Aller au contenu

myckael39

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    8

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par myckael39

  1. myckael39
    Ok, je te remercie beaucoup
  2. myckael39
    Merci beaucoup pour ton aide, j'étais a deux doigts de tout formater Je m'intéresserais ces lectures un peu plus tard Sinon, pour autocad, tu n'aurais pas une idée? Quand j'essaie d'ouvrir, une fenêtre s'affiche : Impossible d'exécuter autocad. ceci peut être provoques par l'un des raisons suivantes : 1) Cette version d'autocad LT n'a pas été installé correctement. dans ce cas, vous pouvez réinstaller autocad LT 2) vous ne disposez pas des droits requis pour exécuter Autocad LT j'ai déja réinstaller autocad, et toujours le même problème
  3. myckael39
    MBAM ne signale aucune infections : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4203 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 16/06/2010 11:22:28 mbam-log-2010-06-16 (11-22-28).txt Type d'examen: Examen rapide Elément(s) analysé(s): 129189 Temps écoulé: 5 minute(s), 21 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  4. myckael39
    A priori, le problème de bande passante est résolu edit : nos messages se sont croisés, je suis tes nouvelles instructions
  5. myckael39
    désolé pour le temps de réponse, mais je me connecte sur un pc qui n'est pas le mien et qui est déja utilisé. le rapport : Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Error: file "C:\WINDOWS\system32\drivers\wbtfeybj.sys" not found! Deletion of file "C:\WINDOWS\system32\drivers\wbtfeybj.sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: could not open driver "wbtfeybj.sys" Disablement of driver "wbtfeybj.sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Driver "wbtfeybj" disabled successfully. Driver "wbtfeybj" deleted successfully. Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\wbtfeybj.sys" not found! Deletion of driver "wbtfeybj.sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "HKEY_LOCAL_MACHINE\System\ControlSet004\Services\wbtfeybj" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\System\ControlSet004\Services\wbtfeybj" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Completed script processing. ******************* Finished! Terminate.
  6. myckael39
    Je n'ai pas trouvé d'installation de combofix sur mon pc. J'ai supprimé le repertoire et le fichier exe que tu m'as demandés et j'ai relancé MBAM Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4202 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 16/06/2010 10:00:34 mbam-log-2010-06-16 (10-00-34).txt Type d'examen: Examen rapide Elément(s) analysé(s): 128916 Temps écoulé: 5 minute(s), 10 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\drivers\wbtfeybj.sys (Rootkit.Agent) -> Delete on reboot. Sinon, j'ai plus accés a autocad, mais je pense plutot que c'est du au technicien qui est venu trafiquer dans msconfig...
  7. myckael39
    merci pour ta réponse rapide : tout d'abord, voici le rapport combofix : ComboFix 10-06-15.02 - Administrateur 16/06/2010 8:26.3.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.3071.2594 [GMT 2:00] Lancé depuis: F:\ComboFix.exe AV: Bitdefender Antivirus *On-access scanning enabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\xpsp1hfm.log . ((((((((((((((((((((((((((((( Fichiers créés du 2010-05-16 au 2010-06-16 )))))))))))))))))))))))))))))))))))) . 2010-06-16 06:06 . 2010-06-16 06:06 -------- d-----w- c:\program files\Conduit 2010-06-16 06:06 . 2010-06-16 06:06 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Conduit 2010-06-16 06:06 . 2010-06-16 06:07 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Softonic_France 2010-06-16 06:06 . 2010-06-16 06:06 -------- d-----w- c:\program files\Softonic_France 2010-06-16 06:06 . 2010-03-16 16:11 52224 ----a-w- c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\h71pwe24.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\components\FFExternalAlert.dll 2010-06-16 06:06 . 2010-03-16 16:11 101376 ----a-w- c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\h71pwe24.default\extensions\{4daac69c-cba7-45e2-9bc8-1044483d3352}\components\RadioWMPCore.dll 2010-06-16 05:27 . 2010-06-16 05:27 -------- d-----w- c:\windows\system32\wbem\Repository 2010-06-10 15:17 . 2010-06-16 05:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-25 11:05 . 2010-05-25 11:05 503808 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6749d459-n\msvcp71.dll 2010-05-25 11:05 . 2010-05-25 11:05 499712 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6749d459-n\jmc.dll 2010-05-25 11:05 . 