Aller au contenu

Difanel

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    81

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Difanel

  1. Difanel
    Je ne suis pas très doué, je n'arrive pas à copier ce que vous m'avez demandé,car il m'est impossible d'ouvrir le bloc note
  2. Difanel
    Bonjour et merci de votre aide Je viens de m'apercevoir que j'ai été infesté par security tool, il m'empeche de lancer SREngPS.exe y compris en changeant l'extention A vous lire
  3. Difanel
    Bonjour je vous apporte quelques infos complémentaires. Ce matin j'ai essayé de restorer le disque dur, impossible. j'ai essayé de réinstaller windows xp, et j'ai le message suivant "fichier pciide.sys endommagé" et donc impossible également de réinstaller windows mon portable serait-il hs ? merci de me dire ce que vous en pensez
  4. Difanel
    Bonsoir je ne peux plus entrer mon mot de passe sur windows, la souris de ne permet pas de taper sur la case. J'ai eu une cochonnerie cet après midi sur mon portable qui m'empèchait d'ouvrir mes différentes applications y compris mon antivirus. j'ai essayé de démarrer windows en mode sans échec : impossible. Il démarre normalement. Je ne peux plus rien faire. Je vous écris d'un autre portable je suis sous windows xp home édition quelqu'un pourrait-il me dire ce qu'il en
  5. Difanel
    Merci Pang Effectivement quand je demarre mon portable sous windows7, je peux modifier l'emplacement de la lauch bar comme tu me l'as indiqué. Or le problème que j'ai, c'est quand je le demarre avec la touche de lancement rapide, je ne passe pas par windows, et alors ma barre se trouve sur le coté droit et quand je clique droit je n'ai pas d'aide et pas de possibilité de la déplacer.
  6. Difanel
    Bonjour Quelqu'un pourrait-il me dire comment déplacer la barre qui s'est positionnée sur le coté droit et qui était précédemmant en bas à droite. Je n'y arrive pas Je suis sur windows 7 merci
  7. Difanel
    Bonjour Depuis semaines j'ai 2 demandes de mise à jour windows qui s'affichent. J'ai essayé plusieus fois de les installer et à chaque fois j'ai un echec à l'installation, alors que d'autres mises à jour ont bien été installées Quelqu'un peut-il m'aider ? Remerciements
  8. Difanel
    Bonsoir Breezy et merci de ton aide Je suis bien l'administrateur
  9. Difanel
    Bonjour Lorsque je lance la mise à jours, en cours j'ai une fenêtre qui s'affiche "Erreur d'installation du Service Pack SP3" "Accès refusé" Que dois-je faire ? Merci de m'aider
  10. Difanel
    Bonjour à tous Après une réinstallation de Windows, je reçois une demande de mise à jour de windows XP service pack3. Or à la fin, j'ai le message suivant : Windows XP Service pack3 (KB936929) non installé Est-ce que cette mise à jour est importante, si oui, pouvez-vous m'aider ? remerciements
  11. Difanel
    Bonsoir je viens d'effectuer la réparation
  12. Difanel
    Bonjour Oui, je possède le CD Windows
  13. Difanel
    voici le résultat Windows Registry Editor Version 5.00 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.6.0 ; Results at 30/07/2009 20:03:01 for strings: ; 'optionvalue' ; 'optionvalue' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log...
  14. Difanel
    Bonsoir j'ai téléchargé RegSearch Quel texte (en vert) dois-je copier ?
