issel
-
Compteur de contenus
10 -
Inscription
-
Dernière visite
issel's Achievements
Junior Member (3/12)
0
Réputation sur la communauté
-
IE bug de temps en temps lors d'une utilisation normale depuis ce "virus". Si sa devient trop genant j'instalerais Firefox. Par contre ya une possibilité de désinstaler IE proprement ? Sinon merci bien pour toute l'aide que tu m'as apporté. ++
-
A chaque fois que je lancer un scann en ligne je désactivais mon antivirus... Mais bon impossible de le faire toujours l'erreur IE...
-
Ayant pas réussi en mode sans échec, j'ai essayé sur ton conseil le scann AVG AS en mode normal et ça marche ! Par contre j'ai un ptit probléme de rapport. Impossible de le trouver... :s Voici les fichiers en quarantaine: Au fait j'avais deja réglé mes options des dossiers comme tu me l'as dit mais impossible de trouver ce dossier "Adverts" J'attends ta réponse
-
Re, Bon j'ai réussi a désinstaller Java et Msn plus. J'ai aussi installé comme demandé AVG AS et configuré. Mais la ce pose déjà le 1er problème: Lors du redémarrage en mode sans échec je ne trouve pas le dossier "c:\program files\advert". J'ai quand même continué la manip (supr le dossier "gram size part more" et le fichier "stubinstaller.exe"). Ensuite j'ai fait ATF Cleaner; mais au moment de lancer AVG AS en mode sans échec, voici ce qu'il me dit: J'ai tenté de le réinstaller mais rien a faire. N'y arrivant pas j'ai continué en retestant un scan en ligne Kaspersky mais toujours l'erreur de IE. Dailleurs la voici: J'ai quand fait la manip demandé sous Hijackthis et voici pour finir le rapport: StartupList report, 06/06/2007, 17:45:26 StartupList version: 1.52.2 Started from : C:\Documents and Settings\station\Mes documents\JOHN PERSO\hijackthis\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v7.00 (7.00.6000.16441) * Using default options * Including empty and uninteresting sections * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Securitoo\av_fw\fswsclds.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\SiteAdvisor\6021\SAService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\htpatch.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe C:\Program Files\SiteAdvisor\6021\SiteAdv.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Kyocera Mita\FileUtility\NsCatCom.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\station\Mes documents\JOHN PERSO\hijackthis\HijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:\Documents and Settings\station\Menu Démarrer\Programmes\Démarrage] *No files* Shell folders AltStartup: *Folder not found* User shell folders Startup: *Folder not found* User shell folders AltStartup: *Folder not found* Shell folders Common Startup: [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage] Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE MioSync.lnk = C:\Program Files\Mio Technology\MioSync\mioSync.exe NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe Scanner File Utility.lnk = ? Shell folders Common AltStartup: *Folder not found* User shell folders Common Startup: *Folder not found* User shell folders Alternate Common Startup: *Folder not found* -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, [HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* [HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] *Registry value not found* [HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon] *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No values found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run updateMgr = C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 swg = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No values found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\Run [OptionalComponents] *No values found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\Run *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce *No subkeys found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- Autorun entries in Registry subkeys of: HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run *Registry key not found* -------------------------------------------------- File association entry for .EXE: HKEY_CLASSES_ROOT\exefile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .COM: HKEY_CLASSES_ROOT\comfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .BAT: HKEY_CLASSES_ROOT\batfile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .PIF: HKEY_CLASSES_ROOT\piffile\shell\open\command (Default) = "%1" %* -------------------------------------------------- File association entry for .SCR: HKEY_CLASSES_ROOT\scrfile\shell\open\command (Default) = "%1" /S -------------------------------------------------- File association entry for .HTA: HKEY_CLASSES_ROOT\htafile\shell\open\command (Default) = C:\WINDOWS\system32\mshta.exe "%1" %* -------------------------------------------------- File association entry for .TXT: HKEY_CLASSES_ROOT\txtfile\shell\open\command (Default) = %SystemRoot%\system32\NOTEPAD.EXE %1 -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] * StubPath = C:\WINDOWS\system32\ieudinit.exe [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] * StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT [{5945c046-1e7d-11d1-bc44-00c04fd912be}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] * StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings -------------------------------------------------- Enumerating ICQ Agent Autostart apps: HKCU\Software\Mirabilis\ICQ\Agent\Apps *Registry key not found* -------------------------------------------------- Load/Run keys from C:\WINDOWS\WIN.INI: load=*INI section not found* run=*INI section not found* Load/Run keys from Registry: HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found* HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found* HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found* HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found* HKCU\..\Windows NT\CurrentVersion\Windows: load= HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found* HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs= -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU\..\Policies: Shell=*Registry value not found* HKLM\..