> Tous les forums > Forum Sécurité
 ra p ee por t Hij ee ack ee ThisSujet résolu
Ajouter un message à la discussion
Pages : [1] 2 ... Fin
Page 1 sur 2 [Fin]
rôquette
  Posté le 01/09/2007 @ 20:52 
Aller en bas de la page 
Petit astucien

salut

desoler pour le titre mais c'est pour tromper mon pc sinon il ferme la fenetre

Logfile of HijackThis v1.99.1
Scan saved at 10:51:16, on 01/01/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hijackthis\Hija ck This.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bitdefender.com/scan8/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Core Center.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech QuickCam Manager - Unknown owner - C:\WINDOWS\System32\dllcache\mlqm.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: Sony Network Analysis Tool - Unknown owner - C:\WINDOWS\System32\dllcache\winsony.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe

Publicité
Fill
 Posté le 01/09/2007 à 21:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour,

  • Télécharge SDFix (créé par Andy Manchesta) et sauvegarde le sur ton Bureau.
  • Imprime ceci.
  • Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
    • Redémarre ton ordinateur.
    • Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (ou F5).
    • A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
    • Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
    • Choisis ton compte.
  • Déroule la liste des instructions ci-dessous :
    • En mode sans échec, double-clique sur le fichier SDFix.exe et clique sur install,
    • Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
    • Appuie sur Y pour commencer le script.
    • Il va supprimer les services de certains trojans, effectuera aussi quelques réparations du Registre et il te demandera d'appuyer sur une touche pour redémarrer.
    • Appuie sur une touche pour redémarrer le PC.
    • Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    • Après le chargement du Bureau, l'outil terminera son travail et affichera Finished
    • Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    • Enfin, ouvre le dossier de SDFix sur ton Bureau et copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
Fill

Fill
 Posté le 01/09/2007 à 21:27 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

Il faudra apprendre la prudence car c'est ta 3e grosse infection en un an. C'est anormal. Il faudra revoir les habitudes de surf !

Fill

rôquette
 Posté le 01/09/2007 à 21:50 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien


SDFix: Version 1.101

Run by Administrateur on 01/01/2003 at 11:54

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Name:
Client Server Runtime Proces
Sony Network Analysis Tool

ImagePath:
"C:\WINDOWS\csrss.exe"
"C:\WINDOWS\System32\dllcache\winsony.exe"

Client Server Runtime Proces - Deleted
Sony Network Analysis Tool - Deleted

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files:

Trojan Files Found:

C:\WINDOWS\SYSTEM32\GTJQMRP.EXE - Deleted
C:\WINDOWS\SYSTEM32\FINDERD.EXE - Deleted
C:\WINDOWS\system32\fservice.exe.exe - Deleted
C:\WINDOWS\ktd32.atm - Deleted
C:\WINDOWS\system32\dllcache\winsony.exe - Deleted
C:\WINDOWS\system32\reginv.dll - Deleted
C:\WINDOWS\system32\Tilecomnu.com - Deleted
C:\WINDOWS\wupdmgr.exe - Deleted

Removing Temp Files...

ADS Check:

C:\WINDOWS
No streams found.

C:\WINDOWS\system32
No streams found.

C:\WINDOWS\system32\svchost.exe
No streams found.

C:\WINDOWS\system32\ntoskrnl.exe
No streams found.


Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

C:\WINDOWS\system32\uddwglq.exe
C:\WINDOWS\system32\vctddoa.exe
C:\WINDOWS\system32\dllcache\mlqm.exe
C:\WINDOWS\LastGood.Tmp\INF\oem9.inf
C:\WINDOWS\LastGood.Tmp\INF\oem9.PNF

Finished

rôquette
 Posté le 01/09/2007 à 22:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

Logfile of HijackThis v1.99.1
Scan saved at 12:09:55, on 01/01/2003
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu9\toolbaru.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: Core Center.lnk = C:\Program Files\MSI\Core Center\CoreCenter.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech QuickCam Manager - Unknown owner - C:\WINDOWS\System32\dllcache\mlqm.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Unknown owner - C:\Program Files\Kerio\Personal Firewall\persfw.exe (file missing)
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe

Fill
 Posté le 01/09/2007 à 22:15 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

1/

  • Télécharge OTMoveIt (de Old_Timer) sur ton bureau,
  • Double-clique sur OTMoveIt.exe pour lancer le programme,
  • Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :
C:\WINDOWS\system32\uddwglq.exe
C:\WINDOWS\system32\vctddoa.exe
C:\WINDOWS\system32\dllcache\mlqm.exe
  • Clique sur MoveIt! pour lancer la suppression,
  • Le résultat appraraîtra dans le cadre Results.
  • Clique sur Exit pour fermer le programme.
  • Poste le rapport qui est situé ici : C:\\\\_OTMoveIt\MovedFiles
  • Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.

2/ Télécharge et installe AVGantispyware (voir ma signature : pré-nettoyage). Procède à la mise à jour. Insiste car leurs serveurs sont souvent saturés.

Lance AVG Anti-Spyware

Clique sur le bouton Analyse (de la barre d'outils)

Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.

Reviens à l'onglet Analyse. Clique sur Analyse complète du système.

A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.

Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

3/ Edite le rapport OTMoveIt et le rapport AVGantispyware.

Comment le pc se porte-t-il ?

Fill

rôquette
 Posté le 01/09/2007 à 22:22 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

mon pc comme au debu il ferme certaine fenetre

C:\WINDOWS\system32\uddwglq.exe moved successfully.
C:\WINDOWS\system32\vctddoa.exe moved successfully.
C:\WINDOWS\system32\dllcache\mlqm.exe moved successfully.

Created on 01/01/2003 12:29:28

rôquette
 Posté le 01/09/2007 à 22:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
awg enti spiward je lai deja installer mais il bug je doie le reinstaller si le pc veut bien arreter de merder
Fill
 Posté le 01/09/2007 à 22:24 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Retente. Les infections passées l'empêchaient peut-être de fonctionner.

