046 timedatestamp.....: 0x48025baf (Sun Apr 13 19:14:55 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x1f620 0x1f800 6.58 574e33dd0fe9ac878f0245da2551993e .data 0x21000 0x1ca24 0x1ca00 0.17 ac08e12c2ca9c0b872b354378edde336 .rsrc 0x3e000 0x25930 0x25a00 3.83 f6932e238a82125fbc94b720ea1ac767 ( 3 imports ) > KERNEL32.dll: FlushConsoleInputBuffer, LoadLibraryA, InterlockedExchange, FreeLibrary, LocalAlloc, GetVDMCurrentDirectories, CmdBatNotification, GetModuleHandleA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetThreadLocale, GetDiskFreeSpaceExW, CompareFileTime, RemoveDirectoryW, GetCurrentDirectoryW, SetCurrentDirectoryW, TerminateProcess, WaitForSingleObject, GetExitCodeProcess, CopyFileW, SetFileAttributesW, DeleteFileW, SetFileTime, CreateDirectoryW, FillConsoleOutputAttribute, SetConsoleTextAttribute, ScrollConsoleScreenBufferW, FormatMessageW, DuplicateHandle, FlushFileBuffers, HeapReAlloc, HeapSize, GetFileAttributesExW, LocalFree, GetDriveTypeW, InitializeCriticalSection, SetConsoleCtrlHandler, GetWindowsDirectoryW, GetConsoleTitleW, GetModuleFileNameW, GetVersion, EnterCriticalSection, LeaveCriticalSection, ExpandEnvironmentStringsW, SearchPathW, WriteFile, GetVolumeInformationW, SetLastError, MoveFileW, SetConsoleTitleW, MoveFileExW, GetBinaryTypeW, GetFileAttributesW, GetCurrentThreadId, CreateProcessW, LoadLibraryW, ReadProcessMemory, SetErrorMode, GetConsoleMode, SetConsoleMode, VirtualAlloc, VirtualFree, SetEnvironmentVariableW, GetEnvironmentVariableW, GetCommandLineW, GetEnvironmentStringsW, GetLocalTime, GetTimeFormatW, FileTimeToLocalFileTime, GetDateFormatW, GetLastError, CloseHandle, SetThreadLocale, GetProcAddress, GetModuleHandleW, SetFilePointer, lstrcmpW, lstrcmpiW, HeapAlloc, GetProcessHeap, HeapFree, MultiByteToWideChar, ReadFile, WriteConsoleW, FillConsoleOutputCharacterW, SetConsoleCursorPosition, ReadConsoleW, GetConsoleScreenBufferInfo, GetStdHandle, GetFileType, VirtualQuery, RaiseException, GetCPInfo, GetConsoleOutputCP, WideCharToMultiByte, GetFileSize, CreateFileW, FindClose, FindNextFileW, FindFirstFileW, GetFullPathNameW, GetUserDefaultLCID, GetLocaleInfoW, SetLocalTime, SystemTimeToFileTime, GetSystemTime, FileTimeToSystemTime > msvcrt.dll: __p__fmode, __p__commode, _adjust_fdiv, __setusermatherr, _initterm, __getmainargs, __initenv, _cexit, _XcptFilter, _exit, _c_exit, calloc, _wcslwr, qsort, _vsnwprintf, wcsstr, _dup2, _dup, _open_osfhandle, _close, swscanf, _ultoa, _pipe, _seh_longjmp_unwind, _setmode, wcsncmp, iswxdigit, fflush, exit, _wtol, time, srand, __set_app_type, wcsrchr, malloc, free, wcstoul, _errno, iswalpha, printf, rand, swprintf, _iob, fprintf, towlower, realloc, setlocale, _snwprintf, wcscat, _wcsupr, wcsncpy, _wpopen, fgets, _pclose, memmove, wcschr, iswspace, _tell, longjmp, wcscmp, _wcsnicmp, _wcsicmp, wcstol, iswdigit, _getch, _get_osfhandle, _controlfp, _setjmp3, _except_handler3, wcscpy, wcslen, wcsspn, towupper > USER32.dll: GetUserObjectInformationW, GetThreadDesktop, MessageBeep, GetProcessWindowStation ( 0 exports ) RDS...: NSRL Reference Data Set - trid..: Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) pdfid.: -
- le 27 août 2009
- 32 réponses
PC qui se bloque - wmplayer.exe

