Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

infection - plus de droit administrateur - scan en ligne impossible

microsoft.public.fr.windows.vista.securite






Speedup My PC
Reply
  #1 (permalink)  
Old 08-04-2008
dame-mikeline
 

Posts: n/a
infection - plus de droit administrateur - scan en ligne impossible
bonjour à tous et merci par avance pour votre aide
j'ai récupéré une méchante infection par bagle et tooso apparemment.
j'ai chargé tous les utilitaires de désinfection, je les ai faits en mode sans
échec et mon antivirus avast (que j'ai dû réinstaller) semble ne plus rien
trouver.
mais impossible de faire un scan en ligne, j'ai systématiquement le message
comme quoi je n'ai pas les droits administrateur.
or je les avais, et impossible de les remettre !
même en créant un nouveau compte, la case "administrateur" est sytématiquement
désactivée
j'ai voulu recommencer la désinfection en mode sans échec, en décochant la
restauration automatique, mais pareil, impossible
quand je suis en session normale, les utilitaires de désinfection que je veux
lancer (combofix, antibagle, elibagle ...) foirent tous
je ne sais plus quoi faire
rapport hijack que j'ai pu avoir, mais avec plantage donc je ne sais pas s'il
est fiable
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:56, on 2008-08-04
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AxBx\Multi Virus Cleaner 2008\MVC.exe
C:\Users\Michele\Desktop\Antibagle-fr.exe
C:\Users\Michele\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://portail.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://format.packardbell.com/cgi- [...] ey=IESTART
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet
Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program
Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -
C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
- C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\s wg.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777}
- C:\Program Files\Google\Google_BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar1.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program
Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows
Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft
Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program
Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common
Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe"
-atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero
BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common
Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI
RoboForm\RoboTaskBarIcon.exe"
O8 - Extra context menu item: Barre RoboForm - file://C:\Program Files\Siber
Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Enregistrer le formulaire - file://C:\Program
Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Personnaliser le menu - file://C:\Program
Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Remplir le formulaire - file://C:\Program
Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote -
{2670000A-7350-4f3c-8081-5663EE0C6C49} -
C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Remplir le formulaire -
{320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber
Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Enregistrer le formulaire -
{320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber
Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -
file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Barre RoboForm -
{724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber
Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://support.f-secure.fr
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/download/ipixx.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner)
- http://security.symantec.com/sscv6 [...] vSniff.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) -
http://picasaweb.google.fr/s/v/31.37/uploader2.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -
http://www.photoweb.fr/telechargem [...] otoweb.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) -
http://h20270.www2.hp.com/ediags/g [...] ection.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) -
http://h20264.www2.hp.com/ediags/d [...] sVista.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
https://fpdownload.macromedia.com/p [...] wflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) -
http://3dlifeplayer.dl.3dvia.com/p [...] taller.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A01C28D8-FE34-4301-BEAB-751F1BDFF8AF}:
NameServer = 212.27.54.252,212.27.53.252
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -
C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown
owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file
missing)
O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program
Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation
- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common
Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program
Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PLFlash DeviceIoControl Service - Unknown owner -
C:\Windows\system32\IoctlSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner -
C:\Program Files\Cyberlink\Shared files\RichVideo.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common
Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions -
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking
Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program
Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1
(TuneUp.Defrag) - TuneUp Software GmbH -
C:\Windows\System32\TuneUpDefragService.exe

--
Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 08-07-2008
codekiller
 

Posts: n/a
Re: infection - plus de droit administrateur - scan en ligne impossible
dame-mikeline a écrit le 04/08/2008 à 21h31 :
> bonjour à tous et merci par avance pour votre aide
> j'ai récupéré une méchante infection par bagle et
> tooso apparemment.
> j'ai chargé tous les utilitaires de désinfection, je les ai faits
> en mode sans échec et mon antivirus avast (que j'ai dû
> réinstaller) semble ne plus rien trouver.
> mais impossible de faire un scan en ligne, j'ai systématiquement le
> message comme quoi je n'ai pas les droits administrateur.
> or je les avais, et impossible de les remettre !
> même en créant un nouveau compte, la case
> "administrateur" est sytématiquement désactivée
>
> j'ai voulu recommencer la désinfection en mode sans échec, en
> décochant la restauration automatique, mais pareil, impossible
> quand je suis en session normale, les utilitaires de désinfection que je
> veux lancer (combofix, antibagle, elibagle ...) foirent tous
> je ne sais plus quoi faire
> rapport hijack que j'ai pu avoir, mais avec plantage donc je ne sais pas

