Se connecter / S'enregistrer
Votre question

Rapport ComboFix

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
10 Avril 2009 16:15:37

Salut depuis quelque jours j'ai remarqué que mes fichiers cachés ne s'affichent pas, je crois qu'il ya un virus resident, malgré que j'ai j'ai un anti virus mcafee 7.8i avec anti spyware mais ne le probleme n'as pas resolu.
alors j'ai fais un scan avec combofix le voila le rapport

ComboFix 09-04-04.01 - Achour 2009-04-10 14:54:13.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1256.213.1036.18.1278.745 [GMT 1:00]
Running from: c:\documents and settings\Achour\Bureau\ComboFix.exe
AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning disabled* (Updated)
* Created a new restore point
.
The following files were disabled during the run:
c:\program files\SuperCopier2\SC2Hook.dll


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\sysdm.exe
D:\resycled
E:\resycled

.
((((((((((((((((((((((((( Files Created from 2009-03-10 to 2009-04-10 )))))))))))))))))))))))))))))))
.

2009-04-10 12:23 . 1998-11-13 13:16 308,224 --a------ c:\windows\IsUn040c.exe
2009-04-10 12:23 . 2003-10-03 16:28 45,056 --a------ c:\windows\system32\vusetup.dll
2009-04-10 12:23 . 2005-06-06 17:51 11,264 --a------ c:\windows\system32\drivers\vulfntr.sys
2009-04-10 12:23 . 2005-01-05 18:02 6,912 --a------ c:\windows\system32\drivers\vulfnth.sys
2009-04-10 10:25 . 2009-04-10 10:25 <REP> d-------- c:\program files\patch
2009-04-09 23:34 . 2009-04-09 23:34 <REP> d--h----- c:\windows\PIF
2009-04-09 23:03 . 2009-04-09 23:25 <REP> d-------- c:\program files\Internet Download Manager
2009-04-09 23:03 . 2009-04-10 10:04 <REP> d-------- c:\documents and settings\Achour\Application Data\IDM
2009-04-09 17:02 . 2009-04-09 17:06 <REP> d-------- c:\program files\ma-config.com
2009-04-09 17:02 . 2009-04-09 17:06 <REP> d-------- c:\documents and settings\All Users\Application Data\ma-config.com
2009-04-09 14:42 . 2009-04-09 14:42 <REP> d-------- c:\windows\system32\quran
2009-04-09 14:42 . 2009-04-09 14:42 <REP> d-------- c:\program files\Quran_AR
2009-04-09 14:42 . 2009-04-09 14:42 737,280 --a------ c:\windows\iun6002.exe
2009-04-09 09:59 . 2009-04-09 09:59 <REP> d-------- c:\program files\DkZ Studio
2009-04-09 09:57 . 2008-04-13 11:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2009-04-08 22:51 . 2009-04-08 22:51 <REP> d-------- c:\windows\Sun
2009-04-08 22:50 . 2009-04-08 22:49 410,984 --a------ c:\windows\system32\deploytk.dll
2009-04-08 22:50 . 2009-04-08 22:49 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-04-08 22:49 . 2009-04-08 22:49 <REP> d-------- c:\program files\Java
2009-04-08 18:04 . 2009-04-08 22:18 <REP> d-------- c:\program files\Symantec
2009-04-08 18:04 . 2009-04-08 22:18 <REP> d-------- c:\program files\Fichiers communs\Symantec Shared
2009-04-08 18:04 . 2009-04-08 18:04 <REP> d-------- c:\documents and settings\All Users\Application Data\Symantec
2009-04-08 18:04 . 2009-04-08 18:04 <REP> d-------- c:\documents and settings\Achour\Application Data\Symantec
2009-04-08 18:04 . 2002-08-14 15:03 45,056 --a------ c:\windows\system32\WNASPI32.DLL
2009-04-08 18:04 . 2002-08-14 15:03 17,005 --a------ c:\windows\system32\drivers\ASPI32.SYS
2009-04-08 18:04 . 2002-08-14 15:03 5,600 --a------ c:\windows\system\WINASPI.DLL
2009-04-08 18:04 . 2002-08-14 15:03 4,672 --a------ c:\windows\system\WOWPOST.EXE
2009-04-08 12:49 . 2009-04-08 12:49 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\InstallShield
2009-04-08 10:53 . 2009-04-08 21:11 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\dvdcss
2009-04-08 10:08 . 2009-04-09 13:03 69 --a------ c:\windows\NeroDigital.ini
2009-04-08 10:07 . 2009-04-08 10:07 <REP> d-------- c:\documents and settings\Achour\Application Data\Media Player Classic
2009-04-08 09:53 . 2009-04-08 13:58 <REP> d-------- c:\documents and settings\Achour\Application Data\dvdcss
2009-04-07 23:28 . 2009-04-10 14:53 <REP> d-------- c:\program files\SuperCopier2
2009-04-07 22:10 . 2009-04-07 22:10 <REP> d-------- c:\documents and settings\Achour\Application Data\Ahead
2009-04-07 18:24 . 2009-04-07 18:24 <REP> d-------- c:\documents and settings\Achour\Application Data\Yahoo!
2009-04-07 18:21 . 2009-04-10 11:18 <REP> d-------- c:\documents and settings\Achour\Tracing
2009-04-07 18:12 . 2001-08-28 13:00 1,875,968 --a------ c:\windows\system32\msir3jp.lex
2009-04-07 18:12 . 2001-08-28 13:00 1,677,824 --a------ c:\windows\system32\chsbrkr.dll
2009-04-07 18:12 . 2001-08-28 13:00 1,158,818 --a------ c:\windows\system32\korwbrkr.lex
2009-04-07 18:12 . 2001-08-28 13:00 838,144 --a------ c:\windows\system32\chtbrkr.dll
2009-04-07 18:12 . 2001-08-28 13:00 98,304 --a------ c:\windows\system32\msir3jp.dll
2009-04-07 18:12 . 2001-08-28 13:00 70,656 --a------ c:\windows\system32\korwbrkr.dll
2009-04-07 18:12 . 2001-08-28 13:00 16,254 --a------ c:\windows\system32\PINTLPAE.HLP
2009-04-07 18:12 . 2001-08-28 13:00 14,821 --a------ c:\windows\system32\PINTLPAD.HLP
2009-04-07 18:12 . 2001-08-28 13:00 2,060 --a------ c:\windows\system32\noise.jpn
2009-04-07 18:12 . 2001-08-28 13:00 1,696 -ra------ c:\windows\system32\noise.cht
2009-04-07 18:12 . 2001-08-28 13:00 1,696 -ra------ c:\windows\system32\noise.chs
2009-04-07 18:12 . 2001-08-28 13:00 1,486 --a------ c:\windows\system32\noise.kor
2009-04-07 18:11 . 2001-08-28 13:00 185,344 --a------ c:\windows\system32\Thawbrkr.dll
2009-04-07 18:11 . 2001-08-28 13:00 697 --a------ c:\windows\system32\noise.Tha
2009-04-07 18:06 . 2001-08-28 13:00 809,394 --a--c--- c:\windows\system32\dllcache\NT5IIS.CAT
2009-04-07 18:06 . 2004-08-28 15:00 66,594 --a------ c:\windows\system32\c_864.nls
2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_708.nls
2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_28598.nls
2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_28596.nls
2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_10021.nls
2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_10005.nls
2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_10004.nls
2009-04-07 18:06 . 2004-08-28 15:00 10,752 --a------ c:\windows\system32\c_iscii.dll