  15. Difanel
    Bonsoir voici les 2 rapports demandés ComboFix 09-07-29.01 - DIDIER 29/07/2009 19:19.4.1 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.895.511 [GMT 2:00] Running from: e:\documents and settings\DIDIER\Bureau\ComboFix.exe Command switches used :: e:\documents and settings\DIDIER\Bureau\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FW: PC Tools Firewall Plus *disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-06-28 to 2009-07-29 ))))))))))))))))))))))))))))))) . 2009-07-21 10:22 . 1999-01-20 03:01 210032 ----a-w- e:\windows\system32\DBCLIENT.DLL 2009-07-17 08:59 . 2009-07-17 08:59 -------- d-----w- e:\documents and settings\DIDIER\Application Data\EPSON 2009-07-15 20:27 . 2009-07-16 16:15 -------- d-----w- e:\documents and settings\DIDIER\Application Data\vlc 2009-07-09 17:49 . 2009-07-26 07:40 -------- d-----w- e:\program files\Panda Security 2009-07-07 20:35 . 2009-07-07 20:35 249856 ------w- e:\windows\Setup1.exe 2009-07-07 20:35 . 2009-07-07 20:35 73216 ----a-w- e:\windows\ST6UNST.EXE 2009-07-01 20:14 . 2007-07-05 09:29 2351865 ----a-w- e:\documents and settings\All Users\Application Data\{B33CBE2B-A739-401D-A5E0-041195C4A17B}\EBP_Btrieve8.6_SETUP.exe 2009-07-01 20:12 . 2009-02-05 15:40 318064 ----a-w- e:\documents and settings\All Users\Application Data\{59FCE19D-D138-4539-AA4A-83A39D74FFDA}\offline\9E1E574E\E65EE39E\acfpdf.drv 2009-07-01 18:22 . 2009-07-01 18:22 -------- d-----w- E:\bin 2009-07-01 18:09 . 2009-07-01 18:09 -------- d-----w- E:\pvswarch 2009-07-01 18:08 . 2009-07-01 18:21 -------- d-----w- e:\program files\Fichiers communs\Pervasive Software Shared 2009-07-01 18:08 . 2002-06-30 10:40 19456 ----a-w- e:\windows\keyhh.exe 2009-07-01 18:08 . 2009-07-01 18:08 254002 ----a-w- e:\windows\system32\pscore.dll 2009-07-01 18:08 . 2009-07-01 18:08 544816 ----a-w- e:\windows\system32\pscl.dll 2009-07-01 18:08 . 2009-07-01 18:08 43760 ----a-w- e:\windows\system32\nwlocale.dll 2009-07-01 18:08 . 2009-07-01 18:08 146976 ----a-w- e:\windows\system32\mfcoleui.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-29 17:09 . 2008-07-30 19:41 -------- d---a-w- e:\documents and settings\All Users\Application Data\TEMP 2009-07-26 07:47 . 2006-12-26 10:30 -------- d--h--w- e:\program files\InstallShield Installation Information 2009-07-23 20:03 . 2007-02-20 21:21 4590 ----a-w- e:\documents and settings\DIDIER\Application Data\wklnhst.dat 2009-07-22 08:53 . 2007-01-25 17:39 -------- d-----w- e:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-07-16 16:12 . 2008-11-24 16:27 -------- d-----w- e:\documents and settings\DIDIER\Application Data\dvdcss 2009-07-09 19:37 . 2007-06-13 20:13 -------- d-----w- e:\program files\RSSoft 2009-07-08 17:10 . 2009-06-07 17:17 -------- d-----w- e:\documents and settings\DIDIER\Application Data\XBMC 2009-07-07 09:15 . 2009-06-06 17:19 -------- d-sh--w- e:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-07-06 17:27 . 2009-01-02 10:28 1 ----a-w- e:\documents and settings\DIDIER\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-07-01 20:14 . 2009-07-01 20:13 -------- d--h--w- e:\documents and settings\All Users\Application Data\{B33CBE2B-A739-401D-A5E0-041195C4A17B} 2009-07-01 20:13 . 2009-07-01 20:13 -------- d--h--w- e:\documents and settings\All Users\Application Data\{59FCE19D-D138-4539-AA4A-83A39D74FFDA} 2009-07-01 20:13 . 2009-07-01 20:13 -------- d-----w- e:\program files\Fichiers communs\EBP 2009-06-27 16:44 . 2007-06-28 20:18 -------- d-----w- e:\documents and settings\DIDIER\Application Data\EssentialPIM 2009-06-25 17:39 . 2009-06-25 17:39 -------- d-----w- e:\program files\Fichiers communs\Wise Installation Wizard 2009-06-23 17:28 . 2006-12-26 14:00 15557 ----a-w- e:\windows\mozver.dat 2009-06-23 17:25 . 2008-03-26 18:21 118784 ----a-w- e:\windows\SeaMonkeyUninstall.exe 2009-06-23 17:25 . 2008-03-26 18:21 118784 ----a-w- e:\windows\GREUninstall.exe 2009-06-16 14:40 . 2004-08-05 12:00 81920 ----a-w- e:\windows\system32\fontsub.dll 2009-06-16 14:40 . 2004-08-05 12:00 119808 ----a-w- e:\windows\system32\t2embed.dll 2009-06-06 17:21 . 2009-06-06 17:21 -------- d-----w- e:\documents and settings\DIDIER\Application Data\TuneUp Software 2009-06-06 17:20 . 2009-06-06 17:20 -------- d-----w- e:\documents and settings\All Users\Application Data\TuneUp Software 2009-06-03 19:10 . 2004-08-05 12:00 1297408 ----a-w- e:\windows\system32\quartz.dll 2009-05-20 18:15 . 2004-08-05 12:00 85256 ----a-w- e:\windows\system32\perfc00C.dat 2009-05-20 18:15 . 2004-08-05 12:00 511392 ----a-w- e:\windows\system32\perfh00C.dat 2009-05-14 12:56 . 2009-05-20 17:39 402800 ----a-w- e:\documents and settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\ypnr02ft.