Windows se bloque juste à la fin du demarrage

Fabrice [MVP]

15/03/2005 à 22:31

Bonjour,

Faites le teste suivant :

EN MODE SANS ECHEC :
démarrer, exécuter, tapez :
msconfig
Puis ok, allez dans l'onglet démarrage, supprimez TOUTES les coches (avec le
bouton qui désactive tout d'un coup)
Relancez votre PC

Si il vas mieux, alors laisser nous ici, la liste COMPLETE de ce qu'il y a
dans l'onglet démarrage.

--

Fabrice
Microsoft MVP
http://www.fab3d.fr.st
Faq Windows XP :
http://a.vouillon.online.fr/faq-winxp.htm

"Frappe avec ta tête"

"Loulyon" a écrit dans le message de news:
423724ab$0$21503$

Bonjour,
Depuis quelques temps j'ai un gros soucis.
Mon PC demarre normalement et le bureau et tout les programmes et services
se mettent en place.
MAIS dès que tout est fini, il se fige et je ne peux plus rien faire tout
est bloqué.
En mode sans echec tout va bien, là je peux travailler.
Comme j'avais des soucis de temps en temps avec l'accelerateur pour Intel
je l'ai desinstaller mais c'est toujours pareil!
J'ai essayé d'enlever la plupart de ce qui demarre lors du boot mais ça ne
change rien ce qui ne m'etonne pas trop puisqu'il va bien jusqu'à la fin
du demarrage!
J'ai fais antivirus et anti spyware et ça ne change rien.
J'ai aussi testé mes disques avec disquette de diagnotique et rien à
signaler non plus.
Pouvez vous m'aider et me donner des idées s'il vous plait?
Merci
J'ai XP pro en SP2 (et depuis des mois pas de soucis)
Amicalement

Loulyon

15/03/2005 à 23:20

Bonjour,

Faites le teste suivant :

EN MODE SANS ECHEC :
démarrer, exécuter, tapez :
msconfig
Puis ok, allez dans l'onglet démarrage, supprimez TOUTES les coches (avec le
bouton qui désactive tout d'un coup)
Relancez votre PC

Si il vas mieux, alors laisser nous ici, la liste COMPLETE de ce qu'il y a
dans l'onglet démarrage.

Merci pour ton aide, effectivement dans ce cas, tout a bien marché!

Voici donc la liste demandée
J'ai désactivé le Win.ini et system.ini, j'ai rien touché aux services
et tout décoché du demarrage dont voici la liste:

DirectCD renvoi vers DirectCD.exe
ADUserMon -> ASUsermon.exe
ashDisp -> ashDisp.exe
NtwCA ->NtwCA.exe /HIDE
taskswith
ctfmon
deskup lié à Iomega
ezSP_Px
fast
gcasServ -> anrispayware microsoft
imontray Inter active monitor
ImgIcon
Logi_MwX
mouseElf
nvCpl
NvMcTray
nwiz
qttask

jusched
realsched
Microsoft Office
Nielsen NetRatings

Si tu veux des détails je peux t'en donner.
Alors qu'en penses tu?
Merci d'avance

JAB $MVP$

15/03/2005 à 23:50

Bonjour,

DirectCD renvoi vers DirectCD.exe =directCd
ADUserMon -> ASUsermon.exe = Omega
ashDisp -> ashDisp.exe = avast
NtwCA ->NtwCA.exe /HIDE = NT
taskswith = ok
ctfmon = ok
deskup lié à Iomega = ok
ezSP_Px = software de drag and drop du graveur
fast = aucune idée
gcasServ -> anrispayware microsoft = ok
imontray Inter active monitor= ok
ImgIcon = omega
Logi_MwX= sourie logitech
mouseElf= sourie
*** nvCpl= juste un bon gros spy très malin qui arrête ta machine
http://www.liutilities.com/products/wintaskspro/processlibrary/NVCPL/ ** à
enlever
NvMcTray = carte nvidea
nwiz = nvidea
qttask= quick time à enlevr
???? à enlever
jusched =java à enlever
realsched= realone à enlever
Microsoft Office= ok
Nielsen NetRatings = à enlever

--
Jacques-André Brunet
Windows XP (MVP)
http://jabrunet.mvps.org/main5.html

Rien n'est parfait, et moi encore moins!!!
Nichts ist vollkommen, und mich noch weniger !!!
Nothing is perfect, and me even less !!!
Niente è perfetto, e me di meno !!!
"Loulyon" a écrit dans le message de news:
42375fa7$0$31193$

Bonjour,

Faites le teste suivant :

EN MODE SANS ECHEC :
démarrer, exécuter, tapez :
msconfig
Puis ok, allez dans l'onglet démarrage, supprimez TOUTES les coches (avec
le bouton qui désactive tout d'un coup)
Relancez votre PC

Si il vas mieux, alors laisser nous ici, la liste COMPLETE de ce qu'il y
a dans l'onglet démarrage.

