Aller au contenu

dimdim

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    20

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    francais

dimdim's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. dimdim
    Merci pour tout Falkra. L"installation du sp1 ce sera pas pour tout se suite. Surtout ne sachant pas faire d'image disque pour sauvegarder mon pc, et n'ayant pas l'update de proposé sur microsoft update... Ceci n'est pas grave si j'attend? je suppose qu'elle n'est pas indispensable et puis mon pc marche tres bien comme ça Encore merci a vous communauté d'helpers! je ferme le sujet, ou du moins je v essayer.
  2. dimdim
    MErci pour toutes tes réponses. On peut faire une image disque avec daemon tools ou bien isobuster? Connais tu les etapes et pourrais tu me les donner? Merci. Je pense faire ma mise a jour SP1 apres la sauvegarde. Par contre je me suis apercu que dans windows update ( via Demarrer) il n'y a pas le service pack 1 qui m'est proposé. est ce normal? faut il aller le chercher manuellement comme tu me la indiqué plus ahut ?
  3. dimdim
    Ok je vois. Et est ce que cette installation ( à risques?) est une nécessité? Ou plutot ,qu'apporte t' elle de mieux niveau performance ou autre? J'espere que mes questions ne t'exasperent pas mais je préfére avoir toutes les cartes en main avant de faire quelque chose qui m'apparait comme assez important tout de même. Si je décide de le faire, alors la procédure est aussi simple que tu me la indiqué? C'est a dire, sur le site windows update>SP1? Derniere question : combien de temps prend l'installation normalement ? Merci
  4. dimdim
    euh je sais pas pour le SP1 de vista. c'est une affirmation? Il faut que je l'installe moi meme? Ou bien est ce possible qu'il soit deja installé sur ma machine? Qu'est ce que ça change ? (est ce une mise a jour?) et surtout ou puis je le trouver? et comment l'installer? lol. toutes infos est bonne a prendre ^^ bonne nuit et merci de ta future réponse qui j'espere, m'aidera autant que celles d'avant l'on fait !
  5. dimdim
    Oui je n'ai plus aucune fenetre depuis ce matin et tout va bien ! est ce fini ? Merci beaucoup pour ton aide Falkra, je t'en suis infiniment reconnaissant J'admire le boulot que vous faites vous les helpers ! Merciiii !
  6. dimdim
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:50:32, on 06/09/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16711) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\explorer.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = ? O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O13 - Gopher Prefix: O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Gestion de l'alimentation de l'adaptateur réseau interne Dell (nicconfigsvc) - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 7548 bytes Ah voila qui me semble mieux Je sors, je verrais donc ta réponse en rentrant.
  7. dimdim
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:59:04, on 04/09/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16711) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\ProgramData\enmxwbyr\mpqtuxwj.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\ehome\ehtray.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Users\dimitri\AppData\Local\Temp\6.tmp.exe C:\Windows\System32\dgxwrery.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wuauclt.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Users\dimitri\AppData\Local\Temp\c.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\Explorer.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=5080820 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [ActMonUi] C:\Windows\system32\dgxwrery.exe O4 - HKCU\..\Run: [somefox] C:\Users\dimitri\AppData\Local\Temp\6.tmp.exe O4 - HKLM\..\Policies\Explorer\Run: [VBmup9jKUZ] C:\ProgramData\enmxwbyr\mpqtuxwj.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = ? O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resou...NPUpldfr-fr.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O23 - Service: McAfee Application Installer Cleanup (0000501220529474) (0000501220529474mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\000050~1.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Gestion de l'alimentation de l'adaptateur réseau interne Dell (nicconfigsvc) - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9982 bytes _______________________________________________________ Peux tu noter qu'à chacun des lancement de rapports de HJT j'ai deux fenetres qui s'ouvrent en anglais. De plus est ce normal que le nombre apres "End of file" ne change pas depuis un moment et reste à 9982 bytes? A toi de jouer
  8. dimdim
    peut etre n'as tu pas lu ce message que j'ai posté hier. ^^ Ca m'etonnes que tu ne l'ai pas vu sur le scan que j'ai installé antivir. Apres, McAfee n'a peeut etre pas ete totalement désinstallé. si c le cas, sais tu comment le désinstaller pour ne plus en entendre parler ? merci
  9. dimdim
    c'etait une version préinstallée. un des plus fins en la matiere? tu parles du virus ?