2009-04-07 18:06 . 2004-08-28 15:00 6,144 --a------ c:\windows\system32\ftlx041e.dll
2009-04-07 18:06 . 2004-08-28 15:00 5,632 --a------ c:\windows\system32\kbdusa.dll
2009-04-07 17:24 . 2009-04-07 19:17 <REP> d--h----- c:\windows\$hf_mig$
2009-04-07 15:16 . 2009-04-07 15:16 <REP> d-------- c:\documents and settings\Achour\Application Data\MSNInstaller
2009-04-07 14:36 . 2009-04-07 15:12 <REP> d-------- c:\program files\Chessmaster Challenge
2009-04-07 14:36 . 2009-04-07 15:08 <REP> d-------- c:\documents and settings\Achour\Application Data\Chessmaster Challenge
2009-04-07 14:35 . 2009-04-07 14:35 <REP> d-------- c:\program files\ReflexiveArcade
2009-04-07 14:26 . 2009-04-07 14:26 <REP> d-------- c:\program files\FreeSweetGames
2009-04-07 14:23 . 2009-04-07 14:23 <REP> d-------- c:\program files\Fichiers communs\Adobe
2009-04-07 12:51 . 2009-04-07 12:51 <REP> d-------- c:\program files\Microsoft Works
2009-04-07 12:50 . 2009-04-07 12:50 <REP> d-------- c:\program files\MSBuild
2009-04-07 12:49 . 2009-04-07 12:49 <REP> d-------- c:\program files\Microsoft.NET
2009-04-07 12:47 . 2009-04-07 12:47 <REP> d-------- c:\program files\Microsoft Visual Studio 8
2009-04-07 12:45 . 2009-04-07 12:50 <REP> d-------- c:\windows\SHELLNEW
2009-04-07 12:43 . 2009-04-07 12:43 <REP> dr-h----- C:\MSOCache
2009-04-07 12:11 . 2009-04-07 12:11 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\Media Player Classic
2009-04-07 11:22 . 2009-04-07 11:22 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\Yahoo!
2009-04-07 10:16 . 2009-04-07 10:16 <REP> d-------- c:\documents and settings\Achour\Application Data\AlMAdinahMushaf
2009-04-07 10:09 . 2009-04-09 15:54 <REP> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-07 10:05 . 2009-04-07 10:05 <REP> d-------- c:\documents and settings\Achour\Application Data\Xentient
2009-04-07 10:04 . 2008-06-17 20:02 8,517,632 -----c--- c:\windows\system32\dllcache\shell32.dll
2009-04-07 10:03 . 2009-02-09 15:05 1,846,912 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-04-07 10:02 . 2008-05-09 11:55 512,000 -----c--- c:\windows\system32\dllcache\jscript.dll
2009-04-07 10:02 . 2008-05-09 11:55 430,080 -----c--- c:\windows\system32\dllcache\vbscript.dll
2009-04-07 10:02 . 2008-05-09 11:55 180,224 -----c--- c:\windows\system32\dllcache\scrobj.dll
2009-04-07 10:02 . 2008-05-09 11:55 172,032 -----c--- c:\windows\system32\dllcache\scrrun.dll
2009-04-07 10:02 . 2008-05-08 12:24 155,648 -----c--- c:\windows\system32\dllcache\wscript.exe
2009-04-07 10:02 . 2008-05-09 09:45 135,168 -----c--- c:\windows\system32\dllcache\cscript.exe
2009-04-07 10:02 . 2008-05-09 11:55 90,112 -----c--- c:\windows\system32\dllcache\wshext.dll
2009-04-07 10:02 . 2008-06-24 17:44 74,240 -----c--- c:\windows\system32\dllcache\mscms.dll
2009-04-07 10:01 . 2008-05-07 06:11 1,294,336 -----c--- c:\windows\system32\dllcache\quartz.dll
2009-04-07 10:01 . 2008-07-07 21:28 253,952 -----c--- c:\windows\system32\dllcache\es.dll
2009-04-07 10:00 . 2008-12-05 07:57 144,896 -----c--- c:\windows\system32\dllcache\schannel.dll
2009-04-07 09:58 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-04-07 09:57 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-04-07 09:57 . 2008-05-01 15:36 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2009-04-07 09:56 . 2008-04-11 20:05 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-04-07 09:48 . 2008-10-23 13:36 286,720 -----c--- c:\windows\system32\dllcache\gdi32.dll
2009-04-07 09:48 . 2008-06-14 18:33 272,768 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-04-07 09:47 . 2008-05-27 18:25 765,952 -----c--- c:\windows\system32\dllcache\vgx.dll
2009-04-07 09:45 . 2009-04-07 09:45 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\Xentient
2009-04-07 09:41 . 2008-08-14 14:23 2,191,232 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-07 09:41 . 2008-08-14 14:23 2,147,328 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-07 09:41 . 2008-08-14 14:23 2,068,096 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-04-07 09:41 . 2008-08-14 14:23 2,025,984 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-07 09:38 . 2009-04-07 09:38 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\vlc
2009-04-07 09:37 . 2009-04-07 09:37 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\TuneUp Software
2009-04-07 09:33 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-04-07 09:22 . 2009-04-07 09:22 <REP> d-------- c:\documents and settings\Achour\Application Data\TuneUp Software
2009-04-07 08:42 . 2008-10-03 11:03 247,326 -----c--- c:\windows\system32\dllcache\strmdll.dll
2009-04-07 08:41 . 2008-09-04 18:16 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-04-07 08:41 . 2008-10-15 17:35 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-04-07 08:33 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-04-07 08:33 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-04-07 08:33 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-04-07 08:32 . 2008-10-16 14:09 35,864 --a------ c:\windows\system32\wucltui.dll.mui
2009-04-07 08:32 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuaucpl.cpl.mui
2009-04-07 08:32 . 2008-10-16 14:08 27,672 --a------ c:\windows\system32\wuapi.dll.mui
2009-04-07 08:32 . 2008-10-16 14:07 19,992 --a------ c:\windows\system32\wuaueng.dll.mui
2009-04-07 00:46 . 2009-04-07 00:49 <REP> d-------- c:\documents and settings\Achour\Application Data\vlc
2009-04-07 00:39 . 2009-04-06 17:53 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\VS80-KB925674-X86
2009-04-07 00:39 . 2009-04-06 19:44 <REP> d--h----- c:\documents and settings\Anis-Amine-Fouad\Voisinage réseau
2009-04-07 00:39 . 2009-04-06 19:44 <REP> d--h----- c:\documents and settings\Anis-Amine-Fouad\Voisinage d'impression
2009-04-07 00:39 . 2009-04-06 17:49 <REP> d--h----- c:\documents and settings\Anis-Amine-Fouad\Modèles
2009-04-07 00:39 . 2009-04-10 09:40 <REP> dr------- c:\documents and settings\Anis-Amine-Fouad\Mes documents
2009-04-07 00:39 . 2006-10-30 00:40 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Menu Démarrer

