Aller au contenu

screwd

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    17

  • Inscription

  • Dernière visite

Visiteurs récents du profil

1 397 visualisations du profil

screwd's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. screwd

    numéricable

    screwd a posté un sujet dans Internet & Réseaux

    Bonjour, depuis 48h, connexion impossible à hotmail, sncf, msn, depuis tous les pc connectés à mon routeur dlink. Sa config (au routeur) est inchangée depuis plusieurs semaines, suis je le seul à qui cela arrive ? quelle manip (ping, ipconfig netstat?) pour verifier que ca vient bien de chez eux ? Merci !
  2. screwd

    kubuntu

    screwd a répondu à un(e) sujet de screwd dans OS alternatifs

    bonsoir, non malheureusement, mais je vais chercher des betas dont un ami m'a parlé. Je suis repassé sur unbuntu normal (gnome). En revanche, impossible d'éxécuter ta commande 256JMAN, permission non accordée, meme en root@XXX-desktop....
  3. screwd

    kubuntu

    screwd a posté un sujet dans OS alternatifs

    Bonjour, Jai un peu de mal sous kubuntu. 1. Mes disques nfts auriez vous une manip pour les monter svp? Périphérique Amorce Début Fin Blocs Id Système /dev/sdb1 1 18506 148641792 7 HPFS/NTFS /dev/sdb2 * 18507 19953 11623027+ 83 Linux /dev/sdb3 19954 20023 562275 5 Extended /dev/sdb5 19954 20023 562243+ 82 Linux swap / Solaris par ailleurs, je viens d'apprends que ma carte soublaster xfi n'etait pas supporté, ai je un moyen autre pour avoir du son ? (jai toujours besoin de la carte branchée pour vista). mERCI !
  4. screwd

    Bureau à distance

    screwd a répondu à un(e) sujet de screwd dans Internet & Réseaux

    oui, j'ai bien configuré le routeur, ce screen je lai eu sur le net, cest pour illustrer l'endroit ou je met ces infos . je vais aussi essayer dans filter applications, qui sait, regardez ce que dit dlink ici : http://www.dlink.fr/?go=gNTyP9CnptFMIC4ASt...18Zt+3eb4K0FdA= mais bon, pour toutes mes autres appli, cest virtual server normalement qui redirige les ports. Pas de proxy, mon admin reseau dit que ca devrait fonctionner, jarrrive à pinger l'adresse en plus.
  5. screwd
    Bonjour, Je suis un peu perdu. J'essaies d'accéder depuis mon PC A (xp-au boulot) à un pc B (vista-chez moi derriere routeur dlink) en bureau à distance J'ai configuré la partie virtual server de mon routeur pour qu'il accepte les connexions TCP du port 3389. Ca crée automatiquement une regle dans le fw du routeur. et pourtant.... pas moyen de me connecter a un compte propriétaire. Meme avec le fw vista desactivé... Des pistes? merci d'avance
  6. screwd

