Aller au contenu

restanco

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    321

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par restanco

  1. restanco
    Voici le rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:12, on 2008-03-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P36 "EPSON Stylus CX6600 Series (Copie 1)" /O5 "LPT1:" /M "Stylus CX6600" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600" O4 - HKLM\..\Run: [eCarteBleue-LPV-P1] "C:\Program Files\e-Carte Bleue\LA POSTE\CVD VISA\ECB.exe" /dontopenmycards O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU) O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1198749488781 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\Mesureux\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing) O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 12664 bytes
  2. restanco
    Bonjour Voici le fichier combofix, je pense avoir fait comme demandé notamment au niveau du hijackthis.: ComboFix 08-03-14.4 - Mesureux 2008-03-18 8:57:19.9 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.2602 [GMT 1:00] Endroit: C:\Downloads\ComboFix.exe Command switches used :: C:\Downloads\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! FILE :: C:\WINDOWS\system32:Explore.exe C:\WINDOWS\system32\ctvc.exe C:\WINDOWS\system32\winsys2.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\winsys2.exe . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-18 to 2008-03-18 )))))))))))))))))))))))))))))))))))) . 2008-03-16 18:52 . 2008-03-16 18:52 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-03-16 18:42 . 2008-03-16 18:42 <REP> d-------- C:\WINDOWS\ERUNT 2008-03-16 12:00 . 2008-03-16 19:12 <REP> d-------- C:\Program Files\SDFix 2008-03-15 21:21 . 2008-03-15 21:21 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents 2008-03-15 21:12 . 2008-03-15 21:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-03-14 23:19 . 2008-03-14 23:19 <REP> d-------- C:\Program Files\MSXML 4.0 2008-03-14 17:49 . 2008-03-14 17:49 <REP> d-------- C:\WINDOWS\MSSecurityNS 2008-03-14 17:49 . 2008-03-14 17:49 <REP> d-------- C:\WINDOWS\MSSecurityNi 2008-03-13 15:58 . 2008-03-14 22:48 <REP> d-------- C:\Program Files\RamBoost XP 2008-03-09 16:44 . 2008-03-09 16:44 0 --a------ C:\WINDOWS\nsreg.dat 2008-03-07 09:18 . 2008-03-07 09:18 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Publish Providers 2008-03-07 09:17 . 2008-03-07 09:17 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Sony 2008-03-07 09:16 . 2008-03-07 09:22 <REP> d-------- C:\Program Files\Sony 2008-03-07 09:15 . 2008-03-07 09:15 <REP> d-------- C:\Program Files\Sony Setup 2008-03-06 11:28 . 2008-03-06 11:28 0 --a------ C:\WINDOWS\Irremote.ini 2008-03-05 15:40 . 2008-03-06 11:31 <REP> d-------- C:\Program Files\Fichiers communs\Nero 2008-03-05 13:59 . 2008-03-04 20:34 536,576 --ah----- C:\wga.exe 2008-03-05 10:40 . 2008-03-05 11:35 <REP> d-------- C:\Program Files\MSN Messenger 2008-03-03 17:01 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-03-03 17:00 . 2008-03-03 17:00 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-03-03 16:55 . 2008-03-04 08:40 <REP> d-------- C:\Program Files\Windows Live 2008-03-03 16:55 . 2008-03-03 16:59 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-03-03 16:55 . 2008-03-03 16:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-29 11:26 . 2008-02-29 13:38 <REP> d-------- C:\Program Files\Horloge 2008-02-29 11:26 . 2007-10-07 15:29 221,184 --a------ C:\WINDOWS\system32\Horloge.scr 2008-02-29 11:26 . 2003-09-29 20:50 49,152 --a------ C:\WINDOWS\uninsFKI.exe 2008-02-28 15:46 . 2008-02-28 15:52 91,700 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-02-28 15:46 . 2008-02-28 15:52 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-02-28 15:45 . 2008-02-28 15:45 <REP> d-------- C:\Program Files\Kaspersky Lab 2008-02-28 15:45 . 2008-03-18 08:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-02-28 15:45 . 2008-03-18 08:59 9,698,336 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-02-28 15:45 . 2008-03-18 08:58 302,112 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-02-28 15:45 . 2008-03-18 08:58 133,004 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-02-28 15:45 . 2008-03-18 08:58 30,392 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-02-26 10:46 . 2008-02-26 10:46 <REP> d-------- C:\Program Files\ASUS 2008-02-25 17:51 . 2007-01-17 14:47 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-02-25 16:25 . 2008-02-25 16:25 <REP> d-------- C:\Program Files\KC Softwares 2008-02-25 14:11 . 2008-02-25 14:41 <REP> d-------- C:\Program Files\Fichiers communs\LightScribe 2008-02-24 22:46 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\GetSmile 2008-02-24 22:46 . 2008-02-24 22:46 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Sofrayt 2008-02-24 20:40 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\LightScribeTemplateLabeler 2008-02-24 20:40 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\Fichiers communs\LightScribe(2) 2008-02-24 18:30 . 2002-07-17 08:53 16,877 --a------ C:\WINDOWS\system32\drivers\ASPI2K.BAK 2008-02-24 18:30 . 2002-07-17 16:22 5,600 --a------ C:\WINDOWS\system\WINASPI.BAK 2008-02-24 18:30 . 2002-07-17 16:22 4,672 --a------ C:\WINDOWS\system\WOWPOST.BAK 2008-02-24 18:08 . 2002-07-17 09:20 45,056 --a------ C:\WINDOWS\system32\WNASPI2K.BAK 2008-02-24 17:59 . 2008-02-24 17:59 <REP> d-------- C:\Program Files\SAMSUNG 2008-02-24 16:05 . 2008-02-24 16:05 292 --ah----- C:\sqmdata01.sqm 2008-02-24 16:05 . 2008-02-24 16:05 244 --ah----- C:\sqmnoopt01.sqm 2008-02-23 21:55 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\MailNavigator(2) 2008-02-22 10:58 . 2008-02-22 11:01 148 --a------ C:\WINDOWS\Antidote.ini 2008-02-21 22:56 . 2008-02-21 22:56 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Druide 2008-02-21 22:48 . 2008-02-22 10:59 <REP> d-------- C:\Program Files\Druide 2008-02-21 16:23 . 2008-02-21 16:23 <REP> d-------- C:\Program Files\PC Wizard 2008 2008-02-21 16:23 . 2007-09-15 15:11 27,136 --a------ C:\WINDOWS\system32\PCWizard.cpl 2008-02-21 16:02 . 2008-02-21 16:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\JollyBear 2008-02-21 15:59 . 2008-02-21 15:59 <REP> d-------- C:\Program Files\GameHouse 2008-02-20 22:58 . 2000-03-21 00:55 118,784 --a------ C:\WINDOWS\system32\vbalNCSM6.dll 2008-02-20 22:58 . 2000-07-17 14:41 70,088 --a------ C:\WINDOWS\system32\Project2-1.ocx 2008-02-20 22:58 . 1999-02-19 08:54 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll 2008-02-20 22:58 . 2000-03-21 16:37 1,760 --a------ C:\WINDOWS\system32\objsafe.tlb 2008-02-20 22:58 . 2000-04-06 15:58 1,453 --a------ C:\WINDOWS\system32\Project2.INF 2008-02-20 13:46 . 2008-02-20 15:09 2,616,536 --a------ C:\WINDOWS\printemps.bmp 2008-02-20 13:45 . 2008-02-20 13:45 150,073 --a------ C:\WINDOWS\printemps.jpg 2008-02-19 17:56 . 2008-02-19 17:55 64,122 --a------ C:\WINDOWS\normal_lac-montagne-pyrenees-14.jpg 2008-02-19 17:55 . 2008-02-19 17:55 74,806 --a------ C:\WINDOWS\normal_Givre-sur-les-rives-du-Lac-du-Salagou-1.jpg 2008-02-18 23:17 . 2008-02-18 23:17 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\iWin 2008-02-18 13:55 . 2008-02-18 13:55 2,611,028 --a------ C:\WINDOWS\normal_printemps-6.bmp 2008-02-18 13:53 . 2008-02-18 13:53 52,902 --a------ C:\WINDOWS\normal_jonquilles-narcisses-1.jpg 2008-02-18 13:46 . 2008-02-18 13:50 2,601,200 --a------ C:\WINDOWS\normal_automne-6.bmp 2008-02-18 11:38 . 2008-02-18 11:38 0 --a------ C:\WINDOWS\LiveBilliards.INI 2008-02-18 11:35 . 1999-12-17 09:13 86,016 --a------ C:\WINDOWS\unvise32.