Virus detecté en mémoire trojanclicker.agent.

LAETICE42240 -  
 V-X -
Bonjour,
j'ai fait un scan de nod 32 CAR JE ME SUIS APER9U ET JE NE SAIT PAS POURQUOI QUIL NE SE CONNECTAIT PAS AU SERVEUR depui le 19 avril et donc j'ai decouvert que j'avait un fichier infecter et que je pouvait pas supprimer ce cheval de troie "Win32/Adware.Virtumonde.NDK et Win32/TrojanClicker.Agent.NGF. Infection de la mémoire système originaire du fichier\\?\globalroot\systemroot\system32\gxvxcqvxerhboioywidltowuydgfbrqkfvbut.dll."
je suis pas une pro donc je vous remercie de m'aider car j'ai tout mes dossier entreprise sur mon pc portable, qui est un Compaq et je suis sous windows xp
Merci encore
Configuration: Windows XP
Firefox 3.0.10

11 réponses

  1. LAETICE42240
     
    voila;

    OTListIt Extras logfile created on: 10/05/2009 23:47:58 - Run 1
    OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Documents and Settings\LAETITIA\Bureau
    Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 6.0.2900.2180)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1013,98 Mb Total Physical Memory | 460,87 Mb Available Physical Memory | 45,45% Memory free
    2,38 Gb Paging File | 1,95 Gb Available in Paging File | 81,66% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 102,60 Gb Total Space | 43,09 Gb Free Space | 42,00% Space Free | Partition Type: NTFS
    Drive D: | 8,17 Gb Total Space | 1,24 Gb Free Space | 15,24% Space Free | Partition Type: FAT32
    Drive E: | 7,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PORTABLE
    Current User Name: LAETITIA
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Output = Standard
    File Age = 30 Days
    Company Name Whitelist: On

    [color=orange]========== File Associations ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    [HKEY_USERS\S-1-5-21-380192306-3898515846-1654554647-1005\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    [color=orange]========== Security Center Settings ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 1
    "FirewallOverride" = 1
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
    "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
    "EnableFirewall" = 1
    "DoNotAllowExceptions" = 0
    "DisableNotifications" = 0

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media
    "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Service Partage réseau du Lecteur Windows Media

    [color=orange]========== Authorized Applications List ==========/color

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    [2006/03/25 06:00:00 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    [2006/03/25 06:00:00 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing
    File not found -- C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France
    File not found -- C:\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth
    [2005/05/31 02:04:00 | 04,393,096 | ---- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe:*:Enabled:Spybot - Search & Destroy
    [2004/10/13 18:24:37 | 01,694,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
    [2006/03/25 06:00:00 | 00,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test
    [2008/09/16 11:39:56 | 05,480,448 | ---- | M] (http://www.emule-project.net) -- C:\Program Files\eMule\emule.exe:*:Enabled:eMule