    Codecs, Fraps et surrogate

    screwd a répondu à un(e) sujet de screwd dans Software

    merci lord, ffdshow, un pack pour les mkv et tou va mieux !
  7. screwd

    Codecs, Fraps et surrogate

    screwd a répondu à un(e) sujet de screwd dans Software

    jai trouvé un élément de réponse ici!
  8. screwd
    edit : jai trouvé la réponse au pbleme de surrogate ici !
  9. screwd
    Bonjour Gof. Tout d'abord merci mille fois pour tes réponses, et pour ta pédagogie Antivir semble fonctionner normalement. Il se met à jour très régulièrement. Mes erreurs doivent être dues à des problemes de compatibilité de codecs. Encore merci pour ton aide !
  10. screwd
    ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, January 17, 2008 7:55:42 AM Operating System: Microsoft Windows Vista Home Edition, (Build 6000) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 16/01/2008 Kaspersky Anti-Virus database records: 513295 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ D:\ E:\ F:\ Scan Statistics: Total number of scanned objects: 201297 Number of viruses found: 1 Number of infected objects: 3 Number of suspicious objects: 0 Duration of the scan process: 01:39:06 Infected Object Name / Virus Name / Last Action C:\Boot\BCD Object is locked skipped C:\Boot\BCD.LOG Object is locked skipped C:\Program Files\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Program Files\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped C:\Program Files\SmitfraudFix.exe RarSFX: infected - 2 skipped C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9575565cfdda5f6f28d088bfdadb2bd0_cd3eb991-61ae-4894-8603-79ca7cd20418 Object is locked skipped C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.52.Crwl Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.52.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010001.ci Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010001.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010001.wsb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010002.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010003.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010004.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010005.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010006.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010007.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010008.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010009.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010011.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles010020.wid Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\Used0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.000 Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk1.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.chk2.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy34.gthr Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\Ntf83BF.tmp Object is locked skipped C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\Ntf83C0.tmp Object is locked skipped C:\ProgramData\Microsoft\Windows Defender\Support\MPLog-11022006-050241.log Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\pending.dat Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_3CC6_695_C606_4F96\dfsr.db Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_3CC6_695_C606_4F96\fsr.log Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_3CC6_695_C606_4F96\fsrtmp.log Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Messenger\[email protected]\SharingMetadata\Working\database_3CC6_695_C606_4F96\tmp.edb Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012008011720080118\index.dat Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\UsrClass.dat{7eeeef91-7286-11dc-b254-001d60586deb}.TM.blf Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\UsrClass.dat{7eeeef91-7286-11dc-b254-001d60586deb}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows\UsrClass.dat{7eeeef91-7286-11dc-b254-001d60586deb}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows Live Contacts\[email protected]\real\members.stg Object is locked skipped C:\Users\proprietaire\AppData\Local\Microsoft\Windows Live Contacts\[email protected]\shadow\members.stg Object is locked skipped C:\Users\proprietaire\AppData\Local\Temp\~DF6852.tmp Object is locked skipped C:\Users\proprietaire\AppData\Local\Temp\~DF6A2B.tmp Object is locked skipped C:\Users\proprietaire\AppData\Local\Temp\~DFF2C.tmp Object is locked skipped C:\Users\proprietaire\AppData\Local\Temp\~DFF36.tmp Object is locked skipped C:\Users\proprietaire\AppData\Roaming\Microsoft\Windows\Cookies\index.dat Object is locked skipped C:\Users\proprietaire\NTUSER.DAT Object is locked skipped C:\Users\proprietaire\ntuser.dat.LOG1 Object is locked skipped C:\Users\proprietaire\ntuser.dat.LOG2 Object is locked skipped C:\Users\proprietaire\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped C:\Users\proprietaire\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Users\proprietaire\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\Debug\PASSWD.LOG Object is locked skipped C:\Windows\Debug\sam.log