2010-05-25 11:05 348160 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-6749d459-n\msvcr71.dll 2010-05-25 11:05 . 2010-05-25 11:05 61440 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4e33a2ef-n\decora-sse.dll 2010-05-25 11:05 . 2010-05-25 11:05 12800 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4e33a2ef-n\decora-d3d.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-16 06:32 . 2010-04-20 05:20 586240 ----a-w- c:\windows\system32\drivers\wbtfeybj.sys 2010-06-16 06:18 . 2008-10-31 11:04 81984 ----a-w- c:\windows\system32\bdod.bin 2010-06-16 05:20 . 2008-02-18 20:19 108518 ----a-w- c:\windows\system32\nvModes.dat 2010-06-15 10:03 . 2009-08-17 15:55 1109392 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2010-06-15 06:47 . 2009-11-16 06:23 -------- d-----w- c:\documents and settings\Administrateur\Application Data\HouseCall 6.6 2010-06-15 01:02 . 2008-10-28 14:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-06-10 15:37 . 2004-08-17 08:20 90184 ----a-w- c:\windows\system32\perfc00C.dat 2010-06-10 15:37 . 2004-08-17 08:20 527006 ----a-w- c:\windows\system32\perfh00C.dat 2010-06-10 14:36 . 2010-06-10 13:37 2788 ----a-w- c:\documents and settings\Administrateur\errorlog.tmp 2010-06-04 05:21 . 2010-05-12 12:31 -------- d-----w- c:\documents and settings\Administrateur\Application Data\gtk-2.0 2010-06-03 14:11 . 2008-11-04 15:39 -------- d-----w- c:\program files\Super macro 2010-06-03 14:11 . 2008-11-03 14:59 -------- d-----w- c:\program files\ma-config.com 2010-06-03 14:11 . 2008-11-03 14:59 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com 2010-06-03 14:10 . 2008-10-31 09:34 -------- d-----w- c:\program files\Fichiers communs\Autodesk Shared 2010-05-18 06:22 . 2009-09-25 08:51 -------- d-----w- c:\program files\Google 2010-05-12 12:29 . 2010-05-12 12:29 -------- d-----w- c:\program files\GIMP-2.0 2010-05-07 05:28 . 2010-04-23 09:53 1 ----a-w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2010-05-06 05:10 . 2008-11-04 08:21 -------- d-----w- c:\program files\Fichiers communs\Logishrd 2010-05-05 11:22 . 2008-10-31 11:04 -------- d-----w- c:\program files\Outlook Express Launcher 2010-05-05 05:39 . 2008-10-25 20:52 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-05-05 05:39 . 2008-11-04 08:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech 2010-05-05 05:37 . 2009-07-22 08:40 -------- d-----w- c:\documents and settings\Administrateur\Application Data\id Software 2010-05-05 05:31 . 2010-05-05 05:31 -------- d-----w- c:\program files\RealVNC 2010-04-23 09:53 . 2010-04-23 09:53 -------- d-----w- c:\documents and settings\Administrateur\Application Data\OpenOffice.org 2010-04-22 05:22 . 2010-04-22 05:22 503808 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7ddeb942-n\msvcp71.dll 2010-04-22 05:22 . 2010-04-22 05:22 348160 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7ddeb942-n\msvcr71.dll 2010-04-22 05:22 . 2010-04-22 05:22 499712 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-7ddeb942-n\jmc.dll 2010-04-22 05:22 . 2010-04-22 05:22 61440 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1fa17e06-n\decora-sse.dll 2010-04-22 05:22 . 2010-04-22 05:22 12800 ----a-w- c:\documents and settings\Administrateur\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1fa17e06-n\decora-d3d.dll 2010-04-20 14:39 . 2008-10-31 09:49 101936 ----a-w- c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-04-20 14:26 . 2010-04-20 14:26 -------- d-----w- c:\program files\JRE 2010-04-20 14:26 . 2010-04-20 14:26 -------- d-----w- c:\program files\OpenOffice.org 3 2010-04-20 14:26 . 2008-10-25 20:51 -------- d-----w- c:\program files\Fichiers communs\Java 2010-04-20 14:25 . 2010-04-20 14:25 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-04-20 14:25 . 2008-10-25 20:52 -------- d-----w- c:\program files\Java 2010-04-19 13:42 . 2010-04-15 06:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-04-19 12:41 . 2010-04-15 06:20 -------- d-----w- c:\program files\Spybot - Search & Destroy 2008-10-27 14:51 . 2008-10-27 14:51 56 --sha-w- c:\windows\SMINST\hpboot.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files\Softonic_France\tbSoft.dll" [2010-03-17 2355224] [HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}] 2010-03-17 13:45 2355224 ----a-w- c:\program files\Softonic_France\tbSoft.