Aller au contenu

fifibabe

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    32

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par fifibabe

  1. fifibabe
    Désolé d'avoir mélangé les posts et les genres... On peu donc commencer par mon ordi perso, celui du taf attendra ! J'ai retrouvé combo... Comme tu le vois dans le post précédent je n'arrive pas à supprimer les lignes en gras (échec ou normal) si tu à la solution... Mon antivir AVG me signale à l'ouverture un cheval de trois au jolie nom de : Généric11.ADC (je ne savais que les trojans portait des noms de médoc ! et les moi cher en plus !!! je me détends.... Voici son emplacement d'après AVG : c:\système Volume Information\_restore {8A1EF756-6737-4B92-B70B-B95C32DB308}-RP135\A0031542.exe En te remerciant de nouveau. RAPPORT COMBO : ComboFix 08-08-30.01 - t 2008-08-30 21:35:05.4 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.631 [GMT 2:00] Endroit: C:\Documents and Settings\t\Bureau\ComboFix.exe * Resident AV is active AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . ((((((((((((((((((((((((((((( Fichiers créés 2008-07-28 to 2008-08-30 )))))))))))))))))))))))))))))))))))) . 2008-08-29 22:08 . 2008-08-30 00:06 <REP> d-------- C:\Program Files\ma-config.com 2008-08-29 22:08 . 2008-08-30 00:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com 2008-08-28 19:20 . 2008-08-28 22:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-08-28 00:31 . 2008-08-28 00:33 <REP> d-------- C:\Program Files\NMapWin 2008-08-27 17:49 . 2008-08-27 17:52 <REP> d-------- C:\Program Files\RegCleaner 2008-08-27 00:54 . 2008-08-30 21:30 <REP> d--h----- C:\$AVG8.VAULT$ 2008-08-27 00:42 . 2008-08-30 21:08 <REP> d-------- C:\WINDOWS\system32\drivers\Avg 2008-08-27 00:42 . 2008-08-27 00:58 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-08-27 00:42 . 2008-08-27 00:58 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-08-27 00:42 . 2008-08-27 00:58 12,936 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys 2008-08-27 00:42 . 2008-08-27 00:58 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-08-27 00:41 . 2008-08-27 00:41 <REP> d-------- C:\Program Files\AVG 2008-08-27 00:41 . 2008-08-27 00:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-08-27 00:41 . 2008-08-27 00:58 45,568 --a------ C:\WINDOWS\system32\avgfwdx.dll 2008-08-27 00:41 . 2008-08-27 00:58 23,296 --a------ C:\WINDOWS\system32\drivers\avgfwdx.sys 2008-08-26 23:16 . 2008-08-26 23:35 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2008-08-26 22:07 . 2008-08-26 22:07 <REP> d-------- C:\Documents and Settings\t\Application Data\Malwarebytes 2008-08-26 22:07 . 2008-08-26 22:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-26 20:52 . 2008-08-26 21:33 <REP> d-------- C:\WINDOWS\BDOSCAN8 2008-08-26 19:15 . 2008-08-30 18:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-08-26 18:19 . 2008-08-26 18:19 <REP> d-------- C:\Program Files\Trend Micro 2008-08-25 20:56 . 2008-08-27 18:25 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-25 20:50 . 2008-08-25 20:50 <REP> d-------- C:\Documents and Settings\Philippe\LimeWire 2008-08-25 20:49 . 2008-08-25 20:57 <REP> d-------- C:\Documents and Settings\t\Application Data\LimeWire 2008-08-25 00:04 . 2008-08-25 00:04 <REP> d-------- C:\Documents and Settings\Philippe\Updater5 2008-08-24 20:37 . 2008-08-24 20:37 <REP> d-------- C:\NP 2008-08-24 18:38 . 2008-07-25 15:51 13,576 --a------ C:\WINDOWS\system32\wnaspi32.dll 2008-08-24 15:52 . 2007-04-27 17:54 40,960 --a------ C:\WINDOWS\exitwx.exe 2008-08-24 15:46 . 2008-08-24 15:46 80,750,592 -r-h----- C:\WINDOWS\dcdisk0_0 2008-08-24 15:46 . 2008-08-24 15:46 4,204,544 -r-h----- C:\WINDOWS\dclog.bin 2008-08-24 15:46 . 2008-08-24 15:46 0 --a------ C:\WINDOWS\dclock.dc 2008-08-24 15:07 . 2008-08-24 15:10 <REP> d-------- C:\Program Files\Runtime Software 2008-08-23 22:42 . 2008-08-23 22:42 15,397 --a------ C:\Program Files\settings.dat 2008-08-23 22:35 . 2008-08-23 22:35 <REP> d-------- C:\Documents and Settings\Philippe\AdobeStockPhotos 2008-08-23 22:35 . 2008-08-23 22:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-08-21 23:15 . 2008-08-21 23:15 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Tor 2008-08-21 23:00 . 2008-08-21 23:00 43,276 --a------ C:\plist.dat 2008-08-21 22:52 . 2000-09-29 18:00 8,784 --a------ C:\WINDOWS\F_France.gpl 2008-08-21 01:03 . 