Fill

Publicité
rôquette
 Posté le 01/09/2007 à 22:25 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
je peu pa le retelecharger avg entie spiward il ferme la fenetre se pc et vraiment abrutie mdr
rôquette
 Posté le 01/09/2007 à 22:26 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
ok je reboot la barre des tache deconnes incroyable vue ma configue
Fill
 Posté le 01/09/2007 à 22:28 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

1/

  • Télécharge SREng (de Smallfrogs).
  • Dézippe tout son contenu sur ton bureau (clic droit >Extraire ici).
  • Ouvre le dossier SReng2 et double-clique sur SREng.exe.
  • Clique sur "smart scan".
  • Clique sur le bouton "scan".
  • Quand l'analyse est terminée, clique sur le bouton "save reports".
  • Sauvegarde alors le rapport sur ton bureau.
  • Copie/colle le contenu du rapport SREnglLOG.log dans ta prochaine réponse.
2/
  • Télécharge DiagHelp.zip sur ton bureau(Merci Malekal) Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php
  • Ne double-clique pas dessus !! Fais un clic droit sur le fichier et extraire tout.
  • Un nouveau dossier chercher va être créé.
  • Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
  • Une fenêtre va s'ouvrir, choisis l'option 1
  • L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
  • Pendant l'analyse après le rapport CATCHME sur l'écran rouge, tu dois appuyer sue entrée pour que l'outil continue ses recherches. Suis les consignes écrites.
  • Une fenêtre avec le rapport s'ouvre alors. Copie/colle son contenu. (Il se trouve aussi ici : c:\resultat.txt)
  • Double-clique sur ce fichier, Fais CTRL+A puis CTRL+C.
  • Dans ta prochaine réponse, colle le rapport en faisant CTRL+V.
Fill

rôquette
 Posté le 01/09/2007 à 22:34 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

[CODE]

2003-01-01,12:42:10

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Microsoft Works Update Detection><C:\Program Files\Microsoft Works\WkDetect.exe> [Microsoft® Corporation]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
<Steam><> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<DAEMON Tools-1033><"C:\Program Files\D-Tools\daemon.exe" -lang 1033> [DAEMON'S HOME]
<NVMixerTray><"C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<UnlockerAssistant><C:\Program Files\Unlocker\UnlockerAssistant.exe> []
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<REGSHAVE><C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN> [FUJI PHOTO FILM CO., LTD.]
<Norton Ghost 9.0><C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe> [Symantec Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows XP Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{20D57A66-F7DF-467d-907B-9B7F4A118AB7}><> [N/A]
<{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll> [(Verified)GRISOFT LTD]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{306D6C21-C1B6-4629-986C-E59E1875B8AF}]
<N/A><"C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install> [Microsoft Corporation]

==================================
Startup Folders
[Core Center]
<C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Core Center.lnk --> C:\PROGRA~1\MSI\CORECE~1\CORECE~1.EXE []><N>

==================================
Services
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Stopped/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[GEARSecurity / GEARSecurity][Running/Auto Start]
<C:\WINDOWS\System32\GEARSec.exe><GEAR Software>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Logitech QuickCam Manager / Logitech QuickCam Manager][Stopped/Auto Start]
<"C:\WINDOWS\System32\dllcache\mlqm.exe"><N/A>
[Norton Ghost / Norton Ghost][Running/Auto Start]
<C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe><Symantec Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[PDEngine / PDEngine][Stopped/Manual Start]
<"C:\Program Files\Raxco\PerfectDisk\PDEngine.exe"><Raxco Software, Inc.>
[PDScheduler / PDSched][Running/Auto Start]
<"C:\Program Files\Raxco\PerfectDisk\PDSched.exe"><Raxco Software, Inc.>
[Kerio Personal Firewall / PersFw][Stopped/Auto Start]
<"C:\Program Files\Kerio\Personal Firewall\persfw.exe"><N/A>
[TuneUp WinStyler Theme Service / TUWinStylerThemeSvc][Stopped/Manual Start]
<C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe><TuneUp Software GmbH>

==================================
Drivers
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[aswRdr / aswRdr][Running/Manual Start]
<\??\C:\WINDOWS\System32\drivers\aswRdr.sys><ALWIL Software>
[ATMEL FVNETusb (AR)(R) Service for WLAN USB Adaptor (AR) / ATMEL FVNETusb (AR)(R)][Stopped/Manual Start]
<System32\DRIVERS\vnetusbr.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
<System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[basic2 / basic2][Running/Manual Start]
<System32\DRIVERS\HSF_BSC2.sys><Conexant>
[d347bus / d347bus][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\d347bus.sys><>
[d347prt / d347prt][Running/Boot Start]
<\SystemRoot\System32\Drivers\d347prt.sys><>
[driverhardwarev2 / driverhardwarev2][Stopped/Manual Start]
<\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys><N/A>
[ElbyCDFL / ElbyCDFL][Running/Manual Start]
<System32\Drivers\ElbyCDFL.sys><SlySoft, Inc.>
[ElbyCDIO Driver / ElbyCDIO][Running/Auto Start]
<System32\Drivers\ElbyCDIO.sys><Elaborate Bytes AG>
[Fallback / Fallback][Running/Auto Start]
<System32\DRIVERS\HSF_FALL.sys><Conexant>
[Fsks / Fsks][Running/Auto Start]
<System32\DRIVERS\HSF_FSKS.sys><Conexant>
[Kerio Personal Firewall Driver / fwdrv][Running/System Start]
<system32\Drivers\fwdrv.sys><N/A>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
<\??\J:\INSTALL\GMSIPCI.SYS><N/A>
[hsf_msft / hsf_msft][Running/Manual Start]
<System32\DRIVERS\HSF_MSFT.sys><Conexant>
[InCD File System / InCDFs][Stopped/Disabled]
<system32\drivers\InCDFs.sys><N/A>
[InCDPass / InCDPass][Stopped/System Start]
<system32\drivers\InCDPass.sys><N/A>
[InCD Reader / InCDRm][Stopped/System Start]
<system32\drivers\InCDRm.sys><N/A>
[K56 / K56][Running/Auto Start]
<System32\DRIVERS\HSF_K56K.sys><Conexant>
[nv / nv][Running/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvatabus / nvatabus][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[NVIDIA Disk Cache Filter Driver / nvcchflt][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nvcchflt.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Stopped/Manual Start]
<System32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
<System32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[OrangeWare USB 2.0 Root Hub Support / ousb2hub][Stopped/Manual Start]
<System32\DRIVERS\ousb2hub.sys><OrangeWare Corporation>
[OrangeWare USB Enhanced Host Controller Service / ousbehci][Stopped/Auto Start]
<System32\Drivers\ousbehci.sys><OrangeWare Corporation>
[PCAMPR5 NDIS Protocol Driver / PCAMPR5][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\PCAMPR5.SYS><N/A>
[PCANDIS5 NDIS Protocol Driver / PCANDIS5][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\PCANDIS5.SYS><N/A>
[Padus ASPI Shell / pfc][Running/Manual Start]
<system32\drivers\pfc.sys><Padus, Inc.>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RivaTuner32 / RivaTuner32][Stopped/Manual Start]
<\??\C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner32.sys><N/A>
[Rksample / Rksample][Running/Manual Start]
<System32\DRIVERS\HSF_SAMP.sys><Conexant>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
<System32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[RushTopDevice / RushTopDevice][Running/Manual Start]
<\??\C:\Program Files\MSI\Core Center\RushTop.sys><Your Corporation>
[Secdrv / Secdrv][Running/Auto Start]
<System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Look 'n' Stop Driver / SFilter][Running/Manual Start]
<System32\DRIVERS\lnsfw.sys><Soft4Ever>
[SoftFax / SoftFax][Running/Auto Start]
<System32\DRIVERS\HSF_FAXX.sys><Conexant>
[Tones / Tones][Running/Auto Start]
<System32\DRIVERS\HSF_TONE.sys><Conexant>
[V124 / V124][Running/Auto Start]
<System32\DRIVERS\HSF_V124.sys><Conexant>
[vax347b / vax347b][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\vax347b.sys><>
[vax347s / vax347s][Running/Boot Start]
<\SystemRoot\System32\Drivers\vax347s.sys><>
[ECI Telecom USB ADSL WAN Modem / wanusb][Stopped/Manual Start]
<System32\DRIVERS\gwausb.sys><N/A>