\Policies: Shell=*Registry value not found* -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Verifying REGEDIT.EXE integrity: - Regedit.exe found in C:\WINDOWS - .reg open command is normal (regedit.exe %1) - Regedit.exe has no CompanyName property! It is either missing or named something else. - Regedit.exe has no OriginalFilename property! It is either missing or named something else. - Regedit.exe has no FileDescription property! It is either missing or named something else. Registry check failed! -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} flashget urlcatch - C:\Program Files\FlashGet\jccatch.dll - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} (no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F} (no name) - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (no name) - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6} (no name) - c:\program files\google\googletoolbar3.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7} (no name) - C:\Program Files\FlashGet\getflash.dll - {F156768E-81EF-470C-9057-481BA8380DBA} -------------------------------------------------- Enumerating Task Scheduler jobs: *No jobs found* -------------------------------------------------- Enumerating Download Program Files: [CKAVWebScan Object] InProcServer32 = C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll CODEBASE = http://webscanner.kaspersky.fr/kavwebscan_unicode.cab [MeadCo ScriptX] InProcServer32 = C:\WINDOWS\system32\MCScripX.dll CODEBASE = file:///C:/Program%20Files/ODS/EGN/HTC/dfPrint/dataFloat/print/smsx.cab OSD = C:\WINDOWS\Downloaded Program Files\smsx.osd [SecureObjectFactory Class] InProcServer32 = C:\Program Files\McAfee\Managed VirusScan\Agent\MyAsUtil4.5.0.464.dll CODEBASE = http://vscanasap.mondsi.com/VS2/bin/myCioAgt.20051122181307.cab [MSN Photo Upload Tool] InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.2\MsnPUpld.dll CODEBASE = http://by134fd.bay134.hotmail.msn.com/resources/MsnPUpld.cab [{56336BCB-3D8A-11D6-A00B-0050DA18DE71}] CODEBASE = http://software-dl.real.com/289c673fc4f72849bd15/netzip/RdxIE601_fr.cab [HouseCall Control] InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx CODEBASE = http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab [ActiveScan Installer Class] InProcServer32 = C:\WINDOWS\Downloaded Program Files\asinst.dll CODEBASE = http://acs.pandasoftware.com/activescan/as5free/asinst.cab [Java Plug-in 1.5.0_11] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll CODEBASE = http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab [Java Plug-in 1.6.0_01] InProcServer32 = C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll CODEBASE = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -------------------------------------------------- Enumerating Winsock LSP files: NameSpace #1: C:\WINDOWS\System32\mswsock.dll NameSpace #2: C:\WINDOWS\System32\winrnr.dll NameSpace #3: C:\WINDOWS\System32\mswsock.dll Protocol #1: C:\WINDOWS\system32\mswsock.dll Protocol #2: C:\WINDOWS\system32\mswsock.dll Protocol #3: C:\WINDOWS\system32\mswsock.dll Protocol #4: C:\WINDOWS\system32\rsvpsp.dll Protocol #5: C:\WINDOWS\system32\rsvpsp.dll Protocol #6: C:\WINDOWS\system32\mswsock.dll Protocol #7: C:\WINDOWS\system32\mswsock.dll Protocol #8: C:\WINDOWS\system32\mswsock.dll Protocol #9: C:\WINDOWS\system32\mswsock.dll Protocol #10: C:\WINDOWS\system32\mswsock.dll Protocol #11: C:\WINDOWS\system32\mswsock.dll Protocol #12: C:\WINDOWS\system32\mswsock.dll Protocol #13: C:\WINDOWS\system32\mswsock.dll Protocol #14: C:\WINDOWS\system32\mswsock.dll -------------------------------------------------- Enumerating Windows NT/2000/XP services Pilote ACPI Microsoft: System32\DRIVERS\ACPI.sys (system) Suppresseur d'écho acoustique (Noyau Microsoft): system32\drivers\aec.sys (manual start) Environnement de prise en charge de réseau AFD: \SystemRoot\System32\drivers\afd.sys (system) Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start) Avertissement: %SystemRoot%\System32\svchost.exe -k LocalService (disabled) Service de la passerelle de la couche Application: %SystemRoot%\System32\alg.exe (manual start) Gestion d'applications: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) Pilote de média asynchrone RAS: System32\DRIVERS\asyncmac.sys (manual start) Contrôleur de disque dur IDE/ESDI standard: System32\DRIVERS\atapi.sys (system) Protocole client ATM ARP: System32\DRIVERS\atmarpc.sys (manual start) Audio Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote audio Stub: System32\DRIVERS\audstub.sys (manual start) AVG Anti-Spyware Driver: \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys (system) AVG Anti-Spyware Guard: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (autostart) AVG Anti-Spyware Clean Driver: System32\DRIVERS\AvgAsCln.sys (system) Broadcom 440x 10/100 Integrated Controller XP Driver: System32\DRIVERS\bcm4sbxp.sys (manual start) Service de transfert intelligent en arrière-plan: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Boonty Games: "C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" (manual start) Explorateur d'ordinateur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Décodeur sous-titre fermé: System32\DRIVERS\CCDECODE.sys (manual start) Pilote de CD-ROM: System32\DRIVERS\cdrom.sys (system) Service d'indexation: %SystemRoot%\system32\cisvc.exe (manual start) Gestionnaire de l'Album: %SystemRoot%\system32\clipsrv.exe (disabled) Application système COM+: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start) Services de cryptographie: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) MiniCam: System32\Drivers\SQcaptur.sys (manual start) Lanceur de processus serveur DCOM: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) Client DHCP: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de disque: System32\DRIVERS\disk.sys (system) Service d'administration du Gestionnaire de disque logique: %SystemRoot%\System32\dmadmin.exe /com (manual start) dmboot: System32\drivers\dmboot.sys (disabled) Pilote de Gestionnaire de disque logique: System32\drivers\dmio.sys (system) dmload: System32\drivers\dmload.sys (system) Gestionnaire de disque logique: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Synthétiseur DLS du noyau Microsoft: system32\drivers\DMusic.sys (manual start) Client DNS: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart) Filtre de décodeur DRM (Noyau Microsoft): system32\drivers\drmkaud.sys (manual start) Service de rapport d'erreurs: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Journal des événements: %SystemRoot%\system32\services.exe (autostart) Système d'événements de COM+: C:\WINDOWS\System32\svchost.exe -k netsvcs (manual start) Compatibilité avec le Changement rapide d'utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote de contrôleur de lecteur de disquettes: System32\DRIVERS\fdc.sys (manual start) Pilote de lecteur de disquettes: System32\DRIVERS\flpydisk.sys (manual start) FltMgr: system32\drivers\fltmgr.sys (system) F-Secure Windows Security Center Legacy Detection Service: C:\Program Files\Securitoo\av_fw\fswsclds.exe (autostart) Pilote du Gestionnaire de volume: System32\DRIVERS\ftdisk.sys (system) GMSIPCI: \??