jcld a répondu à un(e) sujet de jcld dans Analyses et éradication malwares

bonjour, merci de ton aide j'en ai marre de ramer avec mon portable pour ton info j'ai installé Freeram XPPro 1/52 qui m'indique ram: 30% et load: 83% Quand mon pc bloque je n'ai pas un à UC 100 % je te joins les 2 rapports: All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! No active process named seekservice119.exe was found! No active process named seekservice.exe was found! ========== SERVICES/DRIVERS ========== Service\Driver SeekService Service deleted successfully. ========== FILES ========== File/Folder C:\Documents and Settings\All Users\Application Data\SeekService\seekservice119.exe not found. C:\Program Files\SeekService\seekservice.exe moved successfully. C:\Documents and Settings\All Users\Application Data\SeekService moved successfully. C:\Program Files\SeekService moved successfully. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: jcld ->Temp folder emptied: 93398048 bytes File delete failed. C:\Documents and Settings\jcld\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 9051260 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 65340108 bytes User: LocalService ->Temp folder emptied: 0 bytes File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 4777333 bytes ->FireFox cache emptied: 2216204 bytes User: NetworkService ->Temp folder emptied: 3694 bytes File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes File delete failed. C:\WINDOWS\temp\ZLT01eb5.TMP scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\ZLT01eb8.TMP scheduled to be deleted on reboot. Windows Temp folder emptied: 1787451 bytes RecycleBin emptied: 8346074 bytes Total Files Cleaned = 176,42 mb OTM by OldTimer - Version 3.0.0.6 log created on 08272009_122159 Files moved on Reboot... C:\WINDOWS\temp\ZLT01eb5.TMP moved successfully. C:\WINDOWS\temp\ZLT01eb8.TMP moved successfully. Registry entries deleted on Reboot... info.txt logfile of random's system information tool 1.06 2009-08-27 12:56:00 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" AbsoluteShield File Shredder-->"C:\Program Files\SysShield Tools\File Shredder\unins000.exe" Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001} Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" adsl TV-->C:\Program Files\adslTV\Uninstal.exe Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe" Agere Systems AC'97 Modem-->agrsmdel AIDA32 v3.93-->"C:\Program Files\AIDA32 - Personal System Information\unins000.exe" Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE AVS Audio Converter version 5.1-->"C:\Program Files\AVS4YOU\AVSAudioConverter\unins000.exe" AVS Audio Editor version 4.2-->"C:\Program Files\AVS4YOU\AVSAudioEditor\unins000.exe" AVS Audio Recorder version 3.9-->"C:\Program Files\AVS4YOU\AVSAudioRecorder\unins000.exe" AVS Cover Editor 1.3.1.96 (AVS4YOU)-->"C:\Program Files\AVS4YOU\AVS Cover Editor\unins000.exe" AVS Disc Creator version 3.5-->"C:\Program Files\AVS4YOU\AVSDiscCreator\unins000.exe" AVS DVD Authoring-->"C:\Program Files\AVS4YOU\AVSDVDAuthoring\unins000.exe" AVS DVD Copy version 4.1.1-->"C:\Program Files\AVS4YOU\AVSDVDCopy\unins000.exe" AVS Media Player 3.1-->"C:\Program Files\AVS4YOU\AVSMediaPlayer\unins000.exe" AVS Registry Cleaner version 1.1-->"C:\Program Files\AVS4YOU\AVSRegistryCleaner\unins000.exe" AVS Ringtone Maker version 1.6-->"C:\Program Files\AVS4YOU\AVSRingtoneMaker\unins000.exe" AVS System Info-->"C:\Program Files\AVS4YOU\AVSSystemInfo\unins000.exe" AVS TV Recorder 2.0.1-->"C:\Program Files\AVS4YOU\AVSTVRecorder\unins000.exe" AVS Update Manager 1.0-->"C:\Program Files\AVS4YOU\AVSUpdateManager\unins000.exe" AVS Video Converter 6-->"C:\Program Files\AVS4YOU\AVSVideoConverter6\unins000.exe" AVS Video Editor 4 4.2.1.166-->"C:\Program Files\AVS4YOU\AVSVideoEditor\unins000.exe" AVS Video Recorder 2.4 (Service Version)-->"C:\Program Files\AVS4YOU\AVSVideoRecorder\unins000.exe" AVS4YOU Software Navigator 1.3-->"C:\Program Files\AVS4YOU\AVSSoftwareNavigator\unins000.exe" Belkin Wireless G Notebook Card Driver and Utility-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA45054F-2659-4368-AC8E-0AB805FF3E15}\setup.exe" -l0x40c REMOVE Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6} CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} DVD Decoder Pak for Windows XP-->MsiExec.exe /X{92C5DB3D-9D6F-4324-BB11-57825F4C2635} Easytravel France 2008,2009-->"C:\Program Files\Easytravel France 