Aller au contenu

toutclic

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    259

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par toutclic

  1. toutclic
    Bonjour, Depuis ce matin je suis entrain d'essayer de reparer un probleme qui vient soit de mon pilote grapique soit de ma carte graphique. Avant celui ci fonctionner tres bien et depuis ce matin il me sort des ecran bleu et des probleme d'affichage sous forme de pixels bizarre qui apparaissent sur l'ecran. J'ai essayé de mettre mon pilote graphique a jour mais ça n'a fait qu'aggraver le probleme. j'ai donc essayer de reinstaller le systeme mais c'est encore pire maintenant des que je redemarre il faut obligatoire que je passe par un phase de reparation et tout les logiciel que j'ai installé ne son plus la. C'est assez inconfortable comme situation c'est pour sa que je demande votre aide. Mon ordinateur est un HP notebook pavilion dv9636. D'origine il etait sur vista mais je suis passé a windows 7 (pour les pilotes je les ai trouvé sur le net) Merci d'avance pour votre aide
  2. toutclic

    Pilote Claviers ou autre

    toutclic a répondu à un(e) sujet de toutclic dans Hardware

    Bonsoir, Danc l'onglet lecture je ne peut rien faire a part voir la température des processeurs Pour le clavier c'est pas un problème de région c'est un problème d'assignation. La touche impr ecran et a la place de la touche insert et je n'ai plus de touche inser a cause de sa
  3. toutclic

    ralentissement asus

    toutclic a répondu à un sujet dans Hardware

    Quel version de windows a tu ?
  4. toutclic
    Bonjour, il est impossible de changer la carte graphique dans un ordinateur portable Vu la place qu'il y a a l'interieur comment veux tu mettre une carte graphique sinon pour ton probleme ben il n'y a qu'une solution changer d'ordinateur
  5. toutclic

    Pilote Claviers ou autre

    toutclic a répondu à un(e) sujet de toutclic dans Hardware

    Oui je sais j'ai eu cette ordi avec Vista et puis ayant une licence MSDN j'ai télécharger win7 et puis je l'ai installer sinon pas de problème avec cette OS J'ai installer speedfan mais lui m'affiche un température qui monte a plus de 88°C donc la je commence vraiment a avoir peur. Vu que c'est un pc portable je ne peux pas voir la vitesse du ventilateur. Serait il possible de revenir a l'ancienne version du bios ?? si oui comment ?
  6. toutclic

    Pilote Claviers ou autre

    toutclic a répondu à un(e) sujet de toutclic dans Hardware

    Sa commence a devenir urgent la je ne sais pas quoi faire desolé pour le double post
  7. toutclic

