A voir également:
- Mode sans echec 0x0000007F apres infection
- Mode sans echec - Guide
- Ps4 mode sans echec - Guide
- Mode sécurisé samsung - Guide
- Mode d'emploi - Guide
- God mode - Guide
8 réponses
Utilisateur anonyme
2 mars 2007 à 07:39
2 mars 2007 à 07:39
bonjour,
je pense pas que tu soit désinfecté ta base virale est'elle a jour au moment du scan
essai un bon anti virus voir meilleur nod32
a+
je pense pas que tu soit désinfecté ta base virale est'elle a jour au moment du scan
essai un bon anti virus voir meilleur nod32
a+
Hey,
Merci de ta réponse,
Le scan Kaspresky était en ligne, du coup, je ne comprends pas bien ta question sur la mise à jour de la base virale.
Ce qui est sur, c'est que j'ai lu qu'il fallait le lancer en mode sans échec, ce que je n'ai pas réussi à faire.
Je téléch tout de suite nod32 , et je te tiens au courant
merci merci :)
Merci de ta réponse,
Le scan Kaspresky était en ligne, du coup, je ne comprends pas bien ta question sur la mise à jour de la base virale.
Ce qui est sur, c'est que j'ai lu qu'il fallait le lancer en mode sans échec, ce que je n'ai pas réussi à faire.
Je téléch tout de suite nod32 , et je te tiens au courant
merci merci :)
hey,
Bon, j'ai à nouveau le wifi qui ne fonctionne plus :(
Alors... voici ce que dit NOD32
------------------------------------------------------------------
Scan performed at: 02/03/2007 18:12:30
Scanning Log
NOD32 version 2088 (20070302) NT
Operating memory - is OK
Active boot sector of the 1. physical disk - Error reading disk sector
MBR sector of the 2. physical disk - Error reading disk sector
Date: 2.3.2007 Time: 18:12:35
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:; D:
C:\hiberfil.sys - error opening (File locked) [4]
C:\pagefile.sys - error opening (File locked) [4]
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdb_Mgr.ldf - error opening (File locked) [4]
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdb_Mgr.mdf - error opening (File locked) [4]
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterdisabled.zip »ZIP »sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterdisabled.zip »ZIP »sbRecovery.ini - error - password-protected file
C:\Documents and Settings\julie\NTUSER.DAT - error opening (File locked) [4]
C:\Documents and Settings\julie\ntuser.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\julie\.housecall6.6\AU_Temp\2044_2520\AU_Down\pattern\tscptn.zip »ZIP »tsc.ptn - archive damaged
C:\Documents and Settings\julie\Bureau\pizzaService.tar »TAR - error occurred while reading archive
C:\Documents and Settings\julie\Bureau\toutlebureau\djulle.rar »RAR »djulle\Swift 3d v3.exe »WISE »DARTBORD.3DS - error - unknown compression method
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\LocalService\NTUSER.DAT - error opening (File locked) [4]
C:\Documents and Settings\LocalService\ntuser.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\NTUSER.DAT - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
C:\Program Files\eMule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 1.exe »UPX v12_m2 - unpack error
C:\Program Files\eMule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 2.exe »UPX v12_m2 - unpack error
C:\Program Files\eMule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony CD Architect 5.0 (Build 93)\RENEGADE KeyGen\KEYGEN.EXE »UPX v12_m2 - unpack error
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\master.mdf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\mastlog.ldf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\model.mdf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\modellog.ldf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\tempdb.mdf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\templog.ldf - error opening (File locked) [4]
C:\Program Files\Microsoft Works\Setup\Redist\IE6\ient_s1.CAB »CAB »IENT_1.CAB »CAB »MSHTML.DLL - next archive volume not found
C:\Program Files\Microsoft Works\Setup\Redist\IE6\IE_EXTRA.CAB »CAB »t2embed.dll »GZ »t2embed.dll - error - unknown compression method