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-06 17:09 --------- d-----w c:\program files\Styler
2009-04-06 17:00 --------- d-----w c:\program files\Cener Development
2009-04-06 17:00 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-04-06 16:59 --------- d-----w c:\program files\Nero
2009-04-06 16:59 --------- d-----w c:\program files\K-Lite Codec Pack
2009-04-06 16:59 --------- d-----w c:\program files\Fichiers communs\Ahead
2009-04-06 16:58 --------- d-----w c:\program files\MSXML 4.0
2009-03-26 15:35 210,352 ----a-w c:\windows\system32\idmmbc.dll
2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys
2009-02-06 16:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"SpeedConnectStartUp"="c:\program files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe" [2008-08-18 565760]
"SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-03-30 2790832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"Vistadrv"="c:\windows\system32\Vistadrive\vsdrv.exe" [2006-07-30 121089]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-08 148888]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"nwiz"="nwiz.exe" [2009-03-27 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2008-12-20 c:\windows\system32\advpack.dll]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2009-02-27 17:10 35696 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
--a------ 2009-03-30 18:05 2790832 c:\program files\Internet Download Manager\IDMan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
--a------ 2004-08-28 15:00 44032 c:\windows\ime\imkr6_1\imekrmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
--a------ 2008-04-13 08:43 208952 c:\windows\ime\imjp8_1\imjpmig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
--a------ 2008-03-14 03:00 136512 c:\program files\McAfee\Common Framework\UdaterUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
--a------ 2008-04-13 08:43 59392 c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
--a------ 2008-04-13 08:43 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
--a------ 2008-04-13 08:43 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShStatEXE]
--a------ 2008-09-29 07:07 124240 c:\program files\McAfee\VirusScan Enterprise\shstat.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
--a------ 2007-01-10 20:59 1235456 c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Styler]
--a------ 2006-05-03 10:48 307200 c:\program files\Styler\Styler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TopDesk]
--a------ 2004-08-28 15:00 195584 c:\windows\system32\topdesk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransBar]
--a------ 2004-08-28 15:00 65536 c:\windows\system32\transbar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UberIcon]
--a------ 2005-08-12 19:52 180224 c:\program files\UberIcon\UberIcon Manager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTaskTips]
--a------ 2004-08-28 15:00 36864 c:\windows\system32\VisualTaskTips.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
--a------ 2007-04-16 14:28 577536 c:\windows\soundman.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2004-08-28 11264]
R2 ADSLAutoconnect;ADSLAutoconnect;c:\program files\ADSL Autoconnect\ADSL Autoconnect.exe [2009-04-07 446464]
R2 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\EngineServer.exe [2008-09-29 19456]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2009-04-06 67904]
S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-03-15 216232]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2009-04-06 64432]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv
.
- - - - ORPHANS REMOVED - - - -