    Pilote Claviers ou autre

    toutclic a répondu à un(e) sujet de toutclic dans Hardware

    Y aurait il pas un autre moyen que de flasher le bios parce que entre temps je suis passé a un autre OS et il y a ecrit sa dans ce que je dois telecharger : "hp.com home Utilitaire WinFlash destiné au BIOS système des ordinateurs portables HP équipés de processeurs Intel et exécutant Microsoft Windows Vista " Je suis sous windows 7 et j'ai peur de faire une fausse manip en utilisant se logiciel sous win7 voici le lien de pilotes disponible pour mon pc : ici Edit : Je viens de flasher le BIOS et la procedure c'est passé a merveille mais mon probleme de touche n'est toujours pas regler Une autre option ??? Autre probleme : le ventillo ne tourne plus comme avant lorsque que je lance un jeu le processeur monte a 83°C au lieu des 73°C d'avant :/
  8. toutclic
    Bonjour, Depuis quelque temps (presque 1an deja) le clavier de mon PC portable (hp pavillon dv9000) a quelque soucis. En fait j'ai perdu 4 touche assez importante (impr ecran, syst, pause et attn) qui fonctionnait auparavant quand j'appuyer sur la touche fn et le bouton associé. J'ai regardé un peu sur le net et j'ai trouvé ou la touche impr ecran est a present au lieu de se trouvé a sa place. J'aimerai remettre c'est touche a leur place et c'est pour cela que je demande votre aide Merci d'avance Toutclic
  9. toutclic
    Bonjour, En fait mon probleme n'est pas tres geneant mais bon c'est quand meme 4 touche de perdu les touche (impr ecr ; syst ; pause ; attn) j'aimerai eviter de reformater mon pc juste pour ce genre de probleme ce que je voudrai faire c'est pouvoir modifier l'affectation de c'est touche. Mon pc est un HP pavillon dv9000 merci d'avance.
  10. toutclic
    Bonjour, Depuis que j'ai reformater mon pc un ecran bleu apparait de façon reguliere a cause de ce driver "tcpip.sys" voici la description de l'erreur : STOP 0x0000000A, IRQL_NOT_LESS_OR_EQUAL. pouvais vous m'aidez. merci d'avance !
  11. toutclic
    je vois vraiment pas ce que sa a fait mais merci quand meme
  12. toutclic
    Bonsoir, Voici le rapport : ========== PROCESSES ========== Process explorer.exe killed successfully. ========== SERVICES/DRIVERS ========== ========== FILES ========== File/Folder C:\Windows\MS32DLL.dll.vbs not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\\ not found. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ccbfaa2-d690-11dc-9701-001b24ed51c8}\\ deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{479990b0-d6eb-11dc-bb14-001b24ed51c8}\\ deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c48a1ad-0ed4-11dd-a293-001b24ed51c8}\\ deleted successfully. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c7a6216d-1121-11dd-8323-001b24ed51c8}]\\ not found. ========== COMMANDS ========== File delete failed. C:\Users\HERWAN~1\AppData\Local\Temp\ehmsas.txt scheduled to be deleted on reboot. File delete failed. C:\Users\HERWAN~1\AppData\Local\Temp\etilqs_qzJ77iXztUwkhsgKEbIB scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. Local Service Temporary Internet Files folder emptied. File delete failed. C:\Windows\temp\TMP00000078B4DA5A074DF03DE6 scheduled to be deleted on reboot. File delete failed. C:\Windows\temp\ZLT012c0.TMP scheduled to be deleted on reboot. File delete failed. C:\Windows\temp\ZLT012c3.TMP scheduled to be deleted on reboot. Windows Temp folder emptied. File delete failed. C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\urlclassifier3.sqlite scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11192008_191401 Files moved on Reboot... C:\Users\HERWAN~1\AppData\Local\Temp\ehmsas.txt moved successfully. File C:\Users\HERWAN~1\AppData\Local\Temp\etilqs_qzJ77iXztUwkhsgKEbIB not found! File C:\Windows\temp\TMP00000078B4DA5A074DF03DE6 not found! File C:\Windows\temp\ZLT012c0.TMP not found! File C:\Windows\temp\ZLT012c3.TMP not found! C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\Cache\_CACHE_001_ moved successfully. C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\Cache\_CACHE_002_ moved successfully. C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\Cache\_CACHE_003_ moved successfully. C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\Cache\_CACHE_MAP_ moved successfully. C:\Users\Herwan Boudra\AppData\Local\Mozilla\Firefox\Profiles\lhz94q23.default\urlclassifier3.sqlite moved successfully.
  13. toutclic
    Voici le rapport et a ce que je vois ms32dll.dll.vbs et toujours la j'ai pourtant fais tout se que vous m'avez dit a la lettre. Logfile of random's system information tool 1.04 (written by random/random) Run by Herwan Boudra at 2008-11-19 18:06:15 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive C: has 66 GB (29%) free of 231 GB Total RAM: 2046 MB (48% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:06:45, on 19/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Windows\System32\WDBtnMgr.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\conime.exe C:\PROGRA~1\FREEDO~1\fdm.exe C:\Windows\explorer.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Herwan\Desktop\RSIT.exe C:\Users\Herwan Boudra\Documents\Telechargement\Herwan Boudra.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TeamViewer 3 (TeamViewer) - Unknown owner - C:\Program Files\TeamViewer3\TeamViewer_Host.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 10881 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{0962FA3D-34D5-41A7-B840-504A110D0254}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-07-27 370296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2007-11-26 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] SweetIM Toolbar Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EEE6C35B-6118-11DC-9C72-001320C79847} - [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-09 4390912] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872] "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744] "HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776] "WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128] "WD Button Manager"=C:\Windows\system32\WDBtnMgr.exe [2008-02-14 339968] "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-22 266497] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-07 81920] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-07-27 185896] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-03-03 959976] "CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152] "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952] "PMCRemote"=C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe [2008-03-27 267536] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296] "PMCLoader"=C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe [2008-03-27 644368] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Pinnacle Streaming Server.lnk - C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe C:\Users\Herwan Boudra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=36 "NoDriveAutoRun"=FFFFFFFF [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ccbf9ee-d690-11dc-9701-001b24ed51c8}] shell\AutoRun\command - F:\SETUP.