==================================
Browser Add-ons
[XTTBPos00 Class]
{055FD26D-3A88-4e15-963D-DC8493744B1D} <C:\Program Files\ICQToolbar\tbu9\toolbaru.dll, IE Toolbar>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Java Plug-in 1.5.0_11]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[]
{85d1f590-48f4-11d9-9669-0800200c9a66} <%windir%\bdoscandel.exe, N/A>
[ICQ Lite]
{B863453A-26C3-4e1f-A54D-A2CD196348E9} <C:\Program Files\ICQLite\ICQLite.exe, ICQ Ltd.>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <, N/A>
[&Radio]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[ICQ Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} <C:\Program Files\ICQToolbar\tbu9\toolbaru.dll, IE Toolbar>
[BDSCANONLINE Control]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} <C:\WINDOWS\DOWNLO~1\CONFLICT.2\oscan8.ocx, SOFTWIN>
[HardwareDetection Control]
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} <C:\PROGRA~1\HARDWA~1\IE\HARDWA~1.OCX, Ma-Config.com>
[Java Plug-in 1.5.0_11]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[MessengerStatsClient Class]
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} <C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll, Microsoft Corporation>
[ActiveScan Installer Class]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software>
[Java Plug-in 1.5.0_03]
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_09]
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_10]
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_11]
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_11]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&ICQ Toolbar Search]
<res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML, N/A>

==================================
Running Processes
[PID: 900 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1116 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1144 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1188 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1200 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1376 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1456 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1756 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 1812 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1004, 0]
[C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 1948 / Administrateur][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\PROGRA~1\WINDOW~3\wmpband.dll] [Microsoft Corporation, 10.00.00.3646]
[C:\WINDOWS\System32\Audiodev.dll] [Microsoft Corporation, 5.2.3790.3646 built by: DNSRV(bld4act)]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:F> Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Microsoft Works Update Detection><C:\Program Files\Microsoft Works\WkDetect.exe> [Microsoft® Corporation]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
<Steam><> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<DAEMON Tools-1033><"C:\Program Files\D-Tools\daemon.exe" -lang 1033> [DAEMON'S HOME]
<NVMixerTray><"C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<UnlockerAssistant><C:\Program Files\Unlocker\UnlockerAssistant.exe> []
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<REGSHAVE><C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN> [FUJI PHOTO FILM CO., LTD.]
<Norton Ghost 9.0><C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe> [Symantec Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows XP Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{20D57A66-F7DF-467d-907B-9B7F4A118AB7}><> [N/A]
<{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll> [(Verified)GRISOFT LTD]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{306D6C21-C1B6-4629-986C-E59E1875B8AF}]
<N/A><"C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install> [Microsoft Corporation]

==================================
Startup Folders
[Core Center]
<C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Core Center.lnk --> C:\PROGRA~1\MSI\CORECE~1\CORECE~1.EXE []><N>

==================================
Services
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Stopped/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[GEARSecurity / GEARSecurity][Running/Auto Start]
<C:\WINDOWS\System32\GEARSec.exe><GEAR Software>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Logitech QuickCam Manager / Logitech QuickCam Manager][Stopped/Auto Start]
<"C:\WINDOWS\System32\dllcache\mlqm.exe"><N/A>
[Norton Ghost / Norton Ghost][Running/Auto Start]
<C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe><Symantec Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[PDEngine / PDEngine][Stopped/Manual Start]
<"C:\Program Files\Raxco\PerfectDisk\PDEngine.exe"><Raxco Software, Inc.>
[PDScheduler / PDSched][Running/Auto Start]
<"C:\Program Files\Raxco\PerfectDisk\PDSched.exe"><Raxco Software, Inc.>
[Kerio Personal Firewall / PersFw][Stopped/Auto Start]
<"C:\Program Files\Kerio\Personal Firewall\persfw.exe"><N/A>
[TuneUp WinStyler Theme Service / TUWinStylerThemeSvc][Stopped/Manual Start]
<C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe><TuneUp Software GmbH>