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll 2009-05-13 05:04 . 2004-08-05 12:00 915456 ----a-w- e:\windows\system32\wininet.dll 2009-05-07 15:33 . 2004-08-05 12:00 348672 ----a-w- e:\windows\system32\localspl.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="e:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="e:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-23 2652056] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "iTunesHelper"="e:\program files\iTunes\iTunesHelper.exe" "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime "Domino"=e:\windows\Domino.exe "Logitech Hardware Abstraction Layer"=KHALMNPR.EXE "AGRSMMSG"=AGRSMMSG.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "9420:TCP"= 9420:TCP:Red Swoosh "5000:UDP"= 5000:UDP:Red Swoosh "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service R0 O2MDRDR;O2MDRDR;e:\windows\system32\drivers\o2media.sys [14/11/2005 14:28 34176] R0 O2SDRDR;O2SDRDR;e:\windows\system32\drivers\o2sd.sys [31/10/2005 16:49 28800] R1 pctgntdi;pctgntdi;e:\windows\system32\drivers\pctgntdi.sys [12/05/2009 21:18 159600] R1 sp_rsdrv2;Spyware Terminator Driver 2;e:\windows\system32\drivers\sp_rsdrv2.sys [22/05/2007 19:31 138368] R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [29/04/2009 21:13 108289] R2 EBP Pervasive.SQL;EBP Pervasive.SQL;e:\pvsw\Bin\WGE_SRV.EXE [07/12/2006 16:08 32768] R2 NwSapAgent;Agent SAP;e:\windows\system32\svchost.exe -k netsvcs [05/08/2004 14:00 14336] R2 PCTAppEvent;PCTAppEvent Driver;e:\windows\system32\drivers\PCTAppEvent.sys [12/05/2009 21:18 73840] R3 AGR1310_51;Agere Systems ET-131x PCI-E Gigabit Ethernet Adapter XP Driver;e:\windows\system32\drivers\AGR1310_51.sys [26/12/2006 12:36 70144] R3 pctplfw;pctplfw;e:\windows\system32\drivers\pctplfw.sys [12/05/2009 21:18 95640] S3 EAGLE2RC;Analog/DVB-T Hybrid Tv Infrared Receiver;e:\windows\system32\drivers\Eagle2RC.sys [17/05/2007 20:10 8576] S3 Eagle2TV; TV tuner device;e:\windows\system32\drivers\Eagle2TV_B.sys [17/05/2007 20:10 358400] S3 fbxusb;Carte réseau virtuelle FreeBox USB;e:\windows\system32\drivers\fbxusb32.sys [20/10/2004 15:23 21344] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [13/05/2009 14:37 234864] S3 MEMSWEEP2;MEMSWEEP2; [x] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "e:\windows\system32\rundll32.exe" "e:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-07-29 e:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2008-09-05 14:55] . - - - - ORPHANS REMOVED - - - - SafeBoot-AVG Anti-Spyware Driver SafeBoot-AVG Anti-Spyware Guard . ------- Supplementary Scan ------- . uStart Page = hxxp://home.free.fr/ mWindow Title = uInternet Settings,ProxyOverride = <local> Trusted Zone: localhost FF - ProfilePath - e:\documents and settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\ypnr02ft.default\ FF - prefs.js: browser.startup.homepage - hxxp://portail.free.fr/ FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=10168&gct=&gc=1&q= FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin2.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin3.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin4.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin5.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin6.dll FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin7.dll FF - plugin: e:\documents and settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\ypnr02ft.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll FF - plugin: e:\program files\Veetle\plugins\npVeetle.dll FF - plugin: e:\windows\system32\Photosynth\nppsynth.dll ---- FIREFOX POLICIES ---- pref(dom.disable_open_during_load, true);c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox 3.1 Beta 2\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-29 19:23 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\System\ControlSet003\Control\StillImage\Events\STIProxyEvent\{50E88B2A-B0DB-4966-9080-2FFBDE7**ED0}] "Name"="EPSON Scan" "Desc"="EPSON Scan" "Icon"="sti.dll,0" "Cmdline"="e:\\WINDOWS\\twain_32\\escndv\\escndv.exe /StiDevice:%1 /StiEvent:%2" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1812) e:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2684) e:\windows\system32\eappprxy.dll e:\windows\system32\webcheck.dll e:\windows\system32\WPDShServiceObj.dll e:\windows\system32\PortableDeviceTypes.dll e:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-07-29 19:24 ComboFix-quarantined-files.txt 2009-07-29 17:24 Pre-Run: 35 359 084 544 octets libres Post-Run: 35 321 327 616 octets libres Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 218 --- E O F --- 2009-07-15 08:17 Windows Registry Editor Version 5.00 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.6.0 ; Results at 29/07/2009 19:38:22 for strings: ; 'regnull:: [hkey_users\s-1-5-21-854245398-789336058-839522115-1004\software\microsoft\windows\currentversion\shell extensions\approved\{a382cb7f-171f-04fd-c948-ee586d0f940b}*] optionvalue' ; Strings excluded from search: ; 'regnull:: [hkey_users\s-1-5-21-854245398-789336058-839522115-1004\software\microsoft\windows\currentversion\shell extensions\approved\{a382cb7f-171f-04fd-c948-ee586d0f940b}*] ' ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log... merci