2008,2009\Uninstall.exe" "C:\Program Files\Easytravel France 2008,2009\install.log" FileHippo.com Update Checker-->"C:\Program Files\FileHippo.com\uninstall.exe" Finance 2003 version 10.05-->"C:\Program Files\SoftChris\Finance 2003\unins000.exe" FoxyTunes for Firefox-->"C:\Program Files\Mozilla Firefox\firefox.exe" -chrome chrome://foxytunes/content/extras/uninstallExtension.xul Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF} HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HouseCall 6.6-->"C:\Documents and Settings\jcld\Application Data\HouseCall 6.6\uninstaller.exe" Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_3582 iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944} JkDefrag 3.36-->"C:\Program Files\JkDefrag\unins000.exe" Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} KC Softwares SUMo-->"C:\Program Files\KC Softwares\SUMo\unins000.exe" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe" Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" ModPlug Player-->"C:\Program Files\ModPlug\Player\unins000.exe" Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe Mozilla Firefox (3.5.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird (2.0.0.23)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} Noiseware Community Edition-->MsiExec.exe /I{CB3B7C24-30A1-4961-8039-94919F5ED2EE} Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296} Nokia Download!-->MsiExec.exe /X{8852753D-9E27-41F6-9A20-1D4E02B013FC} Nokia Home Media Server-->MsiExec.exe /X{DAC63ECB-4571-435F-9B19-51F54BC88109} Nokia Maps Updater 1.0.8-->"C:\Program Files\Nokia\Nokia Maps Updater\Uninstall Information\unins000.exe" Nokia Multimedia Common Components 2.4-->MsiExec.exe /I{6EB6C056-02BB-453E-8448-EC90B9794180} Nokia Music-->MsiExec.exe /I{7035F31B-20DA-4522-B0DB-3CA18B46DD77} Nokia Ovi Application Installer 6.85.3011-->msiexec /qn /x {42B74521-4706-412A-9A27-AED12B83E886} Nokia Ovi Application Installer-->MsiExec.exe /I{42B74521-4706-412A-9A27-AED12B83E886} Nokia Ovi Content Copier 6.85.3011-->msiexec /qn /x {6442DEDF-AC2F-4CBA-85DE-42E459C5006C} Nokia Ovi Content Copier-->MsiExec.exe /X{6442DEDF-AC2F-4CBA-85DE-42E459C5006C} Nokia Ovi One Touch Access 6.85.3019-->msiexec /qn /x {C4B045DB-C2C0-4A05-8DA5-754B4733EE31} Nokia Ovi One Touch Access-->MsiExec.exe /I{C4B045DB-C2C0-4A05-8DA5-754B4733EE31} Nokia Ovi Suite-->MsiExec.exe /I{2218B96C-ABA2-45D9-A0B4-56B71F5303DB} Nokia Ovi System Utilities 6.85.3018-->msiexec /qn /x {F9EA1C47-64A6-45E4-9A80-8CC1575B971D} Nokia Ovi System Utilities-->MsiExec.exe /X{F9EA1C47-64A6-45E4-9A80-8CC1575B971D} Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_fre_web[1].exe Nokia PC Suite-->MsiExec.exe /I{3D39E775-DDDA-4327-B747-0BDC5F191331} Nokia Photos-->MsiExec.exe /I{9292B96D-B693-4F07-B5FE-21CCDC7CB4AF} Nokia Software Updater-->MsiExec.exe /X{9F59C3AE-81B0-4EF6-9762-D674BB079705} oggcodecs 0.71.0946-->C:\Program Files\illiminable\oggcodecs\uninst.exe OpenOffice.org 3.1-->MsiExec.exe /I{0FA44E79-CD7D-4E8D-A2EE-26FE05F509B6} Package de pilotes Windows - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_C08496D7A0050438DFE13C55799AE2D4157A8E7A\nokia_bluetooth.inf Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_9C48E34C57B7D4AAE5FFF5FB9B476B538394FD30\nokbtmdm.inf Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037} Quicksys RegDefrag 2.3-->"C:\Program Files\Quicksys\RegDefrag\unins000.exe" QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68} Ref Hotkey 0.2.0-->C:\Program Files\Ref Hotkey\uninst.exe Revo Uninstaller 1.83-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe SeekService 1.0 build 121-->C:\Program Files\SeekService\uninstall.exe Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} SoftK56 Data Fax CARP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_24C6\HXFSETUP.EXE -U -IVEN_8086&DEV_24C6 Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall TwonkyMedia-->C:\Program Files\Nokia\Nokia Home Media Server\\Media Server\UninstallTwonkyMedia.exe Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VLC media player 1.0.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401} Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Contrôle parental-->MsiExec.exe /X{D6A2DDE3-9D7C-412C-932A-756580D29919} Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657} Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C} Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E} Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353} Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1} Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Widgets-->C:\PROGRA~1\Yahoo!