Toolbar-SaveLinksOrder - (no file)
Toolbar-Locked - (no file)
Toolbar-ITBarLayout - (no file)
Toolbar-ITBarLayout - (no file)
Toolbar-ITBar7Position - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.fr
uDefault_Search_URL = hxxp://www.google.fr/keyword/%s
mStart Page = hxxp://www.google.fr
uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: {8AF2CC12-EF79-4CB3-9016-08898BD182B5} = 4.2.2.5 4.2.2.6
FF - ProfilePath - c:\documents and settings\Achour\Application Data\Mozilla\Firefox\Profiles\4zrohl8t.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - component: c:\documents and settings\Achour\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\documents and settings\Achour\Application Data\Mozilla\Firefox\Profiles\4zrohl8t.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-10 14:55:53
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\mchInjDrv]
"ImagePath"="\??\c:\docume~1\Achour\LOCALS~1\Temp\mc21.tmp"
.
Completion time: 2009-04-10 14:57:16
ComboFix-quarantined-files.txt 2009-04-10 13:56:59

Pre-Run: 15 634 362 368 octets libres
Post-Run: 19,009,712,128 octets libres

283 --- E O F --- 2009-04-09 15:00:11

Autres pages sur : rapport combofix

a b 8 Sécurité
11 Avril 2009 13:11:33

Bonjour,

Bah tu as regardé dans les options ?

Sélectionne l'intégralité du cadre ci-dessous :

Driver::
mchInjDrv

File::
c:\windows\system32\transbar.exe
c:\docume~1\Achour\LOCALS~1\Temp\mc21.tmp

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TransBar]


  • Copie/colle le dans le Bloc Notes (Démarrer\Tous les programmes\Accessoires\Bloc notes.)
  • Enregistre le sous sur ton bureau sous le nom de CFScript.txt
  • Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :

  • Cela va relancer Combofix.
  • Tu devras accepter la licence.

    Poste le contenu du rapport ComboFix.txt après redémarrage s'il y en a un.

    Le rapport se trouve ici : %SystemDrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)
    m
    0
    l
    11 Avril 2009 20:07:57

    merci bcccp, voila j'ai fais ce que vous m'avez dit; mais apres le scan de cambofix et redemarage j'ai eu un ecran bleu pendant la creation de rapport

    et j'ai redemarer voila le rapport
    ComboFix 09-04-04.01 - Achour 2009-04-11 18:48:01.2 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1256.213.1036.18.1278.763 [GMT 1:00]
    Running from: C:\Documents and Settings\Achour\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Achour\Bureau\CFScript.txt
    AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning disabled* (Updated)
    * Created a new restore point

    FILE ::
    c:\docume~1\Achour\LOCALS~1\Temp\mc21.tmp
    c:\windows\system32\transbar.exe
    .
    The following files were disabled during the run:
    C:\Program Files\SuperCopier2\SC2Hook.dll
    m
    0
    l
    Contenus similaires
    11 Avril 2009 21:16:55

    re bon j'ai refais le scan avec cambofix après avoir arreté les service mcafee
    et voila le rapport:

    ComboFix 09-04-04.01 - Achour 2009-04-11 20:05:57.3 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.3.1256.213.1036.18.1278.899 [GMT 1:00]
    Running from: c:\documents and settings\Achour\Bureau\ComboFix.exe
    Command switches used :: c:\documents and settings\Achour\Bureau\CFScript.txt
    AV: VirusScan Enterprise + AntiSpyware Enterprise *On-access scanning enabled* (Updated)
    * Created a new restore point

    FILE ::
    c:\docume~1\Achour\LOCALS~1\Temp\mc21.tmp
    c:\windows\system32\transbar.exe
    .
    The following files were disabled during the run:
    c:\program files\SuperCopier2\SC2Hook.dll


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    c:\windows\system32\transbar.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_MCHINJDRV
    -------\Service_mchInjDrv
    -------\Legacy_MCHINJDRV
    -------\Service_mchInjDrv


    ((((((((((((((((((((((((( Files Created from 2009-03-11 to 2009-04-11 )))))))))))))))))))))))))))))))
    .