  16. Difanel
    Bonsoir Pour accéder au Mode Sans Echec, je tape sur F8 au démarage de windows, j'arrive alors sur une page ou l'on me donne plusieurs choix soit: en mode nornal en mode sans échec et d'autres choix encore. je valide le MSE, et la défilent plusieurs lignes très rapidement pour repartir vers la page ci-dessus (choix MSE, normal) et cela indéfiniment sans message d'erreur. Depuis quand cela se produit ? je ne sais pas, je ne suis pas passer en mode sans échec depuis au moins 2 ans A bientôt
  17. Difanel
    Bonsoir Non, je ne connais pas grand chose en informatique, je ne sais ce qu'est une clé Désolé
  18. Difanel
    Non, il s'agit du rapport de Safeboot avant le passage en mode sans échec Toujours impossible d'avoir le mode sans échec
  19. Difanel
    je poste le rapport, mais je ne sais pas s'il s'agit d'erreurs, mais après certaines lignes je n'ai pas de lignes intermédaires commençant par @....... merci Reg export of SafeBoot key after repair: ======================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot] "AlternateShell"="cmd.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AVG Anti-Spyware Driver] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AVG Anti-Spyware Guard] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\EventLog] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\File system] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Filter] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\HelpSvc] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Netlogon] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PCI Configuration] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PEVSystemStart] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PlugPlay] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PNP Filter] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Primary disk] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\procexp90.Sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\RpcSs] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SCSI Class] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sermouse.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SRService] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\System Bus Extender] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vds] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vga.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vgasave.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinMgmt] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] @="Universal Serial Bus controllers" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] @="CD-ROM Drive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] @="DiskDrive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] @="Standard floppy disk controller" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] @="Hdc" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] @="Keyboard" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] @="Mouse" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] @="PCMCIA Adapters" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] @="SCSIAdapter" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] @="System" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] @="Floppy disk drive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] @="Volume" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] @="Human Interface Devices" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AFD] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AppMgmt] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AVG Anti-Spyware Driver] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AVG Anti-Spyware Guard] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Base] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot Bus Extender] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot file system] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Browser] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\CryptSvc] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DcomLaunch] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Dhcp] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmadmin] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmboot.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmio.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmload.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmserver] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DnsCache] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\EventLog] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\File system] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Filter] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\HelpSvc] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ip6fw.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ipnat.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanServer] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanWorkstation] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LmHosts] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Messenger] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS Wrapper] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Ndisuio] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOS] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOSGroup] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBT] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetDDEGroup] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Netlogon] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetMan] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Network] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetworkProvider] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\nm] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\nm.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NtLmSsp] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PCI Configuration] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PEVSystemStart] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PlugPlay] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP Filter] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP_TDI] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Primary disk] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\procexp90.Sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpcdd.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpdd.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpwd.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdsessmgr] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\RpcSs] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SCSI Class] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sermouse.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SharedAccess] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SRService] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Streams Drivers] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\System Bus Extender] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Tcpip] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\TDI] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdpipe.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdtcp.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\termservice] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vga.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vgasave.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vsmon] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinMgmt] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WZCSVC] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{36FC9E60-C465-11CF-8056-444553540000}] @="Universal Serial Bus controllers" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] @="CD-ROM Drive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] @="DiskDrive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] @="Standard floppy disk controller" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] @="Hdc" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] @="Keyboard" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] @="Mouse" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] @="Net" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] @="NetClient" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] @="NetService" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] @="NetTrans" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] @="PCMCIA Adapters" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] @="SCSIAdapter" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] @="System" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] @="Floppy disk drive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] @="Volume" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] @="Human Interface Devices" ======================== HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\PEVSystemStart HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\procexp90.Sys