  10. dimdim
    Malwarebytes' Anti-Malware 1.26 Version de la base de données: 1118 Windows 6.0.6000 06/09/2008 00:11:30 mbam-log-2008-09-06 (00-11-30).txt Type de recherche: Examen rapide Eléments examinés: 41087 Temps écoulé: 2 minute(s), 45 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Je vais me coucher. je verrais certainement ta réponse demain, alors, a demain
  11. dimdim
    Pas de problème, recherche rapide en cours...
  12. dimdim
    Pour info j'ai fais deux examens complet hier et j'ai supprimer toute ma quarantaine comme on me l'avait dit. Dois je quand meme effectuer l'examen MABAM?
  13. dimdim
    Combofix ComboFix 08-09-04.09 - dimitri 2008-09-05 23:35:32.3 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2506 [GMT 2:00] Endroit: C:\Users\dimitri\Desktop\ComboFix.exe Command switches used :: C:\Users\dimitri\Desktop\CFScript.txt * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\ProgramData\WebCfgProc C:\ProgramData\WebCfgProc\uzwxkvmt.exe . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-08-05 to 2008-09-05 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier cr‚‚ dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-05 21:41 --------- d-----w C:\Users\dimitri\AppData\Roaming\uTorrent 2008-09-05 15:49 --------- d-----w C:\Program Files\Apple Software Update 2008-09-04 23:48 --------- d-----w C:\ProgramData\Avira 2008-09-04 23:48 --------- d-----w C:\Program Files\Avira 2008-09-04 23:43 --------- d-----w C:\ProgramData\McAfee 2008-09-04 21:58 --------- d-----w C:\Program Files\iTunes 2008-09-04 21:57 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-04 21:43 --------- d-----w C:\Program Files\SpeedFan 2008-09-04 20:50 --------- d-----w C:\Program Files\iPod 2008-09-04 20:49 --------- d-----w C:\Program Files\Bonjour 2008-09-04 19:45 691 ----a-w C:\Users\dimitri\AppData\Roaming\GetValue.vbs 2008-09-04 19:45 35 ----a-w C:\Users\dimitri\AppData\Roaming\SetValue.bat 2008-09-04 19:45 3,386 ----a-w C:\Windows\System32\tmp.reg 2008-09-04 18:27 --------- d-----w C:\ProgramData\Microsoft Help 2008-09-04 18:27 --------- d-----w C:\Program Files\Microsoft Works 2008-09-04 18:25 --------- d-----w C:\Program Files\MSBuild 2008-09-04 17:53 454 ----a-w C:\Users\dimitri\AppData\Roaming\wklnhst.dat 2008-09-04 16:53 --------- d-----w C:\ProgramData\Lavasoft 2008-09-04 16:50 --------- d-----w C:\Program Files\Lavasoft 2008-09-04 16:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-09-04 16:39 --------- d-----w C:\Program Files\Common Files\Logitech 2008-09-04 13:58 --------- d-----w C:\Program Files\Trend Micro 2008-09-04 13:48 --------- d-----w C:\Program Files\CCleaner 2008-09-04 11:09 --------- d-----w C:\Users\dimitri\AppData\Roaming\Malwarebytes 2008-09-04 11:09 --------- d-----w C:\ProgramData\Malwarebytes 2008-09-04 11:09 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware 2008-09-04 04:44 --------- d-----w C:\Program Files\Panda Security 2008-09-04 04:26 --------- d-----w C:\ProgramData\sysdb 2008-09-04 03:17 --------- d-----w C:\ProgramData\eMule 2008-09-04 00:18 --------- d-----w C:\Program Files\Bit Che 2008-09-03 23:42 --------- d-----w C:\Users\dimitri\AppData\Roaming\Convivea 2008-09-03 22:33 13,119 ----a-w C:\Users\dimitri\AppData\Roaming\nvModes.dat 2008-09-03 11:44 --------- d-----w C:\Program Files\EA GAMES 2008-09-03 10:59 --------- d-----w C:\Program Files\Rockstar Games 2008-09-02 21:58 88,576 ----a-w C:\Windows\System32\AntiXPVSTFix.exe 2008-09-02 14:51 86,528 ----a-w C:\Windows\System32\VACFix.exe 2008-09-01 22:16 38,528 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys 2008-09-01 22:16 17,200 ----a-w C:\Windows\system32\drivers\mbam.sys 2008-09-01 19:11 --------- d-----w C:\Program Files\DAEMON Tools Lite 2008-09-01 19:01 --------- d-----w C:\Program Files\Logitech 2008-09-01 18:57 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-09-01 16:54 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys 2008-09-01 16:54 --------- d-----w C:\Users\dimitri\AppData\Roaming\DAEMON Tools 2008-09-01 16:43 --------- d-----w C:\Program Files\Smart Projects 2008-08-31 17:43 --------- d-----w C:\Users\dimitri\AppData\Roaming\Apple Computer 2008-08-31 17:43 --------- d-----w C:\ProgramData\Apple Computer 2008-08-31 17:42 --------- d-----w C:\Program Files\QuickTime 2008-08-31 17:39 --------- d-----w C:\ProgramData\Apple 2008-08-31 17:39 --------- d-----w C:\Program Files\Common Files\Apple 2008-08-31 16:39 --------- d-----w C:\Program Files\Google 2008-08-31 15:33 --------- d-----w C:\Program Files\Common Files\Adobe 2008-08-31 13:53 --------- d-----w C:\Users\dimitri\AppData\Roaming\Ahead 2008-08-30 23:00 --------- d-----w C:\Program Files\Dell 2008-08-30 16:33 --------- d-----w C:\Program Files\IrfanView 2008-08-29 19:12 --------- d-----w C:\Program Files\RocketDock 2008-08-28 20:53 --------- d-----w C:\Program Files\Alwil Software 2008-08-28 20:36 82,432 ----a-w C:\Windows\System32\IEDFix.C.exe 2008-08-28 20:14 --------- d-----w C:\Users\dimitri\AppData\Roaming\PeerNetworking 2008-08-27 12:51 --------- d-----w C:\ProgramData\Ahead 2008-08-27 12:50 --------- d-----w C:\Program Files\Common Files\Ahead 2008-08-27 12:47 --------- d-----w C:\ProgramData\Nero 2008-08-27 12:47 --------- d-----w C:\Program Files\Nero 2008-08-27 03:42 --------- d-----w C:\Program Files\Common Files\Nero 2008-08-27 01:47 --------- d-----w C:\Users\dimitri\AppData\Roaming\Nero 2008-08-26 23:33 --------- d-----w C:\Users\dimitri\AppData\Roaming\Roxio 2008-08-26 20:05 --------- d-----w C:\Program Files\Winamp 2008-08-26 00:37 --------- d-----w C:\ProgramData\Dell 2008-08-25 21:39 --------- d-----w C:\Users\dimitri\AppData\Roaming\Template 2008-08-25 20:20 --------- d-----w C:\Program Files\XP Codec Pack 2008-08-25 18:45 --------- d-----w C:\Program Files\uTorrent 2008-08-25 18:01 --------- d-----w C:\ProgramData\Messenger Plus! 2008-08-25 15:51 174 --sha-w C:\Program Files\desktop.ini 2008-08-25 13:54 --------- d-----w C:\Program Files\Windows Mail 2008-08-25 11:09 --------- d-----w C:\Users\dimitri\AppData\Roaming\Logitech 2008-08-25 11:05 0 ---ha-w C:\Windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf 2008-08-25 11:02 --------- d-----w C:\ProgramData\Logitech 2008-08-25 11:01 --------- d-----w C:\Users\dimitri\AppData\Roaming\InstallShield 2008-08-25 11:01 --------- d-----w C:\ProgramData\LogiShrd 2008-08-25 10:56 --------- d-----w C:\Users\dimitri\AppData\Roaming\vlc 2008-08-25 10:53 --------- d-----w C:\Program Files\VideoLAN 2008-08-25 10:44 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-08-25 10:32 --------- d-----w C:\Program Files\Windows Live 2008-08-25 10:29 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller 2008-08-25 10:18 --------- d-----w C:\ProgramData\WLInstaller 2008-08-25 09:46 --------- d-----w C:\Program Files\MSXML 4.0 2008-08-25 08:57 --------- d-sh--w C:\ProgramData\Modèles 2008-08-25 08:57 --------- d-sh--w C:\ProgramData\Menu Démarrer 2008-08-25 08:57 --------- d-sh--w C:\ProgramData\Favoris 2008-08-25 08:57 --------- d-sh--w C:\ProgramData\Documents 2008-08-25 08:57 --------- d-sh--w C:\ProgramData\Bureau 2008-08-25 08:57 --------- d-sh--w C:\ProgramData\Application Data 2008-08-25 08:57 --------- d-sh--w C:\Program Files\Fichiers communs 2008-08-20 23:14 --------- d-----w C:\Program Files\Synaptics 2008-08-20 23:10 806,400 ----a-w C:\Windows\system32\drivers\tcpip.sys 2008-08-20 23:09 83,968 ----a-w C:\Windows\System32\dnsrslvr.dll 2008-08-20 23:09 41,984 ----a-w C:\Windows\system32\drivers\monitor.sys 2008-08-20 23:09 24,576 ----a-w C:\Windows\System32\dnscacheugc.exe 2008-08-20 23:09 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys 2008-08-20 23:07 5,120 ----a-w C:\Windows\System32\wmi.dll 2008-08-20 23:07 152,576 ----a-w C:\Windows\System32\imagehlp.dll . ((((((((((((((((((((((((((((( snapshot_2008-09-05_18.40.17.35 ))))))))))))))))))))))))))))))))))))))))) . - 2008-09-05 16:33:15 406,248 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat + 2008-09-05 21:37:55 406,248 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat - 2008-09-05 16:35:28 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-09-05 21:40:04 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT - 2008-09-05 16:35:27 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-09-05 21:40:03 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-09-05 21:40:03 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2008-09-05 16:35:14 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-09-05 21:39:51 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-09-05 16:35:14 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-09-05 