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-17 10:59 --------- d-----w C:\Program Files\Java 2008-03-16 16:18 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\U3 2008-03-15 13:41 --------- d-----w C:\Program Files\a-squared Free 2008-03-12 12:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-03-11 10:09 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\MahJong Suite 2008-03-07 08:47 --------- d-----w C:\Program Files\eMule 2008-03-06 10:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2008-03-05 13:33 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-03-05 13:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-03-01 21:44 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\Généatique2007 2008-02-26 09:46 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-25 16:51 --------- d-----w C:\Program Files\TuneUp Utilities 2007 2008-02-25 16:50 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-02-25 16:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-02-25 13:11 --------- d-----w C:\Program Files\MagicISO 2008-02-20 14:17 --------- d-----w C:\Program Files\Codutil 59 2008-02-16 21:58 --------- d-----w C:\Program Files\PhotoCleaner 2008-02-16 21:58 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\PhotoCleaner 2008-02-16 16:18 --------- d-----w C:\Program Files\EBP 2008-02-16 16:11 --------- d-----w C:\Program Files\Fichiers communs\Borland Shared 2008-02-16 14:21 --------- d-----w C:\Program Files\MAGIX 2008-02-16 13:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\TreeCardGames 2008-02-14 10:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-02-14 10:28 --------- d-----w C:\Program Files\Bonjour 2008-02-14 09:15 --------- d-----w C:\Program Files\MaxiMemo 2008-02-14 09:15 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\MaxiMemo 2008-02-12 21:56 --------- d-----w C:\Program Files\Fichiers communs\Digidesign 2008-02-12 21:54 --------- d-----w C:\Program Files\SafeNet Sentinel 2008-02-12 21:54 --------- d-----w C:\Program Files\Fichiers communs\SafeNet Sentinel 2008-02-11 22:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-02-11 22:17 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared 2008-02-10 21:45 --------- d-----w C:\Program Files\Franciade 2008-02-10 09:28 --------- d-----w C:\Program Files\QuickTime 2008-02-10 09:28 --------- d-----w C:\Program Files\InterVideo Information Service 2008-02-10 09:28 --------- d-----w C:\Program Files\Fichiers communs\Real 2008-02-10 09:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2008-02-10 09:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-02-08 21:31 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2008-02-07 15:16 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\Ulead Systems 2008-02-07 15:11 --------- d-----w C:\Program Files\Real 2008-02-07 15:08 --------- d-----w C:\Program Files\InterVideo 2008-02-07 15:08 --------- d-----w C:\Program Files\Fichiers communs\InterVideo 2008-02-07 15:05 --------- d-----w C:\Program Files\Windows Media Components 2008-02-05 15:19 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\Ashampoo 2008-02-05 15:17 --------- d-----w C:\Program Files\Ashampoo 2008-02-04 08:38 --------- d-----w C:\Program Files\Google 2008-02-03 18:15 --------- d-----w C:\Program Files\Fichiers communs\Java 2008-02-01 21:37 --------- d-----w C:\Program Files\MSXML 6.0 2008-02-01 21:36 --------- d-----w C:\Program Files\MSBuild 2008-02-01 21:33 --------- d-----w C:\Program Files\Reference Assemblies 2008-02-01 14:16 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\ComptaAsso 2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR 2008-01-28 19:45 --------- d-----w C:\Program Files\PDFCreator 2008-01-28 14:13 --------- d-----w C:\Program Files\Geneatique2007 2008-01-28 12:45 --------- d-----w C:\Program Files\pese_courrier 2008-01-24 12:48 --------- d-----w C:\Program Files\BitComet 2008-01-23 22:21 278,728 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2008-01-23 22:21 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys 2008-01-23 21:58 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\SolSuite 2008-01-19 20:57 --------- d-----w C:\Program Files\bms98 2008-01-18 21:51 --------- d-----w C:\Program Files\VirtualDubMOD 2008-01-17 22:14 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-01-09 19:51 86,094 ----a-w C:\WINDOWS\BPMNT.dll 2008-01-09 19:51 1,163,344 ----a-w C:\WINDOWS\vsapi32.dll 2008-01-09 14:06 71,749 ----a-w C:\WINDOWS\hcextoutput.dll 2008-01-09 14:06 267,845 ----a-w C:\WINDOWS\tsc.exe 2008-01-09 14:03 69,689 ----a-w C:\WINDOWS\UNZIP.DLL 2008-01-09 14:03 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL 2008-01-09 14:03 286,720 ----a-w C:\WINDOWS\PATCH.EXE 2007-12-28 14:47 74,752 ----a-w C:\WINDOWS\ST6UNST.EXE . ((((((((((((((((((((((((((((( snapshot@2008-03-17_22.50.46.31 ))))))))))))))))))))))))))))))))))))))))) . - 2008-03-17 19:39:36 72,152 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-03-18 07:55:56 72,152 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-03-17 19:39:36 85,696 ----a-w C:\WINDOWS\system32\perfc00C.dat + 2008-03-18 07:55:56 85,696 ----a-w C:\WINDOWS\system32\perfc00C.dat - 2008-03-17 19:39:36 444,528 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-03-18 07:55:56 444,528 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-03-17 19:39:36 513,492 ----a-w C:\WINDOWS\system32\perfh00C.dat + 2008-03-18 07:55:56 513,492 ----a-w C:\WINDOWS\system32\perfh00C.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-05 22:59 68856] "LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-04-19 13:26 484904] "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2006-09-11 04:40 86960] "Gestionnaire Antidote.exe"="C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe" [2007-09-24 03:55 533944] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus CX6600 Series (Copie 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe" [2004-03-01 04:00 98304] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 12:51 218376] "WinSys2"="C:\WINDOWS\system32\winsys2.exe" [ ] "vspdfprsrv.exe"="C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe" [2006-05-04 06:58 998912] "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19 15872] "Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 11:43 90112] "TrayServer"="C:\Program Files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe" [2007-07-17 13:58 90112] "SW24"="C:\WINDOWS\system32\sw24.exe" [2006-12-15 03:58 69632] "SW20"="C:\WINDOWS\system32\sw20.exe" [2006-12-15 03:58 208896] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 14:34 868352] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-07-13 07:12 729088] "RoxWatchTray"="C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 15:52 240112] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 13:23 200704] "nwiz"="nwiz.exe" [2007-04-12 16:44 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 16:44 81920] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 16:44 8429568] "EPSON Stylus CX6600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe" [2004-03-01 04:00 98304] "eCarteBleue-LPV-P1"="C:\Program Files\e-Carte Bleue\LA POSTE\CVD VISA\ECB.exe" [2002-12-20 09:57 188416] "DMXLauncher"="C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 03:44 113136] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "I:\\Jeux\\Grand Master Chess\\server.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "I:\\Jeux\\KYODIA MAJHONG 2006\\kmj.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "24829:TCP"= 24829:TCP:BitComet 24829 TCP "24829:UDP"= 24829:UDP:BitComet 24829 UDP "24349:TCP"= 24349:TCP:BitComet 24349 TCP "24349:UDP"= 24349:UDP:BitComet 24349 UDP "27353:TCP"= 27353:TCP:BitComet 27353 TCP "27353:UDP"= 27353:UDP:BitComet 27353 UDP R2 acedrv09;acedrv09;C:\WINDOWS\system32\drivers\acedrv09.sys [2007-06-18 14:10] R2 acehlp09;acehlp09;C:\WINDOWS\system32\drivers\acehlp09.sys [2007-05-30 17:54] R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2006-03-02 13:00] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe" [2007-08-24 15:53] S2 RoxLiveShare10;LiveShare P2P Server 10;"C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" [2007-08-24 15:52] S2 RoxWatch10;Roxio Hard Drive Watcher 10;"C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe" [2007-08-24 15:52] S2 SessionLauncher;SessionLauncher;C:\DOCUME~1\Mesureux\LOCALS~1\Temp\DX9\SessionLauncher.exe [] S3 Droppix Service;Droppix Service;"C:\Program Files\Fichiers communs\Droppix\DxService.exe" [2007-05-18 20:00] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [2007-08-24 15:53] S3 RoxMediaDB10;RoxMediaDB10;"C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe" [2007-08-24 15:52] S3 UPnPService;UPnPService;C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 17:00] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L] \Shell\AutoRun\command - L:\LaunchU3.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe" . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-03-14 16:20:16 C:\WINDOWS\Tasks\Maintenance en 1 clic.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-18 08:59:50 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . --------------------- DLLs a chargé sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156] -> C:\Program Files\Unlocker\UnlockerHook.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe . ************************************************************************** . Temps d'accomplissement: 2008-03-18 9:02:04 - machine was rebooted [Mesureux] ComboFix-quarantined-files.txt 2008-03-18 08:02:01 ComboFix2.txt 2008-03-18 07:54:22 ComboFix3.txt 2008-03-18 07:47:35 . 2008-03-12 12:46:13 --- E O F ---
