Votre question

Mc Cafee débordement de la mémoire tampon bloqué

Tags :
  • Mémoires
  • Sécurité
Dernière réponse : dans Sécurité et virus
27 Octobre 2009 19:10:18

Bonjour,

Pouvez-vous m'aider?

Au démarrage, je reçois un message d'alerte McAfee: Débordement de la mémoire tampon bloqué.
Fichier: c:\windows\system32\services.exe.

Je joins le log de hijackthis.

Merci pour votre aide



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:01, on 27/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\beidservicecrl.exe
C:\WINDOWS\system32\beidservicepcsc.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\AnetLP\Assurnet\EdiBroker\POP3Server\POP3Server.exe
C:\AnetLP\Assurnet\EdiBroker\PortiBrokerGW.exe
C:\AnetLP\Assurnet\EdiBroker\SMTPServer\SMTPServer.exe
C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe
C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Belgium Identity Card\beidsystemtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\AnetLP\Assurnet\EdiBroker\EDIBCCTB.exe
C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe
C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
C:\Program Files\Fichiers communs\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
C:\Program Files\Fichiers communs\Research In Motion\USB Drivers\BbDevMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\WINDOWS\system32\wscntfy.exe
c:\PROGRA~1\mcafee\msc\mcshell.exe
C:\PROGRA~1\McAfee\MSC\McLgView.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\AnetLP\AnetLC\system\AsDaemon.exe
C:\AnetLP\Assurnet\EdiBroker\Client\MapiFlusher.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O1 - Hosts: 172.31.0.104 HASPROPAD99 #PRE
O1 - Hosts: 172.31.0.72 MAILANET1 #PRE
O1 - Hosts: 172.31.0.73 MAILANET2 #PRE
O1 - Hosts: 172.31.0.74 MAILANET3 #PRE
O1 - Hosts: 172.31.0.80 ESDANET1 #PRE
O1 - Hosts: 172.31.0.81 ESDANET2 #PRE
O1 - Hosts: 172.31.0.82 ESDANET3 #PRE
O1 - Hosts: 172.31.0.146 HASPROTAR01 #PRE
O1 - Hosts: 172.31.0.121 HTSASWAN1 #PRE
O1 - Hosts: 172.31.243.198 RB_TEMPO
O1 - Hosts: 212.79.87.30 HASPROCES01
O1 - Hosts: 212.79.87.30 pop.portima.be
O1 - Hosts: 212.79.87.30 smtp.portima.be
O1 - Hosts: 212.79.84.49 HASPROPAR04 #PRE
O1 - Hosts: 212.79.84.50 HASPROPAR03 #PRE
O1 - Hosts: 212.79.87.30 mail.portima.be
O1 - Hosts: 212.79.87.145 HASPROXY
O1 - Hosts: 212.79.84.63 Ben.portima.be
O1 - Hosts: 212.79.84.63 E-support.portima.be
O1 - Hosts: 212.79.84.37 prod.asweb.portima.be
O1 - Hosts: 212.79.84.39 learningacademy.portima.be
O1 - Hosts: 212.79.84.71 smtp.portima.org
O1 - Hosts: 212.79.87.30 pop3.portima.org
O1 - Hosts: 212.79.94.41 www.front-office.rp.axa.portima
O1 - Hosts: 212.79.94.41 www.front-office.axa.be
O1 - Hosts: 212.79.94.41 www.phoenixiard.rp.axa.portima
O1 - Hosts: 212.79.93.10 my.nateus.nateusgroep.portima
O1 - Hosts: 212.79.93.10 pro.nateus.nateusgroep.portima
O1 - Hosts: 212.79.93.10 login.nateusgroep.portima
O1 - Hosts: 212.79.93.10 loans.nateus.nateusgroep.portima
O1 - Hosts: 212.79.94.41 www.fe.axa.be
O1 - Hosts: 212.79.93.10 my.audi.nateusgroep.portima
O1 - Hosts: 212.79.93.10 pro.audi.nateusgroep.portima
O1 - Hosts: 212.79.94.52 fws.axa.be
O2 - BHO: McAfee Phishing Filter - {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: scriptproxy - {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RDS\RMClient\JobHisInit.exe
O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RDS\RMClient\MplSetUp.exe
O4 - HKLM\..\Run: [beidsystemtray] C:\Program Files\Belgium Identity Card\beidsystemtray.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [EdibRokerSupervisor] C:\AnetLP\Assurnet\EdiBroker\EDIBCCTB.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASWeb.lnk = C:\AnetLP\Assurnet\AsWeb\AsWebNotifier.exe
O4 - Global Startup: Desktop Manager.lnk = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.agf.assurnet
O15 - Trusted Zone: http://www.agf2.assurnet