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{4daac69c-cba7-45e2-9bc8-1044483d3352}"= "c:\program files\Softonic_France\tbSoft.dll" [2010-03-17 2355224] [HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}"= "c:\program files\Softonic_France\tbSoft.dll" [2010-03-17 2355224] [HKEY_CLASSES_ROOT\clsid\{4daac69c-cba7-45e2-9bc8-1044483d3352}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-08 13582336] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP] 2007-04-30 07:19 49152 ----a-w- c:\windows\system32\DeviceNP.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard] 2007-02-07 01:30 74240 ------w- c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\APSHook.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ SbHpNp scecli [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^Outlook Express.lnk] path=c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Outlook Express.lnk backup=c:\windows\pss\Outlook Express.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^Administrateur^Menu Démarrer^Programmes^Démarrage^TopLicence11.lnk] path=c:\documents and settings\Administrateur\Menu Démarrer\Programmes\Démarrage\TopLicence11.lnk backup=c:\windows\pss\TopLicence11.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^BTTray.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk backup=c:\windows\pss\BTTray.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk] path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech SetPoint.lnk backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bluetooth Connection Assistant] LBTWIZ.EXE -silent [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccelerometerSysTrayApplet] 2007-01-24 12:28 124928 ------w- c:\windows\system32\accelerometerST.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-06-12 01:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\atchk] 2007-04-10 13:10 404248 ----a-w- c:\program files\Intel\AMT\atchk.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent] 2009-11-18 09:42 368640 ----a-w- c:\program files\BitDefender\BitDefender 2008\bdagent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitDefender Antiphishing Helper] 2007-10-09 15:46 61440 ----a-w- c:\program files\BitDefender\BitDefender 2008\IEShow.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS] 2003-12-22 17:12 17920 ----a-r- c:\progra~1\HEWLET~1\IAM\Bin\ASTSVCC.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset] 2007-05-03 08:52 57344 ------w- c:\program files\Hewlett-Packard\Default Settings\Cpqset.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 02:33 15360 ------w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent] 2005-01-19 14:18 405583 ------w- c:\program files\Microsoft ActiveSync\wcescomm.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-02-16 22:11 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant] 2007-03-01 12:18 472776 ------w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] 2007-09-21 02:10 55824 ----a-w- c:\windows\KHALMNPR.Exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2007-08-23 16:36 455968 ----a-w- c:\program files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui] 2010-03-30 09:16 1820040 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor] 2006-11-03 10:01 319488 ----a-w- c:\windows\PixArt\PAC207\Monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsmqIntCert] 2008-04-14 02:33 177152 ----a-w- c:\windows\system32\mqrt.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2008-10-08 13:52 13582336 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2008-10-08 13:52 86016 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2008-10-08 13:52 1630208 ----a-w- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete] 2007-05-08 07:38 331552 ----a-w- c:\program files\PDF Complete\pdfsty.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pense-bête] 2002-06-10 14:55 972800 ----a-w- c:\program files\AXEL\Pense-bête\pensebet.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR] 2007-01-09 14:52 145184 ----a-w- c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl] 2008-02-26 07:36 177456 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe] 2008-02-26 07:36 177456 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard] 2005-12-20 15:51 1187840 ------w- c:\windows\SMINST\Recguard.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder] 2006-03-09 16:38 806912 ----a-w- c:\windows\CREATOR\Remind_XP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Scheduler] 2006-10-09 10:23 697976 ----a-w- c:\windows\SMINST\Scheduler.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP] 2007-01-05 17:36 872448 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-01-11 13:21 246504 ----a-w- c:\program files\Fichiers communs\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\thnotify] 2008-02-08 14:09 1491456 ----a-w- c:\program files\Astase\UltraBackup\4.9\bin\thtrayagent.