    2009-04-10 20:51 . 2009-04-10 22:15 <REP> d-------- c:\documents and settings\Achour\DoctorWeb
    2009-04-10 17:37 . 2009-04-10 17:37 362,240 --a------ c:\windows\system32\TuneUpDefragService.exe
    2009-04-10 17:22 . 2008-04-13 19:34 16,384 --a------ c:\windows\system32\ipsink.ax
    2009-04-10 17:22 . 2008-04-13 11:46 15,232 --a------ c:\windows\system32\drivers\StreamIP.sys
    2009-04-10 17:22 . 2008-04-13 11:46 11,136 --a------ c:\windows\system32\drivers\SLIP.sys
    2009-04-10 17:22 . 2008-04-13 11:46 10,880 --a------ c:\windows\system32\drivers\NdisIP.sys
    2009-04-10 17:22 . 2008-04-13 11:39 5,504 --a------ c:\windows\system32\drivers\MSTEE.sys
    2009-04-10 17:21 . 2008-04-13 19:34 92,160 --a------ c:\windows\system32\kswdmcap.ax
    2009-04-10 17:21 . 2008-04-13 11:46 85,248 --a------ c:\windows\system32\drivers\NABTSFEC.sys
    2009-04-10 17:21 . 2008-04-13 19:34 61,952 --a------ c:\windows\system32\kstvtune.ax
    2009-04-10 17:21 . 2008-04-13 19:33 54,784 --a------ c:\windows\system32\vfwwdm32.dll
    2009-04-10 17:21 . 2008-04-13 19:34 43,008 --a------ c:\windows\system32\ksxbar.ax
    2009-04-10 17:21 . 2008-04-13 11:46 19,200 --a------ c:\windows\system32\drivers\WSTCODEC.SYS
    2009-04-10 17:21 . 2008-04-13 11:46 17,024 --a------ c:\windows\system32\drivers\CCDECODE.sys
    2009-04-10 17:18 . 2009-04-10 17:18 <REP> d-------- c:\program files\Fichiers communs\Everstrike Software
    2009-04-10 17:18 . 2009-04-10 17:18 <REP> d-------- c:\program files\Everstrike Software
    2009-04-10 17:09 . 2009-04-10 17:09 <REP> d-------- c:\program files\Fichiers communs\snpstd
    2009-04-10 17:09 . 2005-04-26 14:06 390,784 --a------ c:\windows\system32\drivers\snpstd.sys
    2009-04-10 17:09 . 2004-06-10 13:48 286,720 --a------ c:\windows\vsnpstd.exe
    2009-04-10 17:09 . 2005-04-20 17:34 61,440 --a------ c:\windows\system32\rsnpstd.dll
    2009-04-10 17:09 . 2004-02-16 13:59 61,440 --a------ c:\windows\system32\csnpstd.dll
    2009-04-10 17:09 . 2004-05-06 11:22 53,248 --a------ c:\windows\system32\dsnpstd.dll
    2009-04-10 17:09 . 2002-07-03 11:44 53,248 --a------ c:\windows\amcap.exe
    2009-04-10 17:09 . 2005-04-20 17:16 36,864 --a------ c:\windows\system32\vsnpstd.dll
    2009-04-10 17:09 . 2005-04-20 16:57 36,864 --a------ c:\windows\system32\dsnpstd.ax
    2009-04-10 17:09 . 2005-02-01 19:29 20,480 --a------ c:\windows\usnpstd.exe
    2009-04-10 17:09 . 2003-01-17 17:34 15,541 --a------ c:\windows\snpstd.ini
    2009-04-10 17:09 . 2003-01-17 17:35 13,023 --a------ c:\windows\snpstd.src
    2009-04-10 16:00 . 2009-04-10 16:01 27,262,976 --a------ C:\VIRTPART.DAT
    2009-04-10 15:53 . 2002-08-14 15:03 45,056 --a------ c:\windows\system32\WNASPI2K.BAK
    2009-04-10 15:53 . 2002-08-14 15:03 17,005 --a------ c:\windows\system32\drivers\ASPI2K.BAK
    2009-04-10 15:53 . 2002-08-14 15:03 5,600 --a------ c:\windows\system\WINASPI.BAK
    2009-04-10 15:53 . 2002-08-14 15:03 4,672 --a------ c:\windows\system\WOWPOST.BAK
    2009-04-10 12:23 . 1998-11-13 13:16 308,224 --a------ c:\windows\IsUn040c.exe
    2009-04-10 12:23 . 2003-10-03 16:28 45,056 --a------ c:\windows\system32\vusetup.dll
    2009-04-10 12:23 . 2005-06-06 17:51 11,264 --a------ c:\windows\system32\drivers\vulfntr.sys
    2009-04-10 12:23 . 2005-01-05 18:02 6,912 --a------ c:\windows\system32\drivers\vulfnth.sys
    2009-04-10 10:25 . 2009-04-10 10:25 <REP> d-------- c:\program files\patch
    2009-04-09 23:34 . 2009-04-09 23:34 <REP> d--h----- c:\windows\PIF
    2009-04-09 23:03 . 2009-04-09 23:25 <REP> d-------- c:\program files\Internet Download Manager
    2009-04-09 23:03 . 2009-04-10 10:04 <REP> d-------- c:\documents and settings\Achour\Application Data\IDM
    2009-04-09 17:02 . 2009-04-09 17:06 <REP> d-------- c:\program files\ma-config.com
    2009-04-09 17:02 . 2009-04-09 17:06 <REP> d-------- c:\documents and settings\All Users\Application Data\ma-config.com
    2009-04-09 14:42 . 2009-04-09 14:42 <REP> d-------- c:\windows\system32\quran
    2009-04-09 14:42 . 2009-04-09 14:42 <REP> d-------- c:\program files\Quran_AR
    2009-04-09 14:42 . 2009-04-09 14:42 737,280 --a------ c:\windows\iun6002.exe
    2009-04-09 09:59 . 2009-04-09 09:59 <REP> d-------- c:\program files\DkZ Studio
    2009-04-09 09:57 . 2008-04-13 11:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
    2009-04-08 22:51 . 2009-04-08 22:51 <REP> d-------- c:\windows\Sun
    2009-04-08 22:50 . 2009-04-08 22:49 410,984 --a------ c:\windows\system32\deploytk.dll
    2009-04-08 22:50 . 2009-04-08 22:49 73,728 --a------ c:\windows\system32\javacpl.cpl
    2009-04-08 22:49 . 2009-04-08 22:49 <REP> d-------- c:\program files\Java
    2009-04-08 18:04 . 2009-04-10 17:12 <REP> d-------- c:\program files\Symantec
    2009-04-08 18:04 . 2009-04-10 17:11 <REP> d-------- c:\program files\Fichiers communs\Symantec Shared
    2009-04-08 18:04 . 2009-04-10 15:53 <REP> d-------- c:\documents and settings\All Users\Application Data\Symantec
    2009-04-08 18:04 . 2009-04-08 18:04 <REP> d-------- c:\documents and settings\Achour\Application Data\Symantec
    2009-04-08 18:04 . 2002-08-14 15:03 45,056 --a------ c:\windows\system32\WNASPI32.DLL
    2009-04-08 18:04 . 2002-08-14 15:03 17,005 --a------ c:\windows\system32\drivers\ASPI32.SYS
    2009-04-08 18:04 . 2002-08-14 15:03 5,600 --a------ c:\windows\system\WINASPI.DLL
    2009-04-08 18:04 . 2002-08-14 15:03 4,672 --a------ c:\windows\system\WOWPOST.EXE
    2009-04-08 12:49 . 2009-04-08 12:49 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\InstallShield
    2009-04-08 10:53 . 2009-04-08 21:11 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\dvdcss
    2009-04-08 10:08 . 2009-04-09 13:03 69 --a------ c:\windows\NeroDigital.ini
    2009-04-08 10:07 . 2009-04-08 10:07 <REP> d-------- c:\documents and settings\Achour\Application Data\Media Player Classic
    2009-04-08 09:53 . 2009-04-08 13:58 <REP> d-------- c:\documents and settings\Achour\Application Data\dvdcss
    2009-04-07 23:28 . 2009-04-11 20:08 <REP> d-------- c:\program files\SuperCopier2
    2009-04-07 22:10 . 2009-04-07 22:10 <REP> d-------- c:\documents and settings\Achour\Application Data\Ahead
    2009-04-07 18:24 . 2009-04-07 18:24 <REP> d-------- c:\documents and settings\Achour\Application Data\Yahoo!
    2009-04-07 18:21 . 2009-04-11 18:56 <REP> d-------- c:\documents and settings\Achour\Tracing
    2009-04-07 18:12 . 2001-08-28 13:00 1,875,968 --a------ c:\windows\system32\msir3jp.lex
    2009-04-07 18:12 . 2001-08-28 13:00 1,677,824 --a------ c:\windows\system32\chsbrkr.dll