O15 - Trusted Zone: http://*.allianz.assurnet
O15 - Trusted Zone: http://www.allianz2.assurnet
O15 - Trusted Zone: http://*.allianz2.assurnet
O15 - Trusted Zone: http://*.aragb2b.be
O15 - Trusted Zone: http://*.ASWEB.*
O15 - Trusted Zone: http://*.avero.be
O15 - Trusted Zone: *.axa.be
O15 - Trusted Zone: http://*.axa.be
O15 - Trusted Zone: http://*.axa.portima
O15 - Trusted Zone: http://demo.brio.be
O15 - Trusted Zone: http://*.brio.be
O15 - Trusted Zone: http://*.brioplus.be
O15 - Trusted Zone: http://*.feprabel.be
O15 - Trusted Zone: http://*.fortisag.assurnet
O15 - Trusted Zone: http://*.foyer.lu
O15 - Trusted Zone: http://*.nateusgroep.portima
O15 - Trusted Zone: http://*.port-e-key.be
O15 - Trusted Zone: http://*.portekey.be
O15 - Trusted Zone: http://*.portigate.be
O15 - Trusted Zone: http://briotraining.portima.be
O15 - Trusted Zone: http://*.portima.be
O15 - Trusted Zone: http://mailcorp.portima.com
O15 - Trusted Zone: http://*.portima.com
O15 - Trusted Zone: http://*.portima.net
O15 - Trusted Zone: http://*.portima.org
O15 - Trusted Zone: http://www.prolinknet.assurnet
O16 - DPF: {0D15A4B5-3D06-4F92-AB54-6A2BF5871D9A} (Pi2Credential Object) - https://prod.asweb.portima.be/pi2/ip/css/resource/idc/p...
O16 - DPF: {253EC307-BDDB-4534-A917-28DB8B06A73E} (Toronto_mail.Mail) - http://v60.brio.be/Toronto/Document.Management/Toronto_...
O16 - DPF: {8D91BD9D-D474-458C-AC23-892986698AF2} (ActiveFormXControl) - http://manager.immoaf.be/active/arl_mortgage.cab
O16 - DPF: {CAFECAFE-0013-0001-0023-ABCDEFABCDEF} (JInitiator 1.3.1.23) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Peron.local
O17 - HKLM\Software\..\Telephony: DomainName = Peron.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2653F8A-CA56-4830-9E5B-2B2FA7B7766F}: NameServer = 172.31.135.179,212.79.84.22,172.31.135.180,172.31.135.186,172.31.135.187,172.31.135.188
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Peron.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Peron.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = Peron.local
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: AsWeb - AsWebLogonNotify.dll (file missing)
O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe
O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: MBackMonitor (mbackmonitor) - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Portima Broker POP3 Server (PortimaBrokerPOP3Server) - Portima - C:\AnetLP\Assurnet\EdiBroker\POP3Server\POP3Server.exe
O23 - Service: Portima Broker Core Server (PortimaBrokerServer) - Portima - C:\AnetLP\Assurnet\EdiBroker\PortiBrokerGW.exe
O23 - Service: Portima Broker SMTP Server (PortimaBrokerSMTPServer) - Portima - C:\AnetLP\Assurnet\EdiBroker\SMTPServer\SMTPServer.exe
O23 - Service: Portima Middleware Server Engine ASWeb (PortimaMiddlewareServerEngineASWeb) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe
O23 - Service: Portima Middleware Server Engine AuthProxy (PortimaMiddlewareServerEngineAuthProxy) - GamConsult - C:\AnetLP\Assurnet\AW_Common\portima.middleware.server.engine.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: PC Tools Auxiliary Service (sdauxservice) - Unknown owner - C:\Program Files\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdcoreservice) - Unknown owner - C:\Program Files\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe

--
End of file - 14404 bytes

Autres pages sur : cafee debordement memoire tampon bloque

30 Octobre 2009 12:03:47

le monde est petit.

je vous remercie pour votre aide

J'ai pu supprimer les parasites mais j'ai juste des soucis de connexion internet.
cela se coupe un moment et revient qques minutes après.

un grand merci en tout cas
Tom's guide dans le monde
  • Allemagne
  • Italie
  • Irlande
  • Royaume Uni
  • Etats Unis
Suivre Tom's Guide
Inscrivez-vous à la Newsletter
  • ajouter à twitter
  • ajouter à facebook
  • ajouter un flux RSS