\D:\INSTALL\GMSIPCI.SYS (manual start) Classificateur de paquets générique: System32\DRIVERS\msgpc.sys (manual start) Google Updater Service: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" (manual start) Aide et support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Accès du périphérique d'interface utilisateur: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Pilote de classe HID Microsoft: System32\DRIVERS\hidusb.sys (manual start) HTTP: System32\Drivers\HTTP.sys (manual start) HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start) Pilote pour clavier i8042 et souris sur port PS/2: System32\DRIVERS\i8042prt.sys (system) Iomega Snapshot Volume Filter: system32\DRIVERS\IABFilt.sys (system) Pilote de filtre de gravure CD: System32\DRIVERS\imapi.sys (system) Service COM de gravage de CD IMAPI: C:\WINDOWS\System32\imapi.exe (manual start) Pilote de processeur Intel: System32\DRIVERS\intelppm.sys (system) Pilote du pare-feu Windows IPv6: system32\drivers\ip6fw.sys (manual start) Pilote de filtre de trafic IP: System32\DRIVERS\ipfltdrv.sys (manual start) Pilote de tunnelage IP dans IP: System32\DRIVERS\ipinip.sys (manual start) Traducteur d'adresses réseau IP: System32\DRIVERS\ipnat.sys (manual start) Pilote IPSEC: System32\DRIVERS\ipsec.sys (system) Protocole IrDA: System32\DRIVERS\irda.sys (autostart) Service énumérateur IR: System32\DRIVERS\irenum.sys (manual start) Moniteur infrarouge: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote de bus Plug-and-Play ISA/EISA: System32\DRIVERS\isapnp.sys (system) Pilote de la classe Clavier: System32\DRIVERS\kbdclass.sys (system) Mélangeur audio Wave de noyau Microsoft: system32\drivers\kmixer.sys (manual start) Serveur: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Station de travail: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Assistance TCP/IP NetBIOS: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) McShield: C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe (manual start) Affichage des messages: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) McAfee Inc.: system32\drivers\MfeAVFK.sys (manual start) McAfee Inc.: system32\drivers\MfeBOPK.sys (manual start) McAfee Inc.: system32\drivers\mfehidk.sys (manual start) McAfee Inc.: system32\drivers\mfetdik.sys (system) Partage de Bureau à distance NetMeeting: C:\WINDOWS\System32\mnmsrvc.exe (manual start) Pilote de la classe Souris: System32\DRIVERS\mouclass.sys (system) Pilote HID de souris: System32\DRIVERS\mouhid.sys (manual start) Redirecteur client WebDav: System32\DRIVERS\mrxdav.sys (manual start) MRXSMB: System32\DRIVERS\mrxsmb.sys (system) Distributed Transaction Coordinator: C:\WINDOWS\System32\msdtc.exe (manual start) Microsoft IR Communications Driver: System32\DRIVERS\MSIRCOMM.sys (manual start) Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start) Proxy de service de répartition Microsoft: system32\drivers\MSKSSRV.sys (manual start) Proxy d'horloge de répartition Microsoft: system32\drivers\MSPCLOCK.sys (manual start) Proxy de gestion de qualité de répartition Microsoft: system32\drivers\MSPQM.sys (manual start) Pilote BIOS de gestion de systèmes Microsoft: System32\DRIVERS\mssmbios.sys (manual start) Convertisseur en T/site-à-site de répartition Microsoft: system32\drivers\MSTEE.sys (manual start) Service de protection contre les virus et les logiciels espions McAfee: C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe /ServiceStart (autostart) Codec NABTS/FEC VBI: System32\DRIVERS\NABTSFEC.sys (manual start) NaiAvFilter1: system32\drivers\naiavf5x.sys (manual start) Connection TV/vidéo Microsoft: System32\DRIVERS\NdisIP.sys (manual start) Pilote TAPI NDIS d'accès distant: System32\DRIVERS\ndistapi.sys (manual start) NDIS mode utilisateur E/S Protocole: System32\DRIVERS\ndisuio.sys (manual start) Pilote réseau étendu NDIS d'accès distant: System32\DRIVERS\ndiswan.sys (manual start) Interface NetBIOS: System32\DRIVERS\netbios.sys (system) NetBIOS sur TCP/IP: System32\DRIVERS\netbt.sys (system) DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) DSDM DDE réseau: %SystemRoot%\system32\netdde.exe (disabled) Ouverture de session réseau: %SystemRoot%\System32\lsass.exe (manual start) Connexions réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) NLA (Network Location Awareness): %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Fournisseur de la prise en charge de sécurité LM NT: %SystemRoot%\System32\lsass.exe (manual start) Stockage amovible: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start) nv: System32\DRIVERS\nv4_mini.sys (manual start) NVIDIA Driver Helper Service: %SystemRoot%\System32\nvsvc32.exe (autostart) Pilote de filtre de trafic IPX: System32\DRIVERS\nwlnkflt.sys (manual start) Pilote de transfert de trafic IPX: System32\DRIVERS\nwlnkfwd.sys (manual start) Pilote de port parallèle: System32\DRIVERS\parport.sys (manual start) PCI Bus Driver: System32\DRIVERS\pci.sys (system) PCIIde: System32\DRIVERS\pciide.sys (system) Plug-and-Play: %SystemRoot%\system32\services.exe (autostart) Pml Driver HPZ12: C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe (manual start) Services IPSEC: %SystemRoot%\System32\lsass.exe (autostart) Miniport réseau étendu (PPTP): System32\DRIVERS\raspptp.sys (manual start) Pilote processeur: System32\DRIVERS\processr.sys (system) Emplacement protégé: %SystemRoot%\system32\lsass.exe (autostart) Planificateur de paquets QoS: System32\DRIVERS\psched.sys (manual start) Pilote de liaison parallèle directe: System32\DRIVERS\ptilink.sys (manual start) Pilote de connexion automatique d'accès distant: System32\DRIVERS\rasacd.sys (system) Gestionnaire de connexion automatique d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Miniport réseau étendu (IrDA): System32\DRIVERS\rasirda.sys (manual start) Miniport réseau étendu (L2TP): System32\DRIVERS\rasl2tp.sys (manual start) Gestionnaire de connexions d'accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote PPPOE d'accès à distance: System32\DRIVERS\raspppoe.sys (manual start) Parallèle direct: System32\DRIVERS\raspti.sys (manual start) Rdbss: System32\DRIVERS\rdbss.sys (system) RDPCDD: System32\DRIVERS\RDPCDD.sys (system) Pilote de redirecteur de périphérique Terminal Server: System32\DRIVERS\rdpdr.sys (manual start) Gestionnaire de session d'aide sur le Bureau à distance: C:\WINDOWS\system32\sessmgr.exe (manual start) Pilote de filtre de lecture digitale de CD audio: System32\DRIVERS\redbook.sys (system) Routage et accès distant: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled) Accès à distance au Registre: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Localisateur d'appels de procédure distante (RPC): %SystemRoot%\System32\locator.exe (manual start) Appel de procédure distante (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) QoS RSVP: %SystemRoot%\System32\rsvp.exe (manual start) Gestionnaire de comptes de sécurité: %SystemRoot%\system32\lsass.exe (autostart) Carte à puce: %SystemRoot%\System32\SCardSvr.exe (manual start) Planificateur de tâches: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secdrv: System32\DRIVERS\secdrv.sys (manual start) Connexion secondaire: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Notification d'événement système: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de filtre Serenum: System32\DRIVERS\serenum.sys (manual start) Pilote de port série: System32\DRIVERS\serial.sys (system) Pare-feu Windows / Partage de connexion Internet: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Détection matériel noyau: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) SiS AGP Filter: System32\DRIVERS\SISAGPX.sys (system) SiteAdvisor Service: C:\Program Files\SiteAdvisor\6021\SAService.exe (autostart) Détrameur décalage BDA: System32\DRIVERS\SLIP.sys (manual start) Splitter audio du noyau Microsoft: system32\drivers\splitter.sys (manual start) Spouleur d'impression: %SystemRoot%\system32\spoolsv.exe (autostart) Pilote de filtre de restauration système: System32\DRIVERS\sr.sys (system) Service de restauration système: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Srv: System32\DRIVERS\srv.sys (manual start) Service de découvertes SSDP: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Dongle SigmaTel USB-IrDA: System32\DRIVERS\irstusb.sys (manual start) Acquisition d'image Windows (WIA): %SystemRoot%\System32\svchost.exe -k imgsvc (autostart) BDA IPSink: System32\DRIVERS\StreamIP.sys (manual start) Pilote de bus logiciel: System32\DRIVERS\swenum.sys (manual start) Synthétiseur de table de sons GC noyau Microsoft: system32\drivers\swmidi.sys (manual start) MS Software Shadow Copy Provider: C:\WINDOWS\System32\dllhost.exe /Processid:{21C288E6-9461-43C6-8294-306158F47D55} (manual start) Périphérique audio système du noyau Microsoft: system32\drivers\sysaudio.sys (manual start) Journaux et alertes de performance: %SystemRoot%\system32\smlogsvc.exe (manual start) Téléphonie: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Pilote du protocole TCP/IP: System32\DRIVERS\tcpip.sys (system) Pilote de périphérique terminal: System32\DRIVERS\termdd.sys (system) Services Terminal Server: %SystemRoot%\System32\svchost -k DComLaunch (manual start) Thèmes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Telnet: C:\WINDOWS\System32\tlntsvr.exe (disabled) Client de suivi de lien distribué: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Pilote de mise à jour microcode: System32\DRIVERS\update.sys (manual start) Hôte de périphérique universel Plug-and-Play: %SystemRoot%\System32\svchost.exe -k LocalService (manual start) Onduleur: %SystemRoot%\System32\ups.exe (manual start) Pilote parent générique USB Microsoft: System32\DRIVERS\usbccgp.sys (manual start) Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft: System32\DRIVERS\usbehci.sys (manual start) Concentrateur USB2: System32\DRIVERS\usbhub.sys (manual start) Pilote miniport de contrôleur hôte ouvert USB Microsoft: System32\DRIVERS\usbohci.sys (manual start) Pilote de scanneur USB: system32\DRIVERS\usbscan.sys (manual start) Pilote de stockage de masse USB: System32\DRIVERS\USBSTOR.SYS (manual start) Service Messenger Sharing Folders USN Journal Reader: "C:\Program Files\MSN Messenger\usnsvc.exe" (manual start) Carte vidéo VGA.: \SystemRoot\System32\drivers\vga.sys (system) Cliché instantané de volume: %SystemRoot%\System32\vssvc.exe (manual start) Horloge Windows: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Pilote ARP IP d'accès distant: System32\DRIVERS\wanarp.sys (manual start) Pilote WINMM de compatibilité audio WDM Microsoft: system32\drivers\wdmaud.sys (manual start) WebClient: %SystemRoot%\System32\svchost.exe -k LocalService (autostart) Infrastructure de gestion Windows: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Service de numéro de série du lecteur multimédia portable: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Extensions du pilote WMI: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) Carte de performance WMI: C:\WINDOWS\System32\wbem\wmiapsrv.exe (manual start) Service Partage réseau du Lecteur Windows Media: "C:\Program Files\Windows Media Player\WMPNetwk.exe" (manual start) WpdUsb: System32\Drivers\wpdusb.sys (manual start) Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0: \SystemRoot\System32\drivers\ws2ifsl.sys (disabled) Centre de sécurité: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Codec Teletext standard: System32\DRIVERS\WSTCODEC.SYS (manual start) Mises à jour automatiques: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Windows Driver Foundation - User-mode Driver Framework Platform Driver: system32\DRIVERS\WudfPf.sys (manual start) Windows Driver Foundation - User-mode Driver Framework Reflector: system32\DRIVERS\wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup (manual start) Configuration automatique sans fil: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Service d'approvisionnement réseau: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start) -------------------------------------------------- Enumerating Windows NT logon/logoff scripts: *No scripts set to run* Windows NT checkdisk command: BootExecute = autocheck autochk * Windows NT 'Wininit.ini': PendingFileRenameOperations: *Registry value not found* -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\System32\stobject.dll WPDShServiceObj: C:\WINDOWS\system32\WPDShServiceObj.dll -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run *Registry key not found* -------------------------------------------------- End of report, 36 533 bytes Report generated in 0,140 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only ....dur dur lol