s'il
> est fiable
> Logfile of Trend Micro HijackThis v2.0.2
> Scan saved at 18:56, on 2008-08-04
> Platform: Windows Vista SP1 (WinNT 6.00.1905)
> MSIE: Internet Explorer v7.00 (7.00.6001.18000)
> Boot mode: Normal
>
> Running processes:
> C:Windowssystem32Dwm.exe
> C:WindowsExplorer.EXE
> C:Windowssystem32taskeng.exe
> C:Program FilesPrevxCSIprevxcsi.exe
> C:Program FilesWindows DefenderMSASCui.exe
> C:WindowsRtHDVCpl.exe
> C:Program FilesJavajre1.6.0_06binjusched.exe
> C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe
> C:Program FilesiTunesiTunesHelper.exe
> C:WindowsSystem32rundll32.exe
> C:Program FilesAlwil SoftwareAvast4ashDisp.exe
> C:Program FilesCommon FilesInstallShieldUpdateServiceISUSPM.exe
> C:Windowsehomeehtray.exe
> C:Program FilesWindows Media Playerwmpnscfg.exe
> C:Program FilesSiber SystemsAI RoboFormrobotaskbaricon.exe
> C:Windowsehomeehmsas.exe
> C:Program FilesAxBxMulti Virus Cleaner 2008MVC.exe
> C:UsersMicheleDesktopAntibagle-fr.exe
> C:UsersMicheleDesktopHiJackThis.exe
>
> R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
> http://format.packardbell.com/cgi- [...] ey=IESTART
> R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
> http://go.microsoft.com/fwlink/?LinkId=54896
> R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
> http://portail.free.fr/
> R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
> http://format.packardbell.com/cgi- [...] ey=IESTART
> R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
> http://go.microsoft.com/fwlink/?LinkId=54896
> R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
> http://go.microsoft.com/fwlink/?LinkId=54896
> R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
> http://format.packardbell.com/cgi- [...] ey=IESTART
> R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
> Settings,ProxyOverride = *.local
> R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
> O1 - Hosts: ::1 localhost
> O2 - BHO: Aide pour le lien d'Adobe PDF Reader -
> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon
> FilesAdobeAcrobatActiveXAcroIEHelper.dll
> O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F}
> - C:PROGRA~1SPYBOT~1SDHelper.dll
> O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:Program
> FilesSiber SystemsAI RoboFormroboform.dll
> O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}

-
> C:Program FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
> O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -

C:Program
> FilesJavajre1.6.0_06binssv.dll
> O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
> crogram filesgooglegoogletoolbar1.dll
> O2 - BHO: Google Toolbar Notifier BHO -

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
> - C:Program FilesGoogleGoogleToolbarNotifier2.1.1119.1736swg.d ll
> O2 - BHO: CBrowserHelperObject Object -