\Widgets\uninstall.exe YAMAHA AC-XG WDM-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3663DDE0-D8AE-11D3-9850-00C04F7AC096}\setup.exe" -l0x40c maintenance ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe ======Security center information====== AV: AntiVir Desktop FW: ZoneAlarm Firewall ======System event log====== Computer Name: JCLD-B88AFEB7CE Event Code: 7036 Message: Le service Téléphonie est entré dans l'état : en cours d'exécution. Record Number: 12147 Source Name: Service Control Manager Time Written: 20090812220053.000000+120 Event Type: Informations User: Computer Name: JCLD-B88AFEB7CE Event Code: 7036 Message: Le service Compatibilité avec le Changement rapide d'utilisateur est entré dans l'état : en cours d'exécution. Record Number: 12146 Source Name: Service Control Manager Time Written: 20090812220053.000000+120 Event Type: Informations User: Computer Name: JCLD-B88AFEB7CE Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Compatibilité avec le Changement rapide d'utilisateur. Record Number: 12145 Source Name: Service Control Manager Time Written: 20090812220053.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: JCLD-B88AFEB7CE Event Code: 7036 Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution. Record Number: 12144 Source Name: Service Control Manager Time Written: 20090812220053.000000+120 Event Type: Informations User: Computer Name: JCLD-B88AFEB7CE Event Code: 17 Message: AVGNTFLT successfully loaded Record Number: 12143 Source Name: avgntflt Time Written: 20090812220009.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: JCLD-B88AFEB7CE Event Code: 455 Message: wuaueng.dll (3112) SUS20ClientDataStore: L'erreur -1032 (0xfffffbf8) s'est produite lors de l'ouverture du fichier journal C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Record Number: 1031 Source Name: ESENT Time Written: 20090730001645.000000+120 Event Type: erreur User: Computer Name: JCLD-B88AFEB7CE Event Code: 489 Message: wuauclt (3112) Une tentative d'ouverture du fichier "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" pour accès en lecture seule a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). Record Number: 1030 Source Name: ESENT Time Written: 20090730001645.000000+120 Event Type: erreur User: Computer Name: JCLD-B88AFEB7CE Event Code: 455 Message: wuaueng.dll (3112) SUS20ClientDataStore: L'erreur -1032 (0xfffffbf8) s'est produite lors de l'ouverture du fichier journal C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log. Record Number: 1029 Source Name: ESENT Time Written: 20090730001635.000000+120 Event Type: erreur User: Computer Name: JCLD-B88AFEB7CE Event Code: 489 Message: wuauclt (3112) Une tentative d'ouverture du fichier "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" pour accès en lecture seule a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). Record Number: 1028 Source Name: ESENT Time Written: 20090730001635.000000+120 Event Type: erreur User: Computer Name: JCLD-B88AFEB7CE Event Code: 4097 Message: L'application, C:\Program Files\Belkin\Cardbus F5D701F\Wireless Utility\Belkinwcui.exe, a généré une erreur d'application L'erreur s'est produite le 07/29/2009 à 19:28:02.317 L'exception générée était c0000005 à l'adresse 004515FD (Belkinwcui) Record Number: 1027 Source Name: DrWatson Time Written: 20090729192802.000000+120 Event Type: Informations User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=0209 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "tvdumpflags"=8 "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by jcld at 2009-08-27 12:53:36 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 16 GB (56%) free of 29 GB Total RAM: 494 MB (46% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:55:26, on 27/08/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\notepad.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\FileHippo.com\UpdateChecker.exe C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\WINDOWS\system32\msfeedssync.exe C:\Program Files\Belkin\Cardbus F5D701F\Wireless Utility\Belkinwcui.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Documents and Settings\jcld\Bureau\123\SolSuite.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\taskmgr.exe C:\Documents and Settings\jcld\Mes documents\Téléchargements\RSIT.exe C:\Program Files\Trend Micro\HijackThis\jcld.