==================================
Drivers
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[aswRdr / aswRdr][Running/Manual Start]
<\??\C:\WINDOWS\System32\drivers\aswRdr.sys><ALWIL Software>
[ATMEL FVNETusb (AR)(R) Service for WLAN USB Adaptor (AR) / ATMEL FVNETusb (AR)(R)][Stopped/Manual Start]
<System32\DRIVERS\vnetusbr.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
<System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[basic2 / basic2][Running/Manual Start]
<System32\DRIVERS\HSF_BSC2.sys><Conexant>
[d347bus / d347bus][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\d347bus.sys><>
[d347prt / d347prt][Running/Boot Start]
<\SystemRoot\System32\Drivers\d347prt.sys><>
[driverhardwarev2 / driverhardwarev2][Stopped/Manual Start]
<\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys><N/A>
[ElbyCDFL / ElbyCDFL][Running/Manual Start]
<System32\Drivers\ElbyCDFL.sys><SlySoft, Inc.>
[ElbyCDIO Driver / ElbyCDIO][Running/Auto Start]
<System32\Drivers\ElbyCDIO.sys><Elaborate Bytes AG>
[Fallback / Fallback][Running/Auto Start]
<System32\DRIVERS\HSF_FALL.sys><Conexant>
[Fsks / Fsks][Running/Auto Start]
<System32\DRIVERS\HSF_FSKS.sys><Conexant>
[Kerio Personal Firewall Driver / fwdrv][Running/System Start]
<system32\Drivers\fwdrv.sys><N/A>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
<\??\J:\INSTALL\GMSIPCI.SYS><N/A>
[hsf_msft / hsf_msft][Running/Manual Start]
<System32\DRIVERS\HSF_MSFT.sys><Conexant>
[InCD File System / InCDFs][Stopped/Disabled]
<system32\drivers\InCDFs.sys><N/A>
[InCDPass / InCDPass][Stopped/System Start]
<system32\drivers\InCDPass.sys><N/A>
[InCD Reader / InCDRm][Stopped/System Start]
<system32\drivers\InCDRm.sys><N/A>
[K56 / K56][Running/Auto Start]
<System32\DRIVERS\HSF_K56K.sys><Conexant>
[nv / nv][Running/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvatabus / nvatabus][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[NVIDIA Disk Cache Filter Driver / nvcchflt][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nvcchflt.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Stopped/Manual Start]
<System32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
<System32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[OrangeWare USB 2.0 Root Hub Support / ousb2hub][Stopped/Manual Start]
<System32\DRIVERS\ousb2hub.sys><OrangeWare Corporation>
[OrangeWare USB Enhanced Host Controller Service / ousbehci][Stopped/Auto Start]
<System32\Drivers\ousbehci.sys><OrangeWare Corporation>
[PCAMPR5 NDIS Protocol Driver / PCAMPR5][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\PCAMPR5.SYS><N/A>
[PCANDIS5 NDIS Protocol Driver / PCANDIS5][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\PCANDIS5.SYS><N/A>
[Padus ASPI Shell / pfc][Running/Manual Start]
<system32\drivers\pfc.sys><Padus, Inc.>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RivaTuner32 / RivaTuner32][Stopped/Manual Start]
<\??\C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner32.sys><N/A>
[Rksample / Rksample][Running/Manual Start]
<System32\DRIVERS\HSF_SAMP.sys><Conexant>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
<System32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[RushTopDevice / RushTopDevice][Running/Manual Start]
<\??\C:\Program Files\MSI\Core Center\RushTop.sys><Your Corporation>
[Secdrv / Secdrv][Running/Auto Start]
<System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Look 'n' Stop Driver / SFilter][Running/Manual Start]
<System32\DRIVERS\lnsfw.sys><Soft4Ever>
[SoftFax / SoftFax][Running/Auto Start]
<System32\DRIVERS\HSF_FAXX.sys><Conexant>
[Tones / Tones][Running/Auto Start]
<System32\DRIVERS\HSF_TONE.sys><Conexant>
[V124 / V124][Running/Auto Start]
<System32\DRIVERS\HSF_V124.sys><Conexant>
[vax347b / vax347b][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\vax347b.sys><>
[vax347s / vax347s][Running/Boot Start]
<\SystemRoot\System32\Drivers\vax347s.sys><>
[ECI Telecom USB ADSL WAN Modem / wanusb][Stopped/Manual Start]
<System32\DRIVERS\gwausb.sys><N/A>

==================================
Browser Add-ons
[XTTBPos00 Class]
{055FD26D-3A88-4e15-963D-DC8493744B1D} <C:\Program Files\ICQToolbar\tbu9\toolbaru.dll, IE Toolbar>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Java Plug-in 1.5.0_11]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[]
{85d1f590-48f4-11d9-9669-0800200c9a66} <%windir%\bdoscandel.exe, N/A>
[ICQ Lite]
{B863453A-26C3-4e1f-A54D-A2CD196348E9} 2

Fill
 Posté le 01/09/2007 à 22:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

Tu as posté 1,5 fois le rapport SREng, mais pas diaghelp

Fill

rôquette
 Posté le 01/09/2007 à 22:46 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
oui le scan et interminable
rôquette
 Posté le 01/09/2007 à 22:52 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
a normal il poste des ereure en boucle
rôquette
 Posté le 01/09/2007 à 22:55 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
les fenetre se ferme + aparament
Publicité
Fill
 Posté le 01/09/2007 à 23:10 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

1/ Fais ceci :

Démarrer>Exécuter>cmd

Tape ceci :

sc stop Logitech QuickCam Manager

2/ Ouvre Hijackthis>"open the misc tool section">delete a NT service.

Dans l'invite de commande, mets ceci : Logitech QuickCam Manager

3/

  • Double-clique sur OTMoveIt.exe pour lancer le programme,
  • Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :
C:\WINDOWS\System32\dllcache\mlqm.exe
  • Clique sur MoveIt! pour lancer la suppression,
  • Le résultat appraraîtra dans le cadre Results.
  • Clique sur Exit pour fermer le programme.
  • Poste le rapport qui est situé ici : C:\\\\_OTMoveIt\MovedFiles
  • Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.

4/ Désactive temporairement ton antivirus.

