Problème run dll

Résolu
dimdimdidane -  
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   -
Bonjour,


Je vous écris ce message car je rencontre un petit problème. Lorsque je joue à un jeu vidéo sur mon PC, celui s'arrête et l'image se fixe, le son bourdonne. Je ne peux plus rien faire et me retrouve bloquer. Lorsque je redémarre mon PC j'ai un message qui s'affiche. Il ne trouve pas le module spécifique dans appdata\local\temp\qomMKCRV ou un truc dans le genre. Que dois je faire ? Merci
A voir également:

48 réponses

Précédent
Réponse 21 / 48
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   10 302
 
Justement, on va le voir avec ComboFix.
0
Réponse 22 / 48
Sacabouffe Messages postés 9427 Date d'inscription   Statut Membre Dernière intervention   1 835
 
Salut
Le message était resté coincé.

-----------\\ ToolBar S&D 1.2.2 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6000 )
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : BIOS Date: 08/08/07 19:31:10 Ver: 08.00.14
USER : Dim ( Administrator )
BOOT : Normal boot
Antivirus : McAfee VirusScan (Activated)
Firewall : McAfee Personal Firewall (Activated)
C:\ (Local Disk) - NTFS - Total : 457 Go Free : 255 Go
D:\ (Local Disk) - NTFS - Total : 8 Go Free : 1 Go
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
K:\ (CD or DVD)
L:\ (USB)

"C:\ToolBar SD" ( MAJ : 04-10-2008|21:00 )
Option : [1] ( 15/10/2008| 1:45 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar
C:\Program Files\AskSBar\SrchAstt
C:\Windows\iun6002.exe
C:\Program Files\Mozilla Firefox\plugins\NPAskSBr.dll

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://ie.redirect.hp.com/"
"Default_Page_URL"="http://ie.redirect.hp.com/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Dim\AppData\Roaming\Azureus\torrents\FIFA.09.Crackfix-RELOADED [mininova].torrent
C:\Users\Dim\AppData\Roaming\Azureus\torrents\FIFA.09.Crackfix-RELOADED.4424549.TPB [mininova].torrent
C:\Users\Dim\AppData\Roaming\Azureus\torrents\No-Cd Crack for PES 2008.rar [mininova].torrent
C:\Users\Dim\AppData\Roaming\Microsoft\Windows\Recent\Fifa 2008 PC GAME Multilang FR-DEU-NL-EN-POR-ITA Crack & serial Inclus Verif Steph OK.lnk
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\CRACK
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GUIDA - INSTRUCTIONS (ITA-ENG).txt
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\Guida con immagini.htm
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\Serial.txt
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\CRACK\PES2008.exe
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\GoalConnector.exe.manifest
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Lib
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Pes08Online.exe
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Run Me First!!!!!!!.bat
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Tools
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Lib\Connlib.dll
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Lib\sending.gif
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Lib\server.exe
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Lib\XPFirewall.reg
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Tools\vcredist_x86.exe
C:\Users\Dim\Downloads\eMule\Incoming\[PC GAME]PES 2008 Crack +Modo x giocare ONLINE GRATIS a Pro Evolution Soccer 2008.GoalConnector giocare IPvsIP e LAN play on-line PES2008\GoalConnector - Pes08Online\Tools\WinStun.rar
C:\Users\Dim\Jeux\BioshockCrack
C:\Users\Dim\Jeux\FIFA.09.Crackfix-RELOADED
C:\Users\Dim\Jeux\FIFA.09.Crackfix-RELOADED-1
C:\Users\Dim\Jeux\BioshockCrack\bio-lol.iso
C:\Users\Dim\Jeux\BioshockCrack\bioshock.txt
C:\Users\Dim\Jeux\BioshockCrack\crack
C:\Users\Dim\Jeux\BioshockCrack\crack\Bioshock.exe
C:\Users\Dim\Jeux\BioshockCrack\crack\paul.dll
C:\Users\Dim\Jeux\BioshockCrack\crack\READ_ME.txt
C:\Users\Dim\Jeux\BioshockCrack\crack\secu.eg.reg
C:\Users\Dim\Jeux\COD4\Crack
C:\Users\Dim\Jeux\COD4\Crack\iw3sp.exe
C:\Users\Dim\Jeux\Crysis-Razors1911\crack
C:\Users\Dim\Jeux\Crysis-Razors1911\crack\Razor1911
C:\Users\Dim\Jeux\Crysis-Razors1911\crack\Razor1911\Crysis.exe
C:\Users\Dim\Jeux\FIFA.09.Crackfix-RELOADED\rld-f09f.rar
C:\Users\Dim\Jeux\FIFA.09.Crackfix-RELOADED\rld-f09f.sfv
C:\Users\Dim\Jeux\FIFA.09.Crackfix-RELOADED-1\FIFA09.exe
C:\Users\Dim\Jeux\FIFA.09.Crackfix-RELOADED-1\reloaded.nfo
C:\Users\Dim\Jeux\FIFA.09.Crackfix-RELOADED-1\rld-f09f.rar
C:\Users\Dim\Jeux\FIFA.09.Crackfix-RELOADED-1\rld-f09f.sfv
C:\Users\Dim\Jeux\Moh airborne\CRACK&KEYGEN
C:\Users\Dim\Jeux\Moh airborne\CRACK&KEYGEN\hatred.nfo
C:\Users\Dim\Jeux\Moh airborne\CRACK&KEYGEN\keygen.exe
C:\Users\Dim\Jeux\Moh airborne\CRACK&KEYGEN\MOHA.exe


