mercurefi

Géééniaaaal ! Super !!!!!!!!!!! Nous avons enfin récupéré le son ! Un grand merci à toi AliaS93 pour cette info de première ! Mercurefi

merci beaucoup pour le tuyau, on va tester. Mercurefi

ca serait avec plaisir mais la bibliotheque a ete upgradee pour itune 7 et pas trouve le moyen de revenir a la version 6 sans alterer le fichier librairy !! auriez vous un process precis et detaille pour revenir a la 6 et remettre la bibliotheque au format itune 6.5? mercurefi

oui oui! restauration tentee sur la version d'avant l'instllation d'Itune7! aucun effet et toujours pas de zic !!! vu la galere on a meme envisage de re-installer windows ! mais est ce que le probleme vient de windows vu que tout a part Quicktime 7 marche parfaitement? on est meme preneur de conseils de marabouts ou guerisseurs s'il le faut ! merci a tous!

Bonjour a tous. Nous avons installé la mise à jour d'itunes7 il y a environ 2 semaines. Depuis plus de son : d'après l'affichage de l'équaliseur il y a bien du son mais absolument rien en sortie. Les fichiers audios sont eux bien audibles par windows média player ou autre soft mais rien de rien avec itunes7 On a fait la mise à jour de quicktime, rien de neuf. désinstallation de itunes, désinstallation de quicktime et réinstallation du tout en commencant par quicktime ça ne fonctionne toujours pas. Tentative de retour à la version précédente de itunes = impossible... Mise à jour de tous les drivers de la carte son : rien de neuf résultat : tout est bloqué. plus de musique à la maison puisqu'on pilote tout avec itunes. Quelqu'un a-t-il une idée ?? Merci

Bon je ne sais pas s'il a eu peur ou s'il voulait me faire plaisir mais il me réaffiche de nouveau l'ajout/suppr !! yesssssssssssssss !!!! maintenant je vais essayer un easy recovery un un truc du genre pour récupérer mes fichiers. merci beaucoup pour ta patience et bonne soirée ! mercurefi la husarde

ah ben merci de me rassurer Mégataupe, cool Bon maintenant me reste plus qu'à trouver l'idée du siècle pour récuperer mon affichage des programmes dans l'ajout/suppr et voir comment je peux restaurer mes fichiers MP3 qui se cachent méticuleusement d'un parametrage explorer normal et se sont planqués dans des directeories found0../dir... sinon je formate tout grrrr bonne soirée mercurefi la hussarde

ooppsss oublié 2 précisions = j'ai toujours la restauration sytème déactivée (chais pas si ça peut servir) et il st chouette ton logo Mégataupe

Hello tout le monde ! j'ai bien fait de prendre du repos car c'était le jeu du plus têtu ce soir. Entre f-secure qui refuse de se lancer en mode sans échec et process guard qui ne veut pas que f-secure fasse ses vérifs, il a fallu que je fasse le shérif = process guard a perdu ! désinstallation complète car même fermé il continuait de bosser ! non mais ! lool pour être totalement honnête, process guard s'est vengé : je n'ai plus accès à l'ajout ou suppression de programme dans le panneau de config, et mcafee s'y met en me signalant la tentative d'intrusion de c:\windows\system32\alg.exe sur le port 1027 ! c'est qui cuilà ?!!!! GRRRRRRRRRRRR.... et tout ça pour obtenir un rapport f-secure lancé en mode normal = NEANT, que dchi, nada !!! No hidden items found !!! c'est où la décharge à ordis ??? Mercurefi

Bon, le K est revenu sur le c donc je vais pouvoir faire les manips qui nécessitent une vérif des 2 en mode accéléré.... mais demain soir !!! parce que j'avoue que là, je sature un peu ! loool Bonne nuit et merci

hello tesfaz, pour le moment le dd externe est pluggué en usb sur un portable pour l'isoler. Pour ce que tu me dis, j'attends que le chéri rentre car pour moi c'est chinois c que tu me dis... tout ce que je peux te dire, c'est que 90% des fichiers sont planqués où qu'on le branche... merci tu m'inquiètes mégataupe pour le process guard... je l'ai lancé tel quel sans paramétrer quoi que ce soit... faut-il que je recommence tout ? pour f-sécure, là encore j'attends qu'on me rebranche le dd externe sur le c car c'est vraiment trop long les manips sur le portable préhistorique... Donc à priori la suite demain... et merci beaucoup pour ta patience.. mercurefi