C:\Program Files\Microsoft Works\Setup\Redist\IE6\ie_s1.CAB »CAB »IE_1.CAB »CAB »MSHTML.TLB - next archive volume not found
C:\Program Files\Nero\Nero 7\Nero BackItUp\BackItUp_ImageTool\root.img »GZ - archive damaged
C:\Program Files\OpenOffice.org 2.0\program\python-core-2.3.4\lib\test\testtar.tar »TAR - archive damaged
C:\System Volume Information\MountPointManagerRemoteDatabase - error opening (Access denied) [4]
C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP1\A0001097.exe »NSIS »2000.dat - error occurred while reading archive
C:\WINDOWS\I386\FRAMD.TT_ »TAR - archive damaged
C:\WINDOWS\I386\REVERT.WM_ »TAR - archive damaged
C:\WINDOWS\system32\config\default - error opening (File locked) [4]
C:\WINDOWS\system32\config\default.LOG - error opening (File locked) [4]
C:\WINDOWS\system32\config\SAM - error opening (File locked) [4]
C:\WINDOWS\system32\config\SAM.LOG - error opening (File locked) [4]
C:\WINDOWS\system32\config\SECURITY - error opening (File locked) [4]
C:\WINDOWS\system32\config\SECURITY.LOG - error opening (File locked) [4]
C:\WINDOWS\system32\config\software - error opening (File locked) [4]
C:\WINDOWS\system32\config\software.LOG - error opening (File locked) [4]
C:\WINDOWS\system32\config\system - error opening (File locked) [4]
C:\WINDOWS\system32\config\system.LOG - error opening (File locked) [4]
C:\WINDOWS\Temp\JETA7A.tmp - error opening (File locked) [4]
D:\down\OOo_2.0.3_Win32Intel_install_fr.exe »NSIS »openofficeorg4.cab »CAB »testtar.tar »TAR - archive damaged
D:\down\mp3\__emule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 1.exe »UPX v12_m2 - unpack error
D:\down\mp3\__emule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 2.exe »UPX v12_m2 - unpack error
D:\down\mp3\__emule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony CD Architect 5.0 (Build 93)\RENEGADE KeyGen\KEYGEN.EXE »UPX v12_m2 - unpack error
D:\down\mp3\__torrents\complete\Lynda.com - Flex 2 Essential Training\Lynda.com.Flex.2.Essential.Training-MOJO_Repack\Lynda.com - Flex 2 Essential Training\exercise files\PC Exercise Files\exercises\LyndaZbasics\03_controls\assets\Thumbs.db:encryptable:$DA - error opening [4]
D:\down\mp3\__torrents\tmp\Ableton.Live.v6.0.3.MERRY.XMAS-AiR\a-al603.rar »RAR »setup.exe - next archive volume not found
D:\down\mp3\__torrents\tmp\Ableton.Live.v6.0.3.MERRY.XMAS-AiR\a-al603a.zip »ZIP »a-al603.rar »RAR »setup.exe - next archive volume not found
D:\down\swift3d\Swift 3d v3.exe »WISE »DARTBORD.3DS - error - unknown compression method
D:\down\_reason\reason 3.0 crack keygen.rar »RAR »reason 3.0 crack keygen.exe »NSIS »winbbb.dat - Win32/Adware.HotSearchBar application
D:\down\_reason\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen.rar »RAR »Sony CD Architect 5.0 (Build 93)\RENEGADE KeyGen\KEYGEN.EXE »UPX v12_m2 - unpack error
D:\down\_reason\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen.rar »RAR »Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 1.exe »UPX v12_m2 - unpack error
D:\down\_reason\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen.rar »RAR »Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 2.exe »UPX v12_m2 - unpack error
D:\RECYCLER\S-1-5-21-550196490-2780329125-2035740560-1006\Dd1.exe »NSIS »openofficeorg4.cab »CAB »testtar.tar »TAR - archive damaged
D:\System Volume Information\MountPointManagerRemoteDatabase - error opening (Access denied) [4]
D:\xampp\htdocs\projets\china\photos\20060708\towang\towang.part1.rar »RAR »P1000616.JPG - next archive volume not found
D:\xampp\htdocs\projets\sziget\IN\2006-01-05\szigetfestival2006_januar_05.zip »ZIP »images/Thumbs.db - archive damaged
Number of scanned files: 953198
Number of threats found: 1
Number of active threats: 1
Time of completion: 03:58:53 Total scanning time: 35178 sec (09:46:18)
Notes:
[4] File cannot be opened. It may be in use by another application or operating system.
------------------------------------------------------------------
Qu'est ce que tu en penses?
Merci de ton aide !!