5/

  • Fais un scan en ligne en cliquant ici.
  • Choisis Panda.
  • Tu dois réaliser le scan en utilisant Internet explorer. Une information apparait en haut, près de la barre d'état. Tu dois accepter et installer l'activeX proposé. La mise à jour de l'antivirus se lance.
  • Réalise un scan complet du système.
  • Sauvegarde le rapport en mode texte à l'issue du scan.

6/ Réactive l'antivirus.

7/ Edite le rapport OTMoveIt et le rapport Panda.

A demain.

Fill

rôquette
 Posté le 02/09/2007 à 03:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

salut jai fait un scan avec bitedefender en ligne aussi il a du me le suprimer

File/Folder Paste List Of Files/Folders to be moved not found.

Created on 01/01/2003 17:10:46

jessaye penda

rôquette
 Posté le 02/09/2007 à 03:23 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
le scan panda se ferme un moment donner bizard jai desactiver lentivirus
Fill
 Posté le 02/09/2007 à 08:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour,

Si ça ne marche pas, essaie Kaspersky. Pas besoin de désactiver l'antivirus.

Fill

rôquette
 Posté le 02/09/2007 à 12:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
KASPERSKY ONLINE SCANNER REPORT
Wednesday, January 01, 2003 3:29:56 AM
Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 2/09/2007
Kaspersky Anti-Virus database records: 402448
Scan Settings
Scan using the following antivirus databaseextended
Scan Archivestrue
Scan Mail Basestrue
Scan TargetMy Computer
A:\
B:\
C:\
D:\
E:\
F:\
H:\
Z:\
Scan Statistics
Total number of scanned objects69106
Number of viruses found2
Number of infected objects2
Number of suspicious objects2
Duration of the scan process01:10:34

Infected Object NameVirus NameLast Action
C:\Documents and Settings\Administrateur\Bureau\WOW\Copie de Copie de fservice.exe Object is locked skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\MSHist012003010120030102\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC.zip/drsmartload1.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
C:\SDFix\backups\movedfile.ren Object is locked skipped
C:\VundoFix Backups\DP.sys.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\VundoFix Backups\vtstt.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.am skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Prefetch\WIN32SSR.EXE-009C93FB.pf.sys Object is locked skipped
C:\WINDOWS\Prefetch\WIN32SSR.EXE-009C93FB.sys Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\ftp.exe Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_708.dat Object is locked skipped
C:\WINDOWS\Temp\\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\winkey.dll Object is locked skipped
E:\Program Files\World of Warcraft\Logs\gx.log Object is locked skipped
E:\Program Files\World of Warcraft\Logs\Sound.log Object is locked skipped
E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.
Fill
 Posté le 02/09/2007 à 13:37 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

Ce ne sont que des quarantaines.

1/ Ré-édite un rapport SREng.

2/

  • Télécharge clean.zip (merci Malekal).
  • Dézippe-le sur le bureau.
  • Ouvre le dossier jaune nommé clean sur ton bureau.
  • Double-clique sur clean.cmd
  • Choisis l'option 1 et copie sur le bureau le rapport généré. Il doit normalement aussi se trouver là : c:\rapport_clean.txt
  • Clique sur Q pour quitter le programme.
Fill

rôquette
 Posté le 02/09/2007 à 16:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien

[CODE]

2003-01-01,07:04:07

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Microsoft Works Update Detection><C:\Program Files\Microsoft Works\WkDetect.exe> [Microsoft® Corporation]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
<Steam><> [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe> [(Verified)ALWIL Software]
<DAEMON Tools-1033><"C:\Program Files\D-Tools\daemon.exe" -lang 1033> [DAEMON'S HOME]
<NVMixerTray><"C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"> [NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<UnlockerAssistant><C:\Program Files\Unlocker\UnlockerAssistant.exe> []
<SunJavaUpdateSched><"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows XP Publisher]
<REGSHAVE><C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN> [FUJI PHOTO FILM CO., LTD.]
<Norton Ghost 9.0><C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe> [Symantec Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows XP Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)ALWIL Software]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{20D57A66-F7DF-467d-907B-9B7F4A118AB7}><> [N/A]
<{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll> [(Verified)GRISOFT LTD]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{306D6C21-C1B6-4629-986C-E59E1875B8AF}]
<N/A><"C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Carnet d'adresses 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install> [Microsoft Corporation]

==================================
Startup Folders
[Core Center]
<C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\Core Center.lnk --> C:\PROGRA~1\MSI\CORECE~1\CORECE~1.EXE []><N>

==================================
Services
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><ALWIL Software>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
<"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><ALWIL Software>
[avast! Mail Scanner / avast! Mail Scanner][Stopped/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
<"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[GEARSecurity / GEARSecurity][Running/Auto Start]
<C:\WINDOWS\System32\GEARSec.exe><GEAR Software>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Logitech QuickCam Manager / Logitech QuickCam Manager][Stopped/Auto Start]
<"C:\WINDOWS\System32\dllcache\mlqm.exe"><N/A>
[Norton Ghost / Norton Ghost][Running/Auto Start]
<C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe><Symantec Corporation>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[PDEngine / PDEngine][Stopped/Manual Start]
<"C:\Program Files\Raxco\PerfectDisk\PDEngine.exe"><Raxco Software, Inc.>
[PDScheduler / PDSched][Running/Auto Start]
<"C:\Program Files\Raxco\PerfectDisk\PDSched.exe"><Raxco Software, Inc.>
[Kerio Personal Firewall / PersFw][Running/Auto Start]
<"C:\Program Files\Kerio\Personal Firewall\persfw.exe"><Kerio Technologies>
[TuneUp WinStyler Theme Service / TUWinStylerThemeSvc][Stopped/Manual Start]
<C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe><TuneUp Software GmbH>