Object is locked skipped C:\Windows\Debug\WIA\wiatrace.log Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Object is locked skipped C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WindowsUpdate.log Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT Object is locked skipped C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 Object is locked skipped C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG2 Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG2 Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TM.blf Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 Object is locked skipped C:\Windows\System32\catroot2\edb.log Object is locked skipped C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Object is locked skipped C:\Windows\System32\config\COMPONENTS Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG1 Object is locked skipped C:\Windows\System32\config\COMPONENTS.LOG2 Object is locked skipped C:\Windows\System32\config\DEFAULT Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG1 Object is locked skipped C:\Windows\System32\config\DEFAULT.LOG2 Object is locked skipped C:\Windows\System32\config\RegBack\COMPONENTS Object is locked skipped C:\Windows\System32\config\RegBack\DEFAULT Object is locked skipped C:\Windows\System32\config\RegBack\SAM Object is locked skipped C:\Windows\System32\config\RegBack\SECURITY Object is locked skipped C:\Windows\System32\config\RegBack\SOFTWARE Object is locked skipped C:\Windows\System32\config\RegBack\SYSTEM Object is locked skipped C:\Windows\System32\config\SAM Object is locked skipped C:\Windows\System32\config\SAM.LOG1 Object is locked skipped C:\Windows\System32\config\SAM.LOG2 Object is locked skipped C:\Windows\System32\config\SECURITY Object is locked skipped C:\Windows\System32\config\SECURITY.LOG1 Object is locked skipped C:\Windows\System32\config\SECURITY.LOG2 Object is locked skipped C:\Windows\System32\config\SOFTWARE Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG1 Object is locked skipped C:\Windows\System32\config\SOFTWARE.LOG2 Object is locked skipped C:\Windows\System32\config\SYSTEM Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG1 Object is locked skipped C:\Windows\System32\config\SYSTEM.LOG2 Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.0.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.1.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.2.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834b7-750c-494d-bdc3-da86b6e2101a}.TxR.blf Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TM.blf Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000001.regtrans-ms Object is locked skipped C:\Windows\System32\config\TxR\{250834B7-750C-494d-BDC3-DA86B6E2101B}.TMContainer00000000000000000002.regtrans-ms Object is locked skipped C:\Windows\System32\LogFiles\Scm\SCM.EVM Object is locked skipped C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTm.blf Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000001 Object is locked skipped C:\Windows\System32\Msdtc\KtmRmTmContainer00000000000000000002 Object is locked skipped C:\Windows\System32\spool\SpoolerETW.etl Object is locked skipped C:\Windows\System32\wbem\Logs\WMITracing.log Object is locked skipped C:\Windows\System32\wbem\Repository\INDEX.BTR Object is locked skipped C:\Windows\System32\wbem\Repository\MAPPING1.MAP Object is locked skipped C:\Windows\System32\wbem\Repository\MAPPING2.MAP Object is locked skipped C:\Windows\System32\wbem\Repository\OBJECTS.DATA Object is locked skipped C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.002 Object is locked skipped C:\Windows\System32\wfp\wfpdiag.etl Object is locked skipped C:\Windows\System32\winevt\Logs\Application.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\DFS Replication.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\HardwareEvents.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Internet Explorer.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Key Management Service.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Media Center.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Bits-Client%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-CodeIntegrity%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Diagnosis-DPS%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-DriverFrameworks-UserMode%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-International%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-LanguagePackSetup%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-NetworkAccessProtection%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-ReliabilityAnalysisComponent%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Detector%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Leak-Diagnostic%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-RestartManager%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-TaskScheduler%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-UAC-FileVirtualization%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WindowsUpdateClient%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Microsoft-Windows-WLAN-AutoConfig%4Operational.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Security.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\Setup.evtx Object is locked skipped C:\Windows\System32\winevt\Logs\System.evtx Object is locked skipped C:\Windows\Tasks\SCHEDLGU.TXT Object is locked skipped C:\Windows\WindowsUpdate.log Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.