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - (no file) O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Belkin Wireless G Notebook Card Client Utility.lnk = ? O4 - Global Startup: Bluetooth Manager.lnk = ? O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1244618076353 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 7310 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\MP Scheduled Scan.job C:\WINDOWS\tasks\User_Feed_Synchronization-{5A70CFA4-FE77-4609-A309-F10E124B59CF}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-06-30 2329224] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "FileHippo.com"=C:\Program Files\FileHippo.com\UpdateChecker.exe [2009-07-01 155136] "FreeRAM XP"=C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe [2009-08-10 1591808] "PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-06-25 1414144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe [2009-06-22 88107] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CARPService] C:\WINDOWS\system32\carpserv.exe [2009-06-22 4608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh] C:\Program Files\ltmoh\Ltmoh.exe [2009-06-22 172032] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Belkin Wireless G Notebook Card Client Utility.lnk - C:\Program Files\Belkin\Cardbus F5D701F\Wireless Utility\Belkinwcui.exe Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2006-02-07 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= "NoResolveSearch"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe"="C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:*:Enabled:TwonkyMedia" "C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe"="C:\Program Files\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:*:Enabled:TwonkyMediaServer" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2009-08-27 12:53:36 ----D---- C:\rsit 2009-08-27 12:21:59 ----D---- C:\_OTM 2009-08-22 20:45:37 ----A---- C:\WINDOWS\ModemLog_Modem standard 33600 bps.txt 2009-08-22 11:11:12 ----D---- C:\Documents and Settings\jcld\Application Data\Nseries 2009-08-22 00:26:02 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2009-08-13 12:11:04 ----D---- C:\Documents and Settings\jcld\Application Data\Apple Computer 2009-08-13 12:06:41 ----D---- C:\Program Files\QuickTime 2009-08-13 12:04:49 ----D---- C:\Program Files\Apple Software Update 2009-08-13 12:04:49 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2009-08-13 11:27:52 ----A---- C:\WINDOWS\system32\GEARAspi.dll 2009-08-13 11:26:19 ----D---- C:\Program Files\iPod 2009-08-13 11:26:15 ----D---- C:\Program Files\Fichiers communs\Apple 2009-08-13 11:25:37 ----D---- C:\Program Files\iTunes 2009-08-13 11:25:37 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-08-13 11:25:37 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-08-13 10:36:37 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia 2009-08-13 07:49:15 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2009-08-13 07:48:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2009-08-13 07:48:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2009-08-13 07:47:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2009-08-13 07:47:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2009-08-13 07:46:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2009-08-13 07:45:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2009-08-13 07:44:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2009-08-13 07:43:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2009-08-13 07:38:50 ----D---- C:\Program Files\MSXML 4.0 2009-08-12 21:30:45 ----D---- C:\Program Files\Windows Defender 2009-08-12 11:44:01 ----A---- C:\WINDOWS\system32\nhm_server_trace.txt 2009-08-12 11:35:42 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaMusic 2009-08-12 01:40:12 ----D---- C:\Program Files\MSXML 6.0 2009-08-12 01:26:13 ----D---- C:\Program Files\Fichiers communs\muvee Technologies 2009-08-12 00:59:38 ----D---- C:\WINDOWS\Globalization 2009-08-12 00:39:22 ----D---- C:\WINDOWS\Downloaded Installations 2009-08-11 20:01:23 ----A---- C:\WINDOWS\ModemLog_Nokia N85 USB Modem.txt 2009-08-11 17:56:04 ----A---- C:\WINDOWS\imsins.BAK 2009-08-11 17:55:47 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll 2009-08-11 17:54:50 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$ 2009-08-10 20:17:15 ----D---- C:\Program Files\Quicksys 2009-08-10 18:08:59 ----D---- C:\Program Files\YourWare Solutions 2009-08-08 20:21:30 ----D---- C:\Program Files\Yahoo! 