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ccbfaa2-d690-11dc-9701-001b24ed51c8}] shell\AutoRun\command - G:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{479990b0-d6eb-11dc-bb14-001b24ed51c8}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c48a1ad-0ed4-11dd-a293-001b24ed51c8}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{818a9d2e-6529-11dd-9c11-001b24ed51c8}] shell\AutoRun\command - F:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{830970f7-0fcd-11dd-bfe6-001b24ed51c8}] shell\Auto\command - J:\Start.exe shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c7a6216d-1121-11dd-8323-001b24ed51c8}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs ======File associations====== .js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2008-11-19 18:02:52 ----RASHD---- C:\autorun.inf 2008-11-18 21:06:41 ----D---- C:\Users\Herwan Boudra\AppData\Roaming\AntsSoft 2008-11-18 19:40:13 ----D---- C:\rsit 2008-11-18 18:34:01 ----D---- C:\ProgramData\ma-config.com 2008-11-18 18:34:01 ----D---- C:\Program Files\ma-config.com 2008-11-16 00:20:39 ----A---- C:\Windows\system32\msxml3.dll 2008-11-14 15:35:59 ----A---- C:\Windows\system32\msxml6.dll 2008-11-13 08:36:40 ----D---- C:\Users\Herwan Boudra\AppData\Roaming\vlc 2008-10-29 23:17:33 ----A---- C:\Windows\system32\EncDec.dll 2008-10-29 23:17:27 ----A---- C:\Windows\system32\psisdecd.dll 2008-10-29 10:00:39 ----A---- C:\Windows\system32\wersvc.dll 2008-10-29 10:00:39 ----A---- C:\Windows\system32\Faultrep.dll 2008-10-29 10:00:36 ----A---- C:\Windows\system32\win32spl.dll 2008-10-24 18:12:48 ----A---- C:\Windows\system32\netapi32.dll 2008-10-20 17:25:58 ----D---- C:\Users\Herwan Boudra\AppData\Roaming\codeblocks 2008-10-20 17:25:12 ----D---- C:\Program Files\CodeBlocks ======List of files/folders modified in the last 1 months====== 2008-11-19 18:06:20 ----D---- C:\Windows\Temp 2008-11-19 18:05:04 ----D---- C:\Users\Herwan Boudra\AppData\Roaming\Free Download Manager 2008-11-19 18:03:22 ----D---- C:\Windows\System32 2008-11-19 18:03:21 ----D---- C:\Windows\inf 2008-11-19 18:03:21 ----A---- C:\Windows\system32\PerfStringBackup.INI 2008-11-19 18:03:10 ----D---- C:\Windows\Internet Logs 2008-11-19 17:52:50 ----D---- C:\Program Files\Mozilla Firefox 2008-11-19 17:51:30 ----D---- C:\Users\Herwan Boudra\AppData\Roaming\Hamachi 2008-11-19 17:51:21 ----A---- C:\Windows\system32\everest_cpl.ini 2008-11-18 21:08:08 ----RD---- C:\Program Files 2008-11-18 21:04:08 ----D---- C:\Downloads 2008-11-18 18:34:12 ----SHD---- C:\Windows\Installer 2008-11-18 18:34:01 ----HD---- C:\ProgramData 2008-11-18 18:33:48 ----SHD---- C:\System Volume Information 2008-11-17 16:55:22 ----D---- C:\Program Files\Spybot - Search & Destroy 2008-11-16 22:21:23 ----D---- C:\Windows\Prefetch 2008-11-16 21:54:21 ----D---- C:\PerfLogs 2008-11-16 17:01:05 ----D---- C:\Users\Herwan Boudra\AppData\Roaming\LimeWire 2008-11-16 10:26:16 ----D---- C:\Program Files\eChanblard 2008-11-16 02:02:58 ----D---- C:\Windows\winsxs 2008-11-16 01:48:52 ----D---- C:\Windows\system32\drivers 2008-11-16 00:33:50 ----D---- C:\ProgramData\Microsoft Help 2008-11-16 00:30:19 ----D---- C:\Windows\system32\catroot 2008-11-16 00:10:04 ----D---- C:\Windows\system32\catroot2 2008-11-16 00:09:56 ----D---- C:\Windows 2008-11-15 21:38:02 ----D---- C:\ProgramData\TrackMania 2008-11-13 08:36:49 ----D---- C:\Users\Herwan Boudra\AppData\Roaming\dvdcss 2008-11-12 21:36:20 ----D---- C:\Program Files\TeamViewer3 2008-11-11 01:20:26 ----A---- C:\Windows\cdplayer.ini 2008-11-09 17:42:25 ----A---- C:\Windows\ntbtlog.txt 2008-11-06 22:12:17 ----D---- C:\ProgramData\CanonIJPLM 2008-11-06 19:27:41 ----D---- C:\Program Files\Windows Live Safety Center 2008-11-04 01:10:25 ----A---- C:\Windows\system32\mrt.exe 2008-11-01 22:51:34 ----D---- C:\Windows\Minidump 2008-10-30 01:02:04 ----D---- C:\Windows\Microsoft.NET 2008-10-30 01:01:35 ----RSD---- C:\Windows\assembly 2008-10-30 00:51:50 ----D---- C:\Windows\ehome 2008-10-22 21:55:44 ----D---- C:\Program Files\Microsoft Silverlight 2008-10-20 17:02:08 ----D---- C:\Dev-Cpp ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-10 75072] R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160] R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-04-08 54272] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-04-12 278728] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-04-12 25416] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-07-15 52032] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760] R3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Users\HERWAN~1\AppData\Local\Temp\EverestDriver.sys [2008-03-16 23152] R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936] R3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2008-03-25 444800] R3 NETw4v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-07 8231584] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472] R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264] S1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\Windows\System32\Drivers\tosrfcom.sys [2004-10-04 62799] S2 zntport;NTPort Library Driver; \??\C:\Windows\system32\zntport.sys [] S3 abiksyc7;abiksyc7; C:\Windows\system32\drivers\abiksyc7.sys [] S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 CEDRIVER51;CEDRIVER51; \??\C:\Program Files\Cheat Engine\DBK32.