-
Pour le scann Kaspersky c'est impossible, ça fait exactement pareil que pour le scann Panda: erreur d'internet explorer. Voici une image: Sinon voici le rapport de DiagHelp comme demandé: DiagHelp version v1.1.1 - http://www.malekal.com excute le 06/06/2007 à 11:36:47,56 Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\wceusbsh.sys -->10/04/2007 15:05:04 C:\WINDOWS\System32/drivers\OLD1E.tmp -->10/04/2007 15:05:04 C:\WINDOWS\System32/drivers\ntfs.sys -->09/02/2007 13:10:35 C:\WINDOWS\System32/drivers\mfetdik.sys -->31/01/2007 12:14:58 C:\WINDOWS\System32/drivers\mfehidk.sys -->31/01/2007 12:13:52 C:\WINDOWS\System32/drivers\MfeBOPK.sys -->31/01/2007 12:13:20 C:\WINDOWS\System32/drivers\MfeAVFK.sys -->31/01/2007 12:13:08 C:\WINDOWS\System32\wpa.dbl -->06/06/2007 08:40:19 C:\WINDOWS\System32\Uninstall.ico -->05/06/2007 17:24:39 C:\WINDOWS\System32\pavas.ico -->05/06/2007 17:24:39 C:\WINDOWS\System32\Help.ico -->05/06/2007 17:24:39 C:\WINDOWS\System32\ebebcaa_s.dll -->04/06/2007 17:26:11 C:\WINDOWS\System32\bcdbeffab_s.ocx -->04/06/2007 17:26:11 C:\WINDOWS\System32\CONFIG.NT -->04/06/2007 11:25:22 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->26/05/2007 09:03:49 C:\WINDOWS\System32\FNTCACHE.DAT -->26/05/2007 08:55:11 C:\WINDOWS\System32\MRT.exe -->27/04/2007 13:45:14 C:\WINDOWS\System32\msi.dll -->18/04/2007 18:14:18 C:\WINDOWS\System32\d3d9caps.dat -->04/04/2007 16:03:06 C:\WINDOWS\System32\ieapfltr.dll -->03/04/2007 16:29:23 C:\WINDOWS\System32\ieapfltr.dat -->03/04/2007 06:36:20 C:\WINDOWS\System32\nscompat.tlb -->30/03/2007 18:50:32 C:\WINDOWS\System32\amcompat.tlb -->30/03/2007 18:50:32 C:\WINDOWS\System32\MCPXUser.exe -->27/03/2007 17:56:18 C:\WINDOWS\System32\MCPXHost.exe -->27/03/2007 17:56:18 C:\WINDOWS\System32\MCMaxiPT.dll -->27/03/2007 17:56:16 C:\WINDOWS\System32\MCPrintX.dll -->27/03/2007 17:56:14 C:\WINDOWS\System32\MCScripX.dll -->27/03/2007 17:56:10 C:\WINDOWS\System32\MCSecMgr.dll -->27/03/2007 17:56:08 C:\WINDOWS\System32\PerfStringBackup.INI -->27/03/2007 17:22:46 C:\WINDOWS\System32\perfh00C.dat -->27/03/2007 17:22:46 C:\WINDOWS\System32\perfh009.dat -->27/03/2007 17:22:46 C:\WINDOWS\setupapi.log -->06/06/2007 08:57:37 C:\WINDOWS\WindowsUpdate.log -->06/06/2007 08:40:06 C:\WINDOWS\wiadebug.log -->06/06/2007 08:40:05 C:\WINDOWS\wiaservc.log -->06/06/2007 08:40:04 C:\WINDOWS.log -->06/06/2007 08:39:54 C:\WINDOWS\bootstat.dat -->06/06/2007 08:39:52 C:\WINDOWS\SchedLgU.Txt -->05/06/2007 18:10:13 C:\WINDOWS\pavsig.txt -->05/06/2007 17:24:45 C:\WINDOWS\ntbtlog.txt -->04/06/2007 17:40:26 C:\WINDOWS\resetlog.txt -->04/06/2007 16:59:20 C:\WINDOWS\tsc.ini -->01/06/2007 17:29:13 C:\WINDOWS\vsapi32.dll -->01/06/2007 17:28:41 C:\WINDOWS\BPMNT.dll -->01/06/2007 17:28:40 C:\WINDOWS\GetServer.ini -->01/06/2007 17:28:37 C:\WINDOWS\tsc.ptn -->01/06/2007 17:14:12 Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 3073-C498 Répertoire de C:\WINDOWS\system32 19/08/2004 16:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 24 177 070 080 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 3073-C498 Répertoire de C:\WINDOWS\system32 18/07/2003 09:08 278 528 dmcpl.exe 1 fichier(s) 278 528 octets 0 Rép(s) 24 177 070 080 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 3073-C498 Répertoire de C:\WINDOWS\Downloaded Program Files 06/06/2007 08:57 <REP> . 06/06/2007 08:57 <REP> .. 22/03/2007 20:04 274 432 ascinstie.dll 22/03/2007 18:03 288 ascinstie.inf 24/08/2006 08:28 141 424 asinst.dll 22/08/2006 09:06 537 asinst.inf 07/03/2006 02:00 2 390 catalog.dat 18/05/2007 15:14 <REP> CONFLICT.1 31/05/2007 16:31 <REP> CONFLICT.2 24/09/2003 12:00 65 desktop.ini 07/03/2006 02:00 6 899 ecbootil.vxd 07/03/2006 02:00 288 376 ecmsvr32.dll 06/12/2006 17:27 1 249 erma.inf 08/08/2006 11:45 576 kavwebscan.inf 03/11/2005 16:45 300 myCIOAgt.Inf 07/03/2006 02:00 124 584 naveng32.dll 07/03/2006 02:00 788 136 navex32a.dll 22/09/2004 16:59 110 592 PURen-us.dll 15/10/2004 08:59 110 592 PURfr-xx.dll 03/06/2004 10:05 524 445 RdxIE.dll 07/03/2006 02:00 97 392 scrauth.dat 27/03/2007 17:55 2 587 smsx.inf 27/03/2007 17:55 1 322 smsx.osd 22/06/2006 11:41 5 032 swflash.inf 07/03/2006 02:00 14 symaveng.cat 07/03/2006 02:00 901 symaveng.inf 07/03/2006 02:00 44 201 tcdefs.dat 07/03/2006 02:00 944 211 tcscan7.dat 07/03/2006 02:00 270 509 tcscan8.dat 07/03/2006 02:00 529 871 tcscan9.dat 07/03/2006 02:00 453 tinf.dat 07/03/2006 02:00 148 tinfidx.dat 07/03/2006 02:00 1 957 tinfl.dat 07/03/2006 02:00 49 149 tscan1.dat 07/03/2006 02:00 1 237 tscan1hd.dat 07/03/2006 02:00 5 516 v.grd 07/03/2006 02:00 2 242 v.sig 07/03/2006 02:00 106 244 virscan.inf 07/03/2006 02:00 945 031 virscan1.dat 07/03/2006 02:00 561 112 virscan2.dat 07/03/2006 02:00 145 424 virscan3.dat 07/03/2006 02:00 320 086 virscan4.dat 07/03/2006 02:00 2 176 556 virscan5.dat 07/03/2006 02:00 387 239 virscan6.dat 07/03/2006 02:00 3 287 298 virscan7.dat 07/03/2006 02:00 1 497 629 virscan8.dat 07/03/2006 02:00 3 115 828 virscan9.dat 07/03/2006 02:00 32 virscant.dat 08/03/2006 16:50 2 072 vscanmsx.dat 02/11/2005 18:01 1 777 xscan.inf 02/11/2005 18:07 435 712 xscan53.ocx 07/03/2006 02:00 224 zdone.dat 48 fichier(s) 17 313 891 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1 18/05/2007 15:14 <REP> . 18/05/2007 15:14 <REP> .. 08/10/2004 16:01 372 736 MsnPUpld.dll 08/10/2004 16:13 587 MSNPupld.inf 22/09/2004 15:59 110 592 PURen-us.dll 15/10/2004 07:59 110 592 PURfr-xx.dll 4 fichier(s) 594 507 octets Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2 31/05/2007 16:31 <REP> . 31/05/2007 16:31 <REP> .. 