==================================
Drivers
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[aswRdr / aswRdr][Running/Manual Start]
<\??\C:\WINDOWS\System32\drivers\aswRdr.sys><ALWIL Software>
[ATMEL FVNETusb (AR)(R) Service for WLAN USB Adaptor (AR) / ATMEL FVNETusb (AR)(R)][Stopped/Manual Start]
<System32\DRIVERS\vnetusbr.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
<System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[basic2 / basic2][Running/Manual Start]
<System32\DRIVERS\HSF_BSC2.sys><Conexant>
[d347bus / d347bus][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\d347bus.sys><>
[d347prt / d347prt][Running/Boot Start]
<\SystemRoot\System32\Drivers\d347prt.sys><>
[driverhardwarev2 / driverhardwarev2][Stopped/Manual Start]
<\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys><N/A>
[ElbyCDFL / ElbyCDFL][Running/Manual Start]
<System32\Drivers\ElbyCDFL.sys><SlySoft, Inc.>
[ElbyCDIO Driver / ElbyCDIO][Running/Auto Start]
<System32\Drivers\ElbyCDIO.sys><Elaborate Bytes AG>
[Fallback / Fallback][Running/Auto Start]
<System32\DRIVERS\HSF_FALL.sys><Conexant>
[Fsks / Fsks][Running/Auto Start]
<System32\DRIVERS\HSF_FSKS.sys><Conexant>
[Kerio Personal Firewall Driver / fwdrv][Running/System Start]
<system32\Drivers\fwdrv.sys><N/A>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
<\??\J:\INSTALL\GMSIPCI.SYS><N/A>
[hsf_msft / hsf_msft][Running/Manual Start]
<System32\DRIVERS\HSF_MSFT.sys><Conexant>
[InCD File System / InCDFs][Stopped/Disabled]
<system32\drivers\InCDFs.sys><N/A>
[InCDPass / InCDPass][Stopped/System Start]
<system32\drivers\InCDPass.sys><N/A>
[InCD Reader / InCDRm][Stopped/System Start]
<system32\drivers\InCDRm.sys><N/A>
[K56 / K56][Running/Auto Start]
<System32\DRIVERS\HSF_K56K.sys><Conexant>
[nv / nv][Running/Manual Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvatabus / nvatabus][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nvatabus.sys><NVIDIA Corporation>
[NVIDIA Disk Cache Filter Driver / nvcchflt][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nvcchflt.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Stopped/Manual Start]
<System32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
<System32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\nv_agp.sys><NVIDIA Corporation>
[OrangeWare USB 2.0 Root Hub Support / ousb2hub][Stopped/Manual Start]
<System32\DRIVERS\ousb2hub.sys><OrangeWare Corporation>
[OrangeWare USB Enhanced Host Controller Service / ousbehci][Stopped/Auto Start]
<System32\Drivers\ousbehci.sys><OrangeWare Corporation>
[PCAMPR5 NDIS Protocol Driver / PCAMPR5][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\PCAMPR5.SYS><N/A>
[PCANDIS5 NDIS Protocol Driver / PCANDIS5][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\PCANDIS5.SYS><N/A>
[Padus ASPI Shell / pfc][Running/Manual Start]
<system32\drivers\pfc.sys><Padus, Inc.>
[Pilote de liaison parallèle directe / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RivaTuner32 / RivaTuner32][Stopped/Manual Start]
<\??\C:\Program Files\RivaTuner v2.0 RC 15.8\RivaTuner32.sys><N/A>
[Rksample / Rksample][Running/Manual Start]
<System32\DRIVERS\HSF_SAMP.sys><Conexant>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
<System32\DRIVERS\Rtlnicxp.sys><Realtek Semiconductor Corporation>
[RushTopDevice / RushTopDevice][Running/Manual Start]
<\??\C:\Program Files\MSI\Core Center\RushTop.sys><Your Corporation>
[Secdrv / Secdrv][Running/Auto Start]
<System32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Look 'n' Stop Driver / SFilter][Running/Manual Start]
<System32\DRIVERS\lnsfw.sys><Soft4Ever>
[SoftFax / SoftFax][Running/Auto Start]
<System32\DRIVERS\HSF_FAXX.sys><Conexant>
[Tones / Tones][Running/Auto Start]
<System32\DRIVERS\HSF_TONE.sys><Conexant>
[V124 / V124][Running/Auto Start]
<System32\DRIVERS\HSF_V124.sys><Conexant>
[vax347b / vax347b][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\vax347b.sys><>
[vax347s / vax347s][Running/Boot Start]
<\SystemRoot\System32\Drivers\vax347s.sys><>
[ECI Telecom USB ADSL WAN Modem / wanusb][Stopped/Manual Start]
<System32\DRIVERS\gwausb.sys><N/A>

==================================
Browser Add-ons
[XTTBPos00 Class]
{055FD26D-3A88-4e15-963D-DC8493744B1D} <C:\Program Files\ICQToolbar\tbu9\toolbaru.dll, IE Toolbar>
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, >
[]
{53707962-6F74-2D53-2644-206D7942484F} <C:\PROGRA~1\SPYBOT~1\SDHelper.dll, Safer Networking Limited>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[Java Plug-in 1.5.0_11]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[]
{85d1f590-48f4-11d9-9669-0800200c9a66} <%windir%\bdoscandel.exe, N/A>
[ICQ Lite]
{B863453A-26C3-4e1f-A54D-A2CD196348E9} <C:\Program Files\ICQLite\ICQLite.exe, ICQ Ltd.>
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <, N/A>
[&Radio]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar3.dll, Google Inc.>
[ICQ Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} <C:\Program Files\ICQToolbar\tbu9\toolbaru.dll, IE Toolbar>
[CKAVWebScan Object]
{0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <C:\WINDOWS\System32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll, Kaspersky Lab>
[BDSCANONLINE Control]
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} <C:\WINDOWS\DOWNLO~1\CONFLICT.2\oscan8.ocx, SOFTWIN>
[HardwareDetection Control]
{867E13F2-7F31-44FB-AC97-CD38E0DC46EF} <C:\PROGRA~1\HARDWA~1\IE\HARDWA~1.OCX, Ma-Config.com>
[Java Plug-in 1.5.0_11]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[MessengerStatsClient Class]
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} <C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll, Microsoft Corporation>
[ActiveScan Installer Class]
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1} <C:\WINDOWS\Downloaded Program Files\asinst.dll, Panda Software>
[Java Plug-in 1.5.0_03]
{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_06]
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_09]
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_10]
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_11]
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_11]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.5.0_11\bin\npjpi150_11.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[&ICQ Toolbar Search]
<res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML, N/A>