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-10-28 15360] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 E100B;Pilote de carte Intel ® PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328] S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-05-08 25280] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-04 4682] S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\Windows\system32\drivers\Toshidpt.sys [2002-10-16 2851] S3 tosporte;Bluetooth Port Driver from Toshiba; C:\Windows\system32\DRIVERS\tosporte.sys [2005-01-08 51582] S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\Windows\System32\Drivers\tosrfbd.sys [2004-12-24 97792] S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\Windows\System32\Drivers\tosrfbnp.sys [2004-07-08 36531] S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2004-11-15 50048] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\Windows\system32\drivers\TosRfSnd.sys [2004-12-15 50048] S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\System32\Drivers\tosrfusb.sys [2004-12-21 34816] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865] R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297] R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243] R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593] R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096] R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-04-12 66872] R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Host.exe [2008-01-28 94208] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-05 33800] S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-10-28 195752] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656] S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-06-27 355584] S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635] S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe [2008-04-17 5750784] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF-----------------
  14. toutclic
    Bonsoir et merci pour ta reponse , j'ai vu un virus dans le rapport il est pas mechant mais je vous laisse quand meme regarder (MS32DLL.dll.vbs) voici le rapport : Logfile of random's system information tool 1.04 (written by random/random) Run by ... at 2008-11-18 19:40:13 Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1 System drive 😄 has 67 GB (29%) free of 231 GB Total RAM: 2046 MB (55% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:40:52, on 18/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Windows\System32\WDBtnMgr.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\PROGRA~1\FREEDO~1\fdm.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\explorer.exe C:\Users\...\Desktop\RSIT.exe C:\Users\...\Documents\Telechargement\....exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks O4 - HKCU\..\RunOnce: [EVEREST AutoStart] C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TeamViewer 3 (TeamViewer) - Unknown owner - C:\Program Files\TeamViewer3\TeamViewer_Host.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 10884 bytes ======Scheduled tasks folder====== C:\Windows\tasks\User_Feed_Synchronization-{0962FA3D-34D5-41A7-B840-504A110D0254}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-07-27 370296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}] FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2007-11-26 94208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] SweetIM Toolbar Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EEE6C35B-6118-11DC-9C72-001320C79847} - [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800] "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-09 4390912] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872] "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-13 159744] "HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12 50696] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776] "WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128] "WD Button Manager"=C:\Windows\system32\WDBtnMgr.exe [2008-02-14 339968] "SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400] "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-22 266497] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-07 81920] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-07-27 185896] "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-03-03 959976] "CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696] "CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152] "SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472] "OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952] "PMCRemote"=C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe [2008-03-27 267536] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296] "PMCLoader"=C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe [2008-03-27 644368] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "EVEREST AutoStart"=C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe [2008-03-16 2083424] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Pinnacle Streaming Server.lnk - C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLUA"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ccbf9ee-d690-11dc-9701-001b24ed51c8}] shell\AutoRun\command - F:\SETUP.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ccbfaa2-d690-11dc-9701-001b24ed51c8}] shell\AutoRun\command - G:\autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{479990b0-d6eb-11dc-bb14-001b24ed51c8}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c48a1ad-0ed4-11dd-a293-001b24ed51c8}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{818a9d2e-6529-11dd-9c11-001b24ed51c8}] shell\AutoRun\command - F:\start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{830970f7-0fcd-11dd-bfe6-001b24ed51c8}] shell\Auto\command - J:\Start.exe shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\Start.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c7a6216d-1121-11dd-8323-001b24ed51c8}] shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs ======File associations====== .js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2008-11-18 19:40:13 ----D---- C:\rsit 2008-11-18 18:34:01 ----D---- C:\ProgramData\ma-config.com 2008-11-18 18:34:01 ----D---- C:\Program Files\ma-config.com 2008-11-17 17:20:23 ----D---- C:\Program Files\NokiaFREE Unlock Codes Calculator 2008-11-16 00:20:39 ----A---- C:\Windows\system32\msxml3.dll 2008-11-14 15:35:59 ----A---- C:\Windows\system32\msxml6.dll 2008-11-13 08:36:40 ----D---- C:\Users\...\AppData\Roaming\vlc 2008-10-29 23:17:33 ----A---- C:\Windows\system32\EncDec.dll 2008-10-29 23:17:27 ----A---- C:\Windows\system32\psisdecd.dll 2008-10-29 10:00:39 ----A---- C:\Windows\system32\wersvc.dll 2008-10-29 10:00:39 ----A---- C:\Windows\system32\Faultrep.dll 2008-10-29 10:00:36 ----A---- C:\Windows\system32\win32spl.dll 2008-10-24 18:12:48 ----A---- C:\Windows\system32\netapi32.dll 2008-10-20 17:25:58 ----D---- C:\Users\...\AppData\Roaming\codeblocks 2008-10-20 17:25:12 ----D---- C:\Program Files\CodeBlocks ======List of files/folders modified in the last 1 months====== 2008-11-18 19:40:34 ----D---- C:\Users\...\AppData\Roaming\Free Download Manager 2008-11-18 19:40:23 ----D---- C:\Windows\Temp 2008-11-18 19:39:19 ----D---- C:\Windows\Internet Logs 2008-11-18 19:14:46 ----D---- C:\Program Files\Mozilla Firefox 2008-11-18 19:14:33 ----D---- C:\Users\...