Aller au contenu

bono80

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    16

  • Inscription

  • Dernière visite

bono80's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. bono80
    Merci beaucoup pour votre réponse. En fait mon Premiere Pro (et la suite Adobe aussi) commençant à me faire des trucs bizarres à son tour je l'ai désinstallé/réinstallé et bizarrement tous mes message d'erreurs ont disparu ainsi que les écrans bleus... Bizarre... Est-ce que par secu vous me conseiller malgré tout le diagnostic ?
  2. bono80
    Bonjour à tous, Depuis quelques temps les messages d'erreurs "Image Incorrecte" "... .dll n'est pas conçu pour s'exécuter sous Windows "se multiplient quelles que soient les applications. Les écrans bleus commencent eux aussi à arriver dès que je reviens après quelques heures. Bref, il y a un truc pas net qui s'est passé c'est évident. Les Ccleaner et cie n'ont rien fait malheureusement (encore moins mon Bitdefender...) Les restaurations ont échouées suite à un "problème" (super...) Pourriez-vous donc m'aider à faire un rapport Hijackthis et à l''interpréter. Merci infiniment
  3. bono80
    Est-ce qu'on peut m'aider avec un simple rapport Hijackthis dans ce cas ? Merci ! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:33:56, on 11/05/2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files\ASUS\Net4Switch\Net4Switch.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\Google\Google Talk\googletalk.exe C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe C:\Program Files (x86)\DAP\DAP.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe C:\Program Files (x86)\ASUS\AI TouchMedia\PlayMovie\PMVService.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe C:\Users\VinzA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\VinzA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\VinzA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\VinzA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\VinzA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\VinzA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\VinzA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\VinzA\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: (no name) - {074C1DC5-9320-4A9A-947D-C042949C6216} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\DAP\DAPIEL~1.DLL O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - "C:\Program Files\BitDefender\BitDefender 2010\Antispam32\IEToolbar.dll" (file missing) O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: (no name) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - (no file) O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files (x86)\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\ASUS\AI TouchMedia\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r O4 - HKLM\..\Run: [updReg] C:\Windows\UpdReg.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [googletalk] "C:\Program Files (x86)\Google\Google Talk\googletalk.exe" /autostart O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\VinzA\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files (x86)\DAP\DAP.EXE" /STARTUP O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: FancyStart daemon.lnk = ? O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Envoyer à Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Envoyer au périphérique &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/s...te/certdgi1.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BitDefender Serveur Arrakis (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TurboBoost - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 17297 bytes
  4. bono80
    Quand je lance RSIT un message d'erreur apparait : AutoIt Error Line 2563 (File "C:\Users\...\Desktop\RSIT_1.exe"): Error: Variable used without being declared.
  5. bono80
    Bonjour à tous, Voilà j'ai un doute sur le fonctionnement actuel de mon ordi. Je n'ai absolument touché à rien et depuis quelques jours il a un comportement qui me semble bizarre, surtout au niveau de ma connexion internet : ca rame, je perds le reseau, etc... J'ai d'autres ordi à la maison et aucuns n'ont un problème avec la connexion internet. Bref je compte faire un petit coup de Hijack This histoire d'avoir la conscience tranquille... Je ne me rappelle plus de ce que je dois poster : "Do a system scan and save logfile" ou "Do a system scan only" ? Merci !
  6. bono80

    help !