08/10/2004 16:01 372 736 MsnPUpld.dll 08/10/2004 16:13 587 MSNPupld.inf 22/09/2004 15:59 110 592 PURen-us.dll 15/10/2004 07:59 110 592 PURfr-xx.dll 4 fichier(s) 594 507 octets Total des fichiers listés : 56 fichier(s) 18 502 905 octets 8 Rép(s) 24 177 065 984 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues [b]C:\Program Files\Advert présent![/b] Possible infection : lop.com Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\Kyocera Mita\\FileUtility\\NsCatCom.exe"="C:\\Program Files\\Kyocera Mita\\FileUtility\\NsCatCom.exe:*:Enabled:NsCatCom" "C:\\Program Files\\McAfee\\Managed VirusScan\\Agent\\myAgtSvc.exe"="C:\\Program Files\\McAfee\\Managed VirusScan\\Agent\\myAgtSvc.exe:*:Enabled:McAfee Managed Services Agent" "C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget" "C:\\Documents and Settings\\station\\Mes documents\\JOHN PERSO\\jeux\\Bid For Power\\ENGINE\\engine.exe"="C:\\Documents and Settings\\station\\Mes documents\\JOHN PERSO\\jeux\\Bid For Power\\ENGINE\\engine.exe:*:Enabled:engine" "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\McAfee\\Managed VirusScan\\Agent\\myAgtSvc.exe"="C:\\Program Files\\McAfee\\Managed VirusScan\\Agent\\myAgtSvc.exe:*:Enabled:McAfee Managed Services Agent" "C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-06 11:36:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden files ... scan completed successfully hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Process list by traversal of KiWaitListHead 4 - System 124 - iexplore.exe 128 - SAService.exe 196 - svchost.exe 412 - cmd.exe 524 - myAgtTry.exe 600 - explorer.exe 728 - csrss.exe 752 - winlogon.exe 796 - services.exe 808 - lsass.exe 964 - svchost.exe 1040 - svchost.exe 1104 - alg.exe 1128 - svchost.exe 1176 - svchost.exe 1312 - svchost.exe 1612 - spoolsv.exe 1744 - GoogleToolbarNo 1852 - SiteAdv.exe 1872 - fswsclds.exe 1892 - myAgtSvc.exe 2028 - ctfmon.exe 2128 - NkbMonitor.exe 2144 - NsCatCom.exe 2168 - iexplore.exe 2300 - usnsvc.exe 3992 - msnmsgr.exe Total number of processes = 28 NOTE: Under WinXP, this will not show all processes. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Driver/Module list by traversal of PsLoadedModuleList 804D7000 - \WINDOWS\system32\ntoskrnl.exe 806EC000 - \WINDOWS\system32\hal.dll F7D2E000 - \WINDOWS\system32\KDCOM.DLL F7C3E000 - \WINDOWS\system32\BOOTVID.dll F77DE000 - ACPI.sys F7D30000 - \WINDOWS\System32\DRIVERS\WMILIB.SYS F77CD000 - pci.sys F782E000 - isapnp.sys F7DF6000 - pciide.sys F7AAE000 - \WINDOWS\System32\DRIVERS\PCIIDEX.SYS F783E000 - MountMgr.sys F77AE000 - ftdisk.sys F7D32000 - dmload.sys F7788000 - dmio.sys F7AB6000 - PartMgr.sys F784E000 - VolSnap.sys F7770000 - atapi.sys F785E000 - disk.sys F786E000 - \WINDOWS\System32\DRIVERS\CLASSPNP.SYS F7750000 - fltmgr.sys F773E000 - sr.sys F7727000 - KSecDD.sys F769A000 - Ntfs.sys F766D000 - NDIS.sys F7ABE000 - SISAGPX.sys F7652000 - Mup.sys F7AC6000 - IABFilt.sys F790E000 - \SystemRoot\System32\DRIVERS\intelppm.sys F7524000 - \SystemRoot\System32\DRIVERS\nv4_mini.sys F7510000 - \SystemRoot\System32\DRIVERS\VIDEOPRT.SYS F791E000 - \SystemRoot\System32\DRIVERS\i8042prt.sys F7BC6000 - \SystemRoot\System32\DRIVERS\kbdclass.sys F7BCE000 - \SystemRoot\System32\DRIVERS\fdc.sys F74FF000 - \SystemRoot\System32\DRIVERS\serial.sys F7D16000 - \SystemRoot\System32\DRIVERS\serenum.sys F74EB000 - \SystemRoot\System32\DRIVERS\parport.sys F792E000 - \SystemRoot\System32\DRIVERS\imapi.sys F793E000 - \SystemRoot\System32\DRIVERS\cdrom.sys F794E000 - \SystemRoot\System32\DRIVERS\redbook.sys F74C8000 - \SystemRoot\System32\DRIVERS\ks.sys F7421000 - \SystemRoot\system32\drivers\ALCXWDM.SYS F73FD000 - \SystemRoot\system32\drivers\portcls.sys F795E000 - \SystemRoot\system32\drivers\drmk.sys F7BD6000 - \SystemRoot\System32\DRIVERS\usbohci.sys F73DA000 - \SystemRoot\System32\DRIVERS\USBPORT.SYS F7BDE000 - \SystemRoot\System32\DRIVERS\usbehci.sys F796E000 - \SystemRoot\System32\DRIVERS\bcm4sbxp.sys F7E52000 - \SystemRoot\System32\DRIVERS\audstub.sys F7BE6000 - \SystemRoot\System32\DRIVERS\rasirda.sys F7BEE000 - \SystemRoot\System32\DRIVERS\TDI.SYS F797E000 - \SystemRoot\System32\DRIVERS\rasl2tp.sys F7D22000 - \SystemRoot\System32\DRIVERS\ndistapi.sys F73C3000 - \SystemRoot\System32\DRIVERS\ndiswan.sys F798E000 - \SystemRoot\System32\DRIVERS\raspppoe.sys F799E000 - \SystemRoot\System32\DRIVERS\raspptp.sys F73B2000 - \SystemRoot\System32\DRIVERS\psched.sys F79AE000 - \SystemRoot\System32\DRIVERS\msgpc.sys F7BF6000 - \SystemRoot\System32\DRIVERS\ptilink.sys F7BFE000 - \SystemRoot\System32\DRIVERS\raspti.sys F7381000 - \SystemRoot\System32\DRIVERS\rdpdr.sys F79BE000 - \SystemRoot\System32\DRIVERS\termdd.sys F7C06000 - \SystemRoot\System32\DRIVERS\mouclass.sys F7D68000 - \SystemRoot\System32\DRIVERS\swenum.sys F734D000 - \SystemRoot\System32\DRIVERS\update.sys F761E000 - \SystemRoot\System32\DRIVERS\mssmbios.sys F79CE000 - \SystemRoot\System32\Drivers\NDProxy.SYS F7A0E000 - \SystemRoot\System32\DRIVERS\usbhub.sys F7D76000 - \SystemRoot\System32\DRIVERS\USBD.SYS F7D7A000 - \SystemRoot\System32\Drivers\Fs_Rec.SYS F7EA0000 - \SystemRoot\System32\Drivers\Null.SYS F7D7C000 - \SystemRoot\System32\Drivers\Beep.SYS F7C2E000 - \SystemRoot\System32\drivers\vga.sys F7D7E000 - \SystemRoot\System32\Drivers\mnmdd.SYS F7D80000 - \SystemRoot\System32\DRIVERS\RDPCDD.sys F7C36000 - \SystemRoot\System32\Drivers\Msfs.SYS F7ADE000 - \SystemRoot\System32\Drivers\Npfs.SYS F7CE6000 - \SystemRoot\System32\DRIVERS\rasacd.sys F41B3000 - \SystemRoot\System32\DRIVERS\ipsec.sys F415B000 - \SystemRoot\System32\DRIVERS\tcpip.sys F7A1E000 - \SystemRoot\system32\drivers\mfetdik.sys F413A000 - \SystemRoot\System32\DRIVERS\ipnat.sys F4112000 - \SystemRoot\System32\DRIVERS\netbt.sys F40F0000 - \SystemRoot\System32\drivers\afd.sys F7A2E000 - \SystemRoot\System32\DRIVERS\netbios.sys F40C5000 - \SystemRoot\System32\DRIVERS\rdbss.sys F4056000 - \SystemRoot\System32\DRIVERS\mrxsmb.sys F7A4E000 - \SystemRoot\System32\Drivers\Fips.SYS F7A5E000 - \SystemRoot\System32\DRIVERS\wanarp.sys F7D0A000 - \SystemRoot\System32\DRIVERS\hidusb.sys F7A7E000 - \SystemRoot\System32\DRIVERS\HIDCLASS.SYS F7AF6000 - \SystemRoot\System32\DRIVERS\HIDPARSE.SYS F7D0E000 - \SystemRoot\System32\DRIVERS\mouhid.sys F3A56000 - \SystemRoot\System32\Drivers\Cdfs.SYS F32E1000 - \SystemRoot\System32\Drivers\dump_atapi.sys F7DA8000 - \SystemRoot\System32\Drivers\dump_WMILIB.SYS BF800000 - \SystemRoot\System32\win32k.sys F7309000 - \SystemRoot\System32\drivers\Dxapi.sys F3BB6000 - \SystemRoot\System32\watchdog.sys BF9C3000 - \SystemRoot\System32\drivers\dxg.sys F7F4D000 - \SystemRoot\System32\drivers\dxgthk.sys BF9D5000 - \SystemRoot\System32\nv4_disp.dll F31A2000 - \SystemRoot\System32\DRIVERS\irda.sys F3EEE000 - \SystemRoot\System32\DRIVERS\ndisuio.sys F30C5000 - \SystemRoot\system32\drivers\wdmaud.sys F3A36000 - \SystemRoot\system32\drivers\sysaudio.sys F2F52000 - \SystemRoot\System32\DRIVERS\mrxdav.sys F7DAA000 - \SystemRoot\System32\Drivers\ParVdm.SYS F2ED8000 - \SystemRoot\System32\DRIVERS\srv.sys F27DF000 - \SystemRoot\System32\Drivers\HTTP.sys F26C7000 - \SystemRoot\system32\drivers\mfehidk.sys F22D9000 - \SystemRoot\system32\drivers\kmixer.sys F7F18000 - \SystemRoot\System32\DRIVERS\KProcCheck.sys Total number of drivers = 112 Liste des programmes installes Actions MP3 Player