  20. Difanel
    Bonjour je viens d'effectuer la manip et toujours pas possible de passer en mode sans echec
  21. Difanel
    Bonjour Pear et merci de ton aide pour info, toujours impossible de passer en mode sans echec. Dois-je marquer mon problème comme terminer ?
  22. Difanel
    Bonjour voici le rapport d'Hijackthis après nettoyage de Combo Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:57:44, on 24/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\Ati2evxx.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe E:\WINDOWS\system32\drivers\CDAC11BA.EXE E:\PVSW\Bin\WGE_SRV.exe c:\Program Files\PC Tools Firewall Plus\FWService.exe E:\WINDOWS\system32\Ati2evxx.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe E:\WINDOWS\system32\ctfmon.exe E:\WINDOWS\explorer.exe C:\Karcher\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.free.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=61005 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=61005 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file) R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [00PCTFW] "c:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~1\INetRepl.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/ O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - E:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {B1826A9F-4AA0-4510-BA77-9013E74E4B9B} - http://www.trendmicro.com/spyware-scan/as4web.cab O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\Program Files\a-squared Free\a2service.exe O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - E:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - E:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: EBP Pervasive.SQL - Unknown owner - E:\PVSW\Bin\WGE_SRV.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - E:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - c:\Program Files\PC Tools Firewall Plus\FWService.exe -- End of file - 6131 bytes
  23. Difanel
    Bonjour veuillez m excuser, voici l'intégralité des rapports Fichier Domino.exe reçu le 2009.07.24 00:00:37 (UTC) Situation actuelle: terminé Résultat: 0/41 (0.00%) Formaté Formaté Impression des résultats Impression des résultats Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.24 2009.07.23 - AhnLab-V3 5.0.0.2 2009.07.23 - AntiVir 7.9.0.228 2009.07.23 - Antiy-AVL 2.0.3.7 2009.07.23 - Authentium 5.1.2.4 2009.07.24 - Avast 4.8.1335.0 2009.07.23 - AVG 8.5.0.387 2009.07.23 - BitDefender 7.2 2009.07.24 - CAT-QuickHeal 10.00 2009.07.23 - ClamAV 0.94.1 2009.07.23 - Comodo 1748 2009.07.24 - DrWeb 5.0.0.12182 2009.07.24 - eSafe 7.0.17.0 2009.07.23 - eTrust-Vet 31.6.6635 2009.07.23 - F-Prot 4.4.4.56 2009.07.23 - F-Secure 8.0.14470.0 2009.07.23 - Fortinet 3.120.0.0 2009.07.23 - GData 19 2009.07.24 - Ikarus T3.1.1.64.0 2009.07.23 - Jiangmin 11.0.800 2009.07.23 - K7AntiVirus 7.10.800 2009.07.23 - Kaspersky 7.0.0.125 2009.07.24 - McAfee 5686 2009.07.23 - McAfee+Artemis 5686 2009.07.23 - McAfee-GW-Edition 6.8.5 2009.07.24 - Microsoft 1.4903 2009.07.23 - NOD32 4271 2009.07.23 - Norman 6.01.09 2009.07.22 - nProtect 2009.1.8.0 2009.07.23 - Panda 10.0.0.14 2009.07.23 - PCTools 4.4.2.0 2009.07.23 - Prevx 3.0 2009.07.24 - Rising 21.39.34.00 2009.07.23 - Sophos 4.44.0 2009.07.24 - Sunbelt 3.2.1858.2 2009.07.23 - Symantec 1.4.4.12 2009.07.24 - TheHacker 6.3.4.3.372 2009.07.23 - TrendMicro 8.950.0.1094 2009.07.23 - VBA32 3.12.10.9 2009.07.23 - ViRobot 2009.7.23.1849 2009.07.23 - VirusBuster 4.6.5.0 2009.07.23 - Information additionnelle File size: 49152 bytes MD5 : 5603c2c8940f5e43864d4000304ab175 SHA1 : f22234ed04ad1220b28cacaabc2ab0361ce6fe11 SHA256: aea3c84d561c605bb42968e98c6024909b6ad8cba64c45aed6343495fc78ab58 PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x2590 timedatestamp.....: 0x44E58125 (Fri Aug 18 10:58:13 2006) machinetype.......: 0x14C (Intel I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x5475 0x6000 5.99 eb40aa04898b145b39ad6fed65d76aea .rdata 0x7000 0xD0E 0x1000 4.86 ac8f8ad613fec801923e04b97959ead4 .data 0x8000 0x5A98 0x3000 0.65 d87ce043bef47f3a61d4950c786abbce .rsrc 0xE000 0x360 0x1000 0.90 aafef067de0eebfa29c644d3bdefbed3 ( 4 imports ) > kernel32.dll: CloseHandle, GetLastError, CreateMutexA, UnmapViewOfFile, MapViewOfFile, Sleep, CreateFileMappingA, GetSystemTime, SetFilePointer, LoadLibraryA, GetProcAddress, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, FlushFileBuffers, SetStdHandle, IsBadCodePtr, IsBadWritePtr, IsBadReadPtr, SetUnhandledExceptionFilter, VirtualAlloc, WriteFile, VirtualFree, HeapCreate, HeapDestroy, GetFileType, GetStdHandle, SetHandleCount, RtlUnwind, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersion, ExitProcess, HeapFree, HeapAlloc, WideCharToMultiByte, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GetModuleFileNameA, FreeEnvironmentStringsA, MultiByteToWideChar, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, GetCPInfo, GetACP, GetOEMCP > ole32.dll: CreateBindCtx, CoUninitialize, CoGetMalloc, CoCreateInstance, MkParseDisplayName, CoInitialize > oleaut32.dll: -, - > user32.dll: DispatchMessageA, TranslateMessage, TranslateAcceleratorA, GetMessageA, LoadAcceleratorsA, RegisterDeviceNotificationA, UnregisterDeviceNotification, RegisterClassExA, CreateWindowExA, PostQuitMessage, DefWindowProcA ( 0 exports ) TrID : File type identification Win64 Executable Generic (58.7%) Win32 Executable MS Visual C++ (generic) (25.8%) Win32 Executable Generic (5.8%) Win32 Dynamic Link Library (generic) (5.2%) Win32 Executable MS Visual FoxPro 7 (1.5%) ThreatExpert: http://www.threatexpert.com/report.aspx?md...64d4000304ab175 ssdeep: 384:2kG0uunnXM+C23lgQbBVYPP9ewsGTybD9TP4+Ylav6/ge+c7NkCDhOK6qhxaKE9t:24nXMZ7CIYwsjp9C7Nn16q39khs7JK1 PEiD : InstallShield 2000 CWSandbox: http://research.sunbelt-software.com/partn...64d4000304ab175 RDS : NSRL Reference Data Set - Fichier ZSSnp211.exe reçu le 2009.07.19 11:59:22 (UTC) Situation actuelle: terminé Résultat: 4/41 (9.76%) Formaté Formaté Impression des résultats Impression des résultats Antivirus Version Dernière mise à jour Résultat a-squared 4.5.0.24 2009.07.19 Trojan.Win32.Patched!IK AhnLab-V3 5.0.0.2 2009.07.19 - AntiVir 7.9.0.220 2009.07.17 - Antiy-AVL 2.0.3.7 2009.07.17 Trojan/Win32.Patched.gen Authentium 5.1.2.4 2009.07.19 - Avast 4.8.1335.0 2009.07.19 - AVG 8.5.0.387 2009.07.19 - BitDefender 7.2 2009.07.19 - CAT-QuickHeal 10.00 2009.07.17 - ClamAV 0.94.1 2009.07.19 - Comodo 1701 2009.07.19 - DrWeb 5.0.0.12182 2009.07.19 - eSafe 7.0.17.0 2009.07.16 Win32.Patched.ch eTrust-Vet 31.6.6623 2009.07.18 - F-Prot 4.4.4.56 2009.07.19 - F-Secure 8.0.14470.0 2009.07.18 - Fortinet 3.120.0.0 2009.07.19 - GData 19 2009.07.19 - Ikarus T3.1.1.64.0 2009.07.19 Trojan.Win32.Patched Jiangmin 11.0.800 2009.07.19 - K7AntiVirus 7.10.796 2009.07.18 - Kaspersky 7.0.0.125 2009.07.19 - McAfee 5680 2009.07.18 - McAfee+Artemis 5680 2009.07.18 - McAfee-GW-Edition 6.8.5 2009.07.19 - Microsoft 1.4803 2009.07.19 - NOD32 4257 2009.07.18 - Norman 6.01.09 2009.07.17 - nProtect 2009.1.8.0 2009.07.19 - Panda 10.0.0.14 2009.07.18 - PCTools 4.4.2.0 2009.07.19 - Prevx 3.0 2009.07.19 - Rising 21.38.62.00 2009.07.19 - Sophos 4.43.0 2009.07.19 - Sunbelt 3.2.1858.2 2009.07.18 - Symantec 1.4.4.12 2009.07.19 - TheHacker 6.3.4.3.370 2009.07.17 - TrendMicro 8.950.0.1094 2009.07.18 - VBA32 3.12.10.8 2009.07.19 - ViRobot 2009.7.17.1841 2009.07.17 - VirusBuster 4.6.5.0 2009.07.16 - Information additionnelle File size: 49152 bytes MD5 : 6409f6271afe9b4fe449db849042e240 SHA1 : 7c8475f7d37f0b72a10c04316b143f28cf0cf43b SHA256: b068d378be689ca0ac2f60e057eff15444572ef6a767a8a1a788080c730b34c8 PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x2BC0 timedatestamp.....: 0x44E68761 (Sat Aug 19 05:37:05 2006) machinetype.......: 0x14C (Intel I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x5AA5 0x6000 6.26 30a2c00e45e827c62e1d40f2609bb79a .rdata 0x7000 0xD6A 0x1000 4.82 d8875a53a92a69be8fe3e3aa0e8e533f .data 0x8000 0x5058 0x3000 0.72 aabfd405a7da657217ac59cf72a5fa9e .rsrc 0xE000 0x3F8 0x1000 1.07 3654bab490d14573b358dea5c272546e ( 0 imports ) ( 0 exports ) TrID : File type identification Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) ThreatExpert: http://www.threatexpert.com/report.aspx?md...449db849042e240 ssdeep: 768:tSODkIlk9EC5DiaBwPUk/Dvufk8x57JKB:tSsNGWCFU8GvufFKB PEiD : InstallShield 2000 CWSandbox: http://research.sunbelt-software.com/partn...449db849042e240 RDS : NSRL Reference Data Set - 0 bytes size received / Se ha recibido un archivo vacio Merci
  24. Difanel
    Pardon pour cet oubli toujours impossible de passer en mode sans echec
  25. Difanel
    Bonjour voici 2 réponses, la 3eme(e:\documents settings....)pas de réponse MD5: 5603c2c8940f5e43864d4000304ab175 First received: 2007.11.19 21:58:10 UTC Date 2009.07.20 19:08:57 UTC [>2D] Résultats 0/40 Permalink: analisis/aea3c84d561c605bb42968e98c6024909b6ad8cba64c45aed6343495fc78ab58-1248116937 MD5: 6409f6271afe9b4fe449db849042e240 First received: 2009.02.09 19:10:47 UTC Date 2009.07.19 11:59:22 UTC [>4D] Résultats 4/41 Permalink: analisis/b068d378be689ca0ac2f60e057eff15444572ef6a767a8a1a788080c730b34c8-1248004762 0 bytes size received / Se ha recibido un archivo vacio
×
×
  • Créer...