Merci pour ton aide, effectivement dans ce cas, tout a bien marché!

Voici donc la liste demandée
J'ai désactivé le Win.ini et system.ini, j'ai rien touché aux services et
tout décoché du demarrage dont voici la liste:

DirectCD renvoi vers DirectCD.exe
ADUserMon -> ASUsermon.exe
ashDisp -> ashDisp.exe
NtwCA ->NtwCA.exe /HIDE
taskswith ctfmon
deskup lié à Iomega
ezSP_Px
fast
gcasServ -> anrispayware microsoft
imontray Inter active monitor
ImgIcon
Logi_MwX
mouseElf
nvCpl
NvMcTray
nwiz
qttask

jusched
realsched
Microsoft Office
Nielsen NetRatings

Si tu veux des détails je peux t'en donner.
Alors qu'en penses tu?
Merci d'avance

Bonjour,

DirectCD renvoi vers DirectCD.exe =directCd
ADUserMon -> ASUsermon.exe = Omega
ashDisp -> ashDisp.exe = avast
NtwCA ->NtwCA.exe /HIDE = NT
taskswith = ok
ctfmon = ok
deskup lié à Iomega = ok
ezSP_Px = software de drag and drop du graveur
fast = aucune idée
gcasServ -> anrispayware microsoft = ok
imontray Inter active monitor= ok
ImgIcon = omega
Logi_MwX= sourie logitech
mouseElf= sourie
*** nvCpl= juste un bon gros spy très malin qui arrête ta machine
http://www.liutilities.com/products/wintaskspro/processlibrary/NVCPL/ ** à
enlever
NvMcTray = carte nvidea
nwiz = nvidea
qttask= quick time à enlevr
SETI@home ???? à enlever
jusched =java à enlever
realsched= realone à enlever
Microsoft Office= ok
Nielsen NetRatings = à enlever

--
Jacques-André Brunet
Windows XP (MVP)
http://jabrunet.mvps.org/main5.html

Rien n'est parfait, et moi encore moins!!!
Nichts ist vollkommen, und mich noch weniger !!!
Nothing is perfect, and me even less !!!
Niente è perfetto, e me di meno !!!
"Loulyon" <loulyon.invalid@free.fr> a écrit dans le message de news:
42375fa7$0$31193$626a14ce@news.free.fr...

Bonjour,

Faites le teste suivant :

EN MODE SANS ECHEC :
démarrer, exécuter, tapez :
msconfig
Puis ok, allez dans l'onglet démarrage, supprimez TOUTES les coches (avec
le bouton qui désactive tout d'un coup)
Relancez votre PC

Si il vas mieux, alors laisser nous ici, la liste COMPLETE de ce qu'il y
a dans l'onglet démarrage.

Merci pour ton aide, effectivement dans ce cas, tout a bien marché!

Voici donc la liste demandée
J'ai désactivé le Win.ini et system.ini, j'ai rien touché aux services et
tout décoché du demarrage dont voici la liste:

DirectCD renvoi vers DirectCD.exe
ADUserMon -> ASUsermon.exe
ashDisp -> ashDisp.exe
NtwCA ->NtwCA.exe /HIDE
taskswith ctfmon
deskup lié à Iomega
ezSP_Px
fast
gcasServ -> anrispayware microsoft
imontray Inter active monitor
ImgIcon
Logi_MwX
mouseElf
nvCpl
NvMcTray
nwiz
qttask
SETI@home
jusched
realsched
Microsoft Office
Nielsen NetRatings

Si tu veux des détails je peux t'en donner.
Alors qu'en penses tu?
Merci d'avance

Vous avez filtré cet utilisateur ! Consultez son message

Loulyon

15/03/2005 à 23:58

Bonjour,

DirectCD renvoi vers DirectCD.exe =directCd
ADUserMon -> ASUsermon.exe = Omega
ashDisp -> ashDisp.exe = avast
NtwCA ->NtwCA.exe /HIDE = NT
taskswith = ok
ctfmon = ok
deskup lié à Iomega = ok
ezSP_Px = software de drag and drop du graveur
fast = aucune idée
gcasServ -> anrispayware microsoft = ok
imontray Inter active monitor= ok
ImgIcon = omega
Logi_MwX= sourie logitech
mouseElf= sourie
*** nvCpl= juste un bon gros spy très malin qui arrête ta machine
http://www.liutilities.com/products/wintaskspro/processlibrary/NVCPL/ ** à
enlever
NvMcTray = carte nvidea
nwiz = nvidea
qttask= quick time à enlevr
???? à enlever
jusched =java à enlever
realsched= realone à enlever
Microsoft Office= ok
Nielsen NetRatings = à enlever

Merci infiniment pour tes conseils, je vais les appliquer de suite.