je ne sais pas si c'est moi qui ai autorisé services.exe... J'ai le plus petit brevet de pilote d'anglais existant et je passe mon temps à me battre contre mcafee et maintenant processguard qui me posent des question à chaque fois que je clique sur internet ou que j'installe un programme de vérif. Heureusement que j'ai désinstallé antivir sinon c'était plus possible lool. bon, voici les rapports = c:\windows\system32\services.exe = Service load: 0% 100% File: services.exe Status: OK (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) MD5 63dcde1a0d86eeb8924d6738ff616ead Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found nothing c:\windows\system32\spoolsv.exe = Service load: 0% 100% File: spoolsv.exe Status: OK (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) MD5 da81ec57acd4cdc3d4c51cf3d409af9f Packers detected: - Scanner results AntiVir Found nothing ArcaVir Found nothing Avast Found nothing AVG Antivirus Found nothing BitDefender Found nothing ClamAV Found nothing Dr.Web Found nothing F-Prot Antivirus Found nothing Fortinet Found nothing Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found nothing UNA Found nothing VBA32 Found nothing ps = j'applaudis ta patience !!!!

re bonsoir mégataupe... j'ai réussi à le charger finalement et voici les 2 rapports : AVEC LEARNING MODE = ---Process Guard Log Started--- Sun 11 - 20:52:05 [EXECUTION] "c:\windows\system32\wdfmgr.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\wdfmgr.exe ] Sun 11 - 20:52:05 [EXECUTION] "c:\progra~1\mcafee.com\agent\mcagent.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\agent\mcagent.exe" ] Sun 11 - 20:52:05 [EXECUTION] "c:\windows\system32\mspmspsv.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\mspmspsv.exe ] Sun 11 - 20:52:05 [EXECUTION] "c:\windows\system32\svchost.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\svchost.exe -k netsvcs ] Sun 11 - 20:52:05 [EXECUTION] "c:\progra~1\mcafee.com\vso\mcvsshld.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\vso\mcvsshld.exe" ] Sun 11 - 20:52:05 [EXECUTION] "c:\windows\system32\fxssvc.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\fxssvc.exe ] Sun 11 - 20:52:06 [EXECUTION] "c:\progra~1\mcafee.com\vso\mcvsescn.exe" was allowed to run [EXECUTION] Started by "c:\progra~1\mcafee.com\vso\mcvsshld.exe" [2064] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\vso\mcvsescn.exe" /disabled ] Sun 11 - 20:52:06 [EXECUTION] "c:\progra~1\mcafee\spamki~1\mskdetct.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee\spamki~1\mskdetct.exe" /startup ] Sun 11 - 20:52:07 [EXECUTION] "c:\progra~1\mcafee\spamki~1\mskagent.exe" was allowed to run [EXECUTION] Started by "c:\progra~1\mcafee\spamki~1\msksrvr.exe" [2012] [EXECUTION] Commandline - [ c:\progra~1\mcafee\spamki~1\mskagent.exe /notifyagent ] Sun 11 - 20:52:07 [EXECUTION] "c:\progra~1\mcafee.com\vso\mcshield.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\progra~1\mcafee.com\vso\mcshield.exe ] Sun 11 - 20:52:07 [EXECUTION] "c:\program files\mcafee.com\shared\mghtml.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1000] [EXECUTION] Commandline - [ "c:\program files\mcafee.com\shared\mghtml.exe" -embedding ] Sun 11 - 20:52:07 [EXECUTION] "c:\progra~1\mcafee.com\person~1\mpftray.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\person~1\mpftray.exe" ] Sun 11 - 20:52:09 [EXECUTION] "c:\progra~1\mcafee.com\person~1\mpftray.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\person~1\mpftray.exe" ] Sun 11 - 20:52:11 [EXECUTION] "c:\program files\fichiers communs\real\update_ob\realsched.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\fichiers communs\real\update_ob\realsched.exe" -osboot ] Sun 11 - 20:52:13 [EXECUTION] "c:\program files\processguard\procguard.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\processguard\procguard.exe" ] Sun 11 - 20:52:13 [EXECUTION] "c:\windows\system32\alg.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\alg.exe ] Sun 11 - 20:52:13 [EXECUTION] "c:\progra~1\mcafee.com\person~1\mpfagent.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1000] [EXECUTION] Commandline - [ c:\progra~1\mcafee.com\person~1\mpfagent.exe -embedding ] Sun 11 - 20:52:14 [EXECUTION] "c:\program files\natso backup\natsobackup_pro.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\natso backup\natsobackup_pro.exe" ] Sun 11 - 20:52:14 [EXECUTION] "c:\windows\system32\wbem\wmiprvse.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1000] [EXECUTION] Commandline - [ c:\windows\system32\wbem\wmiprvse.exe -embedding ] Sun 11 - 20:52:15 [EXECUTION] "c:\program files\quicktime\qttask.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\quicktime\qttask.exe" -atboottime ] Sun 11 - 20:52:15 [EXECUTION] "c:\program files\itunes\ituneshelper.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\itunes\ituneshelper.exe" ] Sun 11 - 20:52:16 [EXECUTION] "c:\program files\ipod\bin\ipodservice.