\AppData\Roaming\Hamachi 2008-11-18 19:12:03 ----A---- C:\Windows\system32\everest_cpl.ini 2008-11-18 18:34:12 ----SHD---- C:\Windows\Installer 2008-11-18 18:34:01 ----RD---- C:\Program Files 2008-11-18 18:34:01 ----HD---- C:\ProgramData 2008-11-18 18:33:48 ----SHD---- C:\System Volume Information 2008-11-17 21:53:15 ----D---- C:\Downloads 2008-11-17 16:55:22 ----D---- C:\Program Files\Spybot - Search & Destroy 2008-11-16 22:21:23 ----D---- C:\Windows\Prefetch 2008-11-16 21:54:21 ----D---- C:\PerfLogs 2008-11-16 17:01:05 ----D---- C:\Users\...\AppData\Roaming\LimeWire 2008-11-16 15:52:27 ----D---- C:\Windows\System32 2008-11-16 15:52:27 ----A---- C:\Windows\system32\PerfStringBackup.INI 2008-11-16 15:52:25 ----D---- C:\Windows\inf 2008-11-16 10:26:16 ----D---- C:\Program Files\eChanblard 2008-11-16 02:02:58 ----D---- C:\Windows\winsxs 2008-11-16 01:48:52 ----D---- C:\Windows\system32\drivers 2008-11-16 00:33:50 ----D---- C:\ProgramData\Microsoft Help 2008-11-16 00:30:19 ----D---- C:\Windows\system32\catroot 2008-11-16 00:10:04 ----D---- C:\Windows\system32\catroot2 2008-11-16 00:09:56 ----D---- C:\Windows 2008-11-15 21:38:02 ----D---- C:\ProgramData\TrackMania 2008-11-13 08:36:49 ----D---- C:\Users\...\AppData\Roaming\dvdcss 2008-11-12 21:36:20 ----D---- C:\Program Files\TeamViewer3 2008-11-11 01:20:26 ----A---- C:\Windows\cdplayer.ini 2008-11-09 17:42:25 ----A---- C:\Windows\ntbtlog.txt 2008-11-06 22:12:17 ----D---- C:\ProgramData\CanonIJPLM 2008-11-06 19:27:41 ----D---- C:\Program Files\Windows Live Safety Center 2008-11-04 01:10:25 ----A---- C:\Windows\system32\mrt.exe 2008-11-01 22:51:34 ----D---- C:\Windows\Minidump 2008-10-30 01:02:04 ----D---- C:\Windows\Microsoft.NET 2008-10-30 01:01:35 ----RSD---- C:\Windows\assembly 2008-10-30 00:51:50 ----D---- C:\Windows\ehome 2008-10-22 21:55:44 ----D---- C:\Program Files\Microsoft Silverlight 2008-10-20 17:02:08 ----D---- C:\Dev-Cpp ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-11-10 75072] R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192] R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160] R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-04-08 54272] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352] R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2008-03-03 279440] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-04-12 278728] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-04-12 25416] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-01-23 37376] R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-07-15 52032] R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208] R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760] R3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2008-03-16 23152] R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936] R3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2008-03-25 444800] R3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] R3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] R3 NETw4v32;Pilote de carte Intel® Wireless WiFi Link pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-07 8231584] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-03-05 76288] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472] R3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264] S1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\Windows\System32\Drivers\tosrfcom.sys [2004-10-04 62799] S2 zntport;NTPort Library Driver; \??\C:\Windows\system32\zntport.sys [] S3 apcz49ix;apcz49ix; C:\Windows\system32\drivers\apcz49ix.sys [] S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 CEDRIVER51;CEDRIVER51; \??\C:\Program Files\Cheat Engine\DBK32.sys [] S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2008-10-28 15360] S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 E100B;Pilote de carte Intel ® PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328] S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664] S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2008-05-08 25280] S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704] S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864] S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-04 4682] S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560] S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\Windows\system32\drivers\Toshidpt.sys [2002-10-16 2851] S3 tosporte;Bluetooth Port Driver from Toshiba; C:\Windows\system32\DRIVERS\tosporte.sys [2005-01-08 51582] S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\Windows\System32\Drivers\tosrfbd.sys [2004-12-24 97792] S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\Windows\System32\Drivers\tosrfbnp.sys [2004-07-08 36531] S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2004-11-15 50048] S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\Windows\system32\drivers\TosRfSnd.sys [2004-12-15 50048] S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\System32\Drivers\tosrfusb.sys [2004-12-21 34816] S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-23 68865] R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-23 151297] R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-04-23 262243] R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-04-23 106593] R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-14 62984] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096] R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440] R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-04-12 66872] R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Host.exe [2008-01-28 94208] R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504] R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2008-03-03 79400] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-01-05 33800] S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-10-28 195752] S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656] S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2008-06-27 355584] S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504] S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe [2008-01-18 24635] S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe [2008-04-17 5750784] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF-----------------
  15. toutclic
    J'ai le droit a une petit reponse ?
  16. toutclic
    ok mais c'etait juste pour savoir si j'était infecté ou pas merci de ton aide
  17. toutclic
    Bonjour voici le probleme que je rencontre (meme en ayant l'uac desactiver) :
  18. toutclic
    Bonsoir Desolé mais je ne pas faire plus de peur de detruire ton ordi je laisse les expert faire maintenant je te conseille de poster un rapport hijackthis pour avoir une piste sur ton probleme cordialement
  19. toutclic