Bon, j'ai à nouveau le wifi qui ne fonctionne plus :(
Alors... voici ce que dit NOD32
------------------------------------------------------------------
Scan performed at: 02/03/2007 18:12:30
Scanning Log
NOD32 version 2088 (20070302) NT
Operating memory - is OK
Active boot sector of the 1. physical disk - Error reading disk sector
MBR sector of the 2. physical disk - Error reading disk sector
Date: 2.3.2007 Time: 18:12:35
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:; D:
C:\hiberfil.sys - error opening (File locked) [4]
C:\pagefile.sys - error opening (File locked) [4]
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdb_Mgr.ldf - error opening (File locked) [4]
C:\Documents and Settings\All Users\Application Data\Sony Corporation\VAIO Entertainment Platform\1.0\VzCdb\VzCdb_Mgr.mdf - error opening (File locked) [4]
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterdisabled.zip »ZIP »sbRecovery.reg - error - password-protected file
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterdisabled.zip »ZIP »sbRecovery.ini - error - password-protected file
C:\Documents and Settings\julie\NTUSER.DAT - error opening (File locked) [4]
C:\Documents and Settings\julie\ntuser.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\julie\.housecall6.6\AU_Temp\2044_2520\AU_Down\pattern\tscptn.zip »ZIP »tsc.ptn - archive damaged
C:\Documents and Settings\julie\Bureau\pizzaService.tar »TAR - error occurred while reading archive
C:\Documents and Settings\julie\Bureau\toutlebureau\djulle.rar »RAR »djulle\Swift 3d v3.exe »WISE »DARTBORD.3DS - error - unknown compression method
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\LocalService\NTUSER.DAT - error opening (File locked) [4]
C:\Documents and Settings\LocalService\ntuser.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\NTUSER.DAT - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
C:\Program Files\eMule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 1.exe »UPX v12_m2 - unpack error
C:\Program Files\eMule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 2.exe »UPX v12_m2 - unpack error
C:\Program Files\eMule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony CD Architect 5.0 (Build 93)\RENEGADE KeyGen\KEYGEN.EXE »UPX v12_m2 - unpack error
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\master.mdf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\mastlog.ldf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\model.mdf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\modellog.ldf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\tempdb.mdf - error opening (File locked) [4]
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Data\templog.ldf - error opening (File locked) [4]
C:\Program Files\Microsoft Works\Setup\Redist\IE6\ient_s1.CAB »CAB »IENT_1.CAB »CAB »MSHTML.DLL - next archive volume not found
C:\Program Files\Microsoft Works\Setup\Redist\IE6\IE_EXTRA.CAB »CAB »t2embed.dll »GZ »t2embed.dll - error - unknown compression method
C:\Program Files\Microsoft Works\Setup\Redist\IE6\ie_s1.CAB »CAB »IE_1.CAB »CAB »MSHTML.TLB - next archive volume not found
C:\Program Files\Nero\Nero 7\Nero BackItUp\BackItUp_ImageTool\root.img »GZ - archive damaged
C:\Program Files\OpenOffice.org 2.0\program\python-core-2.3.4\lib\test\testtar.tar »TAR - archive damaged
C:\System Volume Information\MountPointManagerRemoteDatabase - error opening (Access denied) [4]
C:\System Volume Information\_restore{A86CFCA8-1E78-4E36-8351-E4E4DF02E898}\RP1\A0001097.exe »NSIS »2000.dat - error occurred while reading archive
C:\WINDOWS\I386\FRAMD.TT_ »TAR - archive damaged
C:\WINDOWS\I386\REVERT.WM_ »TAR - archive damaged
C:\WINDOWS\system32\config\default - error opening (File locked) [4]
C:\WINDOWS\system32\config\default.LOG - error opening (File locked) [4]
C:\WINDOWS\system32\config\SAM - error opening (File locked) [4]
C:\WINDOWS\system32\config\SAM.LOG - error opening (File locked) [4]
C:\WINDOWS\system32\config\SECURITY - error opening (File locked) [4]
C:\WINDOWS\system32\config\SECURITY.LOG - error opening (File locked) [4]