2008-08-21 01:03 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Windows Desktop Search 2008-08-21 01:02 . 2008-08-21 01:17 <REP> d-------- C:\Program Files\Windows Desktop Search 2008-08-21 00:58 . 2008-07-18 22:09 29,896 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-08-21 00:26 . 2008-08-25 21:22 <REP> d-------- C:\Documents and Settings\Simon\Contacts 2008-08-21 00:01 . 2008-08-21 00:01 0 --a------ C:\WINDOWS\system32\FOXIT_PDF 2008-08-20 23:46 . 2008-08-20 23:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage 2008-08-20 23:41 . 2008-08-25 23:20 <REP> d-------- C:\Program Files\Fichiers communs\Adobe 2008-08-20 23:39 . 2008-08-25 22:27 <REP> d-------- C:\Documents and Settings\t\Mes documents 2008-08-20 23:37 . 2008-08-23 23:22 <REP> d-------- C:\Program Files\NOS 2008-08-20 23:37 . 2008-08-23 23:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\NOS 2008-08-20 23:00 . 2008-08-20 23:00 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Softland 2008-08-20 22:58 . 2008-03-27 15:42 7,477 --a------ C:\WINDOWS\system32\dopdf6.ctm 2008-08-19 16:47 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll 2008-08-19 16:47 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-08-19 02:38 . 2008-08-29 14:27 <REP> d-------- C:\Documents and Settings\Simon\Application Data\LimeWire 2008-08-18 22:01 . 2008-08-18 22:11 <REP> d-------- C:\Program Files\Windows Live 2008-08-18 19:14 . 2008-08-18 19:14 <REP> d-------- C:\Program Files\iPod 2008-08-07 19:59 . 2008-08-07 19:59 <REP> d-------- C:\Program Files\Inventel 2008-07-21 23:04 . 2008-07-22 00:00 <REP> d-------- C:\Program Files\Windows Privacy Tools 2008-07-21 23:04 . 2008-07-21 23:09 <REP> d-------- C:\Documents and Settings\Simon\Application Data\GnuPG 2008-07-15 21:56 . 2008-08-24 22:16 <REP> d-------- C:\Documents and Settings\Philippe\Travail 2008-07-15 21:55 . 2008-07-15 21:56 <REP> d-------- C:\Documents and Settings\Philippe\Perso 2008-07-15 21:54 . 2008-07-15 21:54 <REP> d-------- C:\Documents and Settings\Philippe\Archives XL 2008-07-15 21:54 . 2008-07-15 21:54 <REP> d-------- C:\Documents and Settings\Philippe\Archives PB 2008-07-08 22:28 . 2008-08-19 01:16 <REP> d-------- C:\Program Files\Uplink 2008-07-08 22:20 . 2008-08-28 22:23 <REP> d-------- C:\Documents and Settings\t\Application Data\OpenOffice.org2 2008-07-08 22:18 . 2008-07-08 22:18 <REP> d-------- C:\Program Files\OpenOffice.org 2.4 2008-07-08 20:58 . 2008-07-08 20:58 <REP> d-------- C:\Documents and Settings\Simon\Application Data\Allume Systems 2008-07-08 13:40 . 2008-07-08 13:40 <REP> d-------- C:\Program Files\FLV Player 2008-07-08 13:34 . 2008-07-08 13:34 <REP> d-------- C:\Program Files\Smart Projects 2008-07-07 00:07 . 2008-07-07 00:07 <REP> d-------- C:\Program Files\@stake 2008-07-06 23:32 . 2008-07-06 23:32 13,192 --a------ C:\WINDOWS\system32\drivers\ndis3pkt.sys 2008-07-06 00:50 . 2008-08-26 18:40 <REP> d-------- C:\Program Files\CCleaner 2008-07-05 23:28 . 2008-07-05 23:28 <REP> d-------- C:\Documents and Settings\Simon\Application Data\.wyzo 2008-07-05 00:12 . 2008-07-05 00:40 <REP> d-------- C:\Program Files\xchat 2008-07-05 00:12 . 2008-07-05 00:40 <REP> d-------- C:\Documents and Settings\Simon\Application Data\X-Chat 2 2008-07-04 23:59 . 2008-07-06 00:38 <REP> d-------- C:\Documents and Settings\Simon\Application Data\mIRC 2008-07-04 10:38 . 2001-03-20 08:40 11,235 --a------ C:\WINDOWS\system32\drivers\packet.sys 2008-07-01 13:19 . 2008-07-01 13:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-30 17:00 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-24 12:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-08-21 20:56 796,672 ----a-w C:\WINDOWS\GPInstall.exe 2008-08-18 20:10 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-08-18 20:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-08-18 17:21 --------- d-----w C:\Program Files\Apple Software Update 2008-08-18 17:14 --------- d-----w C:\Program Files\iTunes 2008-08-18 17:13 --------- d-----w C:\Program Files\QuickTime 2008-07-21 20:40 --------- d-----w C:\Program Files\S2SaTstrat 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll 2008-07-07 20:28 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-07-05 22:54 --------- d-----w C:\Program Files\Yahoo! 