    bono80 a répondu à un(e) sujet de bono80 dans Analyses et éradication malwares

    Alors, voilà donc pour le rapport de Combofix : ComboFix 08-02.05.3 - Vinz 2008-02-08 1:26:20.2 - FAT32x86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1301 [GMT 1:00] Endroit: C:\Documents and Settings\Vinz\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Vinz\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-01-08 to 2008-02-08 )))))))))))))))))))))))))))))))))))) . 2008-02-06 23:46 . 2008-02-06 23:46 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-02-06 23:46 . 2008-02-06 23:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-02-06 17:14 . 2004-08-05 14:00 794,112 --a------ C:\kmd.exe 2008-02-06 11:41 . 2008-02-06 11:41 <REP> d--hs---- C:\FOUND.012 2008-02-06 04:16 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-02-06 04:16 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-02-06 04:16 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-02-06 04:16 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-02-06 04:16 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-02-06 04:16 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-02-06 04:16 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-02-06 03:43 . 2008-02-06 13:33 388 --a------ C:\WINDOWS\wininit.ini 2008-02-06 03:21 . 2008-02-06 03:21 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-02-06 03:21 . 2008-02-06 03:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-06 00:01 . 2008-02-06 00:01 <REP> d-------- C:\Documents and Settings\Vinz\Application Data\PrevxCSI 2008-02-06 00:01 . 2008-02-06 00:01 11,008 --a------ C:\WINDOWS\system32\drivers\pxark.sys 2008-02-01 03:02 . 2008-02-01 03:02 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-01-31 13:51 . 2008-01-31 13:51 173 --a------ C:\WINDOWS\system32\test.aok 2008-01-31 13:51 . 2008-01-31 13:51 172 --a------ C:\WINDOWS\system32\temp_0000_85-21.aok 2008-01-31 13:28 . 2008-01-31 14:30 35,334 --a------ C:\WINDOWS\system32\tmp.avi 2008-01-31 13:24 . 2008-01-31 13:24 <REP> d-------- C:\Program Files\Ultra Flash Video FLV Converter 2008-01-31 13:24 . 2002-10-05 07:04 921,600 --a------ C:\WINDOWS\system32\vorbisenc.dll 2008-01-31 13:24 . 2004-01-11 08:02 258,048 --a------ C:\WINDOWS\system32\GplMpgDec.ax 2008-01-31 13:24 . 2006-10-24 14:16 242,176 --a------ C:\WINDOWS\system32\fixflash.exe 2008-01-31 13:24 . 2002-10-07 02:42 237,568 --a------ C:\WINDOWS\system32\OggDS.dll 2008-01-31 13:24 . 2002-10-05 07:04 188,416 --a------ C:\WINDOWS\system32\vorbis.dll 2008-01-31 13:24 . 2007-04-12 14:19 129,024 --a------ C:\WINDOWS\system32\AVERM.dll 2008-01-31 13:24 . 2002-10-05 07:04 45,056 --a------ C:\WINDOWS\system32\ogg.dll 2008-01-31 13:24 . 2006-09-26 13:57 28,672 --a------ C:\WINDOWS\system32\AVEQT.dll 2008-01-31 10:37 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-01-31 10:37 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-01-31 10:37 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-01-30 21:40 . 2008-01-30 21:40 <REP> d-------- C:\Program Files\Ultra Video To Flash Converter 2008-01-30 21:40 . 2004-02-22 16:11 719,872 --a------ C:\WINDOWS\system32\devil.dll 2008-01-30 21:40 . 2006-12-31 10:16 313,344 --a------ C:\WINDOWS\system32\avisynth.dll 2008-01-30 21:31 . 2008-01-30 21:31 <REP> d-------- C:\auau 2008-01-30 21:30 . 2008-01-30 21:30 <REP> d-------- C:\Program Files\AUAU AVI MP4 to Flash Converter 2008-01-30 21:30 . 2008-01-30 21:30 34 --ah----- C:\WINDOWS\system32\VideoConverter_sysquict.dat 2008-01-30 21:11 . 2008-01-30 21:11 <REP> d-------- C:\Program Files\FlashConv 2008-01-30 21:11 . 2005-06-07 15:11 60,416 --a------ C:\WINDOWS\system32\dsetup.dll 2008-01-30 16:41 . 2008-01-30 16:41 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-01-30 16:33 . 2008-01-30 16:33 <REP> d-------- C:\Program Files\Windows Live 2008-01-30 16:33 . 2008-01-30 16:33 <REP> d--hs---- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-01-30 16:33 . 2008-01-30 16:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-01-23 23:19 . 2008-02-02 15:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-01-23 23:19 . 2008-01-23 23:19 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-23 21:08 . 2008-01-23 21:08 22,328 --a------ C:\Documents and Settings\Vinz\Application Data\PnkBstrK.sys 2008-01-23 21:07 . 2008-01-23 21:08 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe 2008-01-22 00:20 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2008-01-22 00:20 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2008-01-22 00:20 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2008-01-21 19:05 . 2008-01-21 19:06 <REP> d-------- C:\Program Files\Fichiers communs\NSV 2008-01-21 10:27 . 2008-01-21 10:28 <REP> d-------- C:\Documents and Settings\Vinz\Application Data\Intel 2008-01-21 10:27 . 2008-01-21 10:28 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\Intel 2008-01-21 10:27 . 2008-01-21 10:28 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Intel 2008-01-21 10:27 . 2008-01-21 10:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Intel 2008-01-21 10:27 . 2008-01-21 10:27 21,361 --a------ C:\WINDOWS\system32\drivers\AegisP.sys 2008-01-21 10:27 . 2008-01-21 10:27 21,361 --a------ C:\WINDOWS\AegisP.sys 2008-01-21 10:27 . 2008-01-21 10:27 13,984 --a------ C:\WINDOWS\AegisP.inf 2008-01-21 10:27 . 2008-01-21 10:27 10,640 --a------ C:\WINDOWS\AegisP.cat 2008-01-21 10:26 . 2007-08-27 11:12 2,777,088 --a------ C:\WINDOWS\system32\NETw4r32.dll 2008-01-21 10:26 . 2007-09-26 06:01 2,236,032 --a------ C:\WINDOWS\system32\drivers\NETw4x32.sys 2008-01-21 10:26 . 2007-08-27 11:12 745,472 --a------ C:\WINDOWS\system32\NETw4c32.dll 2008-01-18 12:03 . 2008-01-18 12:03 244 --ah----- C:\sqmnoopt10.sqm 2008-01-18 12:03 . 2008-01-18 12:03 232 --ah----- C:\sqmdata10.sqm . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-08 00:26 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2008-02-06 14:59 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys 2008-02-06 14:59 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys 2008-02-06 14:59 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-01-23 22:58 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-01-23 20:08 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2008-01-23 20:08 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-01-23 20:08 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-01-21 09:27 376,832 ----a-w C:\WINDOWS\system32\AegisI5Installer.exe 2008-01-02 16:09 --------- d-----w C:\Program Files\IKEA HomePlanner 2007-12-12 18:31 --------- d-----w C:\Program Files\Hewlett-Packard 2007-11-30 22:14 413,696 ----a-w C:\WINDOWS\system32\wrap_oal.dll 2007-11-30 22:14 110,592 ----a-w C:\WINDOWS\system32\OpenAL32.dll 2007-11-29 15:55 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll 2007-09-07 22:39 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT 2007-09-07 22:14 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT 2007-06-26 01:14 87,608 ----a-w C:\Documents and Settings\Vinz\Application Data\ezpinst.exe 2007-06-26 01:14 47,360 ----a-w C:\Documents and Settings\Vinz\Application Data\pcouffin.sys 2007-03-05 17:49 357,376 ----a-w C:\Program Files\heures.xls 2004-08-05 13:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll 2004-08-05 13:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll 2004-08-05 13:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll 2004-08-05 13:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll 2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll 2004-08-05 13:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll 2004-08-05 13:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll 2004-08-05 13:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll 2004-08-05 13:00 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll 2007-05-17 12:29 549,376 --sha-w C:\WINDOWS\system32\oleaut32.dll . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\auau ---- 2008-01-30 21:31 761418 --a------ C:\auau\Output\Bronzes.flv 2008-01-30 21:31 649434 --a------ C:\auau\Output\Bronzes_1.flv ---- Directory of C:\FOUND.012 ---- 2008-02-06 11:41 32768 --------- C:\FOUND.012\FILE0000.CHK ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {381FFDE8-2394-4F90-B10D-FC6124A40F8C} [HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}] [HKEY_CLASSES_ROOT\BitDefender Toolbar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2006-07-07 17:45 1052672] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2005-11-10 04:47 102400] "ABLKSR"="C:\WINDOWS\ABLKSR\ABLKSR.exe" [2006-01-02 19:14 61440] "DSLAGENTEXE"="dslagent.exe" [2002-01-02 00:00 16384 C:\WINDOWS\system32\dslagent.exe] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-12-03 18:15 319488] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-01 22:59 185632] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 14:18 995328] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 14:13 1101824] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720] C:\Documents and Settings\Vinz\Menu D‚marrer\Programmes\D‚marrage\ Stardock ObjectDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe [2005-02-21 14:56:00 2758392] Y'z ToolBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe [2002-09-29 14:41:00 90112] Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696] R0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys [2008-02-06 00:01] R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 13:46] R1 bdftdif;bdftdif;C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys [2007-11-28 10:52] R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-09-19 00:14] R2 ADSLAutoconnect;ADSLAutoconnect;"C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" [2007-02-12 01:23] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-12-03 18:15] R3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2007-08-02 17:03] R3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-02-06 01:09] R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-05 14:00] R3 SynMini;USB2.0 1.3M Web Cam;C:\WINDOWS\system32\Drivers\SynMini.sys [2005-10-03 10:26] R3 SynScan;USB2.0 1.3M Web Cam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2005-10-03 10:26] S2 gafwload;GlobeSpan USB ADSL Loader;C:\WINDOWS\system32\DRIVERS\gafwload.sys [2002-01-02 00:00] S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe" [2007-02-28 19:38] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71f8a5c0-2b49-11dc-8e61-00ff00300101}] \Shell\AutoRun\command - G:\Setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eccac524-6e9c-11dc-8edc-00130225d352}] \Shell\AutoRun\command - F:\Setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eccac525-6e9c-11dc-8edc-00130225d352}] \Shell\AutoRun\command - G:\Setup.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{13381337-14E3-6268-0007-010504053257}] C:\WINDOWS\system32\ferra.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-02-07 21:50:56 C:\WINDOWS\Tasks\XoftSpySE 2.job" - C:\Program Files\XoftSpySE\XoftSpy.exe "2008-02-04 18:06:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-08 01:28:07 Windows 5.1.2600 Service Pack 2 FAT NTAPI Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr] "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\ . --------------------- DLLs a chargé sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156] -> C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll . Temps d'accomplissement: 2008-02-08 1:29:13 ComboFix-quarantined-files.txt 2008-02-08 00:29:08 ComboFix2.txt 2008-02-06 16:29:38 . 2008-02-01 02:02:08 --- E O F --- et pour celui de Virustotal : Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.2.6.10 2008.02.05 - AntiVir 7.6.0.62 2008.02.07 - Authentium 4.93.8 2008.02.08 - Avast 4.7.1098.0 2008.02.07 - AVG 7.5.0.516 2008.02.07 - BitDefender 7.2 2008.02.08 - CAT-QuickHeal 9.00 2008.02.04 - ClamAV 0.92 2008.02.07 - DrWeb 4.44.0.09170 2008.02.07 - eSafe 7.0.15.0 2008.01.28 - eTrust-Vet 31.3.5520 2008.02.07 - Ewido 4.0 2008.02.07 - FileAdvisor 1 2008.02.08 - Fortinet 3.14.0.0 2008.02.07 - F-Prot 4.4.2.54 2008.02.07 - F-Secure 6.70.13260.0 2008.02.07 - Ikarus T3.1.1.20 2008.02.07 - Kaspersky 7.0.0.125 2008.02.08 - McAfee 5225 2008.02.07 - Microsoft 1.3204 2008.02.07 - NOD32v2 2857 2008.02.07 - Norman 5.80.02 2008.02.07 - Panda 9.0.0.4 2008.02.07 - Prevx1 V2 2008.02.08 - Rising 20.29.22.00 2008.01.30 - Sophos 4.26.0 2008.02.07 - Sunbelt 2.2.907.0 2008.02.07 - Symantec 10 2008.02.08 - TheHacker 6.2.9.212 2008.02.07 - VBA32 3.12.6.0 2008.02.07 - VirusBuster 4.3.26:9 2008.02.07 - Webwasher-Gateway 6.6.2 2008.02.07 - Information additionnelle File size: 9 bytes MD5: 05012ec9bd79f900d3cc153ab59c1548 SHA1: e4b86c2cb258a7a6760930579065a28cac5da50c PEiD: -
  7. bono80