C:\WINDOWS\system32\config\software - error opening (File locked) [4]
C:\WINDOWS\system32\config\software.LOG - error opening (File locked) [4]
C:\WINDOWS\system32\config\system - error opening (File locked) [4]
C:\WINDOWS\system32\config\system.LOG - error opening (File locked) [4]
C:\WINDOWS\Temp\JETA7A.tmp - error opening (File locked) [4]
D:\down\OOo_2.0.3_Win32Intel_install_fr.exe »NSIS »openofficeorg4.cab »CAB »testtar.tar »TAR - archive damaged
D:\down\mp3\__emule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 1.exe »UPX v12_m2 - unpack error
D:\down\mp3\__emule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 2.exe »UPX v12_m2 - unpack error
D:\down\mp3\__emule\Incoming\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen\Sony CD Architect 5.0 (Build 93)\RENEGADE KeyGen\KEYGEN.EXE »UPX v12_m2 - unpack error
D:\down\mp3\__torrents\complete\Lynda.com - Flex 2 Essential Training\Lynda.com.Flex.2.Essential.Training-MOJO_Repack\Lynda.com - Flex 2 Essential Training\exercise files\PC Exercise Files\exercises\LyndaZbasics\03_controls\assets\Thumbs.db:encryptable:$DA - error opening [4]
D:\down\mp3\__torrents\tmp\Ableton.Live.v6.0.3.MERRY.XMAS-AiR\a-al603.rar »RAR »setup.exe - next archive volume not found
D:\down\mp3\__torrents\tmp\Ableton.Live.v6.0.3.MERRY.XMAS-AiR\a-al603a.zip »ZIP »a-al603.rar »RAR »setup.exe - next archive volume not found
D:\down\swift3d\Swift 3d v3.exe »WISE »DARTBORD.3DS - error - unknown compression method
D:\down\_reason\reason 3.0 crack keygen.rar »RAR »reason 3.0 crack keygen.exe »NSIS »winbbb.dat - Win32/Adware.HotSearchBar application
D:\down\_reason\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen.rar »RAR »Sony CD Architect 5.0 (Build 93)\RENEGADE KeyGen\KEYGEN.EXE »UPX v12_m2 - unpack error
D:\down\_reason\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen.rar »RAR »Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 1.exe »UPX v12_m2 - unpack error
D:\down\_reason\Sony Media (Vegas 6, Sound Forge 8, Dvd Architect 3, Cd Architect 5, Acid Pro 5 Music Studio 5) Incl Keygen.rar »RAR »Sony 5.1 Surround Plug-In\RENEGADE KeyGen\Sony 5.1 Surround Plug-in Pack KeyGen 2.exe »UPX v12_m2 - unpack error
D:\RECYCLER\S-1-5-21-550196490-2780329125-2035740560-1006\Dd1.exe »NSIS »openofficeorg4.cab »CAB »testtar.tar »TAR - archive damaged
D:\System Volume Information\MountPointManagerRemoteDatabase - error opening (Access denied) [4]
D:\xampp\htdocs\projets\china\photos\20060708\towang\towang.part1.rar »RAR »P1000616.JPG - next archive volume not found
D:\xampp\htdocs\projets\sziget\IN\2006-01-05\szigetfestival2006_januar_05.zip »ZIP »images/Thumbs.db - archive damaged
Number of scanned files: 953198
Number of threats found: 1
Number of active threats: 1
Time of completion: 03:58:53 Total scanning time: 35178 sec (09:46:18)
Notes:
[4] File cannot be opened. It may be in use by another application or operating system.
------------------------------------------------------------------
Qu'est ce que tu en penses?
Merci de ton aide !!
Après plusieurs scans, NOD32 ne trouve plus rien
A l'instant, NOD32 vient de me dire que des .exe venaient d'etre renommés en exe.Exe avec une ligne ajoutée
Ces fichiers se trouvaient dans un dossier partagé (lecture/ecriture) (oups!)
J'ai tout de suite enlevé le partage
et fait un Hijack :
Logfile of HijackThis v1.99.1
Scan saved at 16:14:57, on 06/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\cmd.exe
D:\xampp\apache\bin\apache.exe
D:\xampp\mysql\bin\mysqld.exe
D:\xampp\apache\bin\apache.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Adobe\Flex Builder 2\FlexBuilder.exe
C:\Program Files\Adobe\Flex Builder 2\jre\bin\javaw.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\down\wscite170\wscite\SciTE.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\julie\Bureau\hijack\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MySql - Unknown owner - D:/xampp/mysql/bin/mysqld-nt.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
Je n'arrive toujours pas à redémarrer en mode sans échec ...
Est ce que vous voyez quelquechose de suspect?