==================================
Running Processes
[PID: 900 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1116 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1144 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1188 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1200 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1376 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1456 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1748 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 1800 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1004, 0]
[C:\Program Files\Alwil Software\Avast4\UNACEV2.DLL] [N/A, ]
[C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 1940 / Administrateur][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\PROGRA~1\WINDOW~3\wmpband.dll] [Microsoft Corporation, 10.00.00.3646]
[C:\WINDOWS\System32\Audiodev.dll] [Microsoft Corporation, 5.2.3790.3646 built by: DNSRV(bld4act)]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [GRISOFT s.r.o., 7, 5, 1, 36]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll] [Nero AG, 2, 0, 0, 0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Unlocker\UnlockerCOM.dll] [N/A, ]
[C:\WINDOWS\system\Layout.dll] [Microsoft, 1, 0, 0, 1]
[C:\Program Files\Alwil Software\Avast4\ashShell.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\7-Zip\7-zipn.dll] [Igor Pavlov, 4, 23, 0, 0]
[C:\Program Files\Symantec\Norton Ghost\Browser\PQIMountShellExt.dll] [Symantec Corporation, 9.0.0.2632]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll] [GRISOFT s.r.o., 7, 5, 1, 36]
[C:\PROGRA~1\A-SQUA~1\A2CONT~1.DLL] [N/A, ]
[C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx] [, 1, 0, 0, 1]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 4, 0, 0]
[C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll] [Nero AG, 2, 0, 0, 7]
[C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\dfshim.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\System32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[PID: 2004 / Administrateur][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1004, 0]
[C:\Program Files\Alwil Software\Avast4\French\Lang.dll] [ALWIL Software, 4, 7, 1004, 0]
[C:\WINDOWS\System32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[c:\program files\alwil software\avast4\ahruimai.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll] [Codejock Software, 1, 9, 4, 0]
[c:\program files\alwil software\avast4\ahruimes.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruins.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruiout.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MAPI32.dll] [Microsoft Corporation, 1.0.2536.0 (XPClient.010817-1148)]
[c:\program files\alwil software\avast4\ahruip2p.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruistd.dll] [ALWIL Software, 4, 7, 1029, 0]
[c:\program files\alwil software\avast4\ahruiws.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 2036 / Administrateur][C:\Program Files\D-Tools\daemon.exe] [DAEMON'S HOME, 3.47.0.0]
[C:\WINDOWS\daemon.dll] [, 3.47.0.0]
[C:\Program Files\D-Tools\PFCTOC.DLL] [Padus(R), Inc., 1, 0, 0, 12]
[C:\Program Files\D-Tools\Plugins\Images\bw5mount.dll] [, 1.0.2.0]
[C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll] [GENERIC, 1.02.0.0]
[C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll] [GENERIC, 1.01.0.0]
[C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll] [GENERIC, 1.02.0.0]
[C:\Program Files\D-Tools\Plugins\Images\pdimount.dll] [GENERIC, 1.01.0.0]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[PID: 296 / Administrateur][C:\Program Files\Unlocker\UnlockerAssistant.exe] [N/A, ]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[PID: 348 / Administrateur][C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe] [Sun Microsystems, Inc., 5.0.110.3]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[PID: 356 / Administrateur][C:\WINDOWS\System32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\NvMcTray.dll] [NVIDIA Corporation, 6.14.10.6693]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\System32\NVRSFR.DLL] [NVIDIA Corporation, 6.14.10.7189]
[PID: 392 / Administrateur][C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe] [Symantec Corporation, 9.0.0.2632]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Symantec\Norton Ghost\Shared\PQV2iAuto.dll] [Symantec Corporation, 9.0.0.2632]
[PID: 408 / Administrateur][C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe] [Google Inc., 1, 2, 1128, 5462]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\res_fr.dll] [Google Inc., 1, 2, 1128, 5462]
[C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll] [Google Inc., 1, 2, 1128, 5462]
[PID: 640 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[PID: 1092 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1320 / SYSTEM][C:\WINDOWS\System32\GEARSec.exe] [GEAR Software, 1, 0, 0, 6]
[PID: 1408 / SYSTEM][C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe] [Symantec Corporation, 9.0.0.2632]
[C:\Program Files\Symantec\Norton Ghost\Shared\PQV2iObj.dll] [Symantec Corporation, 9.0.0.2632]
[C:\Program Files\Symantec\Norton Ghost\Shared\PQNotify.dll] [Symantec Corporation, 9.0.0.2632]
[C:\Program Files\Symantec\Norton Ghost\Shared\PQScheduler.dll] [Symantec Corporation, 9.0.0.2632]
[C:\Program Files\Symantec\Norton Ghost\Agent\PQImaging.dll] [Symantec Corporation, 9.0.0.2632]
[C:\Program Files\Symantec\Norton Ghost\Agent\gwrks32.dll] [GEAR-Software, 3.51.001.06]
[C:\Program Files\Symantec\Norton Ghost\Agent\GEARAW32.dll] [GEAR-Software, 3.51.001.06]
[C:\Program Files\Symantec\Norton Ghost\Agent\gwlangEN.dll] [GEAR-Software, 3.51.001.06]
[PID: 1508 / SYSTEM][C:\WINDOWS\System32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.6693]
[C:\WINDOWS\System32\NVRSFR.DLL] [NVIDIA Corporation, 6.14.10.7189]
[PID: 1564 / SYSTEM][C:\Program Files\Kerio\Personal Firewall\persfw.exe] [Kerio Technologies, 2, 1, 5, 0]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[PID: 1620 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1668 / SERVICE LOCAL][C:\WINDOWS\System32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 1848 / SYSTEM][C:\Program Files\Raxco\PerfectDisk\PDSched.exe] [Raxco Software, Inc., 7, 0, 0, 31]
[C:\Program Files\Raxco\PerfectDisk\PDCommon.dll] [Raxco Software, Inc., 7, 0, 0, 31]
[C:\Program Files\Raxco\PerfectDisk\PDLangFR.dll] [Raxco Software, Inc., 7, 0, 0, 31]
[C:\Program Files\Raxco\PerfectDisk\PDSchedPS.dll] [Raxco Software, Inc., 7, 0, 0, 31]
[C:\Program Files\Raxco\PerfectDisk\PDEnginePS.dll] [Raxco Software, Inc., 7, 0, 0, 31]
[PID: 2112 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\WINDOWS\System32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\System32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\French\Base.dll] [ALWIL Software, 4, 7, 1004, 0]
[C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 7, 1029, 0]
[C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 7, 1029, 0]
[PID: 2836 / Administrateur][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[c:\program files\google\googletoolbar3.dll] [Google Inc., 4, 0, 1601, 4978]
[C:\Program Files\ICQToolbar\tbu9\toolbaru.dll] [IE Toolbar, 2, 0, 20, 11]
[C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx] [, 1, 0, 0, 1]
[C:\PROGRA~1\SPYBOT~1\SDHelper.dll] [Safer Networking Limited, 1, 4, 0, 0]
[C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll] [Sun Microsystems, Inc., 5.0.110.3]
[C:\WINDOWS\System32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\Program Files\Fichiers communs\Ahead\Lib\NeroDigitalExt.dll] [Nero AG, 2, 0, 0, 7]
[C:\Program Files\Fichiers communs\Ahead\Lib\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Fichiers communs\Ahead\Lib\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[PID: 1696 / Administrateur][E:\Program Files\World of Warcraft\WoW.exe] [Blizzard Entertainment, 2, 1, 3, 6898]
[E:\Program Files\World of Warcraft\fmod.dll] [Firelight Technologies Pty, Ltd, 3.75]
[E:\Program Files\World of Warcraft\DivxDecoder.dll] [N/A, ]
[C:\WINDOWS\System32\d3d9.dll] [Microsoft Corporation, 5.3.0000001.0904 built by: private/Lab06_dev(DXBLD00)]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]
[C:\WINDOWS\System32\wdmaud.drv] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\System32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3996 / Administrateur][C:\Documents and Settings\Administrateur\Bureau\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\Program Files\Unlocker\UnlockerHook.dll] [N/A, ]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 2036, C:\PROGRAM FILES\D-TOOLS\DAEMON.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 296, C:\PROGRAM FILES\UNLOCKER\UNLOCKERASSISTANT.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 392, C:\PROGRAM FILES\SYMANTEC\NORTON GHOST\AGENT\GHOSTTRAY.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1408, C:\PROGRAM FILES\SYMANTEC\NORTON GHOST\AGENT\PQV2ISVC.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1696, E:\PROGRAM FILES\WORLD OF WARCRAFT\WOW.EXE]