    2009-04-07 18:12 . 2001-08-28 13:00 1,158,818 --a------ c:\windows\system32\korwbrkr.lex
    2009-04-07 18:12 . 2001-08-28 13:00 838,144 --a------ c:\windows\system32\chtbrkr.dll
    2009-04-07 18:12 . 2001-08-28 13:00 98,304 --a------ c:\windows\system32\msir3jp.dll
    2009-04-07 18:12 . 2001-08-28 13:00 70,656 --a------ c:\windows\system32\korwbrkr.dll
    2009-04-07 18:12 . 2001-08-28 13:00 16,254 --a------ c:\windows\system32\PINTLPAE.HLP
    2009-04-07 18:12 . 2001-08-28 13:00 14,821 --a------ c:\windows\system32\PINTLPAD.HLP
    2009-04-07 18:12 . 2001-08-28 13:00 2,060 --a------ c:\windows\system32\noise.jpn
    2009-04-07 18:12 . 2001-08-28 13:00 1,696 -ra------ c:\windows\system32\noise.cht
    2009-04-07 18:12 . 2001-08-28 13:00 1,696 -ra------ c:\windows\system32\noise.chs
    2009-04-07 18:12 . 2001-08-28 13:00 1,486 --a------ c:\windows\system32\noise.kor
    2009-04-07 18:11 . 2001-08-28 13:00 185,344 --a------ c:\windows\system32\Thawbrkr.dll
    2009-04-07 18:11 . 2001-08-28 13:00 697 --a------ c:\windows\system32\noise.Tha
    2009-04-07 18:06 . 2001-08-28 13:00 809,394 --a--c--- c:\windows\system32\dllcache\NT5IIS.CAT
    2009-04-07 18:06 . 2004-08-28 15:00 66,594 --a------ c:\windows\system32\c_864.nls
    2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_708.nls
    2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_28598.nls
    2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_28596.nls
    2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_10021.nls
    2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_10005.nls
    2009-04-07 18:06 . 2004-08-28 15:00 66,082 --a------ c:\windows\system32\c_10004.nls
    2009-04-07 18:06 . 2004-08-28 15:00 10,752 --a------ c:\windows\system32\c_iscii.dll
    2009-04-07 18:06 . 2004-08-28 15:00 6,144 --a------ c:\windows\system32\ftlx041e.dll
    2009-04-07 18:06 . 2004-08-28 15:00 5,632 --a------ c:\windows\system32\kbdusa.dll
    2009-04-07 17:24 . 2009-04-07 19:17 <REP> d--h----- c:\windows\$hf_mig$
    2009-04-07 15:16 . 2009-04-07 15:16 <REP> d-------- c:\documents and settings\Achour\Application Data\MSNInstaller
    2009-04-07 14:36 . 2009-04-07 15:12 <REP> d-------- c:\program files\Chessmaster Challenge
    2009-04-07 14:36 . 2009-04-07 15:08 <REP> d-------- c:\documents and settings\Achour\Application Data\Chessmaster Challenge
    2009-04-07 14:35 . 2009-04-07 14:35 <REP> d-------- c:\program files\ReflexiveArcade
    2009-04-07 14:26 . 2009-04-07 14:26 <REP> d-------- c:\program files\FreeSweetGames
    2009-04-07 14:23 . 2009-04-11 19:42 <REP> d-------- c:\program files\Fichiers communs\Adobe
    2009-04-07 12:51 . 2009-04-07 12:51 <REP> d-------- c:\program files\Microsoft Works
    2009-04-07 12:50 . 2009-04-07 12:50 <REP> d-------- c:\program files\MSBuild
    2009-04-07 12:49 . 2009-04-07 12:49 <REP> d-------- c:\program files\Microsoft.NET
    2009-04-07 12:47 . 2009-04-07 12:47 <REP> d-------- c:\program files\Microsoft Visual Studio 8
    2009-04-07 12:45 . 2009-04-07 12:50 <REP> d-------- c:\windows\SHELLNEW
    2009-04-07 12:43 . 2009-04-07 12:43 <REP> dr-h----- C:\MSOCache
    2009-04-07 12:11 . 2009-04-07 12:11 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\Media Player Classic
    2009-04-07 11:22 . 2009-04-07 11:22 <REP> d-------- c:\documents and settings\Anis-Amine-Fouad\Application Data\Yahoo!
    2009-04-07 10:16 . 2009-04-07 10:16 <REP> d-------- c:\documents and settings\Achour\Application Data\AlMAdinahMushaf
    2009-04-07 10:09 . 2009-04-10 22:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
    2009-04-07 10:05 . 2009-04-07 10:05 <REP> d-------- c:\documents and settings\Achour\Application Data\Xentient
    2009-04-07 10:04 . 2008-06-17 20:02 8,517,632 -----c--- c:\windows\system32\dllcache\shell32.dll
    2009-04-07 10:03 . 2009-02-09 15:05 1,846,912 -----c--- c:\windows\system32\dllcache\win32k.sys
    2009-04-07 10:02 . 2008-05-09 11:55 512,000 -----c--- c:\windows\system32\dllcache\jscript.dll
    2009-04-07 10:02 . 2008-05-09 11:55 430,080 -----c--- c:\windows\system32\dllcache\vbscript.dll
    2009-04-07 10:02 . 2008-05-09 11:55 180,224 -----c--- c:\windows\system32\dllcache\scrobj.dll
    2009-04-07 10:02 . 2008-05-09 11:55 172,032 -----c--- c:\windows\system32\dllcache\scrrun.dll
    2009-04-07 10:02 . 2008-05-08 12:24 155,648 -----c--- c:\windows\system32\dllcache\wscript.exe
    2009-04-07 10:02 . 2008-05-09 09:45 135,168 -----c--- c:\windows\system32\dllcache\cscript.exe
    2009-04-07 10:02 . 2008-05-09 11:55 90,112 -----c--- c:\windows\system32\dllcache\wshext.dll
    2009-04-07 10:02 . 2008-06-24 17:44 74,240 -----c--- c:\windows\system32\dllcache\mscms.dll
    2009-04-07 10:01 . 2008-05-07 06:11 1,294,336 -----c--- c:\windows\system32\dllcache\quartz.dll
    2009-04-07 10:01 . 2008-07-07 21:28 253,952 -----c--- c:\windows\system32\dllcache\es.dll
    2009-04-07 10:00 . 2008-12-05 07:57 144,896 -----c--- c:\windows\system32\dllcache\schannel.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-04-10 16:11 --------- d-----w c:\program files\Fichiers communs\Ahead
    2009-04-06 17:09 --------- d-----w c:\program files\Styler
    2009-04-06 17:00 --------- d-----w c:\program files\Cener Development
    2009-04-06 17:00 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
    2009-04-06 16:59 --------- d-----w c:\program files\K-Lite Codec Pack
    2009-04-06 16:58 --------- d-----w c:\program files\MSXML 4.0
    2009-03-27 09:03 6,280,416 ----a-w c:\windows\system32\drivers\nv4_mini.sys
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
    "SpeedConnectStartUp"="c:\program files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe" [2008-08-18 565760]
    "SuperCopier2.exe"="c:\program files\SuperCopier2\SuperCopier2.exe" [2006-07-07 1052672]
    "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-03-30 2790832]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
    "Vistadrv"="c:\windows\system32\Vistadrive\vsdrv.exe" [2006-07-30 121089]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-08 148888]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
    "snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
    "nwiz"="nwiz.exe" [2009-03-27 c:\windows\system32\nwiz.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "nltide_3"="advpack.dll" [2008-12-20 c:\windows\system32\advpack.dll]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2009-04-11 110592]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoSMHelp"= 1 (0x1)