  3. restanco
    Je comprends pas ce qu'il faut faire dans hijacthis.
  4. restanco
    Voici le rapport Kaspersky, suivi du hijakthis : Analyse : terminé ----------------- Fichiers Analysés : 923581 Détectés : 2 Non traités : 0 Lancement : 17/03/2008 12:03:33 Durée : 07:35:32 Fin : 17/03/2008 19:39:05 Détectés -------- Etat Objet ---- ----- non trouvé : virus Heur.Downloader (modification) Le fichier: I:\System Volume Information\_restore{2A3DF861-7C31-4203-A38C-AD4E6476FA26}\RP57\A0010408.exe//stream//data0016 non trouvé : virus Heur.Downloader (modification) Le fichier: I:\System Volume Information\_restore{D17B4753-3DAE-4A96-9414-3B310A022E40}\RP42\A0005001.exe//stream//data0016 Evènements ---------- Heure Nom Etat Cause ----- --- ---- ----- 17/03/2008 12:03:33 Le fichier: C:\Documents and Settings\Mesureux\Bureau\ComptaAsso.lnk ok iSwift 17/03/2008 12:03:33 Le fichier: C:\Documents and Settings\Mesureux\Bureau\Compte pour Windows.LNK ok iSwift 17/03/2008 12:03:33 Le fichier: C:\Documents and Settings\Mesureux\Bureau\Généatique 2007.lnk ok iSwift 17/03/2008 12:03:33 Le fichier: C:\Documents and Settings\Mesureux\Bureau\Mahjong Escape.lnk ok iSwift 17/03/2008 12:03:33 Le fichier: C:\Documents and Settings\Mesureux\Bureau\MahJong.lnk ok iSwift 17/03/2008 12:03:33 Le fichier: C:\Documents and Settings\Mesureux\Bureau\Maintenance en 1 clic.lnk ok iSwift 17/03/2008 12:03:33 Le fichier: C:\Documents and Settings\Mesureux\Bureau\PeseCourrier.lnk ok iSwift 17/03/2008 12:03:33 Le secteur du disque logique: C ok analysé 17/03/2008 12:03:33 Le secteur du disque logique: I ok analysé 17/03/2008 12:03:33 Le secteur du disque: \Device\Harddisk2\DR5 ok analysé 17/03/2008 12:03:33 Le secteur du disque: \Device\Harddisk1\DR3 ok analysé 17/03/2008 12:03:34 Le secteur du disque: \Device\Harddisk0\DR0 ok analysé 17/03/2008 12:03:34 Le fichier: C:\.rnd ok iSwift 17/03/2008 12:03:34 Le fichier: C:\AUTOEXEC.BAT ok iSwift 17/03/2008 12:03:34 Le fichier: C:\biosinfo ok iSwift 17/03/2008 12:03:34 Le fichier: C:\ComboFix.txt ok iSwift 17/03/2008 12:03:34 Le fichier: C:\CONFIG.SYS ok iSwift 17/03/2008 12:03:34 Le fichier: C:\IO.SYS ok iSwift 17/03/2008 12:03:34 Le fichier: C:\MSDOS.SYS ok iSwift 17/03/2008 12:03:34 Le fichier: C:\pagefile.sys non traité utilisé par une autre application 17/03/2008 12:03:34 Le fichier: C:\PDOXUSRS.NET ok iSwift 17/03/2008 12:03:34 Le fichier: C:\sqmdata00.sqm ok iSwift 17/03/2008 12:03:34 Le fichier: C:\sqmdata01.sqm ok iSwift 17/03/2008 12:03:34 Le fichier: C:\sqmnoopt00.sqm ok iSwift 17/03/2008 12:03:34 Le fichier: C:\sqmnoopt01.sqm ok iSwift 17/03/2008 12:03:34 Le fichier: C:\wga.exe ok iSwift 17/03/2008 12:03:34 Le fichier: C:\WM800918.bin ok iSwift 17/03/2008 12:03:35 Le fichier: C:\Documents and Settings\All Users\Application Data\addr_file.html ok iSwift 17/03/2008 12:03:35 Le fichier: C:\Documents and Settings\All Users\Application Data\desktop.ini ok iSwift 17/03/2008 12:03:35 Le fichier: C:\Documents and Settings\All Users\Application Data\__FileUploader.log ok iSwift Statistiques ------------ Objet Analysés Objets dangereux Non traités Supprimés Placés en quarantaine Archives Fichiers compactés Protégés par un mot de passe Corrompus ----- -------- ---------------- ------------ --------- --------------------- -------- ------------------ ---------------------------- --------- Paramètres ---------- Paramètre Valeur --------- ------ Niveau de protection Autre Action Confirmer à la fin de l'analyse Mode de lancement Manuel Types de fichiers Analyser tous les fichiers Analyse uniquement des nouveaux fichiers et des fichiers modifiés Non Analyse des archives l'ensemble des Analyse des objets OLE joints l'ensemble des Ne pas analyser les archives dont la taille dépasse Non Passer le fichier si l'analyse dure plus de Non Analyse des fichiers au format de messagerie Oui Analyse des archives protégées par un mot de passe Non Utiliser la technologie iChecker Oui Utiliser la technologie iSwift Oui Afficher les objets dangereux découverts sur l'onglet "Détectés" Oui Recherche d'outils de dissimulation d'activité Oui Recherche élargie d'outils de dissimulation d'activité Oui Utiliser l'analyseur heuristique Oui Niveau d'analyse heuristique 10 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:01:59, on 17/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\system32\winsys2.exe C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\msiexec.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P36 "EPSON Stylus CX6600 Series (Copie 1)" /O5 "LPT1:" /M "Stylus CX6600" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600" O4 - HKLM\..\Run: [eCarteBleue-LPV-P1] "C:\Program Files\e-Carte Bleue\LA POSTE\CVD VISA\ECB.exe" /dontopenmycards O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" O4 - HKLM\..\Run: [ctvc.exe] C:\WINDOWS\system32\ctvc.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU) O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1198749488781 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\Mesureux\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing) O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 12842 bytes Bonne soirée
  5. restanco
    Re J'ai lancé combofix, puis une fois le rapport edité j'ai rajouté les lignes que vous m'avez dit dand le rapport. Puis sauvegardé et envoyé (comme mentionné sur l'animatio) sur combofix qui a refait une analyse, et voici le rapport a la fin de la 2ème analyse : ComboFix 08-03-14.4 - Mesureux 2008-03-17 10:19:07.5 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.2507 [GMT 1:00] Endroit: C:\Downloads\ComboFix.exe Command switches used :: C:\Downloads\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-17 to 2008-03-17 )))))))))))))))))))))))))))))))))))) . 2008-03-16 21:05 . 2008-03-16 21:10 <REP> d-------- C:\Program Files\QooBox (combofix) 2008-03-16 18:52 . 2008-03-16 18:52 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-03-16 18:42 . 2008-03-16 18:42 <REP> d-------- C:\WINDOWS\ERUNT 2008-03-16 12:00 . 2008-03-16 19:12 <REP> d-------- C:\Program Files\SDFix 2008-03-15 21:21 . 2008-03-15 21:21 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents 2008-03-15 21:12 . 2008-03-15 21:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-03-14 23:19 . 2008-03-14 23:19 <REP> d-------- C:\Program Files\MSXML 4.0 2008-03-14 17:49 . 2008-03-14 17:49 <REP> d-------- C:\WINDOWS\MSSecurityNS 2008-03-14 17:49 . 2008-03-14 17:49 <REP> d-------- C:\WINDOWS\MSSecurityNi 2008-03-13 15:58 . 2008-03-14 22:48 <REP> d-------- C:\Program Files\RamBoost XP 2008-03-09 16:44 . 2008-03-09 16:44 0 --a------ C:\WINDOWS\nsreg.dat 2008-03-07 09:18 . 2008-03-07 09:18 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Publish Providers 2008-03-07 09:17 . 2008-03-07 09:17 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Sony 2008-03-07 09:16 . 2008-03-07 09:22 <REP> d-------- C:\Program Files\Sony 2008-03-07 09:15 . 2008-03-07 09:15 <REP> d-------- C:\Program Files\Sony Setup 2008-03-06 11:28 . 2008-03-06 11:28 0 --a------ C:\WINDOWS\Irremote.ini 2008-03-05 15:40 . 2008-03-06 11:31 <REP> d-------- C:\Program Files\Fichiers communs\Nero 2008-03-05 13:59 . 2008-03-04 20:34 536,576 --ah----- C:\wga.exe 2008-03-05 10:40 . 2008-03-05 11:35 <REP> d-------- C:\Program Files\MSN Messenger 2008-03-03 17:01 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-03-03 17:00 . 2008-03-03 17:00 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-03-03 16:55 . 2008-03-04 08:40 <REP> d-------- C:\Program Files\Windows Live 2008-03-03 16:55 . 