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ "c:\program files\ipod\bin\ipodservice.exe" ] Sun 11 - 20:52:16 [EXECUTION] "c:\program files\processguard\pgaccount.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\processguard\pgaccount.exe" ] Sun 11 - 20:52:17 [EXECUTION] "c:\windows\system32\ctfmon.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\windows\system32\ctfmon.exe" ] Sun 11 - 20:52:19 [EXECUTION] "c:\program files\messenger\msmsgs.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\messenger\msmsgs.exe" /background ] Sun 11 - 20:52:19 [EXECUTION] "c:\progra~1\mcafee.com\person~1\mpfwizard.exe" was allowed to run [EXECUTION] Started by "c:\progra~1\mcafee.com\person~1\mpftray.exe" [2420] [EXECUTION] Commandline - [ "mpfwizard.exe" ] Sun 11 - 20:52:20 [EXECUTION] "c:\program files\processguard\procguard.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\processguard\procguard.exe" -minimize ] Sun 11 - 20:52:21 [EXECUTION] "c:\program files\wintv\ir.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\wintv\ir.exe" /quiet ] Sun 11 - 20:52:21 [EXECUTION] "c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe" ] Sun 11 - 20:52:51 [EXECUTION] "c:\windows\system32\wuauclt.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1768] [EXECUTION] Commandline - [ "c:\windows\system32\wuauclt.exe" /runstoreascomserver local\[6e8]susds6fc9d8a98298f644bff72aa41bb0a33b ] Sun 11 - 20:53:13 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" c:\program files\processguard\logs\pglog_12_2005.txt ] SANS LEARNING MODE = ---Process Guard Log Started--- Sun 11 - 20:52:05 [EXECUTION] "c:\windows\system32\wdfmgr.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\wdfmgr.exe ] Sun 11 - 20:52:05 [EXECUTION] "c:\progra~1\mcafee.com\agent\mcagent.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\agent\mcagent.exe" ] Sun 11 - 20:52:05 [EXECUTION] "c:\windows\system32\mspmspsv.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\mspmspsv.exe ] Sun 11 - 20:52:05 [EXECUTION] "c:\windows\system32\svchost.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\svchost.exe -k netsvcs ] Sun 11 - 20:52:05 [EXECUTION] "c:\progra~1\mcafee.com\vso\mcvsshld.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\vso\mcvsshld.exe" ] Sun 11 - 20:52:05 [EXECUTION] "c:\windows\system32\fxssvc.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\fxssvc.exe ] Sun 11 - 20:52:06 [EXECUTION] "c:\progra~1\mcafee.com\vso\mcvsescn.exe" was allowed to run [EXECUTION] Started by "c:\progra~1\mcafee.com\vso\mcvsshld.exe" [2064] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\vso\mcvsescn.exe" /disabled ] Sun 11 - 20:52:06 [EXECUTION] "c:\progra~1\mcafee\spamki~1\mskdetct.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee\spamki~1\mskdetct.exe" /startup ] Sun 11 - 20:52:07 [EXECUTION] "c:\progra~1\mcafee\spamki~1\mskagent.exe" was allowed to run [EXECUTION] Started by "c:\progra~1\mcafee\spamki~1\msksrvr.exe" [2012] [EXECUTION] Commandline - [ c:\progra~1\mcafee\spamki~1\mskagent.exe /notifyagent ] Sun 11 - 20:52:07 [EXECUTION] "c:\progra~1\mcafee.com\vso\mcshield.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\progra~1\mcafee.com\vso\mcshield.exe ] Sun 11 - 20:52:07 [EXECUTION] "c:\program files\mcafee.com\shared\mghtml.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1000] [EXECUTION] Commandline - [ "c:\program files\mcafee.com\shared\mghtml.exe" -embedding ] Sun 11 - 20:52:07 [EXECUTION] "c:\progra~1\mcafee.com\person~1\mpftray.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\person~1\mpftray.exe" ] Sun 11 - 20:52:09 [EXECUTION] "c:\progra~1\mcafee.com\person~1\mpftray.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\progra~1\mcafee.com\person~1\mpftray.exe" ] Sun 11 - 20:52:11 [EXECUTION] "c:\program files\fichiers communs\real\update_ob\realsched.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\fichiers communs\real\update_ob\realsched.exe" -osboot ] Sun 11 - 20:52:13 [EXECUTION] "c:\program files\processguard\procguard.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\processguard\procguard.exe" ] Sun 11 - 20:52:13 [EXECUTION] "c:\windows\system32\alg.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\alg.exe ] Sun 11 - 20:52:13 [EXECUTION] "c:\progra~1\mcafee.com\person~1\mpfagent.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1000] [EXECUTION] Commandline - [ c:\progra~1\mcafee.com\person~1\mpfagent.exe -embedding ] Sun 11 - 20:52:14 [EXECUTION] "c:\program files\natso backup\natsobackup_pro.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\natso backup\natsobackup_pro.exe" ] Sun 11 - 20:52:14 [EXECUTION] "c:\windows\system32\wbem\wmiprvse.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1000] [EXECUTION] Commandline - [ c:\windows\system32\wbem\wmiprvse.exe -embedding ] Sun 11 - 20:52:15 [EXECUTION] "c:\program files\quicktime\qttask.