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoSMHelp"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
    @="Service"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    --a------ 2009-02-27 17:10 35696 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
    --a------ 2009-03-30 18:05 2790832 c:\program files\Internet Download Manager\IDMan.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMEKRMIG6.1]
    --a------ 2004-08-28 15:00 44032 c:\windows\ime\imkr6_1\imekrmig.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1]
    --a------ 2008-04-13 08:43 208952 c:\windows\ime\imjp8_1\imjpmig.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
    --a------ 2008-03-14 03:00 136512 c:\program files\McAfee\Common Framework\UdaterUI.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
    --a------ 2008-04-13 08:43 59392 c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
    --a------ 2008-04-13 08:43 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
    --a------ 2008-04-13 08:43 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShStatEXE]
    --a------ 2008-09-29 07:07 124240 c:\program files\McAfee\VirusScan Enterprise\shstat.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
    --a------ 2007-01-10 20:59 1235456 c:\program files\Windows Sidebar\sidebar.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Styler]
    --a------ 2006-05-03 10:48 307200 c:\program files\Styler\Styler.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TopDesk]
    --a------ 2004-08-28 15:00 195584 c:\windows\system32\topdesk.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UberIcon]
    --a------ 2005-08-12 19:52 180224 c:\program files\UberIcon\UberIcon Manager.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTaskTips]
    --a------ 2004-08-28 15:00 36864 c:\windows\system32\VisualTaskTips.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    --a------ 2007-04-16 14:28 577536 c:\windows\soundman.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "mfevtp"=2 (0x2)
    "McTaskManager"=2 (0x2)
    "McShield"=2 (0x2)
    "McAfeeEngineService"=2 (0x2)