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 15/10/2008| 1:46 - Option : [1]

-----------\\ Fin du rapport a 1:46:29,21

Bonne continuation ;-)
0
Réponse 23 / 48
dimdimdidane
 
ComboFix 08-10-14.07 - Dim 2008-10-15 2:56:14.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2096 [GMT 2:00]
Lancé depuis: C:\Users\Dim\Downloads\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
C:\Users\Dim\AppData\Roaming\Adobe\crc.dat
C:\Windows\system32\AutoRun.inf

----- BITS: Il y a peut-être des sites infectés -----

hxxp://78.157.143.163
hxxp://78.157.143.198
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-15 au 2008-10-15 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans ce laps de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-15 00:04 691 ----a-w C:\Users\Dim\AppData\Roaming\GetValue.vbs
2008-10-15 00:04 35 ----a-w C:\Users\Dim\AppData\Roaming\SetValue.bat
2008-10-14 23:43 --------- d-----w C:\Users\Dim\AppData\Roaming\Azureus
2008-10-14 23:34 --------- d-----w C:\Program Files\Trend Micro
2008-10-14 23:09 --------- d-----w C:\Users\Dim\AppData\Roaming\Malwarebytes
2008-10-14 23:09 --------- d-----w C:\ProgramData\Malwarebytes
2008-10-14 23:09 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-10-12 15:29 107,888 ----a-w C:\Windows\System32\CmdLineExt.dll
2008-10-12 15:29 --------- d--h--r C:\Users\Dim\AppData\Roaming\SecuROM
2008-10-12 15:06 --------- d-----w C:\Program Files\KONAMI
2008-10-12 15:00 --------- d-----w C:\Program Files\McAfee
2008-10-12 13:38 --------- d-----w C:\ProgramData\SUPERAntiSpyware.com
2008-10-12 13:37 --------- d-----w C:\Users\Dim\AppData\Roaming\SUPERAntiSpyware.com
2008-10-12 13:37 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-10-12 13:36 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-10-09 12:10 --------- d-----w C:\Program Files\DaemonTools_WhenUSave_Installer
2008-10-09 12:10 --------- d-----w C:\Program Files\DAEMON Tools
2008-10-09 12:08 --------- d-----w C:\Users\Dim\AppData\Roaming\McAfee
2008-10-09 12:08 --------- d-----w C:\ProgramData\McAfee
2008-10-09 01:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-09 01:14 --------- d-----w C:\ProgramData\SiteAdvisor
2008-10-09 01:14 --------- d-----w C:\Program Files\SiteAdvisor
2008-10-09 01:12 --------- d-----w C:\Program Files\Common Files\McAfee
2008-10-09 01:11 --------- d-----w C:\Program Files\McAfee.com
2008-10-09 00:55 --------- d-----w C:\Program Files\Azureus
2008-10-08 10:42 --------- d-----w C:\Users\Dim\AppData\Roaming\HP
2008-10-06 21:39 --------- d-----w C:\Program Files\eToro
2008-10-06 17:32 --------- d-----w C:\ProgramData\Electronic Arts
2008-10-06 17:30 --------- d-----w C:\Users\Dim\AppData\Roaming\Leadertech
2008-10-06 17:14 --------- d-----w C:\Program Files\EA Sports
2008-10-04 01:01 268,800 ----a-w C:\Windows\System32\es.dll
2008-10-03 15:56 --------- d-----w C:\ProgramData\SafeNet Sentinel
2008-10-03 15:51 --------- d-----w C:\ProgramData\SPSS
2008-10-03 15:51 --------- d-----w C:\Program Files\SPSSInc
2008-10-03 15:51 --------- d-----w C:\Program Files\Common Files\SPSS
2008-10-03 10:48 174 --sha-w C:\Program Files\desktop.ini
2008-10-03 10:44 --------- d-----w C:\Program Files\Windows Sidebar
2008-10-03 10:44 --------- d-----w C:\Program Files\Windows Mail
2008-10-03 10:44 --------- d-----w C:\Program Files\Windows Calendar
2008-10-03 10:05 --------- d-----w C:\ProgramData\Microsoft Help
2008-10-03 10:04 61,440 ----a-w C:\Windows\System32\winipsec.dll
2008-10-03 10:04 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-10-03 10:04 28,672 ----a-w C:\Windows\System32\FwRemoteSvr.dll
2008-10-03 10:04 272,896 ----a-w C:\Windows\System32\polstore.dll
2008-10-03 10:02 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-10-03 10:02 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-10-03 10:02 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-10-03 10:02 28,160 ----a-w C:\Windows\System32\Apphlpdm.dll
2008-10-03 10:02 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-10-03 10:02 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-10-03 10:02 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-10-03 10:02 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-10-03 10:01 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-10-03 10:01 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2008-10-03 10:01 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2008-10-03 10:00 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-10-03 10:00 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2008-10-03 10:00 542,720 ----a-w C:\Windows\System32\sysmain.dll