2008-03-03 16:59 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-03-03 16:55 . 2008-03-03 16:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-29 11:26 . 2008-02-29 13:38 <REP> d-------- C:\Program Files\Horloge 2008-02-29 11:26 . 2007-10-07 15:29 221,184 --a------ C:\WINDOWS\system32\Horloge.scr 2008-02-29 11:26 . 2003-09-29 20:50 49,152 --a------ C:\WINDOWS\uninsFKI.exe 2008-02-28 15:46 . 2008-02-28 15:52 91,700 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-02-28 15:46 . 2008-02-28 15:52 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-02-28 15:45 . 2008-02-28 15:45 <REP> d-------- C:\Program Files\Kaspersky Lab 2008-02-28 15:45 . 2008-03-17 09:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-02-28 15:45 . 2008-03-17 10:19 9,094,432 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-02-28 15:45 . 2008-03-17 10:19 223,008 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-02-28 15:45 . 2008-03-16 23:13 124,076 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-02-28 15:45 . 2008-03-16 23:13 21,644 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-02-26 10:46 . 2008-02-26 10:46 <REP> d-------- C:\Program Files\ASUS 2008-02-25 17:51 . 2007-01-17 14:47 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-02-25 16:25 . 2008-02-25 16:25 <REP> d-------- C:\Program Files\KC Softwares 2008-02-25 14:11 . 2008-02-25 14:41 <REP> d-------- C:\Program Files\Fichiers communs\LightScribe 2008-02-24 22:46 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\GetSmile 2008-02-24 22:46 . 2008-02-24 22:46 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Sofrayt 2008-02-24 20:40 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\LightScribeTemplateLabeler 2008-02-24 20:40 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\Fichiers communs\LightScribe(2) 2008-02-24 18:30 . 2002-07-17 08:53 16,877 --a------ C:\WINDOWS\system32\drivers\ASPI2K.BAK 2008-02-24 18:30 . 2002-07-17 16:22 5,600 --a------ C:\WINDOWS\system\WINASPI.BAK 2008-02-24 18:30 . 2002-07-17 16:22 4,672 --a------ C:\WINDOWS\system\WOWPOST.BAK 2008-02-24 18:08 . 2002-07-17 09:20 45,056 --a------ C:\WINDOWS\system32\WNASPI2K.BAK 2008-02-24 17:59 . 2008-02-24 17:59 <REP> d-------- C:\Program Files\SAMSUNG 2008-02-24 16:05 . 2008-02-24 16:05 292 --ah----- C:\sqmdata01.sqm 2008-02-24 16:05 . 2008-02-24 16:05 244 --ah----- C:\sqmnoopt01.sqm 2008-02-23 21:55 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\MailNavigator(2) 2008-02-22 10:58 . 2008-02-22 11:01 148 --a------ C:\WINDOWS\Antidote.ini 2008-02-21 22:56 . 2008-02-21 22:56 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Druide 2008-02-21 22:48 . 2008-02-22 10:59 <REP> d-------- C:\Program Files\Druide 2008-02-21 16:23 . 2008-02-21 16:23 <REP> d-------- C:\Program Files\PC Wizard 2008 2008-02-21 16:23 . 2007-09-15 15:11 27,136 --a------ C:\WINDOWS\system32\PCWizard.cpl 2008-02-21 16:02 . 2008-02-21 16:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\JollyBear 2008-02-21 15:59 . 2008-02-21 15:59 <REP> d-------- C:\Program Files\GameHouse 2008-02-20 22:58 . 2000-03-21 00:55 118,784 --a------ C:\WINDOWS\system32\vbalNCSM6.dll 2008-02-20 22:58 . 2000-07-17 14:41 70,088 --a------ C:\WINDOWS\system32\Project2-1.ocx 2008-02-20 22:58 . 1999-02-19 08:54 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll 2008-02-20 22:58 . 2000-03-21 16:37 1,760 --a------ C:\WINDOWS\system32\objsafe.tlb 2008-02-20 22:58 . 2000-04-06 15:58 1,453 --a------ C:\WINDOWS\system32\Project2.INF 2008-02-20 13:46 . 2008-02-20 15:09 2,616,536 --a------ C:\WINDOWS\printemps.bmp 2008-02-20 13:45 . 2008-02-20 13:45 150,073 --a------ C:\WINDOWS\printemps.jpg 2008-02-19 17:56 . 2008-02-19 17:55 64,122 --a------ C:\WINDOWS\normal_lac-montagne-pyrenees-14.jpg 2008-02-19 17:55 . 2008-02-19 17:55 74,806 --a------ C:\WINDOWS\normal_Givre-sur-les-rives-du-Lac-du-Salagou-1.jpg 2008-02-18 23:17 . 2008-02-18 23:17 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\iWin 2008-02-18 13:55 . 2008-02-18 13:55 2,611,028 --a------ C:\WINDOWS\normal_printemps-6.bmp 2008-02-18 13:53 . 2008-02-18 13:53 52,902 --a------ C:\WINDOWS\normal_jonquilles-narcisses-1.jpg 2008-02-18 13:46 . 2008-02-18 13:50 2,601,200 --a------ C:\WINDOWS\normal_automne-6.bmp 2008-02-18 11:38 . 2008-02-18 11:38 0 --a------ C:\WINDOWS\LiveBilliards.INI 2008-02-18 11:35 . 1999-12-17 09:13 86,016 --a------ C:\WINDOWS\unvise32.exe 2008-02-17 23:05 . 2008-02-17 23:07 2,611,512 --a------ C:\WINDOWS\cascade.bmp 2008-02-17 23:02 . 2008-02-17 23:02 2,090,972 --a------ C:\WINDOWS\Sans titre-1 copie.bmp . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-16 16:18 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\U3 2008-03-15 13:41 --------- d-----w C:\Program Files\a-squared Free 2008-03-12 12:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-03-11 10:09 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\MahJong Suite 2008-03-07 08:47 --------- d-----w C:\Program Files\eMule 2008-03-06 10:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2008-03-05 13:33 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-03-05 13:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-03-01 21:44 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\Généatique2007 2008-02-26 09:46 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-25 16:51 --------- d-----w C:\Program Files\TuneUp Utilities 2007 2008-02-25 16:50 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-02-25 16:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-02-25 13:11 --------- d-----w C:\Program Files\MagicISO 2008-02-20 14:17 --------- d-----w C:\Program Files\Codutil 59 2008-02-16 21:58 --------- d-----w C:\Program Files\PhotoCleaner 2008-02-16 21:58 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\PhotoCleaner 2008-02-16 16:18 --------- d-----w C:\Program Files\EBP 2008-02-16 16:11 --------- d-----w C:\Program Files\Fichiers communs\Borland Shared 2008-02-16 14:21 --------- d-----w C:\Program Files\MAGIX 2008-02-16 13:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\TreeCardGames 2008-02-14 10:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-02-14 10:28 --------- d-----w C:\Program Files\Bonjour 2008-02-14 09:15 --------- d-----w C:\Program Files\MaxiMemo 2008-02-14 09:15 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\MaxiMemo 2008-02-12 21:56 --------- d-----w C:\Program Files\Fichiers communs\Digidesign 2008-02-12 21:54 --------- d-----w C:\Program Files\SafeNet Sentinel 2008-02-12 21:54 --------- d-----w C:\Program Files\Fichiers communs\SafeNet Sentinel 2008-02-11 22:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-02-11 22:17 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared 2008-02-10 21:45 --------- d-----w C:\Program Files\Franciade 2008-02-10 09:28 --------- d-----w C:\Program Files\QuickTime 2008-02-10 09:28 --------- d-----w C:\Program Files\InterVideo Information Service 2008-02-10 09:28 --------- d-----w C:\Program Files\Fichiers communs\Real 2008-02-10 09:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2008-02-10 09:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-02-08 21:31 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2008-02-07 15:16 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\Ulead Systems 2008-02-07 15:11 --------- d-----w C:\Program Files\Real 2008-02-07 15:08 --------- d-----w C:\Program Files\InterVideo 2008-02-07 15:08 --------- d-----w C:\Program Files\Fichiers communs\InterVideo 2008-02-07 15:05 --------- d-----w C:\Program Files\Windows Media Components 2008-02-05 15:19 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\Ashampoo 2008-02-05 15:17 --------- d-----w C:\Program Files\Ashampoo 2008-02-04 08:38 --------- d-----w C:\Program Files\Google 2008-02-03 18:16 --------- d-----w C:\Program Files\Java 2008-02-03 18:15 --------- d-----w C:\Program Files\Fichiers communs\Java 2008-02-01 21:37 --------- d-----w C:\Program Files\MSXML 6.0 2008-02-01 21:36 --------- d-----w C:\Program Files\MSBuild 2008-02-01 21:33 --------- d-----w C:\Program Files\Reference Assemblies 2008-02-01 14:16 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\ComptaAsso 2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR 2008-01-28 19:45 --------- d-----w C:\Program Files\PDFCreator 2008-01-28 14:13 --------- d-----w C:\Program Files\Geneatique2007 2008-01-28 12:45 --------- d-----w C:\Program Files\pese_courrier 2008-01-24 12:48 --------- d-----w C:\Program Files\BitComet 2008-01-23 22:21 278,728 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2008-01-23 22:21 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys 2008-01-23 21:58 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\SolSuite 2008-01-19 20:57 --------- d-----w C:\Program Files\bms98 2008-01-18 21:51 --------- d-----w C:\Program Files\VirtualDubMOD 2008-01-17 22:14 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-01-17 22:14 --------- d-----w C:\Program Files\BFG 2008-01-09 19:51 86,094 ----a-w C:\WINDOWS\BPMNT.dll 2008-01-09 19:51 1,163,344 ----a-w C:\WINDOWS\vsapi32.dll 2008-01-09 14:06 71,749 ----a-w C:\WINDOWS\hcextoutput.dll 2008-01-09 14:06 267,845 ----a-w C:\WINDOWS\tsc.exe 2008-01-09 14:03 69,689 ----a-w C:\WINDOWS\UNZIP.DLL 2008-01-09 14:03 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL 2008-01-09 14:03 286,720 ----a-w C:\WINDOWS\PATCH.EXE 2007-12-28 14:47 74,752 ----a-w C:\WINDOWS\ST6UNST.EXE . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-05 22:59 68856] "LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-04-19 13:26 484904] "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2006-09-11 04:40 86960] "Gestionnaire Antidote.exe"="C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe" [2007-09-24 03:55 533944] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus CX6600 Series (Copie 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe" [2004-03-01 04:00 98304] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 12:51 218376] "WinSys2"="C:\WINDOWS\system32\winsys2.exe" [2006-12-15 03:59 217088] "vspdfprsrv.exe"="C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe" [2006-05-04 06:58 998912] "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19 15872] "Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 11:43 90112] "TrayServer"="C:\Program Files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe" [2007-07-17 13:58 90112] "SW24"="C:\WINDOWS\system32\sw24.exe" [2006-12-15 03:58 69632] "SW20"="C:\WINDOWS\system32\sw20.exe" [2006-12-15 03:58 208896] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 14:34 868352] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-07-13 07:12 729088] "RoxWatchTray"="C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 15:52 240112] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 13:23 200704] "nwiz"="nwiz.exe" [2007-04-12 16:44 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 16:44 81920] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 16:44 8429568] "EPSON Stylus CX6600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe" [2004-03-01 04:00 98304] "eCarteBleue-LPV-P1"="C:\Program Files\e-Carte Bleue\LA POSTE\CVD VISA\ECB.exe" [2002-12-20 09:57 188416] "DMXLauncher"="C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 03:44 113136] "ctvc.exe"="C:\WINDOWS\system32\ctvc.exe" [ ] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "I:\\Jeux\\Grand Master Chess\\server.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "24829:TCP"= 24829:TCP:BitComet 24829 TCP "24829:UDP"= 24829:UDP:BitComet 24829 UDP "24349:TCP"= 24349:TCP:BitComet 24349 TCP "24349:UDP"= 24349:UDP:BitComet 24349 UDP "27353:TCP"= 27353:TCP:BitComet 27353 TCP "27353:UDP"= 27353:UDP:BitComet 27353 UDP R2 acedrv09;acedrv09;C:\WINDOWS\system32\drivers\acedrv09.sys [2007-06-18 14:10] R2 acehlp09;acehlp09;C:\WINDOWS\system32\drivers\acehlp09.sys [2007-05-30 17:54] R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2006-03-02 13:00] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe" [2007-08-24 15:53] S2 RoxLiveShare10;LiveShare P2P Server 10;"C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" [2007-08-24 15:52] S2 RoxWatch10;Roxio Hard Drive Watcher 10;"C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe" [2007-08-24 15:52] S2 SessionLauncher;SessionLauncher;C:\DOCUME~1\Mesureux\LOCALS~1\Temp\DX9\SessionLauncher.exe [] S3 Droppix Service;Droppix Service;"C:\Program Files\Fichiers communs\Droppix\DxService.exe" [2007-05-18 20:00] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [2007-08-24 15:53] S3 RoxMediaDB10;RoxMediaDB10;"C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe" [2007-08-24 15:52] S3 UPnPService;UPnPService;C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 17:00] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L] \Shell\AutoRun\command - L:\LaunchU3.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe" . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-03-14 16:20:16 C:\WINDOWS\Tasks\Maintenance en 1 clic.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-17 10:19:51 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . --------------------- DLLs a chargé sous des processus courants --------------------- PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156] -> C:\Program Files\Unlocker\UnlockerHook.dll . Temps d'accomplissement: 2008-03-17 10:20:15 ComboFix2.txt 2008-03-17 09:16:02 . 2008-03-12 12:46:13 --- E O F ---
  6. restanco
    Bonjour Il faut que je lance confix et ensuite je rajoute le texte indiqué ?
  7. restanco
    Voici le fichier ComboFix.exe : File:: C:\WINDOWS\system32\ctvc.exe C:\WINDOWS\system32:Explore.exe Registry:: [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000000 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"=- [-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3A5656F7-2047-E7E4-018D-FD278FC908BD}] Merci et à demain.
  8. restanco
    Voici le rapport crée par combofix : ComboFix 08-03-14.4 - Mesureux 2008-03-16 21:05:46.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.2468 [GMT 1:00] Endroit: C:\Downloads\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\winsys.exe . ((((((((((((((((((((((((((((( Fichiers créés 2008-02-16 to 2008-03-16 )))))))))))))))))))))))))))))))))))) . 2008-03-16 18:52 . 2008-03-16 18:52 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-03-16 18:42 . 2008-03-16 18:42 <REP> d-------- C:\WINDOWS\ERUNT 2008-03-16 12:00 . 2008-03-16 19:12 <REP> d-------- C:\Program Files\SDFix 2008-03-15 21:21 . 2008-03-15 21:21 <REP> d-------- C:\Documents and Settings\LocalService\Mes documents 2008-03-15 21:12 . 2008-03-15 21:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-03-14 23:19 . 2008-03-14 23:19 <REP> d-------- C:\Program Files\MSXML 4.0 2008-03-14 17:49 . 2008-03-14 17:49 <REP> d-------- C:\WINDOWS\MSSecurityNS 2008-03-14 17:49 . 2008-03-14 17:49 <REP> d-------- C:\WINDOWS\MSSecurityNi 2008-03-13 15:58 . 2008-03-14 22:48 <REP> d-------- C:\Program Files\RamBoost XP 2008-03-09 16:44 . 2008-03-09 16:44 0 --a------ C:\WINDOWS\nsreg.dat 2008-03-07 09:18 . 2008-03-07 09:18 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Publish Providers 2008-03-07 09:17 . 2008-03-07 09:17 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Sony 2008-03-07 09:16 . 2008-03-07 09:22 <REP> d-------- C:\Program Files\Sony 2008-03-07 09:15 . 2008-03-07 09:15 <REP> d-------- C:\Program Files\Sony Setup 2008-03-06 11:28 . 2008-03-06 11:28 0 --a------ C:\WINDOWS\Irremote.ini 2008-03-05 15:40 . 2008-03-06 11:31 <REP> d-------- C:\Program Files\Fichiers communs\Nero 2008-03-05 13:59 . 2008-03-04 20:34 536,576 --ah----- C:\wga.exe 2008-03-05 10:40 . 2008-03-05 11:35 <REP> d-------- C:\Program Files\MSN Messenger 2008-03-03 17:01 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-03-03 17:00 . 2008-03-03 17:00 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-03-03 16:55 . 2008-03-04 08:40 <REP> d-------- C:\Program Files\Windows Live 2008-03-03 16:55 . 2008-03-03 16:59 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-03-03 16:55 . 2008-03-03 16:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-29 11:26 . 2008-02-29 13:38 <REP> d-------- C:\Program Files\Horloge 2008-02-29 11:26 . 2007-10-07 15:29 221,184 --a------ C:\WINDOWS\system32\Horloge.scr 2008-02-29 11:26 . 2003-09-29 20:50 49,152 --a------ C:\WINDOWS\uninsFKI.exe 2008-02-28 15:46 . 2008-02-28 15:52 91,700 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-02-28 15:46 . 2008-02-28 15:52 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-02-28 15:45 . 