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "%windir%\\system32\\sessmgr.exe"=
    "c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

    R0 xfilt;VIA SATA IDE Hot-plug Driver;c:\windows\system32\drivers\xfilt.sys [2004-08-28 11264]
    R2 ADSLAutoconnect;ADSLAutoconnect;c:\program files\ADSL Autoconnect\ADSL Autoconnect.exe [2009-04-07 446464]
    R2 LF30FS;LF30FS;c:\program files\Everstrike Software\Lock Folder XP 3.6\LF30XP.sys [2004-11-19 101488]
    R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2009-04-06 67904]
    S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-03-15 216232]
    S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2009-04-06 64432]
    S4 McAfeeEngineService;McAfee Engine Service;c:\program files\McAfee\VirusScan Enterprise\EngineServer.exe [2008-09-29 19456]

    --- Other Services/Drivers In Memory ---

    *NewlyCreated* - MCHINJDRV
    *Deregistered* - mchInjDrv
    .
    Contents of the 'Scheduled Tasks' folder

    2009-04-11 c:\windows\Tasks\Maintenance en 1 clic.job
    - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-21 11:14]
    .
    - - - - ORPHANS REMOVED - - - -

    Toolbar-ITBarLayout - (no file)
    Toolbar-ITBarLayout - (no file)
    Toolbar-ITBar7Position - (no file)


    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.fr
    uDefault_Search_URL = hxxp://www.google.fr/keyword/%s
    mStart Page = hxxp://www.google.fr
    uSearchURL,(Default) = hxxp://www.google.fr/keyword/%s
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
    IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm
    IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm
    TCP: {8AF2CC12-EF79-4CB3-9016-08898BD182B5} = 4.2.2.5 4.2.2.6
    FF - ProfilePath - c:\documents and settings\Achour\Application Data\Mozilla\Firefox\Profiles\4zrohl8t.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
    FF - component: c:\documents and settings\Achour\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
    FF - plugin: c:\documents and settings\Achour\Application Data\Mozilla\Firefox\Profiles\4zrohl8t.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\plugins\nphardwaredetection.dll
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
    FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
    FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll

    ---- FIREFOX POLICIES ----
    FF - user.js: network.http.max-persistent-connections-per-server - 4
    FF - user.js: nglayout.initialpaint.delay - 600
    FF - user.js: content.notify.interval - 600000
    FF - user.js: content.max.tokenizing.time - 1800000
    FF - user.js: content.switch.threshold - 600000
    .

    **************************************************************************

    catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-04-11 20:09:31
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\McAfee\Common Framework\FrameworkService.exe
    c:\windows\system32\nvsvc32.exe
    c:\program files\McAfee\Common Framework\naPrdMgr.exe
    c:\windows\system32\rundll32.exe
    c:\program files\CBS Software\SpeedConnect Internet Accelerator\ShowNetworkActivity.exe
    .
    **************************************************************************
    .
    Completion time: 2009-04-11 20:11:43 - machine was rebooted [Achour]
    ComboFix-quarantined-files.txt 2009-04-11 19:11:39
    ComboFix2.txt 2009-04-10 13:57:17

    Pre-Run: 18,771,435,520 octets libres
    Post-Run: 18,767,486,976 octets libres

    311 --- E O F --- 2009-04-10 21:59:31
    m
    0
    l
    a b 8 Sécurité
    12 Avril 2009 22:13:48

    Ton pc se comporte mieux ?

    Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer.

  • Autorise les Active x.
  • Clique sur Démarrer Online Scanner.
  • Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
  • Colle son rapport ici.
  • Poste un nouveau rapport Hijackthis.

    Aide : Comment faire un scan en ligne avec Kaspersky .
    m
    0
    l
    13 Avril 2009 22:42:10

    salut
    bon j'ai scané avec kaspersky online mais il n'a rien detecté
    00 virus detectés

    pour le rapport HijackThis le voila

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:33, on 13/04/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    C:\WINDOWS\system32\mfevtps.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
    C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
    C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\vsnpstd.exe
    C:\Program Files\McAfee\Common Framework\udaterui.exe
    C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
    C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe
    C:\Program Files\McAfee\Common Framework\McTray.exe
    C:\Program Files\SuperCopier2\SuperCopier2.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Documents and Settings\Achour\Mes documents\Downloads\Programs\HiJackThis.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\Vistadrive\vsdrv.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKCU\..\Run: [SpeedConnectStartUp] C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run
    O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8AF2CC12-EF79-4CB3-9016-08898BD182B5}: NameServer = 4.2.2.5 4.2.2.6
    O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
    O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
    O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
    O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
    O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe

    --
    End of file - 9107 bytes
    m
    0
    l
    a b 8 Sécurité
    14 Avril 2009 13:43:17

    D'autres soucis ou questions ?
    m
    0
    l
    14 Avril 2009 19:50:56

    salut
    les fichiers cachés ne s'affichent pas dans c: (comme ficheirs systemes)
    malgré que j'ai fais toutes les possivbilités

    meme si je coche la case : afficher les fichiers et dossiers caches au menu.

    et malgré que j'ai verifier
    pour rétablir l'affichage des fichiers cachés :
    dans :
    HKEY_LM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\A­DVANCED\FOLDER\HIDDEN\SHOWALL
    Modifier les entrées:
    CheckedValue=1
    DefaultValue=0

    dans :
    HKEY_LM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\A­DVANCED\FOLDER\HIDDEN\NOHIDDEN­
    Modifier les entrées:
    CheckedValue=0
    DefaultValue=0
    m
    0
    l
    a b 8 Sécurité
    15 Avril 2009 19:42:14

    Je vois pas là :/ 
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS