Aller au contenu

Dark Sauron

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    39

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Dark Sauron

  1. Dark Sauron
    Bonjour regis56 ! J'ai remis le lien de ma première réponse, il devrait mrcher maintenant. Le problème, c'est que je ne peux pas démarrer windows en Mode Normal, sinon une fenètre disant que services.exe a rencontré un problème et doit s'arrêter s'ouvre et l'ordi plante. Je vais tenter de faire ce que tu me dit mais je ne pourrait donc pas mettre à jour AVG (je vais transferer le setup par clé USB de mon PC portable au PC infecté...).
  2. Dark Sauron
    Ca y est c'est fait ici. Mais j'ai remarqué qu'à chaque fois que je veux mettre à jour windows, le fameux écran bleu qui dit : un problème est survenu et windows a été arrêté... arrive avec comme informations techniques : *** STOP : 0x0000008E (0xC0000005, 0x5889BC7C, 0cB70B09F4, 0x00000000)
  3. Dark Sauron
    Salut à tous ! Je viens de ce topic : http://forum.zebulon.fr/index.php?showtopic=111019. Là je bugge à mort pour poster (je dois cliquer 50 fois sur un lien pour qu'il s'affiche...). Je poste mon rapport Antivir et mon rapport Hijack. Merci à tous ceux qui m'aideront ! Antivir : AntiVir PersonalEdition Classic Report file date: mercredi 13 décembre 2006 22:22 Scanning for 495093 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Propriétaire Computer name: MSHOME Version information: AVSCAN.EXE : 7.0.0.47 196648 21/08/2006 11:06:49 AVSCAN.DLL : 7.0.0.45 41000 07/09/2006 11:51:50 LUKE.DLL : 7.0.0.47 110632 07/09/2006 11:32:29 LUKERES.DLL : 7.0.0.47 9256 07/09/2006 11:51:50 ANTIVIR0.VDF : 6.35.0.1 7371264 31/05/2006 11:35:11 ANTIVIR1.VDF : 6.36.0.9 1424384 06/09/2006 08:12:24 ANTIVIR2.VDF : 6.36.0.10 2048 06/09/2006 08:12:26 ANTIVIR3.VDF : 6.36.0.11 2048 06/09/2006 08:12:28 AVEWIN32.DLL : 7.2.0.14 1827328 04/09/2006 15:23:26 AVPREF.DLL : 7.0.0.2 17960 24/07/2006 13:35:36 AVREP.DLL : 6.36.0.3 544808 06/09/2006 09:04:18 AVRPBASE.DLL : 7.0.0.0 1544232 30/03/2006 09:42:44 AVPACK32.DLL : 7.2.0.0 360488 21/07/2006 07:00:28 AVREG.DLL : 6.31.0.90 25128 28/07/2005 11:06:11 NETNT.DLL : 6.32.0.0 6696 27/09/2005 08:56:45 NETNW.DLL : 7.0.0.0 9768 24/07/2006 13:35:38 RCIMAGE.DLL : 7.0.0.74 1642536 01/08/2006 12:22:50 RCTEXT.DLL : 7.0.0.107 77864 07/09/2006 11:51:49 Configuration settings for the scan: Jobname.......................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: A,C,D,E,F,G Scan memory...................: 1 Process scan..................: 1 Scan all files................: 1 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Skipped archive types.........: 1000,1001,1002,1003,1004,1005, Macro heuristic...............: 1 File heuristic................: 2 Primary action................: 4096 Secondary action..............: 0 Start of the scan: mercredi 13 décembre 2006 22:22 The scan of running processes will be started 5 Processes were scanned Start scanning boot sectors: Boot sector 'A:\' [NOTE] In the drive 'A:\' no data medium is inserted! Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 24 files ). Starting the file scan: The path A:\ could not be found! Le périphérique n'est pas prêt. C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0YEXP2XA\dldr2[1] [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as '77f2d397.qua' ( QUARANTINE ) C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0YEXP2XA\dldr5[1] [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as '7af2d398.qua' ( QUARANTINE ) C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\TF7EOS29\dldr3[1] [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as '78f2d398.qua' ( QUARANTINE ) C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\TF7EOS29\dldr4[1] [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as '79f2d399.qua' ( QUARANTINE ) C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\TF7EOS29\v030065[1].exe [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as '75b0a25d.qua' ( QUARANTINE ) C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\hp\bin\KillWind.exe [DETECTION] Contains signature of the SPR/KillApp.A program [iNFO] A backup was created as '9cecdbae.qua' ( QUARANTINE ) C:\hp\bin\Terminator.exe [DETECTION] Contains signature of the SPR/KillApp.A program [iNFO] A backup was created as 'aeede1bd.qua' ( QUARANTINE ) C:\VundoFix Backups\awtsq.dll.bad [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'b6f3e9bd.qua' ( QUARANTINE ) C:\WINDOWS\system32\awttrom.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'b7f4ef45.qua' ( QUARANTINE ) C:\WINDOWS\system32\ddccy.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'bee3de3d.qua' ( QUARANTINE ) C:\WINDOWS\system32\geeba.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'a6e2e04b.qua' ( QUARANTINE ) C:\WINDOWS\system32\geede.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'aae4e04b.qua' ( QUARANTINE ) C:\WINDOWS\system32\hgggeee.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'aae7e24f.qua' ( QUARANTINE ) C:\WINDOWS\system32\jkhfg.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'ace6e35e.qua' ( QUARANTINE ) C:\WINDOWS\system32\mljgdab.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'a9e7e567.qua' ( QUARANTINE ) C:\WINDOWS\system32\mljjjji.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'afeae567.qua' ( QUARANTINE ) C:\WINDOWS\system32\mljjkig.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'b0eae567.qua' ( QUARANTINE ) C:\WINDOWS\system32\mllmk.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'b0ede768.qua' ( QUARANTINE ) C:\WINDOWS\system32\pmnlmno.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'b2ece983.qua' ( QUARANTINE ) C:\WINDOWS\system32\pmnmjgd.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'afede983.qua' ( QUARANTINE ) C:\WINDOWS\system32\rqroppn.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'b5efed8d.qua' ( QUARANTINE ) C:\WINDOWS\system32\svcheb.exe [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'aae8de9c.qua' ( QUARANTINE ) C:\WINDOWS\system32\tmp_ym4.exe [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'bedfeb96.qua' ( QUARANTINE ) C:\WINDOWS\system32\uvnafkov.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'abe1e9a2.qua' ( QUARANTINE ) C:\WINDOWS\system32\vrylfjle.dll [DETECTION] Is the Trojan horse TR/Vundo.Gen [iNFO] A backup was created as 'abecf4a1.qua' ( QUARANTINE ) C:\WINDOWS\system32\vtutr.dll [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as 'b7f4f0a4.qua' ( QUARANTINE ) C:\WINDOWS\system32\CatRoot2\edb.log [WARNING] The file could not be opened! C:\WINDOWS\system32\CatRoot2\tmp.edb [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IN0A0DCE\mc[1].jpg [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] A backup was created as 'a2b1d6ad.qua' ( QUARANTINE ) C:\WINDOWS\Temp\dl2213671.exe [DETECTION] Contains suspicious code HEUR/Crypted [iNFO] A backup was created as '76b2ae0a.qua' ( QUARANTINE ) C:\WINDOWS\Temp\dldr2.exe [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as '77f2e00a.qua' ( QUARANTINE ) C:\WINDOWS\Temp\_avast4_\unp39271447.tmp [DETECTION] Contains suspicious code HEUR/Malware [iNFO] A backup was created as '7eb3ec0d.qua' ( QUARANTINE ) The path E:\ could not be found! Le périphérique n'est pas prêt. The path F:\ could not be found! Le périphérique n'est pas prêt. The path G:\ could not be found! Le chemin d'accès spécifié est introuvable. End of the scan: mercredi 13 décembre 2006 23:32 Used time: 1:10:27 min The scan has been done completely. 3846 Scanning directories 296544 Files were scanned 30 viruses and/or unwanted programs were found 0 files were deleted 0 files were repaired 30 files were moved to quarantine 0 files were renamed 18259 Archives were scanned 21 Warnings 0 Notes Hijack : Logfile of HijackThis v1.99.1 Scan saved at 06:14:35, on 14/12/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe C:\WINDOWS\ALCXMNTR.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\weRecv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Propriétaire\Bureau\Scanner.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr9.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr9.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr9.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr9.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Helper Class - {00D13CE9-1879-41bd-B8A3-EA3CB1BD01BC} - C:\WINDOWS\System32\helper.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {1707EF36-DBCB-4B00-9A28-C2491DEF70F8} - C:\WINDOWS\System32\awtsq.dll (file missing) O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: (no name) - {35F7813A-AF74-4474-B1DC-7EE6FB6C43C6} - C:\WINDOWS\System32\uvnafkov.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\hgggeee.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [storageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [user Input Services] C:\WINDOWS\System32\ctfmon32.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{118E2270-8D58-413F-B146-79504B0EC152}: NameServer = 86.64.145.140 84.103.237.140 O17 - HKLM\System\CS1\Services\Tcpip\..\{118E2270-8D58-413F-B146-79504B0EC152}: NameServer = 86.64.145.140 84.103.237.140 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: hgggeee - C:\WINDOWS\SYSTEM32\hgggeee.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: szr_dll - C:\WINDOWS\szr_dll.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: Netmeeting For Windows (Netmeeting For Microsoft Windows) - Unknown owner - C:\WINDOWS\weRecv.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\WINDOWS\SYSTEM32\VundoFixSVC.exe