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================


[/CODE]

rôquette
 Posté le 02/09/2007 à 16:15 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
01/01/2003 a 7:11:30,50

*** Recherche des fichiers dans C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\x FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.1" FOUND
"C:\WINDOWS\Downloaded Program Files\CONFLICT.2" FOUND

*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Multi_Media_France\" FOUND
*** Fin du rapport !
Fill
 Posté le 02/09/2007 à 20:22 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour,

1/ Désisnstalle ceci via ajout/suppression des programmes et redémarre le pc :

Multi_Media_France

2/ Clique sur démarrer>Exécuter>cmd

Tape ceci :

sc stop "Logitech QuickCam Manager"

sc delete "Logitech QuickCam Manager"

sft /scannow

Le cd de xp te sera peut-être demandé.

3/

  • Redémarre en mode sans échec. Pour cela : au démarrage du PC, tapote sur F8 (ou F5). Ton PC démarre, mais sans accès à Internet.
  • Ouvre le dossier jaune nommé clean sur ton bureau.
  • Double-clique sur clean.cmd
  • Choisis l'option 2 et copie sur le bureau le rapport généré.
  • Si une fenêtre s'ouvre, laisse-la.
  • Clique sur Q pour quitter le programme.
  • Redémarre normalement.

4/ Essaie d'installer AVGantispyware et tente de faire un scan.

5/ Edite les rapports suivants :

AVGantispyware, SREng, Hijackthis.

Dis-moi comment le pc se porte.

Fill

Publicité
Pages : [1] 2 ... Fin
Page 1 sur 2 [Fin]

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
43,81 €Boîtier PC Corsair Carbide Series 270R avec fenêtre à 43,81 €
Valable jusqu'au 07 Août

Amazon propose actuellement le boîtier PC moyen tour avec fenêtre Corsair Carbide Series 270R à 45,74 € livré gratuitement. On le trouve ailleurs à partir de 80 €. Le Corsair Carbide 270R est compact et conçu pour créer des systèmes hautes performances à l'aspect minimaliste. il offre une capacité de refroidissement efficace, tout en vous permettant de faire évoluer ses performances grâce aux autres emplacements disponibles.


> Voir l'offre
70,39 €Alimentation Seasonic B12 BC 850W Plus Bronze à 70,39 €
Valable jusqu'au 07 Août

RueDuCommerce propose actuellement l'alimentation Seasonic B12 BC-850 850W Plus Bronze à 70,39 €. On la trouve habituellement autour de 95 €. L'alimentation est garantie 5 ans. En plus d’être très efficaces, les unités B12 BC utilisent la conception à résonance LLC et le contrôle des ventilateurs intelligent et silencieux (S2FC).


> Voir l'offre
799,99 €NAS Western Digital My Cloud EX2 Ultra + 2 disques durs WD Red 14 To (28 To) à 799,99 €
Valable jusqu'au 07 Août

Amazon fait une promotion sur le NAS à 2 baies Western Digital My Cloud EX2 Ultra accompagné de 2 disques durs Western Digital Red de 14 To (soit un total de 28 To) qui passe à 799,99 € au lieu de 990 €. Avec My Cloud EX2 Ultra, vous pourrez synchroniser votre contenu sur tous vos ordinateurs, partager vos fichiers et documents en toute simplicité et profiter de multiples options de sauvegarde afin de créer votre propre système personnalisé.


> Voir l'offre

Sujets relatifs
Aucun sujet pertinent lié trouvé
 > Tous les forums > Forum Sécurité