    [color=orange]========== HKEY_LOCAL_MACHINE Uninstall List ==========/color

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
    "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
    "{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
    "{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
    "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
    "{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Amélioration de nos services
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
    "{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
    "{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
    "{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.10 A2
    "{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
    "{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
    "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
    "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
    "{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
    "{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
    "{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 G2
    "{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 2.3
    "{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
    "{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig
    "{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
    "{52FBAE98-D389-4281-8C14-21B4046CCB4E}" = SonicAC3Encoder
    "{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
    "{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
    "{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6A28AB0B-22B1-494C-AF61-B386EA1736C0}" = LightScribe 1.4.97.1
    "{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
    "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
    "{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
    "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
    "{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig
    "{838A1BC9-95CA-4880-9BE3-2A7D23600A2B}" = Macromedia Shockwave Player
    "{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
    "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
    "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
    "{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
    "{939F8208-C8CE-4AFF-B7BA-ACEB2E74A6CB}" =
    "{95120000-00AF-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (French)
    "{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
    "{A059DE09-1B49-4450-B340-7AE097EC3F04}" = Microsoft Works
    "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
    "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
    "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
    "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
    "{AC76BA86-7AD7-1036-7B44-A70500000002}" = Adobe Reader 7.0.5 - Français
    "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
    "{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
    "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B16AF568-A644-483C-A6DA-5028CD019C8C}" = SonicMPEGEncoder
    "{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
    "{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
    "{B6694BAA-7604-46AA-A41F-B5F1E6DADE7A}" = OpenOffice.org 2.4
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
    "{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
    "{BE247E71-C143-40BB-ADF2-A465DF062BAB}" = HP User Guides 0035
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
    "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
    "{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9
    "{DEA4DD95-DB87-4071-979D-649451C2C9A6}" = Micro Application - Fêtes et réceptions 1.5
    "{EE467474-04A8-48D5-8DDF-0F8D3A3CCBE5}" = VirginMega.Fr Premium
    "{F45298E5-0083-426F-A668-1A2C5F04B8A0}" = FaxTools
    "{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
    "{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
    "0D20D36D-A11C-444c-9AF7-70CBFED42ECF" = Otto
    "99A88D57-2C93-491B-87B8-E41A870FB6BE" = GemMaster Mystic
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "AVIConverter" = AVIConverter 2.1
    "CNXT_HDAUDIO" = Conexant HD Audio
    "CNXT_MODEM_PCI_VEN_14F1&DEV_5045_at8ven5m" = Soft Data Fax Modem with SmartCP
    "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
    "eMule" = eMule
    "FastStone Image Viewer" = FastStone Image Viewer 3.6
    "FileZilla Client" = FileZilla Client 3.1.3.1
    "HijackThis" = HijackThis 2.0.2
    "HP Imaging Device Functions" = HP Imaging Device Functions 6.0
    "HP Photo & Imaging" = HP Photosmart Premier Software 6.0
    "InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Amélioration de nos services
    "KaraFun_is1" = KaraFun 1.18
    "La boite a couleurs_is1" = La boite a couleurs version 1.6.15
    "Lexmark X1100 Series" = Lexmark X1100 Series
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "MSNINST" = MSN
    "NOD32" = NOD32 Antivirus System
    "Picasa2" = Picasa 2
    "PROSet" = Intel(R) PRO Network Connections Drivers
    "qwsqs" = Favorit
    "Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "UNICCodec" = UNICCodec
    "VLC media player" = VLC media player 0.9.9
    "WGA" = Windows Genuine Advantage Validation Tool
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "WinRAR archiver" = Archiveur WinRAR
    "WMCSetup" = Windows Media Connect
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    [color=orange]========== Last 10 Event Log Errors ==========/color

    [ Application Events ]
    Error - 04/03/2008 19:43:01 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
    Description = Application bloquée moviemk.exe, version 2.1.4026.0, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 07/03/2008 17:42:57 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
    Description = Application bloquée moviemk.exe, version 2.1.4026.0, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 07/03/2008 18:41:01 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
    Description = Application bloquée moviemk.exe, version 2.1.4026.0, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 07/03/2008 18:57:10 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
    Description = Application bloquée moviemk.exe, version 2.1.4026.0, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 08/03/2008 15:38:26 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
    Description = Application bloquée moviemk.exe, version 2.1.4026.0, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 09/03/2008 14:06:30 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
    Description = Application bloquée moviemk.exe, version 2.1.4026.0, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 09/03/2008 14:06:33 | Computer Name = PORTABLE | Source = Application Hang | ID = 1001
    Description = Détecteur d'erreurs 115810024.

    Error - 18/05/2008 08:34:51 | Computer Name = PORTABLE | Source = Application Hang | ID = 1002
    Description = Application bloquée wmplayer.exe, version 10.0.0.3931, module bloqué
    hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

    Error - 10/07/2008 14:06:19 | Computer Name = PORTABLE | Source = Application Error | ID = 1000
    Description = Application défaillante iexplore.exe, version 6.0.2900.2180, module
    défaillant unknown, version 0.0.0.0, adresse de défaillance 0x00020027.

    Error - 06/09/2008 07:37:01 | Computer Name = PORTABLE | Source = Application Error | ID = 1000
    Description = Application défaillante empire earth.exe, version 0.0.0.0, module
    défaillant msvcrt.dll, version 7.0.2600.2180, adresse de défaillance 0x00036f07.

    [ System Events ]
    Error - 23/04/2009 15:54:14 | Computer Name = PORTABLE | Source = Windows Update Agent | ID = 16
    Description = Connexion impossible : Windows ne parvient pas à se connecter au service
    Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
    des mises à jour définies par la planification. Windows continuera d'essayer d'établir
    la connexion.

    Error - 26/04/2009 10:59:54 | Computer Name = PORTABLE | Source = Windows Update Agent | ID = 16
    Description = Connexion impossible : Windows ne parvient pas à se connecter au service
    Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
    des mises à jour définies par la planification. Windows continuera d'essayer d'établir
    la connexion.