Ad-Aware SE Personal Adobe Flash Player 9 Adobe Reader 7.0.9 - Français Analyseur et SDK MSXML 4.0 SP2 ArcSoft Panorama Maker 3 ArcSoft Panorama Maker 3.0 CCleaner (remove only) EasyStudio Image Editor FlashGet(Jetcar) 1.81 FUJIFILM EZtouch Ver.3.3 FUJIFILM PICTURE SHUTTLE Ver.3.3 GammonEmpire Google Earth Google Toolbar for Internet Explorer HijackThis 1.99.1 HP Install Network Printer Wizard Infobel France 2001 Infobel France Office v7.1 Infobel France Office v7.1 Internet Access Iomega Automatic Backup Pro J2SE Runtime Environment 5.0 Update 11 Java 2 Runtime Environment, SE v1.4.2_04 Java(TM) SE Runtime Environment 6 Update 1 Kaspersky On-line Scanner Kaspersky Online Scanner KODAK Picture CD KyoceraMita Scanner File Utility Lecteur Windows Media 11 McAfee Virus and Spyware Protection Service Messenger Plus! 3 Messenger Plus! Live & Sponsor (CiD) Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2000 Small Business Microsoft Office 2000 SR-1 Standard Microsoft User-Mode Driver Framework Feature Pack 1.0 Mio Technology Speedcam Synchronisation ( Mantas ) 1.2.11.03.07 Mio Transfer Mise à jour de sécurité pour Windows Internet Explorer 7 (KB928090) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB929969) Mise à jour de sécurité pour Windows Internet Explorer 7 (KB931768) MSXML 4.0 SP2 (KB927978) My DSC Nikon FotoShare Nikon Message Center NVIDIA Windows 2000/XP Display Drivers Odyssée Odyssée II Panda ActiveScan PC-Linq PictureProject PIMS & File Manager QuickTime RealPlayer Realtek AC'97 Audio Service de protection du navigateur McAfee Spybot - Search & Destroy 1.4 Ulead Photo Express 4.0 SE VideoLAN VLC media player 0.8.5 WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 2 WinRAR archiver Yahoo! Toolbar Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 3073-C498 Répertoire de C:\Program Files 05/06/2007 17:03 <REP> . 05/06/2007 17:03 <REP> .. 05/07/2004 09:30 <REP> Actions 03/08/2006 10:57 <REP> Adobe 15/01/2007 12:01 <REP> Adverts 27/12/2005 17:40 <REP> ArcSoft 24/09/2003 15:09 <REP> AvRack 27/03/2007 17:20 <REP> BoontyGames 15/06/2006 10:13 <REP> CCleaner 08/03/2006 17:02 <REP> Common Files 24/09/2003 11:58 <REP> ComPlus Applications 27/03/2007 09:06 <REP> Fichiers communs 05/06/2007 17:37 <REP> FlashGet 06/03/2006 18:46 <REP> F-Secure 31/05/2006 16:57 <REP> GammonEmpire 05/06/2007 17:37 <REP> Google 14/03/2007 16:04 <REP> Graphex3 04/06/2007 11:25 <REP> HardwareDetection 21/01/2004 12:52 <REP> Hewlett-Packard 29/09/2003 15:12 <REP> ImageServer 11/10/2004 09:14 <REP> Infobel 05/06/2007 17:37 <REP> Internet Explorer 09/11/2005 16:27 <REP> Iomega 26/05/2007 09:03 <REP> Java 01/10/2003 14:35 <REP> Kapitol 28/11/2003 14:52 <REP> Kodak 10/03/2006 10:20 <REP> Kyocera Mita 16/01/2007 09:33 <REP> Lavasoft 29/03/2007 17:24 <REP> LimeWire 06/03/2006 11:58 <REP> McAfee 06/03/2006 17:27 <REP> Messenger 26/05/2007 09:04 <REP> Messenger Plus! Live 08/03/2006 18:54 <REP> MessengerPlus! 3 09/06/2006 14:54 <REP> microsoft frontpage 04/10/2004 16:20 <REP> Microsoft Office 09/06/2006 14:58 <REP> Microsoft Visual Studio 31/05/2007 17:08 <REP> Mio Technology 29/09/2004 10:30 <REP> Movie Maker 26/05/2007 09:17 <REP> Mozilla Firefox 24/09/2003 11:58 <REP> MSN Gaming Zone 05/06/2007 17:40 <REP> MSN Messenger 07/06/2006 16:54 <REP> MSXML 4.0 29/09/2004 10:26 <REP> NetMeeting 26/06/2006 10:30 <REP> Nikon 25/05/2007 18:37 <REP> ODS 10/10/2005 11:20 <REP> Odyssée 14/12/2006 18:17 <REP> Outlook Express 08/03/2006 17:49 <REP> Panda Software 03/12/2003 18:25 <REP> PC-Linq 29/09/2003 15:12 <REP> PhotoDeluxe HE 3.0 08/03/2006 19:11 <REP> QuickTime 29/09/2004 09:13 <REP> Real 24/09/2003 15:09 <REP> Realtek Sound Manager 03/12/2003 19:12 <REP> Samsung 08/03/2006 17:41 <REP> Securitoo 24/09/2003 12:00 <REP> Services en ligne 26/05/2007 09:17 <REP> SiteAdvisor 05/06/2007 16:56 <REP> Spybot - Search & Destroy 07/01/2004 18:09 <REP> Ulead Systems 27/09/2006 08:55 <REP> VideoLAN 30/03/2007 18:44 <REP> Windows Media Connect 2 30/03/2007 18:49 <REP> Windows Media Player 29/09/2004 10:26 <REP> Windows NT 05/06/2007 16:57 <REP> WinRAR 24/09/2003 12:02 <REP> xerox 01/06/2007 14:28 <REP> Yahoo! 0 fichier(s) 0 octets 66 Rép(s) 24 178 524 160 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 3073-C498 Répertoire de C:\Program Files\fichiers communs 27/03/2007 09:06 <REP> . 27/03/2007 09:06 <REP> .. 14/03/2005 17:04 <REP> Adobe 27/03/2007 09:06 <REP> BOONTY Shared 04/10/2004 16:22 <REP> Designer 27/12/2005 17:42 <REP> InstallShield 25/06/2004 15:10 <REP> Java 11/10/2004 09:14 <REP> Kapitol 28/11/2003 14:53 <REP> KODAK 27/07/2006 17:45 <REP> Microsoft Shared 24/09/2003 11:59 <REP> MSSoap 26/06/2006 10:30 <REP> Nikon 24/09/2003 12:51 <REP> ODBC 21/04/2006 09:26 <REP> Panda Software 29/09/2004 09:14 <REP> Real 24/09/2003 11:59 <REP> Services 27/10/2004 17:32 <REP> Softwin 24/09/2003 12:51 <REP> SpeechEngines 21/01/2004 12:53 <REP> SWF Studio 14/12/2006 18:17 <REP> System 29/09/2004 09:14 <REP> xing shared 0 fichier(s) 0 octets 21 Rép(s) 24 178 524 160 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 3073-C498 Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 24/09/2003 15:05 <REP> . 24/09/2003 15:05 <REP> .. 18/05/2001 17:57 561 209 MSONSEXT.DLL 03/06/1999 14:09 122 937 MSOWS409.DLL 07/03/2001 09:00 127 033 MSOWS40c.DLL 18/03/1999 06:37 593 977 RAGENT.DLL 4 fichier(s) 1 405 156 octets 2 Rép(s) 24 178 524 160 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 3073-C498 Répertoire de C:\Program Files\common files 08/03/2006 17:02 <REP> . 08/03/2006 17:02 <REP> .. 08/03/2006 17:02 <REP> Scanner 24/09/2003 17:16 <REP> System 0 fichier(s) 0 octets 4 Rép(s) 24 178 524 160 octets libres Le volume dans le lecteur C n'a pas de nom. Le numéro de série du volume est 3073-C498 Répertoire de C:\ 12/05/2007 18:22 68 096 diff.exe 12/05/2007 18:22 103 424 grep.exe 31/10/2005 17:56 700 416 StubInstaller.exe 24/05/2001 13:59 162 304 UNWISE.EXE 4 fichier(s) 1 034 240 octets 0 Rép(s) 24 178 520 064 octets libres c:\Documents and Settings\All Users\Application Data\Gram size part more\RemoteClock.exe c:\Documents and Settings\station\.housecall\getMac.exe c:\Documents and Settings\station\.housecall\patch.exe c:\Documents and Settings\station\.housecall\tsc.exe c:\Documents and Settings\station\.limewire\.NetworkShare\LimeWireWin4.12.6-fixed.exe c:\Documents and Settings\station\.limewire\.NetworkShare\LimeWireWinInstaller.exe c:\Documents and Settings\station\Application Data\Adobe\Acrobat\7.0\Updater\AdbeRdr709_fr_FR.exe c:\Documents and Settings\station\Application Data\SLOW THE\2 admin.exe c:\Documents and Settings\station\Bureau\titan6shfr.exe c:\Documents and Settings\station\Bureau\MIO C520\setupfre.exe c:\Documents and Settings\station\Bureau\MIO C520\stinger.exe c:\Documents and Settings\station\Mes documents\aawsepersonal.exe c:\Documents and Settings\station\Mes documents\ccsetup137.exe c:\Documents and Settings\station\Mes documents\Install_Messenger.exe c:\Documents and Settings\station\Mes documents\odyssee_installation.exe c:\Documents and Settings\station\Mes documents\BELHASSEN Lionel2\graphex3\_ISDEL.EXE c:\Documents and Settings\station\Mes documents\BELHASSEN Lionel2\graphex3\SETUP.EXE c:\Documents and Settings\station\Mes documents\JOHN PERSO\flashget_flashget_1.81_francais_10017.