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\quicktime\qttask.exe" -atboottime ] Sun 11 - 20:52:15 [EXECUTION] "c:\program files\itunes\ituneshelper.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\itunes\ituneshelper.exe" ] Sun 11 - 20:52:16 [EXECUTION] "c:\program files\ipod\bin\ipodservice.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ "c:\program files\ipod\bin\ipodservice.exe" ] Sun 11 - 20:52:16 [EXECUTION] "c:\program files\processguard\pgaccount.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\processguard\pgaccount.exe" ] Sun 11 - 20:52:17 [EXECUTION] "c:\windows\system32\ctfmon.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\windows\system32\ctfmon.exe" ] Sun 11 - 20:52:19 [EXECUTION] "c:\program files\messenger\msmsgs.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\messenger\msmsgs.exe" /background ] Sun 11 - 20:52:19 [EXECUTION] "c:\progra~1\mcafee.com\person~1\mpfwizard.exe" was allowed to run [EXECUTION] Started by "c:\progra~1\mcafee.com\person~1\mpftray.exe" [2420] [EXECUTION] Commandline - [ "mpfwizard.exe" ] Sun 11 - 20:52:20 [EXECUTION] "c:\program files\processguard\procguard.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\processguard\procguard.exe" -minimize ] Sun 11 - 20:52:21 [EXECUTION] "c:\program files\wintv\ir.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\wintv\ir.exe" /quiet ] Sun 11 - 20:52:21 [EXECUTION] "c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe" ] Sun 11 - 20:52:51 [EXECUTION] "c:\windows\system32\wuauclt.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1768] [EXECUTION] Commandline - [ "c:\windows\system32\wuauclt.exe" /runstoreascomserver local\[6e8]susds6fc9d8a98298f644bff72aa41bb0a33b ] Sun 11 - 20:53:13 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" c:\program files\processguard\logs\pglog_12_2005.txt ] Sun 11 - 20:53:51 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" ] Sun 11 - 20:54:48 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [424] [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" c:\program files\process guard 3150\rapport.txt ] Sun 11 - 20:55:52 [EXECUTION] "c:\windows\system32\logonui.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\winlogon.exe" [728] [EXECUTION] Commandline - [ logonui.exe /status /shutdown ] Sun 11 - 20:56:02 [TERMINATE] c:\windows\system32\services.exe [772] was blocked from terminating c:\windows\system32\spoolsv.exe [1596] ---Process Guard Log Started--- Sun 11 - 20:57:26 [EXECUTION] "c:\windows\system32\fxssvc.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\fxssvc.exe ] Sun 11 - 20:57:27 [EXECUTION] "c:\program files\ipod\bin\ipodservice.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ "c:\program files\ipod\bin\ipodservice.exe" ] Sun 11 - 20:57:28 [EXECUTION] "c:\program files\mcafee.com\vso\mcshield.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\progra~1\mcafee.com\vso\mcshield.exe ] Sun 11 - 20:57:30 [EXECUTION] "c:\program files\mcafee\spamkiller\mskagent.exe" was allowed to run [EXECUTION] Started by "c:\progra~1\mcafee\spamki~1\msksrvr.exe" [1776] [EXECUTION] Commandline - [ c:\progra~1\mcafee\spamki~1\mskagent.exe /notifyagent ] Sun 11 - 20:57:31 [EXECUTION] "c:\windows\system32\alg.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\services.exe" [772] [EXECUTION] Commandline - [ c:\windows\system32\alg.exe ] Sun 11 - 20:57:32 [EXECUTION] "c:\windows\system32\wbem\wmiprvse.exe" was allowed to run [EXECUTION] Started by "c:\windows\system32\svchost.exe" [1000] [EXECUTION] Commandline - [ c:\windows\system32\wbem\wmiprvse.exe -embedding ] Sun 11 - 20:57:32 [EXECUTION] "c:\program files\mcafee.com\personal firewall\mpfwizard.exe" was allowed to run [EXECUTION] Started by "c:\progra~1\mcafee.com\person~1\mpftray.exe" [532] [EXECUTION] Commandline - [ "mpfwizard.exe" ] Sun 11 - 20:57:36 [EXECUTION] "c:\program files\processguard\procguard.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [1900] [EXECUTION] Commandline - [ "c:\program files\processguard\procguard.exe" -minimize ] Sun 11 - 20:57:37 [EXECUTION] "c:\program files\wintv\ir.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [1900] [EXECUTION] Commandline - [ "c:\program files\wintv\ir.exe" /quiet ] Sun 11 - 20:57:37 [EXECUTION] "c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [1900] [EXECUTION] Commandline - [ "c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe" ] Sun 11 - 20:58:02 [EXECUTION] "c:\windows\system32\notepad.exe" was allowed to run [EXECUTION] Started by "c:\windows\explorer.exe" [1900] [EXECUTION] Commandline - [ "c:\windows\system32\notepad.exe" c:\program files\processguard\logs\pglog_12_2005.txt ] merci beaucoup mercurefi oooppssss j'ai oublié d'ajouter que je n'ai fait cette manip que sur le C. Dois-je la répéter sur le DD externe isolé sur un portable ?