    help !

    bono80 a répondu à un(e) sujet de bono80 dans Analyses et éradication malwares

    Alors pour ce qui est de connecter les clefs usb et disques durs amovibles je ne l'ai pas branché sachant que je n'en utilise pas, en tout cas pas dans les derniers mois... Sinon j'ai voulu telecharger le CFScript mais au moment de le telecharger on me demande un nom d'utilisateur et un mot de passe... Je n'ai donc pas continuer mon grand netoyage...
  8. bono80

    help !

    bono80 a répondu à un(e) sujet de bono80 dans Analyses et éradication malwares

    Alors voilà le rapport de Kasperspy : ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, February 07, 2008 11:07:34 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 6/02/2008 Kaspersky Anti-Virus database records: 552584 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ Scan Statistics: Total number of scanned objects: 137633 Number of viruses found: 3 Number of infected objects: 10 Number of suspicious objects: 0 Duration of the scan process: 01:39:33 Infected Object Name / Virus Name / Last Action C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped C:\WINDOWS\system32\config\SYSTEM Object is locked skipped C:\WINDOWS\system32\config\DEFAULT Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\WINDOWS\Temp\tmp000063f8\tmp00000000 Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Vinz\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Vinz\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Temp\fla11E.tmp Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Temp\~DF3C32.tmp Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Temp\~DF3FF4.tmp Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Temp\fb_2772.lck Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Historique\History.IE5\MSHist012008020720080208\index.dat Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Application Data\Microsoft\Windows Live Contacts\[email protected]\real\members.stg Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped C:\Documents and Settings\Vinz\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped C:\Documents and Settings\Vinz\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Vinz\Application Data\Bitdefender\Desktop\Profiles\asdict.dat Object is locked skipped C:\Program Files\Dekla\DEKLA.DDK Object is locked skipped C:\Program Files\BitDefender\BitDefender 2008\as2core\antispam_sig_9031\aspdict.dat Object is locked skipped C:\Program Files\BitDefender\BitDefender 2008\dbokf.db Object is locked skipped C:\Program Files\BitDefender\BitDefender 2008\dbokf.db-journal Object is locked skipped C:\Program Files\Visicom Media\FTP Expert 3\vmntoolbar\vmntoolbarsetup1.7_en.exe/data0159 Infected: not-a-virus:AdWare.Win32.MegaSearch.n skipped C:\Program Files\Visicom Media\FTP Expert 3\vmntoolbar\vmntoolbarsetup1.7_en.exe NSIS: infected - 1 skipped C:\Program Files\Nero\Nero8\Nero BackItUp\BIU1.txt Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP460\A0179741.dll Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP460\A0179743.dll Infected: Trojan-Downloader.Win32.Small.hsl skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP460\A0179744.dll Infected: Trojan-Downloader.Win32.Small.hsl skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP460\A0179745.DLL Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP460\A0179789.exe Infected: not-a-virus:AdTool.Win32.WhenU.s skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP460\A0179817.dll Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP460\A0179822.dll Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP460\A0179823.dll Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP462\A0181012.DLL Infected: Trojan-Downloader.Win32.Small.hsl skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP462\A0181014.dll Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP462\A0181015.dll Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP462\A0181019.dll Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP462\change.log Object is locked skipped C:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP462\A0181039.dll Object is locked skipped C:\VundoFix Backups\byxvttq.dll.bad Infected: Trojan-Downloader.Win32.Small.hsl skipped C:\VundoFix Backups\hxtunvgq.dll.bad Object is locked skipped C:\VundoFix Backups\rqrqqnn.dll.bad Infected: Trojan-Downloader.Win32.Small.hsl skipped C:\VundoFix Backups\votdhvvb.dll.bad Object is locked skipped C:\VundoFix Backups\vtutsrq.dll.bad Infected: Trojan-Downloader.Win32.Small.hsl skipped C:\QooBox\Quarantine\C\WINDOWS\system32\byxvttq.dll.vir Infected: Trojan-Downloader.Win32.Small.hsl skipped C:\QooBox\Quarantine\C\WINDOWS\system32\jvrtynbu.dll.vir Object is locked skipped C:\QooBox\Quarantine\C\WINDOWS\system32\qrvfuohi.dll.vir Object is locked skipped C:\QooBox\Quarantine\C\WINDOWS\system32\xgwsmwnm.dll.vir Object is locked skipped D:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP460\A0179629.exe Object is locked skipped D:\System Volume Information\_restore{C1B18F70-15D3-4319-B350-45676FA5F54A}\RP462\change.log Object is locked skipped Scan process completed.
  9. bono80