21:39:51 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-09-05 16:35:14 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-09-05 21:39:51 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-09-04 22:21:46 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat + 2008-09-05 21:35:25 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat - 2008-09-04 23:49:00 103,924 ----a-w C:\Windows\System32\perfc009.dat + 2008-09-05 19:57:40 103,924 ----a-w C:\Windows\System32\perfc009.dat - 2008-09-04 23:49:01 117,572 ----a-w C:\Windows\System32\perfc00C.dat + 2008-09-05 19:57:40 117,572 ----a-w C:\Windows\System32\perfc00C.dat - 2008-09-04 23:49:01 610,142 ----a-w C:\Windows\System32\perfh009.dat + 2008-09-05 19:57:40 610,142 ----a-w C:\Windows\System32\perfh009.dat - 2008-09-04 23:49:01 690,832 ----a-w C:\Windows\System32\perfh00C.dat + 2008-09-05 19:57:40 690,832 ----a-w C:\Windows\System32\perfh00C.dat - 2008-09-04 23:44:53 5,422 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1725229292-2677776937-4082657244-1000_UserData.bin + 2008-09-05 19:53:15 5,494 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1725229292-2677776937-4082657244-1000_UserData.bin - 2008-09-04 23:44:53 57,434 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-09-05 19:53:14 58,628 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-09-04 23:44:45 40,674 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-09-05 19:53:05 42,682 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 202544] "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2008-08-25 267056] "RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [2007-09-02 495616] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-20 815104] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2008-08-20 77824] "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184] "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2008-03-11 202544] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064] "Dell QuickSet"="C:\Program Files\Dell\QuickSet\QuickSet.exe" [2007-04-27 1123872] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 C:\Windows\KHALMNPR.Exe] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2008-08-20 50688] QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2008-08-20 45056] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2008-08-20 17:55 10536 C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.ffds"= ffdshow.ax "msacm.ac3filter"= ac3filter.acm [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk] path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk backup=C:\Windows\pss\Logitech Desktop Messenger.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk] path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk backup=C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner] --a------ 2008-07-29 15:41 1213680 C:\Program Files\CCleaner\CCleaner.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate] --a------ 2008-03-11 13:44 16384 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter] --a------ 2008-02-29 06:18 17920 C:\DELL\E-Center\EULALauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] --a------ 2006-11-02 14:35 125440 C:\Windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] --a------ 2008-08-20 17:49 29744 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2008-05-28 08:27 570664 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService] --------- 2007-05-02 19:16 184320 C:\Program Files\Dell\MediaDirect\PCMService.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] --a------ 2007-04-11 15:32 56080 C:\Windows\KHALMNPR.Exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp] --a------ 2007-02-08 07:11 303104 C:\Windows\sttray.