    Bonsoir merci pour ta reponse Ta commande ne fonctionne pas sur mon ordinateur je suis sous windows vista
  20. toutclic
    Bonsoir Depuis 2 ou 3 mois je rencontre quelque probleme avec explorer qui redemarre sans raison ou certain de mes logiciel qui ne se ferme pas completement et qui on du mal a ce fermé meme quand je force avec le gestionnaire de tache voici mon rapport hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:22:09, on 16/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Windows\System32\WDBtnMgr.exe C:\Program Files\Synaptics\SynTP\SynTPStart.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\FREEDO~1\fdm.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\...\Documents\Telechargement\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file) O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe -checktasks O4 - HKCU\..\RunOnce: [EVEREST AutoStart] C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe O4 - Global Startup: Pinnacle Streaming Server.lnk = C:\Program Files\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TeamViewer 3 (TeamViewer) - Unknown owner - C:\Program Files\TeamViewer3\TeamViewer_Host.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe -- End of file - 10928 bytes
  21. toutclic
    Bonsoir Va voir ici si sa peut t'aider http://www.zebulon.fr/astuces/130-windows-...ement-lent.html cordialement
  22. toutclic
    Bonjour Wawaseb Pour l'instant non mais je reposterai ici si il revient. Merci encore pour l'aide.
  23. toutclic
    Et pour celui la je fais quoi ? Detecter à 10:05 Virus or unwanted program 'TR/Dldr.Agent.aaar [trojan]' detected in file 'C:\System Volume Information\_restore{1D571015-0B84-4D59-834E-BE56DAC462EC}\RP161\A0013011.exe. Action performed: Delete file
  24. toutclic
    Bonjour Wawaseb Voici le rapport je croit qui'l a supprimé pas mal de virus : ComboFix 08-08-12.01 - 1-Farrid 2008-08-14 9:37:39.6 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.670 [GMT 2:00] Endroit: C:\Documents and Settings\1-Farrid\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\1-Farrid\Bureau\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\Documents and Settings\1-Farrid\Application Data\efuqaf.vbs C:\Documents and Settings\1-Farrid\Application Data\imomosypyx.scr C:\Documents and Settings\1-Farrid\Application Data\ohukegufyk.bat C:\Documents and Settings\All Users\Application Data\uroky.bin C:\Documents and Settings\All Users\Application Data\zogad.reg C:\Program Files\Fichiers communs\ajococasu.bin C:\Program Files\Fichiers communs\inybusiry.dll C:\Program Files\Fichiers communs\perurowyq.reg C:\Program Files\Fichiers communs\uboleqo.pif C:\Program Files\Fichiers communs\upyrygetiz.pif C:\WINDOWS\aqacuvi.dat C:\WINDOWS\enulu.db C:\WINDOWS\ikypyfodax.reg C:\WINDOWS\ixine.lib C:\WINDOWS\symuh.exe C:\WINDOWS\system32\bikuf.pif C:\WINDOWS\system32\towu.lib C:\WINDOWS\system32\xaqyfoba._sy C:\WINDOWS\unysopy.vbs C:\WINDOWS\ypigafubih.exe C:\WINDOWS\zupajibefi.sys . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\1-Farrid\Application Data\efuqaf.vbs C:\Documents and Settings\1-Farrid\Application Data\imomosypyx.scr C:\Documents and Settings\1-Farrid\Application Data\ohukegufyk.bat C:\Documents and Settings\All Users\Application Data\uroky.bin C:\Documents and Settings\All Users\Application Data\zogad.reg C:\Program Files\Fichiers communs\ajococasu.bin C:\Program Files\Fichiers communs\inybusiry.dll C:\Program Files\Fichiers communs\perurowyq.reg C:\Program Files\Fichiers communs\uboleqo.pif C:\Program Files\Fichiers communs\upyrygetiz.pif C:\WINDOWS\aqacuvi.dat C:\WINDOWS\enulu.db C:\WINDOWS\ikypyfodax.reg C:\WINDOWS\ixine.lib C:\WINDOWS\symuh.exe C:\WINDOWS\system32\bikuf.pif C:\WINDOWS\system32\towu.lib C:\WINDOWS\system32\xaqyfoba._sy C:\WINDOWS\unysopy.vbs C:\WINDOWS\ypigafubih.exe C:\WINDOWS\zupajibefi.sys . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-14 to 2008-08-14 )))))))))))))))))))))))))))))))))))) . 2008-08-04 19:25 . 2008-08-04 19:25 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-04 19:25 . 2008-08-04 19:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-04 19:25 . 2008-08-04 19:25 <REP> d-------- C:\Documents and Settings\1-Farrid\Application Data\Malwarebytes 2008-08-04 19:25 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-04 19:25 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-02 16:21 . 2008-08-02 16:21 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-08-01 20:59 . 2008-08-01 20:59 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2008-08-01 20:53 . 2008-08-01 20:54 <REP> d-------- C:\WINDOWS\ERUNT 2008-08-01 14:00 . 2008-08-01 14:00 <REP> d-------- C:\Program Files\Avira 2008-08-01 12:41 . 2008-08-01 12:41 <REP> d-------- C:\Program Files\Trend Micro 2008-08-01 00:11 . 2008-08-01 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-07-31 23:48 . 2008-07-31 23:48 <REP> d-------- C:\WINDOWS\system32\AVGUARD_4c3ecb17 2008-07-31 23:47 . 2008-08-01 11:08 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-07-31 23:47 . 2008-08-01 16:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-25 10:36 . 2008-07-25 10:36 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe 2008-07-25 10:36 . 2008-07-25 10:36 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb 2008-07-23 18:50 . 2008-07-23 18:50 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2008-07-23 18:50 . 2008-07-23 18:50 9,878 --a------ C:\WINDOWS\system32\dsm_fr.qm 2008-07-23 18:48 . 2008-07-23 18:48 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll 2008-07-23 18:48 . 2008-07-23 18:48 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll 2008-07-23 18:47 . 2008-07-23 18:47 634,880 --a------ C:\WINDOWS\system32\divxdec.ax 2008-07-23 18:47 . 2008-07-23 18:47 352,401 --a------ C:\WINDOWS\system32\DivXMedia.ax 2008-07-23 18:47 . 2008-07-23 18:47 8,835 --a------ C:\WINDOWS\system32\dpufr.qm 2008-07-23 18:47 . 2008-07-23 18:47 3,067 --a------ C:\WINDOWS\system32\dtu_fr.qm 2008-07-23 18:47 . 2008-07-23 18:47 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest 2008-07-23 18:47 . 2008-07-23 18:47 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest 2008-07-23 18:46 . 2008-07-23 18:46 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll 2008-07-22 18:31 . 2008-07-22 18:31 <REP> d-------- C:\Program Files\Sun 2008-07-18 20:39 . 2008-07-18 20:39 587,264 --a------ C:\WINDOWS\WLXPGSS.SCR . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-14 05:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-08-14 03:42 --------- d-----w C:\Program Files\DivX 2008-08-03 11:25 --------- d-----w C:\Program Files\Google 2008-07-31 22:19 17,064 ----a-w C:\Program Files\Fichiers communs\kaho.inf 2008-07-31 04:27 17,256 ----a-w C:\Program Files\Fichiers communs\bosoduqe.inf 2008-07-22 16:30 --------- d-----w C:\Program Files\Java 2008-07-09 07:07 19,104 ----a-w C:\Documents and Settings\1-Farrid\Application Data\GDIPFONTCACHEV1.DAT 2008-07-09 06:52 --------- d-----w C:\Documents and Settings\1-Farrid\Application Data\DivX 2008-07-08 04:19 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-08 04:19 --------- d-----w C:\Program Files\Lecteur CANALPLAY 2008-06-24 18:08 --------- d-----w C:\Documents and Settings\2-Housnat\Application Data\Yahoo! 2008-06-21 15:59 --------- d-----w C:\Documents and Settings\3-Enfants\Application Data\Yahoo! 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys . ((((((((((((((((((((((((((((( snapshot@2008-08-13_16.10.20.95 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-30 23:22:46 683,520 ----a-w C:\WINDOWS\system32\DivX.dll + 2008-07-25 08:34:36 683,520 ----a-w C:\WINDOWS\system32\DivX.dll - 2008-05-30 23:22:48 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll + 2008-07-25 08:34:42 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll - 2008-05-30 23:22:46 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll + 2008-07-25 08:34:40 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll - 2008-05-30 23:22:48 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll + 2008-07-25 08:34:40 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll - 2008-05-30 23:22:48 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll + 2008-07-25 08:34:40 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll - 2008-05-22 22:19:12 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe + 2008-07-25 08:34:30 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe - 2008-05-22 22:19:46 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll + 2008-07-25 08:34:54 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll - 2008-05-30 23:22:54 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll + 2008-07-25 08:34:46 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll - 2008-05-30 23:22:54 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll + 2008-07-25 08:34:46 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll - 2008-05-30 23:22:58 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll + 2008-07-25 08:34:50 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll - 2008-05-30 23:22:54 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll + 2008-07-25 08:34:46 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll - 2008-05-30 23:22:54 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll + 2008-07-25 08:34:46 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll - 2008-05-30 23:22:54 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll + 2008-07-25 08:34:46 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll - 2008-05-22 22:19:46 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll + 2008-07-25 08:34:52 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-24 14:00 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-11 07:19 68856] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184] "CanalPlayer"="C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe" [2008-06-20 18:28 2144128] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 15:01 67584] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 22:43 7630848] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 22:43 86016] "HDAudDeck"="C:\Program Files\VIAudioi\HDADeck\HDeck.exe" [2006-07-17 16:36 684032] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648] "Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 03:10 409600] "OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-06 14:44 98304] "MsgCenterExe"="C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" [2008-05-08 13:16 69632] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-08 13:16 185896] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497] "nwiz"="nwiz.exe" [2006-08-11 22:43 1519616 C:\WINDOWS\system32\nwiz.exe] "CHotkey"="mHotkey.exe" [2004-02-24 15:05 508416 C:\WINDOWS\mHotkey.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-24 14:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\NetMeeting\\Conf.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"= "C:\\Program Files\\Hamachi\\hamachi.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Lecteur CANALPLAY\\CanalPlayer.exe"= R3 PAC7311;Trust WB-3300p Mini HiRes Webcam;C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2005-10-18 11:48] S3 Service CANALPLAY;Service CANALPLAY;C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-20 18:28] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-14 09:43:21 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\ehome\ehrecvr.exe C:\WINDOWS\ehome\ehSched.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PAStiSvc.exe C:\WINDOWS\ehome\mcrdsvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\ehome\ehmsas.exe C:\WINDOWS\system32\wscntfy.exe . ************************************************************************** . Temps d'accomplissement: 2008-08-14 9:46:14 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-14 07:46:11 ComboFix2.txt 2008-08-13 14:10:41 Pre-Run: 195,949,592,576 octets libres Post-Run: 196,038,909,952 octets libres 213 --- E O F --- 2008-08-07 19:24:18
  25. toutclic
    Bonjour Voici le rapport avec la version que tu m'a fournit (je l'ai mis sur le bureau) : ComboFix 08-08-12.01 - 1-Farrid 2008-08-13 16:07:19.5 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.518 [GMT 2:00] Endroit: C:\Documents and Settings\1-Farrid\Bureau\ComboFix.exe * Création d'un nouveau point de restauration . ((((((((((((((((((((((((((((( Fichiers créés 2008-07-13 to 2008-08-13 )))))))))))))))))))))))))))))))))))) . 2008-08-04 19:25 . 2008-08-04 19:25 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-04 19:25 . 2008-08-04 19:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-04 19:25 . 2008-08-04 19:25 <REP> d-------- C:\Documents and Settings\1-Farrid\Application Data\Malwarebytes 2008-08-04 19:25 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-04 19:25 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-02 16:21 . 2008-08-02 16:21 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-08-01 20:59 . 2008-08-01 20:59 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2008-08-01 20:53 . 2008-08-01 20:54 <REP> d-------- C:\WINDOWS\ERUNT 2008-08-01 14:00 . 2008-08-01 14:00 <REP> d-------- C:\Program Files\Avira 2008-08-01 12:41 . 2008-08-01 12:41 <REP> d-------- C:\Program Files\Trend Micro 2008-08-01 00:19 . 2008-08-01 00:19 19,627 --a------ C:\Program Files\Fichiers communs\uboleqo.pif 2008-08-01 00:19 . 