    help !

    bono80 a répondu à un(e) sujet de bono80 dans Analyses et éradication malwares

    Salut Charles Hingals, Merci pour tes conseils, voici donce le raport de Combofix : ComboFix 08-02.05.3 - Vinz 2008-02-06 17:16:44.1 - FAT32x86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1233 [GMT 1:00] Endroit: C:\Documents and Settings\Vinz\Bureau\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat C:\Documents and Settings\Vinz\Mes documents\PPPATC~1 C:\Program Files\asembl~1 C:\Program Files\asembl~1\a?sembly\ C:\Program Files\Fichiers communs\{38C34~1 C:\Program Files\Fichiers communs\{E8C34~1 C:\WINDOWS\system32\byxvttq.dll C:\WINDOWS\system32\cgapscxi.dll C:\WINDOWS\system32\fhkmp.ini C:\WINDOWS\system32\fhkmp.ini2 C:\WINDOWS\system32\ixdpgxqp.ini C:\WINDOWS\system32\jvrtynbu.dll C:\WINDOWS\system32\lsprst7.dll C:\WINDOWS\system32\mnwmswgx.ini C:\WINDOWS\system32\oddnhixp.ini C:\WINDOWS\system32\phsdtqlv.ini C:\WINDOWS\system32\qrvfuohi.dll C:\WINDOWS\system32\rqstv.ini C:\WINDOWS\system32\rqstv.ini2 C:\WINDOWS\system32\ssprs.dll C:\WINDOWS\system32\stutv.ini C:\WINDOWS\system32\stutv.ini2 C:\WINDOWS\system32\tnvyimag.ini C:\WINDOWS\system32\vrhmjgtw.dll C:\WINDOWS\system32\vtsqr.dll C:\WINDOWS\system32\waomkpsr.dll C:\WINDOWS\system32\xgwsmwnm.dll ----- BITS: Possible sites infect‚s ----- hxxp://www.download.windowsupdate.com . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_M_HOOK ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-06 to 2008-02-06 )))))))))))))))))))))))))))))))))))) . 2008-02-06 11:41 . 2008-02-06 11:41 <REP> d--hs---- C:\FOUND.012 2008-02-06 04:16 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-02-06 04:16 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-02-06 04:16 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-02-06 04:16 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-02-06 04:16 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-02-06 04:16 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-02-06 04:16 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-02-06 03:43 . 2008-02-06 13:33 388 --a------ C:\WINDOWS\wininit.ini 2008-02-06 03:21 . 2008-02-06 03:21 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-02-06 03:21 . 2008-02-06 03:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-06 00:01 . 2008-02-06 00:01 <REP> d-------- C:\Documents and Settings\Vinz\Application Data\PrevxCSI 2008-02-06 00:01 . 2008-02-06 00:01 11,008 --a------ C:\WINDOWS\system32\drivers\pxark.sys 2008-02-01 03:02 . 2008-02-01 03:02 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-01-31 13:51 . 2008-01-31 13:51 173 --a------ C:\WINDOWS\system32\test.aok 2008-01-31 13:51 . 2008-01-31 13:51 172 --a------ C:\WINDOWS\system32\temp_0000_85-21.aok 2008-01-31 13:28 . 2008-01-31 14:30 35,334 --a------ C:\WINDOWS\system32\tmp.avi 2008-01-31 13:24 . 2008-01-31 13:24 <REP> d-------- C:\Program Files\Ultra Flash Video FLV Converter 2008-01-31 13:24 . 2002-10-05 07:04 921,600 --a------ C:\WINDOWS\system32\vorbisenc.dll 2008-01-31 13:24 . 2004-01-11 08:02 258,048 --a------ C:\WINDOWS\system32\GplMpgDec.ax 2008-01-31 13:24 . 2006-10-24 14:16 242,176 --a------ C:\WINDOWS\system32\fixflash.exe 2008-01-31 13:24 . 2002-10-07 02:42 237,568 --a------ C:\WINDOWS\system32\OggDS.dll 2008-01-31 13:24 . 2002-10-05 07:04 188,416 --a------ C:\WINDOWS\system32\vorbis.dll 2008-01-31 13:24 . 2007-04-12 14:19 129,024 --a------ C:\WINDOWS\system32\AVERM.dll 2008-01-31 13:24 . 2002-10-05 07:04 45,056 --a------ C:\WINDOWS\system32\ogg.dll 2008-01-31 13:24 . 2006-09-26 13:57 28,672 --a------ C:\WINDOWS\system32\AVEQT.dll 2008-01-31 10:37 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-01-31 10:37 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-01-31 10:37 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-01-30 21:40 . 2008-01-30 21:40 <REP> d-------- C:\Program Files\Ultra Video To Flash Converter 2008-01-30 21:40 . 2004-02-22 16:11 719,872 --a------ C:\WINDOWS\system32\devil.dll 2008-01-30 21:40 . 2006-12-31 10:16 313,344 --a------ C:\WINDOWS\system32\avisynth.dll 2008-01-30 21:31 . 2008-01-30 21:31 <REP> d-------- C:\auau 2008-01-30 21:30 . 2008-01-30 21:30 <REP> d-------- C:\Program Files\AUAU AVI MP4 to Flash Converter 2008-01-30 21:30 . 2008-01-30 21:30 34 --ah----- C:\WINDOWS\system32\VideoConverter_sysquict.dat 2008-01-30 21:11 . 2008-01-30 21:11 <REP> d-------- C:\Program Files\FlashConv 2008-01-30 21:11 . 2005-06-07 15:11 60,416 --a------ C:\WINDOWS\system32\dsetup.dll 2008-01-30 16:41 . 2008-01-30 16:41 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-01-30 16:33 . 2008-01-30 16:33 <REP> d-------- C:\Program Files\Windows Live 2008-01-30 16:33 . 2008-01-30 16:33 <REP> d--hs---- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-01-30 16:33 . 