  4. Dark Sauron
    Salut à tous ! Je viens de formater mon PC de bureau (après 3 ans il était temps^^) ! Je réinstalles les trucs importants... Et j'en arrive à réinstaller le SP2. Après redémarrage, le PC plante (écran bleu etc...). Je démarre une nouvelle fois l'ordi et là, au milieu du démarrage, une fenêtre s'ouvre me disant que services.exe à rencontré un problème et doit fermer...et là l'ordi freeze. Depuis cette fenêtre reviens à chaque démarrage et soit l'ordi freeze juste après, soit il reste normal mais je ne peut plus rien lancer sauf l'explorateur windows... Merci d'avance à ceux qui prêterons attention à mon problème^^ Dark Sauron
  5. Dark Sauron
    Personne pour m'aider ? PS: désolé pour le double post
  6. Dark Sauron
    Bon pour répondre à tes questions : je n'ai pas accès actuellement à un autre ordinateur donc je ne peux pas vérifier s'il marche sur un autre, je ne peux pas installer les pilotes puisuqe je ne les ai pas, qu'ils ne sont disponibles sur aucun site (en plus il est censé marcher sur XP sans pilotes), et enfin non je n'ai pas installé de nouveaux périphériques USB dernièrement.
  7. Dark Sauron
    Depuis quelques jours, je ne peut plus accéder à mon mp3 depuis mon PC : quand je le branche, une fenêtre s'ouvre me demandant d'installer le pilote...mais ça, ça me l'a toujours fait et je pouvais quand même accéder à mon mp3 depuis le poste de travail. Après une recherche sur le forum j'ai tenté d'appliquer la procédure décrite dans ce topic , car les problèmes qui y était décrit me semblait assez semblables aux miens, mais j'ai dus finalement restaurer mon système car mes ports de bus USB ne voulaient plus s'installer :/. Pourriez vous m'aider pour que je puisse enfin remettre des nouvelles musiques sur mon mp3^^' ?
  8. Dark Sauron
    Non c'était juste pour être sûr (je débute dans l'analyse de logs hijack) et merci!
  9. Dark Sauron
    Bonjour , est ce que quelqu'un pourrait analyser ce rapport hijack svp . Merci d'avance! Logfile of HijackThis v1.99.1 Scan saved at 21:52:31, on 29/11/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\MMC.EXE C:\WINDOWS\system32\DfrgNtfs.exe C:\Documents and Settings\Dark\Mes documents\Mes téléchargements\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe et encore merci !
  10. Dark Sauron
    voilà c'est fait et encore un nouveau rapport: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Dark\Mes documents\Mes téléchargements\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{7D309BE3-7D65-4BDB-91C6-3F7C3129D443}: NameServer = 80.118.192.112,80.118.196.42 O17 - HKLM\System\CCS\Services\Tcpip\..\{C61ACE69-51CE-44DE-86B7-927A08DEF9A1}: NameServer = 80.118.196.41 80.118.192.111 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe pour moemoney je pense que j'ai du juste sauter la ligne
  11. Dark Sauron
    Et voici le nouveau rapport: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Dark\Mes documents\Mes téléchargements\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU) O17 - HKLM\System\CCS\Services\Tcpip\..\{7D309BE3-7D65-4BDB-91C6-3F7C3129D443}: NameServer = 80.118.192.112,80.118.196.42 O17 - HKLM\System\CCS\Services\Tcpip\..\{C61ACE69-51CE-44DE-86B7-927A08DEF9A1}: NameServer = 80.118.192.100 80.118.196.36 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Punaise c'est vide!
  12. Dark Sauron
    Voila le rapport raventivirus : Scanning memory... Scanning boot sectors... Scanning files... C:\Program Files\WinRAR\Uninstall.exe - Backdoor:Win32/Poebot.E -> Suspicious Scanned ============================ Objects: 151015 Directories: 8018 Archives: 18674 Size(Kb): -1805867 Infected files: 0 Found ============================ Viruses found: 0 Suspicious files: 1 Disinfected files: 0 Mail files: 127 et le nouveau rapport Hijack: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Documents and Settings\Dark\Mes documents\Mes téléchargements\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr9.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [backupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_02\bin\npjpi141_02.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_02\bin\npjpi141_02.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU) O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7D309BE3-7D65-4BDB-91C6-3F7C3129D443}: NameServer = 80.118.192.112,80.118.196.42 O17 - HKLM\System\CCS\Services\Tcpip\..\{C61ACE69-51CE-44DE-86B7-927A08DEF9A1}: NameServer = 80.118.196.41 80.118.192.111 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe Pour info je n'ai gardé ni norton ni antivir mais j'ai installé avast comme antivirus et kerio comme firewall.