2008-10-03 10:00 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2008-10-03 10:00 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2008-10-03 10:00 297,984 ----a-w C:\Windows\System32\wlansec.dll
2008-10-03 10:00 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2008-10-03 10:00 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2008-10-03 10:00 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2008-10-03 10:00 2,923,520 ----a-w C:\Windows\explorer.exe
2008-10-03 09:59 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-10-03 09:59 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-10-03 09:56 41,984 ----a-w C:\Windows\system32\drivers\monitor.sys
2008-10-03 09:56 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-10-03 09:55 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-10-03 09:54 374,456 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
2008-10-03 09:53 303,616 ----a-w C:\Windows\System32\wmpeffects.dll
2008-10-03 09:50 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-10-03 09:50 3,505,720 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-10-03 09:50 3,471,928 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-10-03 09:50 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-10-03 09:50 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-10-03 09:50 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-10-03 09:50 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-10-03 09:50 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-10-03 09:49 2,048 ----a-w C:\Windows\System32\msxml3r.dll
2008-10-03 09:49 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2008-10-03 09:46 9,845,248 ----a-w C:\Windows\System32\NlsData000a.dll
2008-10-03 09:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-10-03 09:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-10-03 09:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-10-03 09:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-10-03 09:41 1,585,664 ----a-w C:\Windows\System32\setupapi.dll
2008-10-03 09:39 2,028,544 ----a-w C:\Windows\System32\win32k.sys
2008-10-03 09:38 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-10-03 09:38 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2008-10-03 09:38 2,048 ----a-w C:\Windows\System32\asferror.dll
2008-10-03 09:37 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2008-10-03 09:37 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2008-10-03 09:37 39,936 ----a-w C:\Windows\System32\slcinst.dll
2008-10-03 09:37 351,232 ----a-w C:\Windows\System32\SLUI.exe
2008-10-03 09:37 33,280 ----a-w C:\Windows\System32\slwmi.dll
2008-10-03 09:37 296,448 ----a-w C:\Windows\System32\gdi32.dll
2008-10-03 09:37 268,288 ----a-w C:\Windows\System32\mcbuilder.exe
2008-10-03 09:37 223,232 ----a-w C:\Windows\System32\SLC.dll
2007-11-06 16:22 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-11-06 16:22 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-11-06 16:22 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-09-03 1576176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2008-07-11 641208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2007-03-07 44168]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCUTRAYICON]
FactoryMode [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2006-11-12 12:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
--a------ 2006-11-02 14:35 125440 C:\Windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2007-03-11 21:34 49152 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
--a------ 2006-09-28 15:42 65536 c:\hp\support\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
--a------ 2006-12-08 18:16 65536 C:\hp\KBD\KbdStub.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-04-20 08:05 8429568 C:\Windows\System32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-04-20 08:05 81920 C:\Windows\System32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
--a------ 2007-04-20 08:05 86016 C:\Windows\System32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OsdMaestro]
--a------ 2007-02-15 12:59 118784 C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
--a------ 2008-10-03 11:34 1232896 C:\Program Files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
--a------ 2006-07-14 00:41 20034600 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd]
--a------ 2004-06-10 13:48 286720 C:\Windows\vsnpstd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2007-06-27 18:33 1006264 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2006-11-02 14:36 201728 C:\Program Files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