2008-07-02 20:13 --------- d-----w C:\Program Files\Acunetix 2008-06-24 16:44 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-23 16:28 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-06-20 17:47 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-01 07:13 68,224 ----a-w C:\WINDOWS\system32\WanPacket.dll 2008-06-01 07:13 53,299 ----a-w C:\WINDOWS\system32\pthreadVC.dll 2008-06-01 07:13 240,248 ----a-w C:\WINDOWS\system32\wpcap.dll 2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll 2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll 2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll 2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll 2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll 2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll 2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll 2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll 2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll 2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll 2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll 2008-05-22 22:22 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe 2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll 2008-05-22 22:20 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll 2008-05-22 22:20 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll 2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll 2008-05-22 22:19 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll 2008-05-22 22:19 161,096 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe 2008-05-22 22:18 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll 2008-05-13 01:53 129,784 ------w C:\WINDOWS\system32\PxAFS.DLL 2008-05-13 01:53 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe 2008-05-13 01:53 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe 2008-05-09 10:55 90,112 ----a-w C:\WINDOWS\system32\wshext.dll 2008-05-09 10:55 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll 2008-05-09 10:55 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll 2008-05-09 10:55 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll 2008-05-09 08:45 135,168 ----a-w C:\WINDOWS\system32\cscript.exe 2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe 2008-05-07 05:11 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll 2008-03-23 18:00 47,360 ----a-w C:\Documents and Settings\t\Application Data\pcouffin.sys 2008-02-02 18:45 22 ----a-w C:\Documents and Settings\Simon\zipnew.dat 2008-02-02 18:45 20 ----a-w C:\Documents and Settings\Simon\rarnew.dat 2007-09-20 17:35 99,840 ----a-w C:\Documents and Settings\Simon\Uninstall.exe 2007-09-20 17:34 936,960 ----a-w C:\Documents and Settings\Simon\WinRAR.exe 2007-09-20 17:34 317,952 ----a-w C:\Documents and Settings\Simon\Rar.exe 2007-09-20 17:34 203,776 ----a-w C:\Documents and Settings\Simon\UnRAR.exe 2007-09-20 17:34 129,024 ----a-w C:\Documents and Settings\Simon\RarExt.dll 2006-12-23 16:37 44,032 ----a-w C:\Documents and Settings\Simon\RarExtLoader.exe 2006-12-11 01:14 43,008 ----a-w C:\Documents and Settings\Simon\RarExt64.dll 2005-01-26 11:55 1,703,936 ----a-r C:\Documents and Settings\Simon\GdiPlus.dll 2005-01-26 11:54 499,712 ----a-r C:\Documents and Settings\Simon\msvcp71.dll 2005-01-26 11:54 348,160 ----a-r C:\Documents and Settings\Simon\msvcr71.dll 2001-08-23 15:47 92,672 ----a-w C:\Documents and Settings\Simon\oeimprt.dll 2001-08-23 15:47 24,576 ----a-w C:\Documents and Settings\Simon\_perfos.dll 1998-07-12 22:00 82,944 ----a-w C:\Documents and Settings\VB98\ADDSCCFR.DLL 1998-07-12 22:00 802,816 ----a-w C:\Documents and Settings\VB98\VISDATA.EXE 1998-07-12 22:00 540,672 ----a-w C:\Documents and Settings\VB98\DATAVIEW.DLL 1998-07-12 22:00 33,040 ----a-w C:\Documents and Settings\VB98\REPVBRC.DLL 1998-07-12 22:00 1,127,184 ----a-w C:\Documents and Settings\VB98\VB6IDE.DLL 1998-06-25 22:00 462,901 ----a-w C:\Documents and Settings\VB98\LINK.EXE 1998-06-24 22:00 1,880,064 ----a-w C:\Documents and Settings\VB98\VB6.EXE 1998-06-19 22:00 1,701,648 ----a-w C:\Documents and Settings\VB98\VBA6.DLL 1998-06-17 22:00 81,979 ----a-w C:\Documents and Settings\VB98\CVPACK.EXE 1998-06-17 22:00 31,504 ----a-w C:\Documents and Settings\VB98\VB6DEBUG.DLL 1998-06-16 22:00 667,648 ----a-w C:\Documents and Settings\VB98\C2.EXE 1998-06-16 22:00 180,276 ----a-w C:\Documents and Settings\VB98\MSPDB60.DLL 1998-06-12 22:00 286,480 ----a-w C:\Documents and Settings\VB98\REPVB.DLL 1998-06-10 22:00 22,800 ----a-w C:\Documents and Settings\VB98\REPVBTIM.DLL 1998-05-21 22:00 77,312 ----a-w C:\Documents and Settings\VB98\ADDSCCUS.DLL 1998-05-21 22:00 277,504 ----a-w C:\Documents and Settings\VB98\VBSCC.DLL 1998-05-06 22:00 159,798 ----a-w C:\Documents and Settings\VB98\MSDIS110.DLL . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 12:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-08-25 13:52 339968] "RoxWatchTray"="C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" [2006-03-15 08:44 163840] "DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-05-22 06:20 122940] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784] "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 17:50 221184] "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50 81920] "type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 11:46 196608] "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2005-03-24 01:26 217088] "DLPSP"="C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE" [2007-07-25 15:25 393944] "DLUPDR"="C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE" [2007-02-22 00:38 140184] "AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 20:42 116040] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-05-27 10:50 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 10:47 289064] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-27 00:58 1235736] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 12:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\WINDOWS\\system32\\java.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Documents and Settings\\Simon\\Tools\\APE\\AEMANAGR.EXE"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Valve Lan\\hl.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Documents and Settings\\VB98\\VB6.EXE"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Documents and Settings\\Simon\\Mes documents\\Informatique\\Tor\\tor.exe"= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\Logging] "LogSuccessfulConnections"= 0 (0x0) "LogDroppedPackets"= 0 (0x0) "LogFileSize"= 0 (0x0) "LogFilePath"= R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-08-27 00:58] R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-27 00:58] R1 hwinterface;hwinterface;C:\WINDOWS\system32\Drivers\hwinterface.sys [2007-09-23 22:45] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-27 00:58] R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-08-27 00:58] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-08-27 00:58] R2 DLSDB;Dell Printer Status Database;C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE [2006-12-07 16:52] R2 vnccom;vnccom;C:\WINDOWS\system32\Drivers\vnccom.SYS [2004-06-26 15:22] R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-08-27 00:58] S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-08-27 00:58] S3 HDJCtrl;Hercules DJ Control MP3 Service;C:\WINDOWS\system32\Drivers\HDJCtrl.sys [2005-07-29 15:06] S3 HDJMidi;Hercules DJ Console MIDI;C:\WINDOWS\system32\DRIVERS\HDJMidi.sys [2005-08-15 11:43] S3 NDIS3Pkt;NDIS 3.0 Packet Driver;C:\WINDOWS\system32\drivers\ndis3pkt.sys [2008-07-06 23:32] S3 packet_2.1;Packet Driver v2.1;C:\WINDOWS\system32\drivers\packet.sys [2001-03-20 08:40] S3 RT80x86;Ralink 802.11n Wireless Driver;C:\WINDOWS\system32\DRIVERS\RT2860.sys [] S4 Boonty Games;Boonty Games;C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe [] . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' 2008-08-18 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\t\Application Data\Mozilla\Firefox\Profiles\le2s3chx.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://orange.fr FF -: plugin - C:\Documents and Settings\Simon\Mes documents\DivX Content Uploader\npUpload.dll FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-30 21:37:27 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-08-30 21:38:39 ComboFix-quarantined-files.txt 2008-08-30 19:38:28 ComboFix2.txt 2008-08-29 20:24:46 ComboFix3.txt 2008-08-28 21:45:55 Pre-Run: 72,928,759,808 octets libres Post-Run: 72,913,399,808 octets libres 276 --- E O F --- 2008-08-27 12:09:38 RAPPORT HJ : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:21:21, on 30/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE C:\PROGRA~1\AVG\AVG8\avgam.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.17.0.1:3128 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [DLPSP] "C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE" O4 - HKLM\..\Run: [DLUPDR] "C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1190787653515 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1197212596609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing) O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing) O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing) -- End of file - 9630 bytes