  13. Dark Sauron
    Ca y est c'est fait et voila le nouveau rapport : Logfile of HijackThis v1.99.1 Scan saved at 15:25:33, on 29/08/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\DOCUMENTS AND SETTINGS\DARK\MES DOCUMENTS\Mes téléchargements\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bkslriqyaquehvcecvod.com/XuHzqu...NtIIpUMl88.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.agvfvxthfrujogbijdopviqc.net/Xu...n4M9wp3zWE.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr9.hpwis.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: 209.172.32.54 l2testauthd.lineage2.com O1 - Hosts: 209.172.32.54 l2authd.lineage2.com O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {7593179D-F4E3-C2DE-7B8A-E820FFD3B4AC} - C:\DOCUME~1\Dark\APPLIC~1\INFOPO~1\coolhelp.exe (file missing) O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [mdwfwxwt] C:\WINDOWS\mdwfwxwt.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\DOCUME~1\Dark\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\SS0VE3HE\WFI_FRA[1].exe" O4 - HKLM\..\Run: [build real ball mp3] C:\Documents and Settings\All Users\Application Data\poll tons build real\roaddale.exe O4 - HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min O4 - HKCU\..\Run: [backupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Heth] C:\Documents and Settings\Dark\Application Data\y?uk.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [irkf] C:\PROGRA~1\COMMON~1\irkf\irkfm.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU) O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pa.exe O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7D309BE3-7D65-4BDB-91C6-3F7C3129D443}: NameServer = 80.118.192.112,80.118.196.42 O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\ccPxySvc.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\NISUM.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
  14. Dark Sauron
    Salut est-ce que quelqu'un pourrait analyser ce log et me dire s'il comporte des problemes et des choses inutiles. Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe c:\Program Files\Norton AntiVirus\navapsvc.exe c:\Program Files\Norton Personal Firewall\NISUM.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\Norton Personal Firewall\ccPxySvc.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\windows\system\hpsysdrv.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Ahead\InCD\InCD.exe C:\program files\180solutions\saap.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\Dark\Application Data\y?uk.exe C:\PROGRA~1\COMMON~1\irkf\irkfm.exe C:\Program Files\Microsoft Office\Office\OSA.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Shareaza\Shareaza.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\COMMON~1\irkf\irkfa.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\DOCUMENTS AND SETTINGS\DARK\MES DOCUMENTS\Mes téléchargements\HijackThis.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bkslriqyaquehvcecvod.com/XuHzqu...NtIIpUMl88.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.agvfvxthfrujogbijdopviqc.net/Xu...n4M9wp3zWE.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr9.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr9.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: 209.172.32.54 l2testauthd.lineage2.com O1 - Hosts: 209.172.32.54 l2authd.lineage2.com O2 - BHO: MyWay Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MyWay\SrchAstt\1.bin\MYSRCHAS.DLL O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - c:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {7593179D-F4E3-C2DE-7B8A-E820FFD3B4AC} - C:\DOCUME~1\Dark\APPLIC~1\INFOPO~1\coolhelp.exe O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [saap] c:\program files\180solutions\saap.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [mdwfwxwt] C:\WINDOWS\mdwfwxwt.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\DOCUME~1\Dark\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\SS0VE3HE\WFI_FRA[1].exe" O4 - HKLM\..\Run: [build real ball mp3] C:\Documents and Settings\All Users\Application Data\poll tons build real\roaddale.exe O4 - HKCU\..\Run: [backupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [MoneyAgent] "c:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Heth] C:\Documents and Settings\Dark\Application Data\y?uk.exe O4 - HKCU\..\Run: [irkf] C:\PROGRA~1\COMMON~1\irkf\irkfm.exe O4 - HKCU\..\Run: [vc 32] C:\DOCUME~1\Dark\APPLIC~1\ONEOWN~1\LitePokeFile.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - c:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU) O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/france_pa.exe O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{7D309BE3-7D65-4BDB-91C6-3F7C3129D443}: NameServer = 80.118.192.112,80.118.196.42 O17 - HKLM\System\CCS\Services\Tcpip\..\{C61ACE69-51CE-44DE-86B7-927A08DEF9A1}: NameServer = 80.118.192.111 80.118.196.41 O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\ccPxySvc.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - c:\Program Files\Norton Personal Firewall\NISUM.EXE O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe Merci d'avance !
×
×
  • Créer...