{CA6319C0-31B7-401E-A518-A07C3DB8F777}
> - C:Program FilesGoogleGoogle_BAEBAE.dll
> O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogram
> filesgooglegoogletoolbar1.dll
> O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} -
> C:Program FilesSiber SystemsAI RoboFormroboform.dll
> O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows
> DefenderMSASCui.exe -hide
> O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl.exe
> O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program
> FilesJavajre1.6.0_06binjusched.exe"
> O4 - HKLM..Run: [GrooveMonitor] "C:Program FilesMicrosoft
> OfficeOffice12GrooveMonitor.exe"
> O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon
> FilesRealUpdate_OBrealsched.exe" -osboot
> O4 - HKLM..Run: [CloneCDTray] "C:Program
> FilesSlySoftCloneCDCloneCDTray.exe" /s
> O4 - HKLM..Run: [AppleSyncNotifier] C:Program FilesCommon
> FilesAppleMobile Device SupportbinAppleSyncNotifier.exe
> O4 - HKLM..Run: [QuickTime Task] "C:Program
> FilesQuickTimeQTTask.exe" -atboottime
> O4 - HKLM..Run: [iTunesHelper] "C:Program
> FilesiTunesiTunesHelper.exe"
> O4 - HKLM..Run: [NBKeyScan] "C:Program FilesNeroNero8Nero
> BackItUpNBKeyScan.exe"
> O4 - HKLM..Run: [NvSvc] RUNDLL32.EXE C:Windowssystem32nvsvc.dll,nvsvcStart
>
> O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
> C:Windowssystem32NvCpl.dll,NvStartup
> O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
> C:Windowssystem32NvMcTray.dll,NvTaskbarInit
> O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
> O4 - HKCU..Run: [ISUSPM] "C:Program FilesCommon
> FilesInstallShieldUpdateServiceISUSPM.exe" -scheduler
> O4 - HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
> O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG.exe
>
> O4 - HKCU..Run: [RoboForm] "C:Program FilesSiber SystemsAI
> RoboFormRoboTaskBarIcon.exe"
> O8 - Extra context menu item: Barre RoboForm - file://C:Program FilesSiber
> SystemsAI RoboFormRoboFormComShowToolbar.html
> O8 - Extra context menu item: Enregistrer le formulaire - file://C:Program
> FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
> O8 - Extra context menu item: Personnaliser le menu - file://C:Program
> FilesSiber SystemsAI RoboFormRoboFormComCustomizeIEMenu.html
> O8 - Extra context menu item: Remplir le formulaire - file://C:Program
> FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
> O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
> C:Program FilesJavajre1.6.0_06binssv.dll
> O9 - Extra 'Tools' menuitem: Console Java (Sun) -
> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
> FilesJavajre1.6.0_06binssv.dll
> O9 - Extra button: Envoyer à OneNote -
> {2670000A-7350-4f3c-8081-5663EE0C6C49} -
> C:PROGRA~1MICROS~3Office12ONBttnIE.dll
> O9 - Extra 'Tools' menuitem: &Envoyer à OneNote -
> {2670000A-7350-4f3c-8081-5663EE0C6C49} -
> C:PROGRA~1MICROS~3Office12ONBttnIE.dll
> O9 - Extra button: Remplir - {320AF880-6646-11D3-ABEE-C5DBF3571F46} -
> file://C:Program FilesSiber SystemsAI RoboFormRoboFormComFillForms.html
> O9 - Extra 'Tools' menuitem: Remplir le formulaire -
> {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:Program FilesSiber
> SystemsAI RoboFormRoboFormComFillForms.html
> O9 - Extra button: Enregistrer - {320AF880-6646-11D3-ABEE-C5DBF3571F49} -
> file://C:Program FilesSiber SystemsAI RoboFormRoboFormComSavePass.html
> O9 - Extra 'Tools' menuitem: Enregistrer le formulaire -
> {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:Program FilesSiber
> SystemsAI RoboFormRoboFormComSavePass.html
> O9 - Extra button: Barre RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} -
> file://C:Program FilesSiber SystemsAI RoboFormRoboFormComShowToolbar.html
> O9 - Extra 'Tools' menuitem: Barre RoboForm -
> {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:Program FilesSiber
> SystemsAI RoboFormRoboFormComShowToolbar.html
> O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
> C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
> O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -
> C:PROGRA~1SPYBOT~1SDHelper.dll
> O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -
> {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
> O13 - Gopher Prefix:
> O15 - Trusted Zone: http://support.f-secure.fr
> O15 - Trusted Zone: http://www.secuser.com
> O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
> http://www.ipix.com/download/ipixx.cab
> O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus

scanner)
> - http://security.symantec.com/sscv6 [...] vSniff.cab
> O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) -
> http://picasaweb.google.fr/s/v/31.37/uploader2.cab
> O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -
> http://www.photoweb.fr/telechargem [...] otoweb.cab
> O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
> Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
> O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class)