--a------ 2007-03-01 17:38 4390912 C:\Windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
"AntiVirusDisableNotify"="0x00000000"
"UpdatesDisableNotify"="0x00000000"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{E534112A-0D5D-42E3-8C20-2C2097A615A0}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{B782CB27-C5A2-44C0-8388-ED425584C2DF}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{2E6412E3-FCC3-4483-9CA6-7309757F86E9}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{67ABC034-6D59-4E29-97AB-4533F0D05B9D}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{B325125C-79F5-43E0-B18B-F2684418564B}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{3E9CC69F-C5B3-4FC0-BB06-5EFB04F4E7A7}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{6E3B098F-B894-4294-A8C9-FBB278576CCD}"= TCP:9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{6E886679-C273-4772-A937-5C4FC41B86E7}"= TCP:1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{0D2AC3F8-4447-446C-BDD3-28EE6FDBF2D9}"= UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D493A29C-E406-41BB-9541-BF145A101819}"= TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{EDB2B69E-AED1-4D65-AB51-45DAFAF26A22}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{3C98983A-5177-484A-846A-4F3AB0D5CE87}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{99C37ABE-C3CD-46C1-B55C-CB81649C7CD5}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{34543CDB-9AEC-4368-A9DD-B0C2D4820D19}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8269B489-0263-4FB7-A5F1-D42C565DFEB0}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{D6C97E2A-9494-48B3-BD41-C50DFBCB5F97}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{968D02A4-AFAA-41D5-BF66-3586CC7638B1}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{40569B9B-4CAF-4D98-954D-9FFD9F776355}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{74E182E3-D28D-4C66-9BC0-37BB221F8E34}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{56F8BD4B-4A4D-49B2-93DD-63D5AC303F5A}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{08A3CE89-21E1-43D1-AED6-06E6B6F81397}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{60481CA7-B6C8-4B71-987D-2E7E89DE1080}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{0767CB06-D7D6-4B09-AE9E-DA9639AA3BA6}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{B9BF87FD-9FDE-46F2-8BF6-077C4A3FE2F2}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{5DD924CF-F96C-4843-A12E-956F50DAD942}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:hpqscnvw.exe
"{17BE80C0-36E8-4ACD-93AA-0332603FEDE1}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:hpqscnvw.exe
"{A084B9E9-1EE7-4A83-BB6B-E15E5F027D03}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{F87A7F8A-BD71-4EB8-B5AF-1B57701A5C4C}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{8B4F1793-4ABA-4EE8-B5C7-ED3CE0A11723}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{56A03B2E-1EC2-4E8D-BF31-53F16D78B7BD}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{8D38F3BA-B228-44E8-914B-1FA0F32279FB}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{BF93967C-E56F-45A5-A800-0D5B5F343803}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{41269ABA-836F-4A45-9B63-38D32D690211}"= Disabled:UDP:C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:hpqnrs08.exe
"{01084A05-2E0C-457B-B59B-6330C740A41F}"= Disabled:TCP:C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:hpqnrs08.exe
"{F4A61D2C-12EB-4EF7-ABD9-BBA591EE1AF6}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{5E4473D0-1276-4ED0-BBF1-2CD55EA8EEF9}"= UDP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{6B99C796-5A5A-4B5E-A032-40264D8557B5}"= TCP:C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 DQLWinService;DQLWinService;C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-09-08 198944]
R3 HCWBT8xx;Hauppauge WinTV 848/9 WDM Video Driver;C:\Windows\system32\drivers\HCWBT8XX.sys [2006-01-25 472644]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;C:\Windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]
S2 IntelDHSvcConf;Intel DH Service;C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4090ae8c-6384-11dc-b9a1-001bfcf9533d}]
\shell\AutoRun\command - K:\autorun6e.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4090aeaf-6384-11dc-b9a1-001bfcf9533d}]
\shell\AutoRun\command - K:\autorun_PES2008.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5fb557ef-059f-11dd-826a-001bfcf9533d}]
\shell\AutoRun\command - L:\LaunchU3.exe -a