2008-01-30 16:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-01-23 23:19 . 2008-02-02 15:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-01-23 23:19 . 2008-01-23 23:19 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-23 21:08 . 2008-01-23 21:08 22,328 --a------ C:\Documents and Settings\Vinz\Application Data\PnkBstrK.sys 2008-01-23 21:07 . 2008-01-23 21:08 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe 2008-01-22 00:20 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2008-01-22 00:20 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll 2008-01-22 00:20 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll 2008-01-21 19:05 . 2008-01-21 19:06 <REP> d-------- C:\Program Files\Fichiers communs\NSV 2008-01-21 10:27 . 2008-01-21 10:28 <REP> d-------- C:\Documents and Settings\Vinz\Application Data\Intel 2008-01-21 10:27 . 2008-01-21 10:28 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\Intel 2008-01-21 10:27 . 2008-01-21 10:28 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Intel 2008-01-21 10:27 . 2008-01-21 10:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Intel 2008-01-21 10:27 . 2008-01-21 10:27 21,361 --a------ C:\WINDOWS\system32\drivers\AegisP.sys 2008-01-21 10:27 . 2008-01-21 10:27 21,361 --a------ C:\WINDOWS\AegisP.sys 2008-01-21 10:27 . 2008-01-21 10:27 13,984 --a------ C:\WINDOWS\AegisP.inf 2008-01-21 10:27 . 2008-01-21 10:27 10,640 --a------ C:\WINDOWS\AegisP.cat 2008-01-21 10:26 . 2007-08-27 11:12 2,777,088 --a------ C:\WINDOWS\system32\NETw4r32.dll 2008-01-21 10:26 . 2007-09-26 06:01 2,236,032 --a------ C:\WINDOWS\system32\drivers\NETw4x32.sys 2008-01-21 10:26 . 2007-08-27 11:12 745,472 --a------ C:\WINDOWS\system32\NETw4c32.dll 2008-01-18 12:03 . 2008-01-18 12:03 244 --ah----- C:\sqmnoopt10.sqm 2008-01-18 12:03 . 2008-01-18 12:03 232 --ah----- C:\sqmdata10.sqm . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-06 16:24 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2008-02-06 14:59 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys 2008-02-06 14:59 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys 2008-02-06 14:59 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-01-23 22:58 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-01-23 20:08 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe 2008-01-23 20:08 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-01-23 20:08 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-01-21 09:27 376,832 ----a-w C:\WINDOWS\system32\AegisI5Installer.exe 2008-01-02 16:09 --------- d-----w C:\Program Files\IKEA HomePlanner 2007-12-12 18:31 --------- d-----w C:\Program Files\Hewlett-Packard 2007-11-30 22:14 413,696 ----a-w C:\WINDOWS\system32\wrap_oal.dll 2007-11-30 22:14 110,592 ----a-w C:\WINDOWS\system32\OpenAL32.dll 2007-11-29 15:55 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll 2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll 2007-09-07 22:39 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT 2007-09-07 22:14 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLds.DAT 2007-06-26 01:14 87,608 ----a-w C:\Documents and Settings\Vinz\Application Data\ezpinst.exe 2007-06-26 01:14 47,360 ----a-w C:\Documents and Settings\Vinz\Application Data\pcouffin.sys 2007-03-05 17:49 357,376 ----a-w C:\Program Files\heures.xls 2004-08-05 13:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll 2004-08-05 13:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll 2004-08-05 13:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll 2004-08-05 13:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll 2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll 2004-08-05 13:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll 2004-08-05 13:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll 2004-08-05 13:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll 2004-08-05 13:00 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll 2007-05-17 12:29 549,376 --sha-w C:\WINDOWS\system32\oleaut32.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{91F8D579-A4A3-4FDE-9BC3-6C7D79034853}] C:\WINDOWS\system32\vtuts.