2009-08-06 21:44:50 ----D---- C:\Program Files\Imagenomic 2009-08-06 15:06:34 ----D---- C:\Documents and Settings\jcld\Application Data\PC Suite 2009-08-06 15:06:23 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite 2009-08-06 15:06:22 ----D---- C:\Documents and Settings\jcld\Application Data\Nokia 2009-08-06 15:02:30 ----D---- C:\Program Files\Fichiers communs\PCSuite 2009-08-06 15:01:47 ----D---- C:\Program Files\Fichiers communs\Nokia 2009-08-06 15:00:09 ----D---- C:\Program Files\DIFX 2009-08-06 14:58:44 ----D---- C:\Program Files\PC Connectivity Solution 2009-08-06 14:58:00 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll 2009-08-06 14:58:00 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll 2009-08-06 14:57:11 ----A---- C:\WINDOWS\system32\nmwcdcls.dll 2009-08-06 14:57:03 ----D---- C:\Program Files\Nokia 2009-08-06 14:46:33 ----D---- C:\Documents and Settings\All Users\Application Data\Installations 2009-08-05 17:12:26 ----A---- C:\WINDOWS\system32\CF21290.exe 2009-08-05 17:03:15 ----A---- C:\WINDOWS\system32\CF19259.exe 2009-08-05 16:53:56 ----A---- C:\WINDOWS\system32\CF17084.exe 2009-08-05 16:51:51 ----D---- C:\Qoobox 2009-08-05 14:44:48 ----D---- C:\Genproc 2009-08-05 12:38:34 ----D---- C:\VundoFix Backups 2009-08-04 17:54:02 ----D---- C:\Documents and Settings\jcld\Application Data\HouseCall 6.6 2009-08-04 17:53:51 ----D---- C:\WINDOWS\system32\HouseCall 6.6 2009-08-03 08:57:30 ----D---- C:\WINDOWS\Sun 2009-07-30 18:46:49 ----D---- C:\Program Files\Trend Micro 2009-07-29 17:46:35 ----A---- C:\WINDOWS\RTacDbg.txt 2009-07-29 15:19:49 ----D---- C:\Config.Msi ======List of files/folders modified in the last 1 months====== 2009-08-27 12:54:31 ----D---- C:\WINDOWS\Prefetch 2009-08-27 12:54:26 ----D---- C:\WINDOWS\Temp 2009-08-27 12:52:37 ----D---- C:\WINDOWS\Internet Logs 2009-08-27 12:43:54 ----D---- C:\Program Files\Mozilla Firefox 2009-08-27 12:39:14 ----D---- C:\Program Files\Mozilla Thunderbird 2009-08-27 12:34:48 ----D---- C:\WINDOWS 2009-08-27 12:32:15 ----SD---- C:\WINDOWS\Tasks 2009-08-27 12:29:46 ----D---- C:\WINDOWS\system32\CatRoot2 2009-08-27 12:28:16 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-08-27 12:23:14 ----RD---- C:\Program Files 2009-08-27 12:17:31 ----D---- C:\WINDOWS\system32 2009-08-26 09:07:12 ----HD---- C:\WINDOWS\inf 2009-08-25 22:33:25 ----D---- C:\Program Files\JkDefrag 2009-08-25 22:18:24 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-08-25 22:11:21 ----D---- C:\Program Files\Messenger 2009-08-25 22:11:18 ----D---- C:\49e83cec92e0f199ada8 2009-08-25 22:00:52 ----D---- C:\WINDOWS\security 2009-08-25 22:00:46 ----D---- C:\WINDOWS\system32\config 2009-08-25 22:00:42 ----D---- C:\WINDOWS\repair 2009-08-25 22:00:38 ----D---- C:\WINDOWS\Logs 2009-08-25 21:58:34 ----D---- C:\WINDOWS\Debug 2009-08-25 21:58:34 ----D---- C:\Program Files\Mozilla Thunderbird 3.0 Beta 3(2) 2009-08-25 21:58:17 ----D---- C:\Program Files\Easytravel France 2008,2009 2009-08-25 18:27:01 ----D---- C:\Documents and Settings\jcld\Application Data\AVS4YOU 2009-08-24 18:20:04 ----SHD---- C:\WINDOWS\Installer 2009-08-24 18:06:04 ----D---- C:\Program Files\ma-config.com 2009-08-24 17:33:32 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters 2009-08-24 10:44:47 ----RSD---- C:\WINDOWS\assembly 2009-08-22 00:26:06 ----D---- C:\WINDOWS\system32\drivers 2009-08-21 20:46:24 ----D---- C:\WINDOWS\WinSxS 2009-08-21 17:08:26 ----HD---- C:\WINDOWS\$hf_mig$ 2009-08-20 11:43:09 ----D---- C:\Documents and Settings\jcld\Application Data\Help 2009-08-20 10:26:28 ----A---- C:\WINDOWS\win.ini 2009-08-19 20:52:45 ----D---- C:\Program Files\adslTV 2009-08-19 20:52:27 ----D---- C:\Documents and Settings\jcld\Application Data\vlc 2009-08-13 11:27:52 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-08-13 11:26:15 ----D---- C:\Program Files\Fichiers communs 2009-08-13 07:46:05 ----D---- C:\Program Files\Outlook Express 2009-08-12 21:30:45 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-08-12 11:38:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-08-12 01:28:23 ----RSD---- C:\WINDOWS\Fonts 2009-08-09 19:22:00 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2009-08-05 15:01:23 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-08-05 11:00:38 ----A---- C:\WINDOWS\system32\mswebdvd.dll 2009-08-04 18:47:50 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-08-04 