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-10-14 C:\Windows\Tasks\McDefragTask.job
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]

2008-10-09 C:\Windows\Tasks\McQcTask.job
- c:\PROGRA~1\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]

2008-10-14 C:\Windows\Tasks\User_Feed_Synchronization-{AF0C2B50-D301-42CA-AC2C-3DDDD63AC9A8}.job
- C:\Windows\system32\msfeedssync.exe [2006-11-02 11:45]
.
- - - - ORPHELINS SUPPRIMES - - - -

MSConfigStartUp-ccApp - c:\Program Files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-DaemonTools_WhenUSave_Installer - C:\Program Files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe
MSConfigStartUp-MSServer - C:\Users\Dim\AppData\Local\Temp\ljJDWOff.dll


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Users\Dim\AppData\Roaming\Mozilla\Firefox\Profiles\lxhvctb5.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-15 03:01:31
Windows 6.0.6000 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


C:\Windows\TEMP\TMP00000050DFBDD1D15E21AC67 524288 bytes executable

Scan terminé avec succès
Fichiers cachés: 1

**************************************************************************
.
Heure de fin: 2008-10-15 3:02:36
ComboFix-quarantined-files.txt 2008-10-15 01:02:18

Avant-CF: Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application.
Après-CF: 273,438,601,216 octets libres

298 --- E O F --- 2008-10-13 16:23:33
0
Réponse 24 / 48
dimdimdidane
 
J'espère qu'il n'y a pas grand chose.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 48
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   10 302
 
Ton rapport ne montre rien de trop grave.

--> Télécharge UsbFix (de Chiquitine29) sur ton Bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe

--> Lance l'installation avec les paramètres par défaut.

--> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir.

--> Double-clique sur le raccourci UsbFix sur ton Bureau.

--> Le PC va redémarrer.

--> Après redémarrage, poste le rapport UsbFix.txt

Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)
0
Réponse 26 / 48
dimdimdidane
 
Il n'y a aucun rapport à la racine du disque. Il n'y en a nulle part d'ailleurs.
Le PC s'est bien redémarré mais pas de rapport.
0
Réponse 27 / 48
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   10 302
 
Tu n'as pas de rapport dans C:\ ?
0
Réponse 28 / 48
dimdimdidane
 
Non !
0
Réponse 29 / 48
dimdimdidane
 
Que faire maintenant ?
0
Réponse 30 / 48
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   10 302
 
---> Supprime SmitFraudFix, ComboFix et les dossiers ComboFix et Qoobox situés dans C:\

---> Relance UsbFix mais en administrateur.
0
Réponse 31 / 48
dimdimdidane
 
-------------- UsbFix V1.095 ---------------

* User : Dim - PC-DE-DIM
* Outils mis a jours le 13/10/2008 par Chiquitine29
* Recherche effectuée à 3:47:43 le 15/10/2008
* Windows Vista - Internet Explorer 7.0.6000.16711