  2. fifibabe
    Ok Chrifleur, Voici le rapport de mon pc perso pour avis après avoir respecter la procédure de Mégataupe... Je n'ai plus combo, peut-tu me le renvoyer pour que je te fasse un nouveau rapport si tu le juge utile... Voici donc un nouveau rapport pour avis de suppression des lignes en gras : MERCI Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:16:21, on 30/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.17.0.1:3128 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [DLPSP] "C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE" O4 - HKLM\..\Run: [DLUPDR] "C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1190787653515 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1197212596609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing) O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing) O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing) -- End of file - 9765 bytes
  3. fifibabe
    Hi Falkra Merci de me répondre aussi vite, effectivement j'ai oublié de proposer à la suppression la ligne que tu me donne. En mode normal je fixe les lignes mais elles reviennent au prochain scan de HJ. En mode sans echec je fixe les lignes et là il me demande de redémarrer pour que la suppression soit prise en compte seulement le redémarrage est long et j'ai forcer le démarrage ( pas bien tu vas me dire, dois-je attendre le démarrage normal ? J'ai attendu environ 5' avant de forcer et en mode normal après scan de HJ les lignes réapparaissent... Un conseil pour virer ces lignes définitivement Dank...
  4. fifibabe
    Bonjour à tous, Voici deux rapports (antivir & HJ) après avoir scrupuleusement respecté le pré-nettoyage de MEGATAUPE. Pouvez-vous me donner votre avis, en vous remerciant par avance de vos conseils... De plus dans le rapport HJ, j'aimerai supprimer (j'ai coché et fixé les lignes mais elle réapparaissent ensuite) qqs lignes qui,je pense, ne serve plus elle concernent d'anciennes actions de recherche de virus avec spydoctor, bidef. Ainsi que DPF que je n'utilise plus, ces lignes sont en rouge. CONFIG : XP SP3 MOZILLA AVG 8 LICENCE RAPPORT ANTIVIR Avira AntiVir Personal Report file date: samedi 30 août 2008 15:41 Scanning for 1582788 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Save mode Username: t Computer name: B-4GYA8E2Y9J4Y9 Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 11:37:20 ANTIVIR2.VDF : 7.0.6.60 2802176 Bytes 24/08/2008 11:37:31 ANTIVIR3.VDF : 7.0.6.92 195584 Bytes 29/08/2008 11:37:34 Engineversion : 8.1.1.23 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.68 315770 Bytes 30/08/2008 11:37:50 AESCN.DLL : 8.1.0.23 119156 Bytes 30/08/2008 11:37:49 AERDL.DLL : 8.1.0.20 418165 Bytes 30/08/2008 11:37:49 AEPACK.DLL : 8.1.2.1 364917 Bytes 30/08/2008 11:37:47 AEOFFICE.DLL : 8.1.0.22 192890 Bytes 30/08/2008 11:37:46 AEHEUR.DLL : 8.1.0.50 1388918 Bytes 30/08/2008 11:37:45 AEHELP.DLL : 8.1.0.15 115063 Bytes 30/08/2008 11:37:43 AEGEN.DLL : 8.1.0.36 315764 Bytes 30/08/2008 11:37:42 AEEMU.DLL : 8.1.0.7 430452 Bytes 30/08/2008 11:37:40 AECORE.DLL : 8.1.1.8 172406 Bytes 30/08/2008 11:37:37 AEBB.DLL : 8.1.0.1 53617 Bytes 30/08/2008 11:37:35 AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50 AVREP.DLL : 8.0.0.2 98344 Bytes 30/08/2008 11:37:35 AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: samedi 30 août 2008 15:41 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 11 processes with 11 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! [WARNING] Paramètre incorrect. Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '30' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\Nircmd.exe [DETECTION] Contains detection pattern of the application APPL/NirCmd.E.2.B [NOTE] A backup was created as '492b5a7b.qua' ( QUARANTINE ) [NOTE] The file was deleted! End of the scan: samedi 30 août 2008 17:00 Used time: 1:18:51 min The scan has been done completely. 