    Error - 28/04/2009 15:21:04 | Computer Name = PORTABLE | Source = Windows Update Agent | ID = 16
    Description = Connexion impossible : Windows ne parvient pas à se connecter au service
    Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
    des mises à jour définies par la planification. Windows continuera d'essayer d'établir
    la connexion.

    Error - 28/04/2009 18:59:33 | Computer Name = PORTABLE | Source = sr | ID = 1
    Description = Le filtre de restauration du système à rencontré l'erreur inattendue
    '0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume2'.
    Ceci a entraîné l'arrêt de la surveillance du volume.

    Error - 01/05/2009 16:47:16 | Computer Name = PORTABLE | Source = Windows Update Agent | ID = 16
    Description = Connexion impossible : Windows ne parvient pas à se connecter au service
    Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
    des mises à jour définies par la planification. Windows continuera d'essayer d'établir
    la connexion.

    Error - 03/05/2009 16:47:19 | Computer Name = PORTABLE | Source = Windows Update Agent | ID = 16
    Description = Connexion impossible : Windows ne parvient pas à se connecter au service
    Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
    des mises à jour définies par la planification. Windows continuera d'essayer d'établir
    la connexion.

    Error - 08/05/2009 03:40:20 | Computer Name = PORTABLE | Source = Windows Update Agent | ID = 16
    Description = Connexion impossible : Windows ne parvient pas à se connecter au service
    Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
    des mises à jour définies par la planification. Windows continuera d'essayer d'établir
    la connexion.

    Error - 10/05/2009 15:21:45 | Computer Name = PORTABLE | Source = Service Control Manager | ID = 7011
    Description = Délai (30000 millisecondes) d'attente pour une réponse du service
    Schedule à une transaction.

    Error - 10/05/2009 15:21:59 | Computer Name = PORTABLE | Source = Windows Update Agent | ID = 16
    Description = Connexion impossible : Windows ne parvient pas à se connecter au service
    Mises à jour automatiques et ne peut donc pas procéder au téléchargement et à l'installation
    des mises à jour définies par la planification. Windows continuera d'essayer d'établir
    la connexion.

    Error - 10/05/2009 17:38:51 | Computer Name = PORTABLE | Source = sr | ID = 1
    Description = Le filtre de restauration du système à rencontré l'erreur inattendue
    '0xC0000001' pendant le traitement du fichier '' sur le volume 'HarddiskVolume2'.
    Ceci a entraîné l'arrêt de la surveillance du volume.

    < End of report >
    1
  2. V-X
     
    Re,

    Pas grave pour cela.

    Télécharge et installe MalwareByte's Anti-Malware
    Malwarebyte

    Mets le à jour

    ▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.

    ▶ Sélectionne Exécuter un examen COMPLET si ce n'est pas déjà fait

    ▶ clique sur Rechercher

    ▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

    Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

    Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

    Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

    Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

    Tutoriel pour MalwareByte's

    Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
    1
  3. V-X
     
    Salut,

    Télécharge OTList2 de OLDTimer ici :

    http://oldtimer.geekstogo.com/OTListIt2.exe

    et enregistre le sur ton Bureau.

    Double clic sur OTListIt2.exe pour le lancer.

    Coche les 2 cases Lop et Purity

    Coche la case devant "scan all users"

    Clic sur Run Scan.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport.

    Copie le dans une nouvelle réponse
    0
  4. LAETICE42240
     
    salut entre temps j'ai fait ça;

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:40:49, on 10/05/2009
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\WINDOWS\system32\mqsvc.exe
    C:\WINDOWS\system32\mqtgsvc.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    C:\WINDOWS\system32\igfxtray.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\QuickPlay\QPService.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
    C:\WINDOWS\system32\wuauclt.exe
    c:\documents and settings\laetitia\local settings\application data\qwsqs.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Trend Micro\HijackThis\Hjt.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.com/fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [qwsqs] "c:\documents and settings\laetitia\local settings\application data\qwsqs.exe" qwsqs
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: wkcalrem.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
    O17 - HKLM\System\CCS\Services\Tcpip\..\{21AEF6E4-3F53-4F8B-8CE5-2365F68CC13F}: NameServer = 85.255.112.137,85.255.112.100
    O17 - HKLM\System\CCS\Services\Tcpip\..\{D78805E9-1729-4C34-9A3D-F05FE86F7C46}: NameServer = 85.255.112.137,85.255.112.100
    O17 - HKLM\System\CCS\Services\Tcpip\..\{E9948C66-BCBE-4C4F-A620-2758DBF18778}: NameServer = 85.255.112.137,85.255.112.100
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.137,85.255.112.100
    O17 - HKLM\System\CS1\Services\Tcpip\..\{21AEF6E4-3F53-4F8B-8CE5-2365F68CC13F}: NameServer = 85.255.112.137,85.255.112.100
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.137,85.255.112.100
    O17 - HKLM\System\CS2\Services\Tcpip\..\{21AEF6E4-3F53-4F8B-8CE5-2365F68CC13F}: NameServer = 85.255.112.137,85.255.112.100
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.137,85.255.112.100
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. LAETICE42240
     