2008-02-28 15:45 <REP> d-------- C:\Program Files\Kaspersky Lab 2008-02-28 15:45 . 2008-03-16 19:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-02-28 15:45 . 2008-03-16 21:06 8,931,360 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-02-28 15:45 . 2008-03-16 21:06 214,304 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-02-28 15:45 . 2008-03-16 18:39 121,364 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-02-28 15:45 . 2008-03-16 18:39 20,780 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-02-26 10:46 . 2008-02-26 10:46 <REP> d-------- C:\Program Files\ASUS 2008-02-25 17:51 . 2007-01-17 14:47 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-02-25 16:25 . 2008-02-25 16:25 <REP> d-------- C:\Program Files\KC Softwares 2008-02-25 14:11 . 2008-02-25 14:41 <REP> d-------- C:\Program Files\Fichiers communs\LightScribe 2008-02-24 22:46 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\GetSmile 2008-02-24 22:46 . 2008-02-24 22:46 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Sofrayt 2008-02-24 20:40 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\LightScribeTemplateLabeler 2008-02-24 20:40 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\Fichiers communs\LightScribe(2) 2008-02-24 18:30 . 2002-07-17 08:53 16,877 --a------ C:\WINDOWS\system32\drivers\ASPI2K.BAK 2008-02-24 18:30 . 2002-07-17 16:22 5,600 --a------ C:\WINDOWS\system\WINASPI.BAK 2008-02-24 18:30 . 2002-07-17 16:22 4,672 --a------ C:\WINDOWS\system\WOWPOST.BAK 2008-02-24 18:08 . 2002-07-17 09:20 45,056 --a------ C:\WINDOWS\system32\WNASPI2K.BAK 2008-02-24 17:59 . 2008-02-24 17:59 <REP> d-------- C:\Program Files\SAMSUNG 2008-02-24 16:05 . 2008-02-24 16:05 292 --ah----- C:\sqmdata01.sqm 2008-02-24 16:05 . 2008-02-24 16:05 244 --ah----- C:\sqmnoopt01.sqm 2008-02-23 21:55 . 2008-02-25 14:11 <REP> d-------- C:\Program Files\MailNavigator(2) 2008-02-22 10:58 . 2008-02-22 11:01 148 --a------ C:\WINDOWS\Antidote.ini 2008-02-21 22:56 . 2008-02-21 22:56 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\Druide 2008-02-21 22:48 . 2008-02-22 10:59 <REP> d-------- C:\Program Files\Druide 2008-02-21 16:23 . 2008-02-21 16:23 <REP> d-------- C:\Program Files\PC Wizard 2008 2008-02-21 16:23 . 2007-09-15 15:11 27,136 --a------ C:\WINDOWS\system32\PCWizard.cpl 2008-02-21 16:02 . 2008-02-21 16:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\JollyBear 2008-02-21 15:59 . 2008-02-21 15:59 <REP> d-------- C:\Program Files\GameHouse 2008-02-20 22:58 . 2000-03-21 00:55 118,784 --a------ C:\WINDOWS\system32\vbalNCSM6.dll 2008-02-20 22:58 . 2000-07-17 14:41 70,088 --a------ C:\WINDOWS\system32\Project2-1.ocx 2008-02-20 22:58 . 1999-02-19 08:54 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll 2008-02-20 22:58 . 2000-03-21 16:37 1,760 --a------ C:\WINDOWS\system32\objsafe.tlb 2008-02-20 22:58 . 2000-04-06 15:58 1,453 --a------ C:\WINDOWS\system32\Project2.INF 2008-02-20 13:46 . 2008-02-20 15:09 2,616,536 --a------ C:\WINDOWS\printemps.bmp 2008-02-20 13:45 . 2008-02-20 13:45 150,073 --a------ C:\WINDOWS\printemps.jpg 2008-02-19 17:56 . 2008-02-19 17:55 64,122 --a------ C:\WINDOWS\normal_lac-montagne-pyrenees-14.jpg 2008-02-19 17:55 . 2008-02-19 17:55 74,806 --a------ C:\WINDOWS\normal_Givre-sur-les-rives-du-Lac-du-Salagou-1.jpg 2008-02-18 23:17 . 2008-02-18 23:17 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\iWin 2008-02-18 13:55 . 2008-02-18 13:55 2,611,028 --a------ C:\WINDOWS\normal_printemps-6.bmp 2008-02-18 13:53 . 2008-02-18 13:53 52,902 --a------ C:\WINDOWS\normal_jonquilles-narcisses-1.jpg 2008-02-18 13:46 . 2008-02-18 13:50 2,601,200 --a------ C:\WINDOWS\normal_automne-6.bmp 2008-02-18 11:38 . 2008-02-18 11:38 0 --a------ C:\WINDOWS\LiveBilliards.INI 2008-02-18 11:35 . 1999-12-17 09:13 86,016 --a------ C:\WINDOWS\unvise32.exe 2008-02-17 23:05 . 2008-02-17 23:07 2,611,512 --a------ C:\WINDOWS\cascade.bmp 2008-02-17 23:02 . 2008-02-17 23:02 2,090,972 --a------ C:\WINDOWS\Sans titre-1 copie.bmp 2008-02-16 22:58 . 2008-02-16 22:58 <REP> d-------- C:\Program Files\PhotoCleaner 2008-02-16 22:58 . 2008-02-16 22:58 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\PhotoCleaner 2008-02-16 17:25 . 2008-02-16 17:26 13,030 --a------ C:\PDOXUSRS.NET 2008-02-16 17:18 . 2008-02-16 17:18 <REP> d-------- C:\Program Files\EBP 2008-02-16 17:11 . 2008-02-16 17:11 <REP> d-------- C:\Program Files\Fichiers communs\Borland Shared 2008-02-16 14:56 . 2008-03-11 11:09 <REP> d-------- C:\Documents and Settings\Mesureux\Application Data\MahJong Suite . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-16 16:18 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\U3 2008-03-15 13:41 --------- d-----w C:\Program Files\a-squared Free 2008-03-12 12:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-03-07 08:47 --------- d-----w C:\Program Files\eMule 2008-03-06 10:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2008-03-05 13:33 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-03-05 13:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-03-01 21:44 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\Généatique2007 2008-02-26 09:46 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-25 16:51 --------- d-----w C:\Program Files\TuneUp Utilities 2007 2008-02-25 16:50 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-02-25 16:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-02-25 13:11 --------- d-----w C:\Program Files\MagicISO 2008-02-20 14:17 --------- d-----w C:\Program Files\Codutil 59 2008-02-16 14:21 --------- d-----w C:\Program Files\MAGIX 2008-02-16 13:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\TreeCardGames 2008-02-14 10:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-02-14 10:28 --------- d-----w C:\Program Files\Bonjour 2008-02-14 09:15 --------- d-----w C:\Program Files\MaxiMemo 2008-02-14 09:15 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\MaxiMemo 2008-02-12 21:56 --------- d-----w C:\Program Files\Fichiers communs\Digidesign 2008-02-12 21:54 --------- d-----w C:\Program Files\SafeNet Sentinel 2008-02-12 21:54 --------- d-----w C:\Program Files\Fichiers communs\SafeNet Sentinel 2008-02-11 22:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-02-11 22:17 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared 2008-02-10 21:45 --------- d-----w C:\Program Files\Franciade 2008-02-10 09:28 --------- d-----w C:\Program Files\QuickTime 2008-02-10 09:28 --------- d-----w C:\Program Files\InterVideo Information Service 2008-02-10 09:28 --------- d-----w C:\Program Files\Fichiers communs\Real 2008-02-10 09:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ulead Systems 2008-02-10 09:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-02-08 21:31 --------- d-----w C:\Program Files\Fichiers communs\Ulead Systems 2008-02-07 15:16 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\Ulead Systems 2008-02-07 15:11 --------- d-----w C:\Program Files\Real 2008-02-07 15:08 --------- d-----w C:\Program Files\InterVideo 2008-02-07 15:08 --------- d-----w C:\Program Files\Fichiers communs\InterVideo 2008-02-07 15:05 --------- d-----w C:\Program Files\Windows Media Components 2008-02-05 15:19 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\Ashampoo 2008-02-05 15:17 --------- d-----w C:\Program Files\Ashampoo 2008-02-04 08:38 --------- d-----w C:\Program Files\Google 2008-02-03 18:16 --------- d-----w C:\Program Files\Java 2008-02-03 18:15 --------- d-----w C:\Program Files\Fichiers communs\Java 2008-02-01 21:37 --------- d-----w C:\Program Files\MSXML 6.0 2008-02-01 21:36 --------- d-----w C:\Program Files\MSBuild 2008-02-01 21:33 --------- d-----w C:\Program Files\Reference Assemblies 2008-02-01 14:16 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\ComptaAsso 2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR 2008-01-28 19:45 --------- d-----w C:\Program Files\PDFCreator 2008-01-28 14:13 --------- d-----w C:\Program Files\Geneatique2007 2008-01-28 12:45 --------- d-----w C:\Program Files\pese_courrier 2008-01-24 12:48 --------- d-----w C:\Program Files\BitComet 2008-01-23 22:21 278,728 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys 2008-01-23 22:21 25,416 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys 2008-01-23 21:58 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\SolSuite 2008-01-19 20:57 --------- d-----w C:\Program Files\bms98 2008-01-18 21:51 --------- d-----w C:\Program Files\VirtualDubMOD 2008-01-17 22:14 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-01-17 22:14 --------- d-----w C:\Program Files\BFG 2008-01-16 14:47 --------- d-----w C:\Documents and Settings\Mesureux\Application Data\eXPert PDF Editor 2008-01-09 19:51 86,094 ----a-w C:\WINDOWS\BPMNT.dll 2008-01-09 19:51 1,163,344 ----a-w C:\WINDOWS\vsapi32.dll 2008-01-09 14:06 71,749 ----a-w C:\WINDOWS\hcextoutput.dll 2008-01-09 14:06 267,845 ----a-w C:\WINDOWS\tsc.exe 2008-01-09 14:03 69,689 ----a-w C:\WINDOWS\UNZIP.DLL 2008-01-09 14:03 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL 2008-01-09 14:03 286,720 ----a-w C:\WINDOWS\PATCH.EXE 2007-12-28 14:47 74,752 ----a-w C:\WINDOWS\ST6UNST.EXE . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-05 22:59 68856] "LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-04-19 13:26 484904] "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2006-09-11 04:40 86960] "Gestionnaire Antidote.exe"="C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe" [2007-09-24 03:55 533944] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus CX6600 Series (Copie 1)"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe" [2004-03-01 04:00 98304] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 12:51 218376] "WinSys2"="C:\WINDOWS\system32\winsys2.exe" [2006-12-15 03:59 217088] "vspdfprsrv.exe"="C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe" [2006-05-04 06:58 998912] "UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 18:19 15872] "Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 11:43 90112] "TrayServer"="C:\Program Files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe" [2007-07-17 13:58 90112] "SW24"="C:\WINDOWS\system32\sw24.exe" [2006-12-15 03:58 69632] "SW20"="C:\WINDOWS\system32\sw20.exe" [2006-12-15 03:58 208896] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 14:34 868352] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-07-13 07:12 729088] "RoxWatchTray"="C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 15:52 240112] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 13:23 200704] "nwiz"="nwiz.exe" [2007-04-12 16:44 1626112 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-12 16:44 81920] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-12 16:44 8429568] "EPSON Stylus CX6600 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.exe" [2004-03-01 04:00 98304] "eCarteBleue-LPV-P1"="C:\Program Files\e-Carte Bleue\LA POSTE\CVD VISA\ECB.exe" [2002-12-20 09:57 188416] "DMXLauncher"="C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 03:44 113136] "ctvc.exe"="C:\WINDOWS\system32\ctvc.exe" [ ] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"= "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "I:\\Jeux\\Grand Master Chess\\server.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "24829:TCP"= 24829:TCP:BitComet 24829 TCP "24829:UDP"= 24829:UDP:BitComet 24829 UDP "24349:TCP"= 24349:TCP:BitComet 24349 TCP "24349:UDP"= 24349:UDP:BitComet 24349 UDP "27353:TCP"= 27353:TCP:BitComet 27353 TCP "27353:UDP"= 27353:UDP:BitComet 27353 UDP R2 acedrv09;acedrv09;C:\WINDOWS\system32\drivers\acedrv09.sys [2007-06-18 14:10] R2 acehlp09;acehlp09;C:\WINDOWS\system32\drivers\acehlp09.sys [2007-05-30 17:54] R2 UxTuneUp;Extension de conception TuneUp;C:\WINDOWS\System32\svchost.exe [2006-03-02 13:00] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe" [2007-08-24 15:53] S2 RoxLiveShare10;LiveShare P2P Server 10;"C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" [2007-08-24 15:52] S2 RoxWatch10;Roxio Hard Drive Watcher 10;"C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe" [2007-08-24 15:52] S2 SessionLauncher;SessionLauncher;C:\DOCUME~1\Mesureux\LOCALS~1\Temp\DX9\SessionLauncher.exe [] S3 Droppix Service;Droppix Service;"C:\Program Files\Fichiers communs\Droppix\DxService.exe" [2007-05-18 20:00] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 15:18] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" [2007-08-24 15:53] S3 RoxMediaDB10;RoxMediaDB10;"C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe" [2007-08-24 15:52] S3 UPnPService;UPnPService;C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 17:00] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L] \Shell\AutoRun\command - L:\LaunchU3.exe [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe" [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{3A5656F7-2047-E7E4-018D-FD278FC908BD}] C:\WINDOWS\system32:Explore.exe . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2008-03-14 16:20:16 C:\WINDOWS\Tasks\Maintenance en 1 clic.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-16 21:06:53 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-03-16 21:07:14 ComboFix-quarantined-files.txt 2008-03-16 20:07:13 . 2008-03-12 12:46:13 --- E O F ---
  9. restanco
    Bonsoir Voici le rapport édité par SDFix.exe : SDFix: Version 1.158 Run by Mesureux on 16/03/2008 at 18:45 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\SYSTEM32\DCTVC.DLL - Deleted C:\WINDOWS\SYSTEM32\DICTVC.DLL - Deleted Removing Temp Files ADS Check : C:\WINDOWS\system32 :Explore.exe 914043 Total size: 914043 bytes. system32: deleted 914043 bytes in 1 streams. Checking for remaining Streams C:\WINDOWS\system32 No streams found. Final Check : catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-16 18:56:55 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 1 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"="C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe:*:Enabled:Apache HTTP Server" "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook" "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe:*:Enabled:Render Manager" "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe:*:Enabled:Studio" "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile" "C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"="C:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe:*:Enabled:umi" "C:\\WINDOWS\\system32\\thonuiwpyhb.exe"="C:\\WINDOWS\\system32\\thonuiwpyhb.exe:*:Enabled:thonuiwpyhb" "C:\\Program Files\\BitComet\\BitComet.exe"="C:\\Program Files\\BitComet\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE:*:Enabled:SAgent4" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "I:\\Jeux\\Grand Master Chess\\server.exe"="I:\\Jeux\\Grand Master Chess\\server.exe:*:Enabled:server" "C:\\Documents and Settings\\Mesureux\\Local Settings\\Temp\\97exmdnk29.exe"="C:\\Documents and Settings\\Mesureux\\Local Settings\\Temp\\97exmdnk29.exe:*:Enabled:97exmdnk29" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\Zattoo\\zattood.exe"="C:\\Program Files\\Zattoo\\zattood.exe:*:Enabled:zattood" "C:\\Program Files\\Zattoo\\Zattoo2.exe"="C:\\Program Files\\Zattoo\\Zattoo2.exe:*:Enabled: " [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Tue 4 Mar 2008 536,576 A..H. --- "C:\wga.exe" Fri 28 Dec 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Finished! Merci et bonne soirée
  10. restanco
    Bonjour Suite à un échange déjà dans le forum Software, le correspondant me conseille de poster mon fichier hajkthis ici. Donc voici le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:30:42, on 15/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\system32\winsys2.exe C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe C:\WINDOWS\system32\wuauclt.exe C:\Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P36 "EPSON Stylus CX6600 Series (Copie 1)" /O5 "LPT1:" /M "Stylus CX6600" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600" O4 - HKLM\..\Run: [eCarteBleue-LPV-P1] "C:\Program Files\e-Carte Bleue\LA POSTE\CVD VISA\ECB.exe" /dontopenmycards O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" O4 - HKLM\..\Run: [ctvc.exe] C:\WINDOWS\system32\ctvc.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU) O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1198749488781 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\Mesureux\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing) O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 12852 bytes Si quelqu'un me me dépanner, cela sera sympa. Merci et bon dimanche à tous
  11. restanco