  11. screwd
    erf, le scan terminé, ie me dit que par sécurité, il deplace le fichier txt dans les fichiers temporaires. Impossible de remettre la main dessus !
  12. screwd
    :P (à suivre ...) :P
  13. screwd
    Bonjour, Depuis quelques temps jai des problemes de codecs (je pense que ca vient d'eux). J'ai installé vlc, le lazypack mkv et les codecs divx. (vista 32) VLC me lit 99% de mess videos sans soucis. Hier sur crysis, jai lancé un fraps, et le fichier avi qui en résulte ne se lance pas avec vlc. Chose bizarre, l'icone du fichier montre bien la premiere image de la video. Par ailleurs, parfois quand j'ouvre un dossier plein de video, jai une erreur surrogate. Jai desactivé la prévention d'execution depuis. Quel pack installer une bonne fois pour toute ? merci d'avance
  14. screwd
    Deckard's System Scanner v20071014.68 Run by proprietaire on 2008-01-15 20:12:49 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- Last 5 Restore Point(s) -- 20: 2008-01-15 18:43:36 UTC - RP196 - Installation du package de pilote logiciel : NVIDIA Cartes graphiques 19: 2008-01-15 18:15:02 UTC - RP195 - Installed GameSpy Comrade. 18: 2008-01-15 18:06:54 UTC - RP194 - DirectX est installé 17: 2008-01-15 17:51:50 UTC - RP192 - Installed Crysis®. 16: 2008-01-15 17:51:10 UTC - RP191 - Installé Microsoft Visual C++ 2005 Redistributable -- First Restore Point -- 1: 2008-01-01 04:35:44 UTC - RP176 - Point de contrôle planifié Backed up registry hives. Performed disk cleanup. -- HijackThis (run as proprietaire.exe) ---------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:14:00, on 15/01/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\CTXFIHLP.EXE C:\Windows\System32\CTHELPER.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Windows\System32\rundll32.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\System32\CTXFISPI.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Users\proprietaire\Desktop\dss.exe C:\Windows\system32\conime.exe C:\PROGRA~1\HIJACK~1\proprietaire.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ O1 - Hosts: ::1 localhost O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe -- End of file - 3736 bytes -- HijackThis Fixed Entries (C:\PROGRA~1\HIJACK~1\backups\) -------------------- backup-20071114-210842-154 O13 - Gopher Prefix: backup-20071118-135432-133 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll backup-20071118-135432-139 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = backup-20071118-135432-182 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 backup-20071118-135432-209 O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') backup-20071118-135432-238 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 backup-20071118-135432-271 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 backup-20071118-135432-277 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe backup-20071118-135432-368 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 backup-20071118-135432-458 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 backup-20071118-135432-470 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = backup-20071118-135432-538 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') backup-20071118-135432-967 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') backup-20071118-162539-225 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = backup-20071118-162539-257 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime backup-20071118-162539-435 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) backup-20071118-162539-445 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = backup-20071118-162539-620 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = backup-20071122-212105-628 O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll backup-20071122-212105-645 O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll backup-20071122-212105-993 O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?') backup-20071226-150204-237 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe backup-20071226-150204-320 O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe backup-20071226-150204-412 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 backup-20071226-150204-908 O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe backup-20071231-165053-208 O4 - HKLM\..