16:23:53 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-08-04 12:05:58 ----D---- C:\Program Files\Lavasoft 2009-08-04 12:05:58 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft 2009-08-04 11:00:13 ----D---- C:\WINDOWS\network diagnostic 2009-07-31 17:39:36 ----D---- C:\Program Files\Microsoft Silverlight 2009-07-30 02:49:14 ----A---- C:\WINDOWS\system32\MRT.exe 2009-07-29 18:10:47 ----D---- C:\Program Files\Internet Explorer 2009-07-29 18:09:42 ----D---- C:\WINDOWS\ie8updates 2009-07-29 15:22:52 ----D---- C:\Program Files\Internet Download Manager 2009-07-29 15:22:18 ----D---- C:\WINDOWS\system32\DirectX 2009-07-29 15:22:18 ----D---- C:\Documents and Settings\jcld\Application Data\IDM 2009-07-29 15:22:08 ----D---- C:\Program Files\Winamp 2009-07-29 15:22:08 ----D---- C:\Documents and Settings\jcld\Application Data\Winamp 2009-07-29 15:22:05 ----D---- C:\Program Files\Winamp Remote 2009-07-29 15:21:55 ----D---- C:\Program Files\MyDefrag v4.1 2009-07-29 15:21:47 ----D---- C:\Program Files\MyDefrag v4.1.1 2009-07-29 15:19:21 ----D---- C:\Program Files\iColorFolder 2009-07-29 11:24:59 ----D---- C:\Documents and Settings\jcld\Application Data\Adobe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-07-15 28520] R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2004-10-04 62799] R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.5.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-06-09 21419] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-08-19 55656] R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-06-22 1169792] R3 Belkin701F;Belkin Wireless G Notebook Card Service v7; C:\WINDOWS\system32\DRIVERS\BLKWGNv7.sys [2006-10-19 303616] R3 CmBatt;Pilote d'adaptateur secteur Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952] R3 cs429x;Cirrus Logic WDM Audio Codec Driver; C:\WINDOWS\system32\drivers\cwawdm.sys [2009-06-22 111104] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-02-07 1399615] R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-05 12288] R3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664] R3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016] R3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-05 5888] R3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992] R3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-06-22 270448] R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-03-30 47230] R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2005-04-22 98048] R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2004-07-08 36531] R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2005-04-22 52608] R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612] R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2004-12-21 34816] R3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Pilote de concentrateur standard USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112] R3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008] S1 kbdhid;Pilote HID de clavier; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720] S3 AIDA32Driver;AIDA32Driver; \??\C:\Program Files\AIDA32 - Personal System Information\aida32.sys [] S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [] S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [] S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2009-06-22 1107072] S3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2009-06-22 164864] S3 mbr;mbr; \??\C:\DOCUME~1\jcld\LOCALS~1\Temp\mbr.sys [] S3 RT73;Hercules Wireless USB Dongle Driver ; C:\WINDOWS\system32\DRIVERS\rt73.sys [] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2002-10-16 2851] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-06 50048] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WDM_YAMAHAAC97;YAMAHA AC-XG Audio Device; C:\WINDOWS\system32\drivers\yacxgc.sys [2003-06-27 205440] S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2009-06-22 622592] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-07-15 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-19 185089] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304] R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592] R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952] S2 TwonkyMedia;TwonkyMedia; C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2008-07-09 102400] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
- le 27 août 2009
- 32 réponses
PC qui se bloque - wmplayer.exe