    Restore

    restanco a répondu à un(e) sujet de restanco dans Software

    Avec antiv j'ai mis le fichier ctvc.exe en quarantaine comme demandé par l'antivirus, et voici le rapport hijacthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:30:42, on 15/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\system32\winsys2.exe C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe C:\WINDOWS\system32\wuauclt.exe C:\Downloads\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - (no file) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P36 "EPSON Stylus CX6600 Series (Copie 1)" /O5 "LPT1:" /M "Stylus CX6600" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600" O4 - HKLM\..\Run: [eCarteBleue-LPV-P1] "C:\Program Files\e-Carte Bleue\LA POSTE\CVD VISA\ECB.exe" /dontopenmycards O4 - HKLM\..\Run: [DMXLauncher] "C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" O4 - HKLM\..\Run: [ctvc.exe] C:\WINDOWS\system32\ctvc.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [Gestionnaire Antidote.exe] C:\Program Files\Druide\Antidote\Gestionnaire Antidote.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote K - IE 7.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote D - IE 7.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - C:\Program Files\Druide\Antidote\Internet Explorer\7\Antidote G - IE 7.htm (HKCU) O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1198749488781 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Droppix Service - Droppix - C:\Program Files\Fichiers communs\Droppix\DxService.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\Mesureux\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing) O23 - Service: UPnPService - Magix AG - C:\Program Files\Fichiers communs\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 12852 bytes Merci et bon dimanche
  12. restanco

    Restore

    restanco a répondu à un(e) sujet de restanco dans Software

    Je n'ai pas de fichier hptpro.sys Que faire, est-il indispensable ? Merci pour vos réponses.
  13. restanco

    Restore

    restanco a répondu à un(e) sujet de restanco dans Software

    En faisant une recherche de virus voici ce que je trouve : découvert : virus Heur.Downloader (modification) Le fichier: I:\System Volume Information\_restore{2A3DF861-7C31-4203-A38C-AD4E6476FA26}\RP57\A0010408.exe//stream//data0016 découvert : virus Heur.Downloader (modification) Le fichier: I:\System Volume Information\_restore{D17B4753-3DAE-4A96-9414-3B310A022E40}\RP42\A0005001.exe//stream//data0016 Est ce la raison de mon impossibilité de faire restore ? Meric d'vance.
  14. restanco

    Restore

    restanco a posté un sujet dans Software

    Bonjour à tous Voila mon problème : Quand je veux restorer mon pc à une date ultérieure, je choisis la date, suis la procédure normale et quand le pc redémarre j'ai la fenêtre restore qui s'ouvre et qui me signale "Aucun changement n'a été effectué sur votre ordinateur". Donc si je comprends bien la fonction restore n'a pas fonctionné ? Comment remédier à ce problème pour faire en quelque sorte que mon pc soit réinitialisé à la date choisie ? Merci d'avance et bon week-end.
  15. restanco

    Fonction "restore"

    restanco a répondu à un(e) sujet de restanco dans Software

    Bonjour C'est bien en automatique. Bon dimanche
  16. restanco

    Fonction "restore"

    restanco a répondu à un(e) sujet de restanco dans Software

    OU je trouve la rubrique "tâches planifiées" ? Quand au calendrier, il fonctionne bien. Amicalement
  17. restanco

    Fonction "restore"

    restanco a posté un sujet dans Software

    Bonjour J'ai un problème avec le programme "restore". Lorsque je demande une restauration, je choisis la date, et je lance la restauration. Mais lorsque le PC redémarre, il me signale que rien n'a été restauré, et par conséquent je me retrouve comme si rienn'avait été restauré. Que faire ? Merci d'avance et bon week-end à tous.
  18. restanco

    Graveur non reconnu

    restanco a répondu à un(e) sujet de restanco dans Hardware

    Oui j'ai bien sp2 et la version de Nero est 8.1.1.4 J'ai changé de prise usb et cela a l'air de fonctionner. Merci et bonne journée.
  19. restanco

    Graveur non reconnu

    restanco a répondu à un(e) sujet de restanco dans Hardware

    Bonsoir C'est un graveur externe et a part le cd de nero c'est tout ce que j'ai. De plus la version fournie avec ce graveur est plus ancienne que celle que j'ai sur mon pc.
  20. restanco

    Graveur non reconnu

    restanco a posté un sujet dans Hardware

    Bonjour Je viens d'acquerir un graveur samsung externe SE-S204N/EUBN est il n'est pas reconnu par windows xp, il me marque peripherique inconnu. Que faire, il n'y avait pas de cd avec a part nero 7, mais je possède une version plus récente. Merci d'avance a qui pourra débloquer l'affaire.
  21. restanco

    Capacité disque dur externe

    restanco a répondu à un(e) sujet de restanco dans Hardware

    Merci à tous j'ai résolu mon problème de fat32 je suis passé sur le disque en dur en ntfs et j'ai retrouvé la capacité normale du disque dur. Amicalement.
  22. restanco

    Capacité disque dur externe

    restanco a répondu à un(e) sujet de restanco dans Hardware

    Non, du moins je ne pense, car lorsque je le connecte il n'y a qu'une lettre qui apparait.
  23. restanco
    Bonjour J'ai récupéré un disque dur de 200GB que je viens de mettre dans un boitier externe. Lorsque je clique sur propriétés, la capacité n'est plus que 10 Go Que se passe t-il ? Merci d'avance pour vos réponses et solutions.
  24. restanco

    DD plus reconnu

    restanco a posté un sujet dans Hardware

    Bonjour J'ai acheté un disque dur multimédia STOREX MPiX555 sur port USB2. Lorsque je l'ai installé la première fois, il a été reconnu directement par Windows XP SP2 sans problème, j'ai transféré normalement mais fichiers. Le soir, je ferme mon PC normalement et le lendemain le PC n'affiche plus le STOREX parmi mes disques durs sur le Poste de travail. Je ne peux pas formater le DD (sous Windoxs XP le constructeur dis que ce n'est pas nécessaire) car sinon je perds mes fichiers. Que faire ? Merci à la personne qui pourra me donner une solution.
  25. restanco

    Outlook 2003 : profil

    restanco a posté un sujet dans Software

    Bonjour J(utilise outlool 2003 ains que la suite office XP pro 2003. Suite à un changement de disque dur, j'ai réinstallé Office XP pro 2003 et depuis cette nouvelle installation j'ai le problème suivant. Lorsque je lance outlook j'ai une fenêtre qui s'ouvre : Choix du profil. Je suis obligé de choisir outlook et de cliquer sur Ok. Avant cela s'ouvrait directement. Office xp pro est enregistré avec licence. Merci d'avance à qui pourra me dépanner.
×
×
  • Créer...