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {381FFDE8-2394-4F90-B10D-FC6124A40F8C} [HKEY_CLASSES_ROOT\clsid\{381ffde8-2394-4f90-b10d-fc6124a40f8c}] [HKEY_CLASSES_ROOT\BitDefender Toolbar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2006-07-07 17:45 1052672] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2005-11-10 04:47 102400] "ABLKSR"="C:\WINDOWS\ABLKSR\ABLKSR.exe" [2006-01-02 19:14 61440] "DSLAGENTEXE"="dslagent.exe" [2002-01-02 00:00 16384 C:\WINDOWS\system32\dslagent.exe] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-12-03 18:15 319488] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-01 22:59 185632] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 14:18 995328] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 14:13 1101824] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720] R0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys [2008-02-06 00:01] R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys [2006-07-05 13:46] R1 bdftdif;bdftdif;C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys [2007-11-28 10:52] R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-09-19 00:14] R2 ADSLAutoconnect;ADSLAutoconnect;"C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" [2007-02-12 01:23] R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2007-12-03 18:15] R3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2007-08-02 17:03] R3 BDSelfPr;BDSelfPr;C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys [2008-02-06 01:09] R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe [2004-08-05 14:00] R3 SynMini;USB2.0 1.3M Web Cam;C:\WINDOWS\system32\Drivers\SynMini.sys [2005-10-03 10:26] R3 SynScan;USB2.0 1.3M Web Cam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2005-10-03 10:26] S2 gafwload;GlobeSpan USB ADSL Loader;C:\WINDOWS\system32\DRIVERS\gafwload.sys [2002-01-02 00:00] S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe" [2007-02-28 19:38] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4df67544-2d79-11dc-8e62-8002e3b36ac8}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71f8a5c0-2b49-11dc-8e61-00ff00300101}] \Shell\AutoRun\command - G:\Setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eccac524-6e9c-11dc-8edc-00130225d352}] \Shell\AutoRun\command - F:\Setup.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eccac525-6e9c-11dc-8edc-00130225d352}] \Shell\AutoRun\command - G:\Setup.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{13381337-14E3-6268-0007-010504053257}] C:\WINDOWS\system32\ferra.exe . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2008-02-06 16:25:34 C:\WINDOWS\Tasks\XoftSpySE 2.job" - C:\Program Files\XoftSpySE\XoftSpy.exe "2008-02-04 18:06:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-06 17:26:21 Windows 5.1.2600 Service Pack 2 FAT NTAPI Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr] "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\ . --------------------- DLLs a charg‚ sous des processus courants --------------------- PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156] -> C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\DockShellHook.dll . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe . ************************************************************************** . Temps d'accomplissement: 2008-02-06 17:29:37 - machine was rebooted ComboFix-quarantined-files.txt 2008-02-06 16:29:32 . 2008-02-01 02:02:08 --- E O F ---
  10. bono80
    Bonjour à tous ! J'essaie de me debrouiller comme un grand depuis 2 h mais là je sais vraiment plus quoi faire... Voilà mon rapport. Merci d'avance ! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 02:09:34, on 06/02/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\system32\dslagent.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\DAP\DAP.EXE C:\Program Files\BitDefender\BitDefender 2008\seccenter.exe C:\WINDOWS\system32\DllHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Vinz\Bureau\HijackThis.exe C:\Documents and Settings\Vinz\Bureau\VundoFix.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [e8c34cf4] rundll32.exe "C:\WINDOWS\system32\pqxgpdxi.dll",b O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - http://www.wistiti.fr/ImageUploader4.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://config.zebulon.fr/plugins/hardwaredetection.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - http://javadl-esd.sun.com/update/1.4.2/jin...indows-i586.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} - http://www.photoways.com/clients/uploader_v2.2.0.6.cab O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} (Canal+ Active MSWAY) - https://www.canalplay.com/cabs/msway44.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Avast 4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Avast 4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Avast 4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Avast 4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 11562 bytes
  11. bono80