2008-08-01 00:19 19,006 --a------ C:\WINDOWS\enulu.db 2008-08-01 00:19 . 2008-08-01 00:19 17,305 --a------ C:\WINDOWS\ikypyfodax.reg 2008-08-01 00:19 . 2008-08-01 00:19 17,192 --a------ C:\WINDOWS\unysopy.vbs 2008-08-01 00:19 . 2008-08-01 00:19 14,945 --a------ C:\Documents and Settings\1-Farrid\Application Data\efuqaf.vbs 2008-08-01 00:19 . 2008-08-01 00:19 14,783 --a------ C:\WINDOWS\symuh.exe 2008-08-01 00:19 . 2008-08-01 00:19 12,784 --a------ C:\WINDOWS\zupajibefi.sys 2008-08-01 00:19 . 2008-08-01 00:19 12,667 --a------ C:\WINDOWS\system32\xaqyfoba._sy 2008-08-01 00:19 . 2008-08-01 00:19 12,229 --a------ C:\Documents and Settings\1-Farrid\Application Data\imomosypyx.scr 2008-08-01 00:19 . 2008-08-01 00:19 11,892 --a------ C:\Program Files\Fichiers communs\perurowyq.reg 2008-08-01 00:19 . 2008-08-01 00:19 11,291 --a------ C:\Program Files\Fichiers communs\upyrygetiz.pif 2008-08-01 00:19 . 2008-08-01 00:19 11,255 --a------ C:\WINDOWS\system32\towu.lib 2008-08-01 00:19 . 2008-08-01 00:19 10,968 --a------ C:\Program Files\Fichiers communs\inybusiry.dll 2008-08-01 00:11 . 2008-08-01 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-07-31 23:48 . 2008-07-31 23:48 <REP> d-------- C:\WINDOWS\system32\AVGUARD_4c3ecb17 2008-07-31 23:47 . 2008-08-01 11:08 <REP> d-------- C:\Program Files\Spybot - Search & Destroy 2008-07-31 23:47 . 2008-08-01 16:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-07-31 06:27 . 2008-07-31 06:27 18,213 --a------ C:\Documents and Settings\All Users\Application Data\uroky.bin 2008-07-31 06:27 . 2008-07-31 06:27 16,977 --a------ C:\WINDOWS\ixine.lib 2008-07-31 06:27 . 2008-07-31 06:27 16,160 --a------ C:\Program Files\Fichiers communs\ajococasu.bin 2008-07-31 06:27 . 2008-07-31 06:27 13,025 --a------ C:\WINDOWS\aqacuvi.dat 2008-07-31 06:27 . 2008-07-31 06:27 12,785 --a------ C:\WINDOWS\system32\bikuf.pif 2008-07-31 06:27 . 2008-07-31 06:27 12,039 --a------ C:\Documents and Settings\All Users\Application Data\zogad.reg 2008-07-31 06:27 . 2008-07-31 06:27 11,614 --a------ C:\WINDOWS\ypigafubih.exe 2008-07-31 06:27 . 2008-07-31 06:27 11,051 --a------ C:\Documents and Settings\1-Farrid\Application Data\ohukegufyk.bat 2008-07-22 18:31 . 2008-07-22 18:31 <REP> d-------- C:\Program Files\Sun 2008-07-18 20:39 . 2008-07-18 20:39 587,264 --a------ C:\WINDOWS\WLXPGSS.SCR . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-13 04:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-08-03 11:25 --------- d-----w C:\Program Files\Google 2008-07-31 22:19 17,064 ----a-w C:\Program Files\Fichiers communs\kaho.inf 2008-07-31 04:27 17,256 ----a-w C:\Program Files\Fichiers communs\bosoduqe.inf 2008-07-22 16:30 --------- d-----w C:\Program Files\Java 2008-07-09 07:07 19,104 ----a-w C:\Documents and Settings\1-Farrid\Application Data\GDIPFONTCACHEV1.DAT 2008-07-09 06:52 --------- d-----w C:\Documents and Settings\1-Farrid\Application Data\DivX 2008-07-08 04:19 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-08 04:19 --------- d-----w C:\Program Files\Lecteur CANALPLAY 2008-06-24 18:08 --------- d-----w C:\Documents and Settings\2-Housnat\Application Data\Yahoo! 2008-06-21 15:59 --------- d-----w C:\Documents and Settings\3-Enfants\Application Data\Yahoo! 2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll 2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll 2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll 2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll 2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll 2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll 2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll 2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll 2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll 2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll 2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll 2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe 2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll 2008-05-22 22:22 129,784 ------w C:\WINDOWS\system32\pxafs.dll 2008-05-22 22:22 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe 2008-05-22 22:22 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe 2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll 2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll 2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-24 14:00 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-11 07:19 68856] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184] "CanalPlayer"="C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe" [2008-06-20 18:28 2144128] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 15:01 67584] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 22:43 7630848] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 22:43 86016] "HDAudDeck"="C:\Program Files\VIAudioi\HDADeck\HDeck.exe" [2006-07-17 16:36 684032] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648] "Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 03:10 409600] "OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 11:00 49152] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-11-06 14:44 98304] "MsgCenterExe"="C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe" [2008-05-08 13:16 69632] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-05-08 13:16 185896] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497] "nwiz"="nwiz.exe" [2006-08-11 22:43 1519616 C:\WINDOWS\system32\nwiz.exe] "CHotkey"="mHotkey.exe" [2004-02-24 15:05 508416 C:\WINDOWS\mHotkey.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-24 14:00 15360] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\NetMeeting\\Conf.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.0\\cnc3game.dat"= "C:\\Program Files\\Hamachi\\hamachi.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Lecteur CANALPLAY\\CanalPlayer.exe"= R3 PAC7311;Trust WB-3300p Mini HiRes Webcam;C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2005-10-18 11:48] R3 Service CANALPLAY;Service CANALPLAY;C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-20 18:28] . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\1-Farrid\Application Data\Mozilla\Firefox\Profiles\v1ks5dsj.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/ ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-13 16:09:38 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-08-13 16:10:40 ComboFix-quarantined-files.txt 2008-08-13 14:10:37 Pre-Run: 196,167,925,760 octets libres Post-Run: 196,181,696,512 octets libres 154 --- E O F --- 2008-08-07 19:24:18 Mais je ne voit plus de probleme sur mon pc. Je ne vois pas de quelle probleme vous parlez
×
×
  • Créer...