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\WINDOWS\\system32\\mqsvc.exe"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Fichiers communs\\SafeNet Sentinel\\Sentinel Protection Server\\WinNT\\spnsrvnt.exe"= "c:\\Program Files\\Fichiers communs\\SafeNet Sentinel\\Sentinel Keys Server\\sntlkeyssrvr.exe"= "c:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"= "c:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"= "c:\\TopStation10\\bin\\TopLicence.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\TopStation11\\bin\\TopLicence.exe"= "c:\\Program Files\\RealVNC\\VNC4\\vncviewer.exe"= R0 SafeBoot;SafeBoot;c:\windows\system32\drivers\SafeBoot.sys [26/04/2007 20:23 100095] R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [09/10/2006 14:31 44720] R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [29/03/2007 17:54 13696] R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [26/04/2007 20:23 5808] R2 ASBroker;Courtier de session de connexion;c:\windows\System32\svchost.exe -k Cognizance [05/08/2004 10:00 14336] R2 ASChannel;Canal de communication local;c:\windows\System32\svchost.exe -k Cognizance [05/08/2004 10:00 14336] R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30/03/2010 11:16 1107336] R2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [27/04/2007 11:58 221184] R2 itheaService;Service Ithea;c:\windows\system32\itheaSvc.EXE [04/02/2010 12:28 655688] R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [26/09/2008 17:25 3653632] R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [18/02/2008 22:45 540448] R2 regi;regi;c:\windows\system32\drivers\regi.sys [17/04/2007 20:09 11032] R2 SentinelKeysServer;Sentinel Keys Server;c:\program files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [27/04/2007 02:00 316992] R2 ThalliumServer;Astase ThalliumBackup Storage Service;c:\program files\Astase\UltraBackup\4.9\bin\tbsd.exe [17/02/2009 11:53 1952256] R2 thpassivesvc;Astase ThalliumBackup Client Background Service;c:\program files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe [17/02/2009 11:53 646144] R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\Intel\AMT\UNS.exe [25/10/2008 16:06 1489688] R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [23/01/2007 22:13 36608] R3 ITHEA;Actikey® Ithea USB Driver;c:\windows\system32\drivers\ithea.sys [16/03/2010 12:44 16960] R3 rismc32;RICOH Smart Card Reader;c:\windows\system32\drivers\rismc32.sys [20/12/2006 02:08 47616] S0 cutkrv;cutkrv; [x] S2 gupdate;Service Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25/09/2009 10:51 133104] S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [25/11/2008 09:28 193840] S3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys --> c:\windows\system32\DRIVERS\DAMDrv.sys [?] S3 FLCDLOCK;Verrouillage des périphériques / Audition HP ProtectTools;c:\windows\system32\flcdlock.exe [30/04/2007 09:28 172131] --- Autres Services/Pilotes en mémoire --- *Deregistered* - wbtfeybj [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 Cognizance REG_MULTI_SZ ASBroker ASChannel bdx REG_MULTI_SZ scan [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-08-23 16:34 451872 ----a-w- c:\program files\Fichiers communs\LightScribe\LSRunOnce.exe . Contenu du dossier 'Tâches planifiées' 2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-25 08:51] 2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-25 08:51] . . ------- Examen supplémentaire ------- . uInternet Connection Wizard,ShellNext = iexplore IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm FF - ProfilePath - c:\documents and settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\h71pwe24.default\ FF - prefs.js: browser.startup.homepage - google.fr FF - prefs.js: keyword.URL - hxxp://www.cherche.us/Result.php?cx=partner-pub-0420647136319153%3A5n6ugpjrdrh&cof=GIMP%3ACCCCCC%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A10%3BDIV%3A%23FFFFF0%3B&q= FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); . . ------- Associations de fichier ------- . .scr=AutoCADLTScriptFile . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-06-16 08:32 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\pdfcDispatcher] "ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" [HKEY_LOCAL_MACHINE\System\ControlSet004\Services\wbtfeybj] . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_USERS\S-1-5-21-722763781-1159498310-1566449145-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3b,38,4a,3a,27,3c,4b,4f,80,0b,5b,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3b,38,4a,3a,27,3c,4b,4f,80,0b,5b,\ . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(1092) c:\program files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll c:\program files\Hewlett-Packard\IAM\Bin\TrayIcon.dll c:\program files\Hewlett-Packard\IAM\bin\HPBrand.dll c:\program files\Hewlett-Packard\IAM\bin\FRA\HPBrand.dll c:\program files\Hewlett-Packard\IAM\bin\FRA\ItMsg.dll c:\program files\Hewlett-Packard\IAM\Bin\ASChnl.dll c:\program files\Hewlett-Packard\IAM\Bin\ItDAC.dll c:\program files\Hewlett-Packard\IAM\Bin\ItReports.DLL c:\program files\Hewlett-Packard\IAM\Bin\BioAuth.dll c:\program files\Hewlett-Packard\IAM\bin\FRA\BioAuth.dll c:\program files\Hewlett-Packard\IAM\Bin\ASBIoAT.dll c:\program files\Hewlett-Packard\IAM\Bin\ittal.dll c:\program files\Hewlett-Packard\IAM\Bin\STEngine.dll c:\program files\Hewlett-Packard\IAM\Bin\ItVCClient.dll c:\program files\Hewlett-Packard\IAM\Bin\ittalsnap.dll c:\program files\Hewlett-Packard\IAM\bin\FRA\ittalsnap.dll c:\program files\Hewlett-Packard\IAM\Bin\AuthWiz.dll c:\program files\Hewlett-Packard\IAM\bin\FRA\AuthWiz.dll c:\windows\system32\DeviceNP.dll - - - - - - - > 'lsass.exe'(1148) c:\windows\SbHpNp.dll . Heure de fin: 2010-06-16 08:34:06 ComboFix-quarantined-files.txt 2010-06-16 06:34 ComboFix2.txt 2010-04-20 05:45 ComboFix3.txt 2010-04-19 16:05 Avant-CF: 94 859 952 128 octets libres Après-CF: 95 019 315 200 octets libres - - End Of File - - 47A47D1B392F77A88F0E1959CDA025FB ensuite, pour MBAM : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4202 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 16/06/2010 09:19:20 mbam-log-2010-06-16 (09-19-20).txt Type d'examen: Examen rapide Elément(s) analysé(s): 127616 Temps écoulé: 3 minute(s), 51 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 1 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\WINDOWS\system32\drivers\wbtfeybj.sys (Rootkit.Agent) -> Delete on reboot.
  8. myckael39
    Boinjour, je suis un petit nouveau qui a quelques problémes : Mon PC pro mange toute la bande passante du réseau de mon entreprise a la seconde ou je branche le cable réseau = plus personne ne peux se connecter sur internet Le mec qui s'occupe du réseau a eliminer toutes les sources de pb possible et en a conclu que c'était un virus Voila ce que j'ai tenter : _ Bitdefender ne détécte rien _ Le pb persiste en mode sans echec _ la restauration systeme 15j avant le pb n'y change rien _ combofix ne resoud pas le pb Voici un scan highjackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 08:48:13, on 16/06/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe C:\Program Files\Intel\AMT\atchksrv.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\WINDOWS\system32\itheaSvc.EXE C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Intel\AMT\LMS.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\PDF Complete\pdfsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\AMT\UNS.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab3.cab O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://ushousecall02.trendmicro.com/housec...ivex/hcImpl.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichier...ion_3_1_1_0.cab O16 - DPF: {A796D216-2DE1-4EA8-BABB-FE6E7C959098} (HPSDDX Class) - http://www.hp.com/cpso-support-new/SDD/hpsddObjSigned.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll O20 - AppInit_DLLs: C:\WINDOWS\system32\APSHook.dll O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\SYSTEM32\DeviceNP.dll O20 - Winlogon Notify: OneCard - C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll O23 - Service: Intel® Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: Verrouillage des périphériques / Audition HP ProtectTools (FLCDLOCK) - Hewlett-Packard Ltd - C:\WINDOWS\system32\flcdlock.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service Ithea (itheaService) - ACTiKEY - C:\WINDOWS\system32\itheaSvc.EXE O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Intel® Active Management Technology Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\AMT\LMS.exe O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe O23 - Service: Astase ThalliumBackup Storage Service (ThalliumServer) - Astase - C:\Program Files\Astase\UltraBackup\4.9\bin\tbsd.exe O23 - Service: Astase ThalliumBackup Client Background Service (thpassivesvc) - Astase - C:\Program Files\Astase\UltraBackup\4.9\bin\thpassiveclientsvc.exe O23 - Service: Intel® Active Management Technology User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\AMT\UNS.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 11454 bytes merci pour votre aide
×
×
  • Créer...