    Merci BruceLee, Voici donc le rapport de Vundofix : VundoFix V6.3.23 Checking Java version... Sun Java not detected Scan started at 17:01:20 15/05/2007 Listing files found while scanning.... No infected files were found. Beginning removal... et celui de Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 17:07:13, on 15/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Asus\Asus ChkMail\ChkMail.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\DAP\DAP.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Vinz\Bureau\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL O2 - BHO: ECarteBleueBrowserHelper Class - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [{E8C34C5B-0729-1036-0103-061206050021}] "C:\Program Files\Fichiers communs\{E8C34C5B-0729-1036-0103-061206050021}\Update.exe" te-110-12-0000073 O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\AVAST4~1\ashDisp.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: *.canalplay.com O15 - Trusted Zone: *.canalplusactive.com O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} (Canal+ Active MSWAY) - https://www.canalplay.com/cabs/msway44.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z (file missing) O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000073 (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  12. bono80
    Bonjour à tous, voilà mon ordi me fait des trucs bizarres depuis quelques jours, Bitdefender ne se lance plus, avast non plus, et impossible de les reparer ou de les reinstaller corretement. Bref je vous envoie le rapport Hijack, peut etre pourrez vous m'aider. Merci beaucoup d'avance. Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 16:32:15, on 15/05/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe C:\WINDOWS\ATK0100\HControl.exe C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Softwin\BitDefender10\bdagent.exe C:\Program Files\SuperCopier2\SuperCopier2.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Asus\Asus ChkMail\ChkMail.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\DAP\DAP.EXE C:\Documents and Settings\Vinz\Bureau\HiJackThis_v2.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Download Manager Browser Helper Object - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\PROGRA~1\FICHIE~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL O2 - BHO: ECarteBleueBrowserHelper Class - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [{E8C34C5B-0729-1036-0103-061206050021}] "C:\Program Files\Fichiers communs\{E8C34C5B-0729-1036-0103-061206050021}\Update.exe" te-110-12-0000073 O4 - HKLM\..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe" O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\AVAST4~1\ashDisp.exe O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Policies\Explorer\Run: [{E8C34C5B-0729-1036-0103-061206050021}] "C:\Program Files\Fichiers communs\{E8C34C5B-0729-1036-0103-061206050021}\Update.exe" te-110-12-0000073 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\Asus\Asus ChkMail\ChkMail.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com O15 - Trusted Zone: *.canalplay.com O15 - Trusted Zone: *.canalplusactive.com O15 - Trusted Zone: *.canalplay.com (HKLM) O15 - Trusted Zone: *.canalplusactive.com (HKLM) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/... O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.0.cab O16 - DPF: {E1AF091A-9F23-4059-89D7-C05EE073285D} (Canal+ Active MSWAY) - https://www.canalplay.com/cabs/msway44.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9E98F3F2-B7A7-4951-8901-42A63BCC8040}: NameServer = 80.10.246.1 80.10.246.132 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\system32\svchosts.exe (file missing) O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe (file missing) O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing) O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe
  13. bono80
    Bonjour à tous ! Je voulais tout simplement savoir s'il était possible dans Media Player Classic de modifier le "jump forward" qui permet de faire un saut en avant dans la video. En effet dans les Options/Raccourcis Clavier il en est proposé 3 : le small, le medium et le large. Mais ce dernier ne fait qu'un saut de 20sec... J'aimerais, comme dans vlc, pouvoire faire des sauts d' 1 mn et 5mn... Sinon deuxième question comment fair pour qu'une fois la video finie, Media Player Classic revienne en "normal" (comme lorsqu'on le lance). Parce que là, quand j'appuie sur stop, la fenetre reste à la meme taille avec le fichier prêt a demarrer et je dois faire Fichier/Fermer pour obtenir l'effet voulu. Merci d'avance !
  14. bono80
    Merci Phengizy !!!!!!!!!!!!!!!!!!!! C'est marrant parce que je connaissais le terme de Restauration Systeme depuis belle lurette sans jamais m'en etre servi. Je trouvais ce terme un peu flippant ! Bon et finalement ca agit aussi simplement que son intitulé et c'est fait en 2 sec : j'ai retrouvé la fameuse police par defaut de windows... Merci encore a toi pour ta rapidité ! A plus !
  15. bono80
    merci pour la reponse ! on fait comment la restauration systeme ... Merci !
×
×
  • Créer...