hello tout le monde... après avoir posté les rapports du C d'aproposfix et hijackthis voici ceux du portable sur lequel est isolé le DD externe défaillant. je ne sais pas si ça sera d'une quelconque utilité mais dans le doute.... APROPOSFIX = Log of AproposFix v1 *********** Running from directory: C:\Documents and Settings\Siboni\Bureau\aproposfix ************ Registry entries found: ************ No service found! Removing hidden folder: No folder found! Deleting files: Backing up files: Done! Removing registry entries: REGEDIT4 Done! Finished! HIJACKTHIS Logfile of HijackThis v1.99.1 Scan saved at 14:53:01, on 11/12/2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-internet.fr/navig/mail.phtml R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O4 - HKLM\..\Run: [adiras] adiras.exe O4 - HKLM\..\Run: [CapFax] C:\Program Files\WinFax Plus\CapFax.EXE O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn Pro\Autolaunch.exe" O4 - HKLM\..\Run: [MPFTray] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe O4 - HKLM\..\Run: [MSKAGENTEXE] C:\PROGRA~1\McAfee\SPAMKI~1\MskAgent.exe O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" O4 - HKLM\..\Run: [MSKDetectorExe] C:\PROGRA~1\McAfee\SPAMKI~1\MSKDetct.exe /startup O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st800\DSLMON.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Wireless Client Manager.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://videohd.m6.fr.ipercast.net/installer-hidden.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...83/mcinsctl.cab O16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) - https://mysupport.nai.com/amiuptodate/bin/1...pdatePortal.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1106413635273 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,20/mcgdmgr.cab O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe O23 - Service: McAfee SpamKiller Server (MskService) - Networks Associates Technology. Inc. - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe O23 - Service: SHYXOA - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Siboni\LOCALS~1\Temp\SHYXOA.exe voilà voilà... et encore merci à tous

Merci Jack Burton ! je vais le redéplacer... a vrai dire je vais même faire des recherches car je dois l'avoir en triple exemplaire maintenant A+