10062 Scanning directories 330348 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 1 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 330347 Files not concerned 2575 Archives were scanned 2 Warnings 1 Notes RAPPORT HJ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:12:57, on 30/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.17.0.1:3128 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [DLPSP] "C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE" O4 - HKLM\..\Run: [DLUPDR] "C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1190787653515 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1197212596609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing) O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing) O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing) O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing) -- End of file - 10201 bytes
  5. fifibabe
    Bonjour Chrifleur, Merci de t'occuper de "mon cas"... j'effectue les manips soit demain matin ou lundi, je te tiens au courant dés que c'est fait... Je me permet d'abuser un peu et te joint un rapport HJ concernant mon ordi perso. J'ai déjà fait qqs manip avec qqs logiciels de désinfections (antivir, spydoc, spyaware, et combofix pour finir...) Je me croyait débarrasser mais mon antivirus m'alerte à l'ouverture d'une session (trojan généric 11 ADC je crois !!) Merci de me donner ton avis... Mon système : XP PRO SP3 MOZILLA AVG LICENCE COMPLETE 8.0.169 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:45:40, on 29/08/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgfws8.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.17.0.1:3128 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [DLPSP] "C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE" O4 - HKLM\..\Run: [DLUPDR] "C:\Program Files\Dell Printers\Additional Color Laser Software\Updater\DLUPDR.EXE" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_Suite] "C:\Program Files\Steganos Security Suite 6\sss.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_SAFE] "C:\Program Files\Steganos Security Suite 6\safe.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [sSS6_SPM] "C:\Program Files\Steganos Security Suite 6\spm.exe" /booting (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1190787653515 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1197212596609 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Program Files\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing) O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing) O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe (file missing) -- End of file - 10199 bytes
  6. fifibabe
  7. fifibabe
    Bonjour à tous, Voici un rapport HJ, pour avis. Je vous précise que c'est un ordi prof avec une connexion direct au web et que je travaille sur mon DD et pas sur le réseau de l'entreprise, nous avons MCAFFE que je ne peux désactiver. Le serveur enregistre les modification de mon bureau uniquement. En vous remerciant. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:03:32, on 29/08/2008 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINNT\system32\DRIVERS\dcfssvc.exe C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe C:\WINNT\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe C:\WINNT\system32\srksrv.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtTry.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F2 - REG:system.ini: UserInit=Userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyagtTry.exe" O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [MVS Splash] "C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1189154485231 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1197037585571 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = mairie.local O17 - HKLM\System\CCS\Services\Tcpip\..\{FE2A690C-4C89-42FC-B4A1-40230F7DA8C7}: NameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = mairie.local O23 - Service: Service Bonjour (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dcfssvc (Dcfssvc) - Eastman Kodak Company - C:\WINNT\system32\DRIVERS\dcfssvc.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: EngineServer - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe O23 - Service: Service de protection contre les virus et les logiciels espions McAfee (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe O23 - Service: PoliceService - Unknown owner - C:\WINNT\system32\srksrv.exe -- End of file - 5219 bytes
×
×
  • Créer...