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{C1099313-61DF-400E-A544-AD3C1E0123A0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{0829BAFB-7B45-4997-ABB4-C8279E19A5FF}"= UDP:4000:emule "{9A4B8732-D5D0-47AD-8542-3F2A4ABDCACB}"= TCP:4001:emule "{0470757B-6527-4ACC-8F3D-4B2CCD46F3E8}"= UDP:C:\Program Files\eMule\emule.exe:eMule "{1F8A1BB4-E033-4355-8A9A-E5DC84524B02}"= TCP:C:\Program Files\eMule\emule.exe:eMule "{1DCB447B-B2D4-41A7-95C0-0AE1B046A2B4}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{1BB9F6A5-FE99-43B6-85AF-1EB1880CCFB1}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "{C5449F94-CDFF-4A5D-B1B2-94C8DFCA259F}"= UDP:C:\Program Files\eMule\emule.exe:eMule "{7018AD7B-DFD3-43A2-9BCB-35B962FEF116}"= TCP:C:\Program Files\eMule\emule.exe:eMule "{26C254AD-0C75-40BB-9A70-655956733422}"= UDP:4000:emule "{5EC56CBF-CE0B-4B7F-8768-B627EC78F66F}"= TCP:4001:emule "{A1A63F4B-3D38-4EA5-B4AA-0846C4C2CB93}"= UDP:C:\Program Files\XP Codec Pack\filters\ac3config.exe:AC3 Filter "{C92BCFD1-0A89-4341-B1A1-81A2E09A4FD9}"= TCP:C:\Program Files\XP Codec Pack\filters\ac3config.exe:AC3 Filter "TCP Query User{593E2D26-E13E-4660-A447-5498925D697F}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:µTorrent "UDP Query User{BC4AA93B-36CD-4138-9985-4E944BF9B8DD}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:µTorrent "{DEE2E7B3-7820-4EFB-9387-C50B29429128}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{079F5735-46EA-4B45-B1BA-EA551C97A09B}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour "{E10762FB-B5B5-4707-AA7B-5D048A82FF20}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{336F82E9-C741-44F1-94B1-D77150DF440A}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "DoNotAllowExceptions"= 0 (0x0) R0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot.sys [2008-06-19 28544] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936] S3 GoToAssist;GoToAssist;C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe Start=service [ ] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-05 23:40:26 Windows 6.0.6000 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\audiodg.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\System32\IoctlSvc.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe C:\Windows\System32\drivers\XAudio.exe C:\Program Files\Dell\QuickSet\NicConfigSvc.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe C:\Windows\System32\conime.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\System32\wbem\WMIADAP.exe C:\Windows\System32\dllhost.exe . ************************************************************************** . Temps d'accomplissement: 2008-09-05 23:45:03 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-05 21:44:56 ComboFix2.txt 2008-09-05 16:41:13 ComboFix3.txt 2008-09-04 22:26:47 Pre-Run: Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application. Post-Run: 63,054,819,328 octets libres 280 --- E O F --- 2008-08-26 10:39:31 Hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:59:04, on 04/09/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16711) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\ProgramData\enmxwbyr\mpqtuxwj.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\ehome\ehtray.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Users\dimitri\AppData\Local\Temp\6.tmp.exe C:\Windows\System32\dgxwrery.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\wuauclt.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Users\dimitri\AppData\Local\Temp\c.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\Explorer.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=5080820 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [ActMonUi] C:\Windows\system32\dgxwrery.exe O4 - HKCU\..\Run: [somefox] C:\Users\dimitri\AppData\Local\Temp\6.tmp.exe O4 - HKLM\..\Policies\Explorer\Run: [VBmup9jKUZ] C:\ProgramData\enmxwbyr\mpqtuxwj.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe O4 - Global Startup: QuickSet.lnk = ? O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resou...NPUpldfr-fr.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O23 - Service: McAfee Application Installer Cleanup (0000501220529474) (0000501220529474mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\000050~1.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Gestion de l'alimentation de l'adaptateur réseau interne Dell (nicconfigsvc) - Dell Inc. - C:\Program Files\Dell\QuickSet\NicConfigSvc.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 9982 bytes
  14. dimdim
    j'ai un message qd je lance combofix : there is newer version of combofix available. would you like to update combofix? yes no. je fais quoi ?
  15. dimdim
    si je refais la manip, ça va encore redemarrer mon pc et du coup ouvrir les programmes alors quil faut pas pdt le scan. je le fais quand meme? je vais le refaire mais peux tu me dire par quoi je suis infecté? merci de répondre
×
×
  • Créer...