Merci de votre aide
Julie
A l'instant, NOD32 vient de me dire que des .exe venaient d'etre renommés en exe.Exe avec une ligne ajoutée
Ces fichiers se trouvaient dans un dossier partagé (lecture/ecriture) (oups!)
J'ai tout de suite enlevé le partage
et fait un Hijack :
Logfile of HijackThis v1.99.1
Scan saved at 16:14:57, on 06/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\cmd.exe
D:\xampp\apache\bin\apache.exe
D:\xampp\mysql\bin\mysqld.exe
D:\xampp\apache\bin\apache.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Adobe\Flex Builder 2\FlexBuilder.exe
C:\Program Files\Adobe\Flex Builder 2\jre\bin\javaw.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\down\wscite170\wscite\SciTE.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\julie\Bureau\hijack\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: CmjBrowserHelperObject Object - {AC41D38F-B56D-40AD-94E0-B493D130C959} - C:\Program Files\Mindjet\MindManager 6\Mm6InternetExplorer.dll
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MySql - Unknown owner - D:/xampp/mysql/bin/mysqld-nt.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
Je n'arrive toujours pas à redémarrer en mode sans échec ...
Est ce que vous voyez quelquechose de suspect?
Merci de votre aide
Julie
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
salwa5
Messages postés
7452
Date d'inscription
jeudi 30 novembre 2006
Statut
Contributeur
Dernière intervention
18 août 2012
1 632
6 mars 2007 à 12:59
6 mars 2007 à 12:59
bonjour télécharge ELIBAGLA sur ton bureau:
http://www.zonavirus.com/datos/archivos/Descargas/Utilidades%20SATINFO/EliBaglA.exe
Double-clic sur Elibagla.exe>laisse la case
"eliminar ficheros automaticamente" coché>clique sur"explorar"
>laisse-le travailler>poste le rapport final qui sera
dans c:\infosat.txt
a++++
http://www.zonavirus.com/datos/archivos/Descargas/Utilidades%20SATINFO/EliBaglA.exe
Double-clic sur Elibagla.exe>laisse la case
"eliminar ficheros automaticamente" coché>clique sur"explorar"
>laisse-le travailler>poste le rapport final qui sera
dans c:\infosat.txt
a++++
Merci beaucoup de ta réponse
J'ai essayé de le télécharger à plusieurs reprises, j'ai soit
- erreur de connexion à la fin du téléchargement - pourtant court :)-
- application win32 non valide lors du lancement qd le téléchargement s'est bien terminé
Ah oui, pour le faire, j'ai du couper NOD32 car il ralait.
Su coup, un ami me l'a envoyé en .ZIP.
Le fichier marchait correctement sur sa machine, mais ici
soit mon dézippage donne un dossier vide
soit, en essayant de lancer directement à partir de Winrar, ce dernier me répond : "! Impossible d'exécuter "C:\DOCUME~1\julie\LOCALS~1\Temp\Rar$EX00.547\EliBaglA.txt.exe"
"
zut zut de zut :(
qu'est ce que je peux faire?
J'ai essayé de le télécharger à plusieurs reprises, j'ai soit
- erreur de connexion à la fin du téléchargement - pourtant court :)-
- application win32 non valide lors du lancement qd le téléchargement s'est bien terminé
Ah oui, pour le faire, j'ai du couper NOD32 car il ralait.
Su coup, un ami me l'a envoyé en .ZIP.
Le fichier marchait correctement sur sa machine, mais ici
soit mon dézippage donne un dossier vide
soit, en essayant de lancer directement à partir de Winrar, ce dernier me répond : "! Impossible d'exécuter "C:\DOCUME~1\julie\LOCALS~1\Temp\Rar$EX00.547\EliBaglA.txt.exe"
"
zut zut de zut :(
qu'est ce que je peux faire?
salwa5
Messages postés
7452
Date d'inscription
jeudi 30 novembre 2006
Statut
Contributeur
Dernière intervention
18 août 2012
1 632
6 mars 2007 à 20:34
6 mars 2007 à 20:34
bonsoir le mieu c'est que tu le telecharge apartir d'un autre ordi puis tu le transfer sur l'ordi infecté a l'aide d'une clé usb
desactive ton antivirus il se peu que ca sois ca qui bloque l'execution du fix
a+++
desactive ton antivirus il se peu que ca sois ca qui bloque l'execution du fix
a+++