\Run: [saiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe backup-20071231-165053-214 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe backup-20071231-165053-304 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL backup-20071231-165053-428 O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe backup-20071231-165053-603 O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe backup-20071231-165053-752 O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe backup-20071231-165053-839 O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe -- File Associations ----------------------------------------------------------- .reg - regfile - shell\open\command - "regedit.exe" "%1" -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- S3 SeratoUsb (SeratoUsb driver) - c:\windows\system32\drivers\seratousb.sys <Not Verified; Cristalink Ltd; Serato USB Device Driver> -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler> R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service> -- Device Manager: Disabled ---------------------------------------------------- Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller Device ID: PCI\VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12\4&18BA0AA4&0&00E5 Manufacturer: Marvell Name: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller PNP Device ID: PCI\VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12\4&18BA0AA4&0&00E5 Service: yukonwlh Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318} Description: Clavier standard 101/102 touches ou Microsoft Natural PS/2 Device ID: ACPI\PNP0303\4&23F9C1E3&0 Manufacturer: (Claviers standard) Name: Clavier standard 101/102 touches ou Microsoft Natural PS/2 PNP Device ID: ACPI\PNP0303\4&23F9C1E3&0 Service: i8042prt -- Scheduled Tasks ------------------------------------------------------------- 2008-01-15 14:50:16 432 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{CC1AE056-1B4A-40EA-9686-5D62C2230D62}.job -- Files created between 2007-12-15 and 2008-01-15 ----------------------------- 2008-01-15 19:13:52 0 d-------- C:\Windows\system32\URTTEMP 2008-01-15 19:07:20 669184 --a------ C:\Windows\system32\pbsvc.exe 2008-01-15 18:52:03 0 d-------- C:\Program Files\Electronic Arts 2008-01-13 14:44:12 0 d-------- C:\Program Files\FileZilla FTP Client 2008-01-01 16:17:26 0 d-------- C:\Program Files\eMule 2007-12-31 11:31:50 0 d-------- C:\Program Files\Mozilla Firefox 3 Beta 2 2007-12-29 20:16:45 0 d-------- C:\Windows\system32\Futuremark 2007-12-29 20:16:45 3972 --a------ C:\Windows\system32\drivers\PciBus.sys 2007-12-29 20:16:45 5632 --a------ C:\Windows\system32\drivers\Entech64.sys <Not Verified; EnTech Taiwan; EnTech.sys> 2007-12-29 20:16:45 21664 --a------ C:\Windows\system32\drivers\Entech.sys <Not Verified; EnTech Taiwan; PowerStrip> 2007-12-29 20:15:25 0 d-------- C:\Program Files\Futuremark 2007-12-28 18:17:47 0 d-------- C:\Program Files\Avira 2007-12-23 18:15:44 0 d-------- C:\Program Files\Microsoft.NET 2007-12-23 18:13:30 0 dr-h----- C:\MSOCache 2007-12-15 22:18:59 0 d-------- C:\Program Files\Serato -- Find3M Report --------------------------------------------------------------- 2008-01-15 19:57:30 699984 --a------ C:\Windows\system32\perfh00C.dat 2008-01-15 19:57:30 121814 --a------ C:\Windows\system32\perfc00C.dat 2008-01-15 19:52:03 0 dr-h----- C:\Users\proprietaire\AppData\Roaming\SecuROM 2008-01-13 21:58:47 0 d-------- C:\Users\proprietaire\AppData\Roaming\FileZilla 2008-01-10 20:57:30 0 d-------- C:\Program Files\LD-Anime 2008-01-09 21:12:05 0 d-------- C:\Program Files\Windows Mail 2008-01-09 21:04:54 0 d-------- C:\Program Files\Windows Sidebar 2008-01-09 00:22:36 0 d-------- C:\Users\proprietaire\AppData\Roaming\uTorrent 2008-01-04 11:11:49 0 d-------- C:\Users\proprietaire\AppData\Roaming\Adobe 2007-12-29 20:18:37 86016 --a------ C:\Windows\system32\OpenAL32.dll <Not Verified; Portions © Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL Library> 2007-12-29 20:15:25 0 d--h----- C:\Program Files\InstallShield Installation Information 2007-12-28 01:59:45 0 d-------- C:\Program Files\Google 2007-12-23 18:18:02 0 d-------- C:\Program Files\Common Files 2007-12-08 16:53:22 0 d-------- C:\Users\proprietaire\AppData\Roaming\Ahead 2007-12-08 16:52:30 0 d-------- C:\Program Files\Ahead 2007-12-08 16:52:24 0 d-------- C:\Program Files\Common Files\Ahead 2007-12-08 15:23:57 0 d-------- C:\Program Files\uTorrent 2007-11-25 17:37:34 2070 --a------ C:\Windows\system32\tmp.reg 2007-11-22 21:09:23 1043644 --a------ C:\Program Files\SmitfraudFix.exe 2007-11-19 20:03:11 0 d-------- C:\Program Files\VstPlugins 2007-11-18 22:06:24 0 d-------- C:\Users\proprietaire\AppData\Roaming\Media Player Classic 2007-11-18 12:01:45 0 d-------- C:\Program Files\World of Warcraft 2007-11-11 22:40:01 720 --a------ C:\Windows\mozver.dat 2007-10-23 17:02:02 0 -rahs---- C:\MSDOS.SYS 2007-10-23 17:02:02 0 -rahs---- C:\IO.SYS -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [04/10/2007 20:48] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 00:11] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [02/11/2007 18:36] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [21/03/2007 12:00] "CTxfiHlp"="CTXFIHLP.EXE" [20/09/2007 11:46 C:\Windows\System32\CTXFIHLP.EXE] "CTHelper"="CTHELPER.EXE" [20/09/2007 11:46 C:\Windows\System32\CTHELPER.EXE] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [28/12/2007 18:18] "NvSvc"="C:\Windows\system32\nvsvc.dll" [18/12/2007 19:55] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [18/12/2007 