    bizarre je copie tout et pourtant il en manque!
    0
  7. LAETICE42240
     
    OTListIt logfile created on: 10/05/2009 23:47:58 - Run 1
    OTListIt2 by OldTimer - Version 2.0.15.6 Folder = C:\Documents and Settings\LAETITIA\Bureau
    Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 6.0.2900.2180)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1013,98 Mb Total Physical Memory | 460,87 Mb Available Physical Memory | 45,45% Memory free
    2,38 Gb Paging File | 1,95 Gb Available in Paging File | 81,66% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 102,60 Gb Total Space | 43,09 Gb Free Space | 42,00% Space Free | Partition Type: NTFS
    Drive D: | 8,17 Gb Total Space | 1,24 Gb Free Space | 15,24% Space Free | Partition Type: FAT32
    Drive E: | 7,86 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: PORTABLE
    Current User Name: LAETITIA
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Output = Standard
    File Age = 30 Days
    Company Name Whitelist: On

    [color=orange]========== Processes (SafeList) ==========[/color]

    PRC - [2007/06/13 15:22:28 | 01,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
    PRC - [2003/08/18 16:37:10 | 00,303,104 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE
    PRC - [2003/08/18 16:32:56 | 00,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXPPS.EXE
    PRC - [2006/05/12 14:27:16 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    PRC - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe
    PRC - [2005/08/05 23:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe
    PRC - [2006/05/18 16:52:06 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    PRC - [2007/01/20 17:56:14 | 00,507,904 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe
    PRC - [2006/05/02 15:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    PRC - [2005/08/05 21:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe
    PRC - [2006/03/25 06:00:00 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mqsvc.exe
    PRC - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe
    PRC - [2006/03/25 06:00:00 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mqtgsvc.exe
    PRC - [2005/08/05 21:34:32 | 00,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\ehtray.exe
    PRC - [2006/05/03 22:58:26 | 00,458,752 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
    PRC - [2006/03/22 22:17:04 | 00,094,208 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
    PRC - [2006/03/22 22:13:40 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
    PRC - [2006/03/22 22:17:50 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
    PRC - [2006/06/17 07:22:46 | 00,794,713 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    PRC - [2006/07/19 15:14:20 | 00,102,400 | ---- | M] (CyberLink Corp.) -- C:\Program Files\HP\QuickPlay\QPService.exe
    PRC - [2006/06/19 11:33:12 | 00,163,840 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    PRC - [2007/01/20 17:56:14 | 00,921,600 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32kui.exe
    PRC - [2003/08/19 16:48:56 | 00,057,344 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    PRC - [2007/05/08 17:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    PRC - [2007/08/01 21:57:04 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    PRC - [2007/10/23 23:18:15 | 00,443,968 | ---- | M] (Google Inc.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe
    PRC - [2006/11/03 09:59:20 | 00,204,288 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
    PRC - [2006/05/12 14:33:22 | 00,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
    PRC - [2009/02/06 11:41:05 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
    PRC - [2005/08/05 21:34:28 | 00,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehmsas.exe
    PRC - [2004/07/12 10:54:26 | 00,015,360 | ---- | M] (Microsoft® Corporation) -- C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
    PRC - [2003/08/19 17:00:40 | 00,053,248 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    PRC - [2006/05/12 14:32:14 | 01,265,748 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTStackServer.exe
    PRC - [2009/05/10 21:22:26 | 00,356,352 | ---- | M] () -- c:\documents and settings\laetitia\local settings\application data\qwsqs.exe
    PRC - [2009/05/08 21:41:57 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
    PRC - [2009/05/10 23:46:32 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\LAETITIA\Bureau\OTListIt2.exe

    [color=orange]========== Win32 Services (SafeList) ==========[/color]