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\IE7-WindowsXP-x86-fra.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\LimeWireWin.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\scanner.exe.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\TOPSBDM.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\wrar362.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\Xtremsplit.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\find2.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\station\Mes documents\JOHN PERSO\hijackthis\HijackThis.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\station\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll ****** Fin du rapport DiagHelp
-
Salut, J'ai essayé le scann panda en ligne mais il n'a pas le temps de terminer qu'internet explorer plante soudainement (envoyer le rapport d'erreur à microsoft). Avant de se terminer j'ai constaté qu'il avait trouver un logiciel espion. Qu'en penses tu ? ps c'est depuis que j'ai ce "virus" qu'internet explorer plante.
-
Merci de ta réponse rapide. Apparement il le detecte sur le fichier "A0175964.dll" qui se trouve dans C:\\System Volume Information\-restore{08D....... \ Je vais faire tout se que tu m'as dit et jte donnerais les resultats dans la soirée. Merci de ton aide
-
Coucou, Voila moi aussi je viens car j'ai quelques souci avec ce win32:ctx. Voici le rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 18:12:24, on 04/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Securitoo\av_fw\fswsclds.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\SiteAdvisor\6021\SAService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\htpatch.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe C:\Program Files\SiteAdvisor\6021\SiteAdv.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Kyocera Mita\FileUtility\NsCatCom.exe C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\station\Mes documents\JOHN PERSO\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pagesjaunes.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: (no name) - {C1C043D9-3083-DADA-73DA-9B217F02D758} - (no file) O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe" O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6021\SiteAdv.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: MioSync.lnk = C:\Program Files\Mio Technology\MioSync\mioSync.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: Scanner File Utility.lnk = ? O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - file:///C:/Program%20Files/ODS/EGN/HTC/dfPrint/dataFloat/print/smsx.cab O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - http://vscanasap.mondsi.com/VS2/bin/myCioAgt.20051122181307.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by134fd.bay134.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/289c673fc4f72849bd15/netzip/RdxIE601_fr.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6A1EA3A1-2258-4121-ADEB-43D57AE14BBB}: NameServer = 193.252.19.3,193.252.19.4 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt4.5.0.464.dll O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O20 - AppInit_DLLs: sockspy.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe O23 - Service: Service de protection contre les virus et les logiciels espions McAfee (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6021\SAService.exe J'attends votre aide au plus vite. Merci d'avance ! IsseL
-
Ok désolé, c'est comme ci c'était fait
-
Coucou, Je viens car moi aussi j'ai quelques souci avec win32:ctx. Voici le rapport hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 18:12:24, on 04/06/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16441) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Securitoo\av_fw\fswsclds.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\SiteAdvisor\6021\SAService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\htpatch.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe C:\Program Files\SiteAdvisor\6021\SiteAdv.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\Kyocera Mita\FileUtility\NsCatCom.exe C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\station\Mes documents\JOHN PERSO\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pagesjaunes.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: (no name) - {C1C043D9-3083-DADA-73DA-9B217F02D758} - (no file) O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe" O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6021\SiteAdv.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: MioSync.lnk = C:\Program Files\Mio Technology\MioSync\mioSync.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O4 - Global Startup: Scanner File Utility.lnk = ? O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Advanced) - file:///C:/Program%20Files/ODS/EGN/HTC/dfPrint/dataFloat/print/smsx.cab O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - http://vscanasap.mondsi.com/VS2/bin/myCioAgt.20051122181307.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by134fd.bay134.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/289c673fc4f72849bd15/netzip/RdxIE601_fr.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{6A1EA3A1-2258-4121-ADEB-43D57AE14BBB}: NameServer = 193.252.19.3,193.252.19.4 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\MyRmProt4.5.0.464.dll O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6021\SiteAdv.dll O20 - AppInit_DLLs: sockspy.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe O23 - Service: Service de protection contre les virus et les logiciels espions McAfee (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6021\SAService.exe J'attends votre aide au plus vite. Merci d'avance !