19:55] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [18/12/2007 19:55] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [31/08/2007 15:46] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [02/11/2006 13:35] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"=2 (0x2) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] @="Volume shadow copy" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] @="IEEE 1394 Bus host controllers" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] @="SBP2 IEEE 1394 Devices" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] @="SecurityDevices" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum WindowsMobile wcescomm rapimgr LocalServiceRestricted WcesComm RapiMgr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{88b3ad90-728d-11dc-8b49-806e6f6e6963}] AutoRun\command- D:\AutoRunCD.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dbf831cc-7285-11dc-be9e-806e6f6e6963}] AutoRun\command- D:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e4ab879b-72a5-11dc-8d4e-001d60586deb}] AutoRun\command- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fe57535d-72a7-11dc-be33-806e6f6e6963}] AutoRun\command- C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] C:\Windows\system32\unregmp2.exe /ShowWMP [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI -- Hosts ----------------------------------------------------------------------- 127.0.0.1 hityou.com 127.0.0.1 www.hityou.com 127.0.0.1 180searchassistant.com 127.0.0.1 www.180searchassistant.com 127.0.0.1 180solutions.com 127.0.0.1 www.180solutions.com 127.0.0.1 bis.180solutions.com 127.0.0.1 config.180solutions.com 127.0.0.1 cts.180solutions.com 127.0.0.1 downloads.180solutions.com 7794 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2008-01-15 20:14:34 ------------ Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft® Windows Vista™ Édition Familiale Premium (build 6000) Architecture: X86; Language: French CPU 0: Intel® Core2 Duo CPU E6850 @ 3.00GHz Percentage of Memory in Use: 33% Physical Memory (total/avail): 2046.5 MiB / 1353.39 MiB Pagefile Memory (total/avail): 4328.01 MiB / 3420.8 MiB Virtual Memory (total/avail): 2047.88 MiB / 1933.41 MiB C: is Fixed (NTFS) - 153.38 GiB total, 85.82 GiB free. D: is CDROM (CDFS) E: is Fixed (NTFS) - 189.91 GiB total, 42.01 GiB free. F: is Fixed (NTFS) - 149.05 GiB total, 32.63 GiB free. \\.\PHYSICALDRIVE0 - Hitachi HDS721616PLA380 - 153.38 GiB - 1 partition \PARTITION0 (bootable) - Système de fichiers installable - 153.38 GiB - C: \\.\PHYSICALDRIVE1 - Hitachi HDS721616PLA380 - 149.05 GiB - 1 partition \PARTITION0 - Système de fichiers installable - 149.05 GiB - F: \\.\PHYSICALDRIVE2 - Maxtor 6L200P0 ATA Device - 189.92 GiB - 1 partition \PARTITION0 (bootable) - Système de fichiers installable - 189.91 GiB - E: -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is disabled. AV: Avira AntiVir PersonalEdition v 7.0.1.236 (Avira GmbH) Disabled AS: Avira AntiVir PersonalEdition v 7.0.1.236 (Avira GmbH) Disabled AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\ProgramData APPDATA=C:\Users\proprietaire\AppData\Roaming CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip CommonProgramFiles=C:\Program Files\Common Files COMPUTERNAME=PC ComSpec=C:\Windows\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Users\proprietaire LOCALAPPDATA=C:\Users\proprietaire\AppData\Local LOGONSERVER=\\PC NUMBER_OF_PROCESSORS=2 OS=Windows_NT Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\iTunes\Plug-Ins\Qloud\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel PROCESSOR_LEVEL=6 PROCESSOR_REVISION=0f0b ProgramData=C:\ProgramData ProgramFiles=C:\Program Files PROMPT=$P$G PUBLIC=C:\Users\Public QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip SystemDrive=C: SystemRoot=C:\Windows TEMP=C:\Users\PROPRI~1\AppData\Local\Temp TMP=C:\Users\PROPRI~1\AppData\Local\Temp USERDOMAIN=PC USERNAME=proprietaire USERPROFILE=C:\Users\proprietaire windir=C:\Windows -- User Profiles --------------------------------------------------------------- proprietaire -- Add/Remove Programs --------------------------------------------------------- --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA9944C8-7D34-475E-8C90-2788685B2C47}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x40c /remove 3DMark06 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 6.0.