    SRV - [2006/06/12 13:27:28 | 00,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr [On_Demand | Stopped])
    SRV - [2004/07/15 09:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
    SRV - [2006/05/12 14:27:16 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe -- (btwdins [Auto | Running])
    SRV - [2006/10/09 16:16:56 | 00,237,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehRecvr.exe -- (ehRecvr [Auto | Running])
    SRV - [2005/08/05 23:38:38 | 00,103,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\eHome\ehSched.exe -- (ehSched [Auto | Running])
    SRV - [2009/04/29 00:59:35 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
    SRV - [2006/03/25 06:00:00 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
    SRV - [2006/05/02 15:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Auto | Running])
    SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
    SRV - [2003/08/18 16:37:10 | 00,303,104 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\LEXBCES.EXE -- (LexBceS [Auto | Running])
    SRV - [2006/05/18 16:52:06 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
    SRV - [2005/08/05 21:16:40 | 00,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\ehome\mcrdsvc.exe -- (McrdSvc [Auto | Running])
    SRV - [2004/08/10 15:30:26 | 00,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mhn.dll -- (MHN [On_Demand | Stopped])
    SRV - [2006/03/25 06:00:00 | 00,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mqsvc.exe -- (MSMQ [Auto | Running])
    SRV - [2006/03/25 06:00:00 | 00,117,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mqtgsvc.exe -- (MSMQTriggers [Auto | Running])
    SRV - [2007/01/20 17:56:14 | 00,507,904 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn [Auto | Running])
    SRV - [2006/11/03 09:59:14 | 00,918,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [Auto | Running])

    [color=orange]========== Driver Services (SafeList) ==========[/color]

    DRV - [2004/08/03 23:10:12 | 00,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\61883.sys -- (61883 [On_Demand | Stopped])
    DRV - [2001/08/18 05:51:56 | 00,005,248 | ---- | M] (Acer Laboratories Inc.) -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde [Boot | Running])
    DRV - [2004/08/04 07:07:44 | 00,043,008 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp [Disabled | Stopped])
    DRV - [2007/01/20 17:56:14 | 00,502,368 | ---- | M] (Eset ) -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON [Auto | Running])
    DRV - [2001/08/18 05:52:00 | 00,026,496 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc [Disabled | Stopped])
    DRV - [2001/08/18 05:51:58 | 00,014,848 | ---- | M] (Advanced System Products, Inc.) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550 [Disabled | Stopped])
    DRV - [2004/08/03 23:10:12 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\avc.sys -- (Avc [On_Demand | Stopped])
    DRV - [2006/05/12 14:21:22 | 00,401,664 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio [On_Demand | Running])
    DRV - [2006/05/12 14:17:18 | 00,030,363 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btport.sys -- (BTDriver [On_Demand | Running])
    DRV - [2006/05/12 14:19:04 | 01,342,602 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btkrnl.sys -- (BTKRNL [On_Demand | Running])
    DRV - [2006/05/12 14:13:46 | 00,148,168 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\system32\DRIVERS\btwdndis.sys -- (BTWDNDIS [On_Demand | Running])
    DRV - [2006/05/12 14:16:44 | 00,057,320 | ---- | M] (Broadcom Corporation.) -- C:\WINDOWS\System32\Drivers\btwusb.sys -- (BTWUSB [On_Demand | Running])
    DRV - [2001/08/24 01:04:44 | 00,006,656 | ---- | M] (CMD Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde [Disabled | Stopped])
    DRV - [2001/08/18 05:52:16 | 00,179,584 | ---- | M] (Mylex Corporation) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k [Disabled | Stopped])
    DRV - [2006/04/11 12:35:18 | 00,163,328 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Running])
    DRV - [2005/09/19 14:23:52 | 00,007,808 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\DRIVERS\eabfiltr.sys -- (eabfiltr [System | Running])
    DRV - [2005/09/19 14:24:20 | 00,005,760 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\DRIVERS\eabusb.sys -- (eabusb [On_Demand | Stopped])
    DRV - [2005/09/19 14:24:10 | 00,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\system32\DRIVERS\cpqbttn.sys -- (HBtnKey [On_Demand | Running])
    DRV - [2006/06/02 17:02:36 | 00,572,928 | ---- | M] (Conexant Systems Inc.) -- C:\WINDOWS\system32\drivers\CHDAud.sys -- (HdAudAddService [On_Demand | Running])
    DRV - [2005/01/07 17:07:18 | 00,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running])
    DRV - [2006/04/20 18:02:40 | 00,208,000 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL [On_Demand | Running])
    DRV - [2006/04/20 18:03:20 | 00,995,712 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV [On_Demand | Running])
    DRV - [2006/03/22 22:47:06 | 01,166,972 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\ialmnt5.sys -- (ialm [On_Demand | Running])
    DRV - [2005/10/13 11:07:12 | 00,874,240 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys -- (iaStor [Boot | Running])
    DRV - [2006/02/15 13:57:46 | 00,012,672 | ---- | M] (Conexant) -- C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])
    DRV - [2007/07/06 12:05:47 | 00,072,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mqac.sys -- (MQAC [On_Demand | Running])
    DRV - [2001/08/18 05:52:12 | 00,017,280 | ---- | M] (American Megatrends Inc.) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x [Disabled | Stopped])
    DRV - [2004/08/03 23:10:00 | 00,051,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\DRIVERS\msdv.sys -- (MSDV [On_Demand | Stopped])
    DRV - [2006/09/28 21:23:34 | 01,709,696 | ---- | M] (Intel® Corporation) -- C:\WINDOWS\system32\DRIVERS\NETw3x32.sys -- (NETw3x32 [On_Demand | Running])
    DRV - [2007/03/04 19:15:49 | 00,017,134 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\WINDOWS\system32\PCANDIS5.SYS -- (PCANDIS5 [On_Demand | Stopped])
    DRV - [2006/03/25 06:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
    DRV - [2008/11/06 18:37:28 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
    DRV - [2001/08/18 05:52:20 | 00,040,320 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080 [Disabled | Stopped])
    DRV - [2001/08/18 05:52:20 | 00,045,312 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160 [Disabled | Stopped])
    DRV - [2001/08/18 05:52:18 | 00,049,024 | ---- | M] (QLogic Corporation) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280 [Disabled | Stopped])
    DRV - [2005/11/16 22:28:32 | 00,028,928 | ---- | M] (REDC) -- C:\WINDOWS\system32\DRIVERS\rimmptsk.sys -- (rimmptsk [On_Demand | Running])
    DRV - [2005/12/22 19:02:22 | 00,051,840 | ---- | M] (REDC) -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys -- (rimsptsk [On_Demand | Running])
    DRV - [2005/11/01 20:08:00 | 00,308,992 | ---- | M] (REDC) -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys -- (rismxdp [On_Demand | Running])
    DRV - [2008/05/08 14:28:49 | 00,202,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\RMCast.sys -- (RMCAST [On_Demand | Running])
    DRV - [2004/08/04 08:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Stopped])
    DRV - [2007/11/13 12:25:54 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
    DRV - [2004/08/04 07:07:44 | 00,041,088 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp [Disabled | Stopped])
    DRV - [2001/08/18 06:07:44 | 00,019,072 | ---- | M] (Adaptec, Inc.) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow [Disabled | Stopped])
    DRV - [2001/08/18 06:07:34 | 00,016,256 | ---- | M] (Symbios Logic Inc.) -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810 [Disabled | Stopped])
    DRV - [2001/08/18 06:07:36 | 00,032,640 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx [Disabled | Stopped])
    DRV - [2001/08/18 06:07:40 | 00,028,384 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi [Disabled | Stopped])
    DRV - [2001/08/18 06:07:42 | 00,030,688 | ---- | M] (LSI Logic) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3 [Disabled | Stopped])
    DRV - [2006/06/17 06:40:56 | 00,193,120 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
    DRV - [2001/08/18 05:52:22 | 00,036,736 | ---- | M] (Promise Technology, Inc.) -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra [Disabled | Stopped])
    DRV - [2006/04/20 18:02:36 | 00,727,296 | ---- | M] (Conexant Systems, Inc.) -- C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys -- (winachsf [On_Demand | Running])
    0
  8. V-X
     
    Re,

    Si mon lien fonctionne.

    Inscrit toi sur CCM et poste moi un MP et te donne un lien que je vait renommer.

    Ensuite tu posteras le rapport ICI sur le forum.

    OK ?
    0
  9. LAET42240 Messages postés 31 Date d'inscription   Statut Membre
     
    j'ai deja spybot c'est compatible les deux ???
    0
    1. V-X
       
      Re,

      Je t'ai MP.
      0
  10. LAET42240 Messages postés 31 Date d'inscription   Statut Membre
     
    BON BEN je vais me coucher je reglerais sa demain
    a demain et encore merci
    0