-
> http://h20270.www2.hp.com/ediags/g [...] ection.cab
> O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
> http://a840.g.akamai.net/7/840/537 [...] scan53.cab
> O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} (HPDDClientExec Class) -
> http://h20264.www2.hp.com/ediags/d [...] sVista.cab
> O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
> https://fpdownload.macromedia.com/p [...] wflash.cab
> O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class)

-
> http://3dlifeplayer.dl.3dvia.com/p [...] taller.exe
> O17 - HKLMSystemCCSServicesTcpip..{A01C28D8-FE34-4301-BEAB-751F1BDFF8AF}:
> NameServer = 212.27.54.252,212.27.53.252
> O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -
> C:Program FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
> O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
> C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
> O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~3GOEC62~1.DLL
> O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
> C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
> O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil
> SoftwareAvast4ashServ.exe
> O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil
> SoftwareAvast4ashMaiSv.exe
> O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil
> SoftwareAvast4ashWebSv.exe
> O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown
> owner - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file
> missing)
> O23 - Service: CSIScanner - Prevx - C:Program FilesPrevxCSIprevxcsi.exe
> O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. -

C:Program
> FilesCommon FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
>
> O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation
> - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
>
> O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:Program
> FilesiPodbiniPodService.exe
> O23 - Service: LightScribeService Direct Disc Labeling Service
> (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon
> FilesLightScribeLSSrvc.exe
> O23 - Service: NMIndexingService - Nero AG - C:Program FilesCommon
> FilesNeroLibNMIndexingService.exe
> O23 - Service: NMSAccessU - Unknown owner - C:Program
> FilesCDBurnerXPNMSAccessU.exe
> O23 - Service: PLFlash DeviceIoControl Service - Unknown owner -
> C:Windowssystem32IoctlSvc.exe (file missing)
> O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner

-
> C:Program FilesCyberlinkShared filesRichVideo.exe (file missing)
> O23 - Service: RoxMediaDB9 - Sonic Solutions - C:Program FilesCommon
> FilesRoxio Shared9.0SharedCOMRoxMediaDB9.exe
> O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions -
> C:Program FilesCommon FilesRoxio Shared9.0SharedCOMRoxWatch9.exe
> O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer

Networking
> Ltd. - C:Program FilesSpybot - Search & DestroySDWinSec.exe
> O23 - Service: stllssvr - MicroVision Development, Inc. - C:Program
> FilesCommon FilesSureThing Sharedstllssvr.exe
> O23 - Service: @%SystemRoot%System32TuneUpDefragService.exe,-1
> (TuneUp.Defrag) - TuneUp Software GmbH -
> C:WindowsSystem32TuneUpDefragService.exe
>
> --

Perso dans ce genre de situation je préconise la chose suivante :

Format et réinstallation complète.

C'est radicale mais en général ça fonctionne bien, évidemment une fois tout
réinstaller évite d'ouvrir n'importe quel logiciel qui se trouverait sur une
autre partition que la système sans avoir installer AVANT un antivirus.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Virus infection A. microsoft.public.windows.vista.security 6 02-12-2008 08:45
Article ID: 933662 Qu'une application 16 bits transmet des paramtres de ligne de commande sur un ordinateur Windows Vista-based une autre application, la deuxime application ne reoit pas les paramtres de ligne de commande KBArticles French 0 10-23-2007 20:00
Lost Good Lexmark Scan software to Inferior Vista Scan John microsoft.public.windows.vista.print fax scan 1 10-21-2007 01:46
Possible Virus infection... Virus or file trouble? microsoft.public.windows.vista.security 1 07-13-2007 00:13
impossible de supprimer des mails de window mail , et impossible de telecharger activex sous vista Margot Percq microsoft.public.fr.windows.vista.general 0 05-21-2007 12:16




All times are GMT +1. The time now is 20:03.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120