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A00000000001} Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB} Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4} Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE Battlefield 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x40c -removeonly CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe" Creative Audio Console --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove Creative Console Launcher --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x40c /remove Crysis® --> MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4} eMule --> "C:\Program Files\eMule\Uninstall.exe" FileZilla Client 3.0.5.1 --> C:\Program Files\FileZilla FTP Client\uninstall.exe Gestionnaire pour appareils Windows Mobile --> MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917} HijackThis 2.0.2 --> "C:\Program Files\HiJackThis\HijackThis.exe" /uninstall Intel® Matrix Storage Manager --> C:\Windows\System32\Imsmudlg.exe iTunes --> MsiExec.exe /I{E3FEE4E7-4488-4A3F-A6BD-13745936EADB} Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Lame ACM MP3 Codec --> C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\Windows\INF\LameACM.inf Marvell Miniport Driver --> C:\Program Files\Marvell\Miniport Driver\Uninst.exe Matroska Pack - Lazy Man's MKV 1.0.1-alpha6 --> "C:\Program Files\LD-Anime\unins000.exe" Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9111040C-6000-11D3-8CFE-0150048383C9} Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Firefox (3.0b2) --> C:\Program Files\Mozilla Firefox 3 Beta 2\uninstall\helper.exe Nero 6 Demo --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI Oblivion --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x40c -removeonly OpenAL --> "C:\Program Files\OpenAL\OALInst.exe" /U Picasa 2 --> "C:\Program Files\Picasa2\Uninstall.exe" Propriétés de Creative Sound Blaster --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime91\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7AB55EC6-1158-41EF-B87D-90555A8F5C92}\setup.exe" -l0x40c /remove PunkBuster Services --> C:\Windows\system32\pbsvc.exe -u QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121} RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Saitek SD6 Programming Software 6.0.4.1 --> MsiExec.exe /X{F0C26B7B-2AD0-4514-8F3B-7F965428F1A8} Scratch LIVE 1.8 (18048) --> MsiExec.exe /I{3BDFCF84-67A3-4C52-A708-FDD4135CF64C} Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe" TCPMP --> C:\Windows\WindowsMobile\TCPMP\Uninstall.exe TCPMP TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe" VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411} Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -- Application Event Log ------------------------------------------------------- Event Record #/Type14712 / Success Event Submitted/Written: 01/15/2008 08:10:24 PM Event ID/Source: 12001 / usnjsvc Event Description: The Messenger Sharing USN Journal Reader service started successfully. Event Record #/Type14705 / Success Event Submitted/Written: 01/15/2008 07:51:42 PM Event ID/Source: 902 / Software Licensing Service Event Description: Le service de gestion des licences du logiciel a démarré. Event Record #/Type14698 / Success Event Submitted/Written: 01/15/2008 07:51:25 PM Event ID/Source: 5617 / WinMgmt Event Description: Event Record #/Type14696 / Success Event Submitted/Written: 01/15/2008 07:51:18 PM Event ID/Source: 5615 / WinMgmt Event Description: Event Record #/Type14686 / Success Event Submitted/Written: 01/15/2008 07:49:15 PM Event ID/Source: 903 / Software Licensing Service Event Description: Le service de gestion de licences du logiciel s'est arrêté. -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type19510 / Warning Event Submitted/Written: 01/15/2008 07:54:31 PM Event ID/Source: 4 / Client Side Rendering Spooler Event Description: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible. Event Record #/Type19509 / Warning Event Submitted/Written: 01/15/2008 07:54:31 PM Event ID/Source: 4 / Client Side Rendering Spooler Event Description: Le spouleur d’impression n’a pas pu rouvrir une connexion d’imprimante existante car il n’a pas pu lire les informations de configuration dans la clé de Registre S-1-5-18\Printers\Connections. Le spouleur d’impression n’a pas pu ouvrir la clé de Registre. Ceci peut se produire si la clé de Registre est endommagée ou absente, ou si le Registre est momentanément indisponible. Event Record #/Type19432 / Warning Event Submitted/Written: 01/15/2008 07:51:07 PM Event ID/Source: 2511 / Server Event Description: Le service Serveur n'a pas pu recréer le partage Maud car le répertoire C:\Users\proprietaire\Maud n'existe plus. Veuillez exécuter "netshare Maud/supprimer" pour supprimer le partage ou recréer le répertoire C:\Users\proprietaire\Maud. Event Record #/Type19414 / Warning Event Submitted/Written: 01/15/2008 07:49:16 PM Event ID/Source: 4001 / Microsoft-Windows-WLAN-AutoConfig Event Description: Event Record #/Type19331 / Warning Event Submitted/Written: 01/15/2008 07:46:16 PM Event ID/Source: 2511 / Server Event Description: Le service Serveur n'a pas pu recréer le partage Maud car le répertoire C:\Users\proprietaire\Maud n'existe plus. Veuillez exécuter "netshare Maud/supprimer" pour supprimer le partage ou recréer le répertoire C:\Users\proprietaire\Maud. -- End of Deckard's System Scanner: finished at 2008-01-15 20:14:34 ------------
  15. screwd
    Bonjour, Merci de vous pencher sur mon cas. Je suis juste un récent utilisateur de Vista, encore pas tout à fait au point. J'ai des arrets de rundll32.exe et de surrogate fréquents, j'ai désactivé (à regret) la Prévention de l'exécution des données pour l'instant, mais jai bien l'intention de régler d'ou vient le problème, alors jai pensé à une éventuelle infection.
×
×
  • Créer...