--------------- [ Processus actifs ] ----------------


C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHReconfSvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\taskeng.exe
C:\Users\Dim\AppData\Local\Temp\9923.tmp\b2e.exe
C:\Windows\system32\conime.exe

--------------- [ Informations lecteurs ] ----------------

C: - Lecteur fixe
D: - Lecteur fixe
J: - Lecteur fixe

--------------- [ Registre / Startup ] ----------------


HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
mcagent_exe REG_SZ "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
WMPNSCFG REG_SZ C:\Program Files\Windows Media Player\WMPNSCFG.exe
SUPERAntiSpyware REG_SZ C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\OsdMaestro

--------------- [ Registre / Mountpoint2 ] ----------------

Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4090ae8c-6384-11dc-b9a1-001bfcf9533d}\Shell\AutoRun\command
Supprimé ! - HKEY_USERS\S-1-5-21-4129036847-885271007-2004040090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4090ae8c-6384-11dc-b9a1-001bfcf9533d}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4090aeaf-6384-11dc-b9a1-001bfcf9533d}\Shell\AutoRun\command
Supprimé ! - HKEY_USERS\S-1-5-21-4129036847-885271007-2004040090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4090aeaf-6384-11dc-b9a1-001bfcf9533d}\Shell\AutoRun\command
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5fb557ef-059f-11dd-826a-001bfcf9533d}\Shell\AutoRun\command
Supprimé ! - HKEY_USERS\S-1-5-21-4129036847-885271007-2004040090-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5fb557ef-059f-11dd-826a-001bfcf9533d}\Shell\AutoRun\command

--------------- [ Nettoyage des disques ] ----------------


--------------- ! Fin du rapport ! ----------------
0
Réponse 32 / 48
dimdimdidane
 
Et maintenant c'est bon ?
0
Réponse 33 / 48
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   10 302
 
---> Supprime UsbFix.

---> Poste un nouveau rapport HijackThis.

Tu as toujours des problèmes ?
0
Réponse 34 / 48
dimdimdidane
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:55:33, on 15/10/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee\msc\mcupdui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
0
Réponse 35 / 48
dimdimdidane
 
Pour les problèmes, je te dirai demain si j'en ai ou pas.
J'avais quoi au juste alors ?
ça a supprimé des trucs ce qu'on a fait ?
Merci beaucoup pour ton aide en tout cas !
0
Réponse 36 / 48
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   10 302
 
---> Désinstalle HijackThis.

Tu as quelque chose de très important à faire mais cela prend du temps : installer le SP1 de Vista :
http://www.microsoft.com/downloads/details.aspx?FamilyID=b0c7136d-5ebb-413b-89c9-cb3d06d12674&displaylang=fr
0
Réponse 37 / 48
dimdimdidane
 
Je dois le faire obligatoirement ? Pourquoi ?
En quoi cela est-il indispensable ?
0
Réponse 38 / 48
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   10 302
 
Le SP1 corrige des bugs, corrige beaucoup de failles de sécurité, améliore des choses...
0
Réponse 39 / 48
dimdimdidane
 
Combien de temps faut-il en gros ?
Y'a juste à le télécharger ?
0
Réponse 40 / 48
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   10 302
 
"Combien de temps faut-il en gros ?"
---> Pour le télécharger, je ne sais pas, il fait 435Mo.

"Y'a juste à le télécharger ?"
---> Non, il faut l'installer. Environ 1h et ton PC redémarrera trois fois.

Tu peux le faire demain si tu veux.
0

Discussions similaires

XINPUT1_3.dll manquant (missing)
Maxirugue -
dan -

39 réponses
desinstaller Vulkan run time libraries
csuccar -
Utilisateur anonyme -

4 réponses
Xinput1_3.dll
OhDatBrute -
OhDatBrute -

9 réponses
Probleme d'installation jeu pc (il manquerait " XINPUT1_3.dll)
Rogerleraton -
Rogerleraton -

6 réponses
Press F1 to continue, del to enter setup
c'lyne -
boutentrain -

8 réponses