jcld a posté un sujet dans Analyses et éradication malwares

bonsoir, j'utilise un portable ACER Travelmate 243LC avec XP familiale Après installation directe de XP (sans passer par les CD ACER) tous fonctionnait correctement j'ai commencé à avoir des problèmes : fichier de plusieurs Go que j'ai supprimé (je ne me rappelle plus de son nom), virus trouvé par Avira j'ai été voir sur le topo "pc qui rame", puis j'ai été sur le gestionnaire des taches, et bien qu'il ne soit pas avec un UC100% j'ai constaté un "wmplayer.exe" qui prenais 40% et je n'avais pas de logiciel wmplayer d'ouvert Plutot que de passer des antivirus et autres (ce que j'ai déjà fait auparavant) sans trop savoir ce que je fais, je vous met un rapport hijackthis afin que vous me conseilliez sur la méthode à appliquer un petit peu d'explication sur ce que j'aurais à effectuer serait très agréable merci pour votre aide jcld Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:19:14, on 26/08/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Documents and Settings\All Users\Application Data\SeekService\seekservice119.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\SeekService\seekservice.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\FileHippo.com\UpdateChecker.exe C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe C:\WINDOWS\system32\msfeedssync.exe C:\Program Files\Belkin\Cardbus F5D701F\Wireless Utility\Belkinwcui.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe C:\Documents and Settings\jcld\Bureau\123\SolSuite.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file) O3 - Toolbar: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - (no file) O3 - Toolbar: FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - (no file) O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Belkin Wireless G Notebook Card Client Utility.lnk = ? O4 - Global Startup: Bluetooth Manager.lnk = ? O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1244618076353 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: SeekService Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\SeekService\seekservice119.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 7587 bytes
- le 26 août 2009
- 32 réponses
modification d'un document scanner avec word

jcld a répondu à un(e) sujet de jcld dans Software

merci beaucoup pour vos réponses rapides et en m'excusant de ne prendre que maintenant connaissance de celles-ci. j'ai bien eu avec mon imprimante un logiciel qui me permet de traiter les scans sous word. n'ayant jamais eu à l'utiliser je ne l'avais pas vu faute de prendre le temps jcld
- le 25 novembre 2005
- 4 réponses
modification d'un document scanner avec word

jcld a posté un sujet dans Software

j'utilise un combiné scanner fax BrotherMFC-210C. je souhaite scanner un document et le modifier avec word quand j'ai scanner j'obtiens un fichier JPEG image est-il possible d'effectuer des corrections avec word sur ce document? merci pour votre réponse
- le 24 novembre 2005
- 4 réponses

Connexion

jcld

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par jcld

PC qui se bloque - wmplayer.exe

PC qui se bloque - wmplayer.exe

PC qui se bloque - wmplayer.exe

PC qui se bloque - wmplayer.exe

modification d'un document scanner avec word

modification d'un document scanner avec word

Zebulon

Outils en ligne

Naviguer