Mais dis moi comment on les enlève définitivement de msconfig? Je les
laisse simplement décochés?

JAB $MVP$

16/03/2005 à 00:03

tu peux les laisser décochés mais pour ce qui est de quick time tu peux le
désinstaller si il ne te sert pas, realone player aussi ça sert pas beaucoup
maintenant .
moi je désactiverais la restauration et passerais un bon coup de
l'antispyware de MS mais en mode sans échec et un bon coup de Avast en mode
sans échec aussi pour enfin remettre la restauration si tout marche bien .
Bonne chance

--
Jacques-André Brunet
Windows XP (MVP)
http://jabrunet.mvps.org/main5.html

Rien n'est parfait, et moi encore moins!!!
Nichts ist vollkommen, und mich noch weniger !!!
Nothing is perfect, and me even less !!!
Niente è perfetto, e me di meno !!!
"Loulyon" a écrit dans le message de news:
4237689b$0$18189$

Bonjour,

DirectCD renvoi vers DirectCD.exe =directCd
ADUserMon -> ASUsermon.exe = Omega
ashDisp -> ashDisp.exe = avast
NtwCA ->NtwCA.exe /HIDE = NT
taskswith = ok
ctfmon = ok
deskup lié à Iomega = ok
ezSP_Px = software de drag and drop du graveur
fast = aucune idée
gcasServ -> anrispayware microsoft = ok
imontray Inter active monitor= ok
ImgIcon = omega
Logi_MwX= sourie logitech
mouseElf= sourie
*** nvCpl= juste un bon gros spy très malin qui arrête ta machine
http://www.liutilities.com/products/wintaskspro/processlibrary/NVCPL/ **
à enlever
NvMcTray = carte nvidea
nwiz = nvidea
qttask= quick time à enlevr
???? à enlever
jusched =java à enlever
realsched= realone à enlever
Microsoft Office= ok
Nielsen NetRatings = à enlever

Merci infiniment pour tes conseils, je vais les appliquer de suite.

Mais dis moi comment on les enlève définitivement de msconfig? Je les
laisse simplement décochés?

Loulyon

16/03/2005 à 00:05

Bonjour,

DirectCD renvoi vers DirectCD.exe =directCd
ADUserMon -> ASUsermon.exe = Omega
ashDisp -> ashDisp.exe = avast
NtwCA ->NtwCA.exe /HIDE = NT
taskswith = ok
ctfmon = ok
deskup lié à Iomega = ok
ezSP_Px = software de drag and drop du graveur
fast = aucune idée
gcasServ -> anrispayware microsoft = ok
imontray Inter active monitor= ok
ImgIcon = omega
Logi_MwX= sourie logitech
mouseElf= sourie
*** nvCpl= juste un bon gros spy très malin qui arrête ta machine
http://www.liutilities.com/products/wintaskspro/processlibrary/NVCPL/ ** à
enlever
NvMcTray = carte nvidea
nwiz = nvidea
qttask= quick time à enlevr
???? à enlever
jusched =java à enlever
realsched= realone à enlever
Microsoft Office= ok
Nielsen NetRatings = à enlever

Juste une précision, ce fichier nvCpl.dll semble appartenir à Nvidia!?

Est ce un leure fait expres? Bref puis je le supprimer sans danger?
Merci

O.B. [MVP]

16/03/2005 à 00:07

Bonjour Loulyon,

dans son message, Loulyon a tapé ceci :

Bonjour,

Faites le teste suivant :

EN MODE SANS ECHEC :
démarrer, exécuter, tapez :
msconfig
Puis ok, allez dans l'onglet démarrage, supprimez TOUTES les coches
(avec le bouton qui désactive tout d'un coup)
Relancez votre PC

Si il vas mieux, alors laisser nous ici, la liste COMPLETE de ce
qu'il y a dans l'onglet démarrage.

Merci pour ton aide, effectivement dans ce cas, tout a bien marché!

Voici donc la liste demandée
J'ai désactivé le Win.ini et system.ini, j'ai rien touché aux services
et tout décoché du demarrage dont voici la liste:

DirectCD renvoi vers DirectCD.exe
ADUserMon -> ASUsermon.exe
ashDisp -> ashDisp.exe
NtwCA ->NtwCA.exe /HIDE
taskswith
ctfmon
deskup lié à Iomega
ezSP_Px
fast
gcasServ -> anrispayware microsoft
imontray Inter active monitor
ImgIcon
Logi_MwX
mouseElf
nvCpl
NvMcTray
nwiz
qttask

jusched
realsched
Microsoft Office
Nielsen NetRatings

Si tu veux des détails je peux t'en donner.
Alors qu'en penses tu?
Merci d'avance

dans cette liste regardez tout ce qui vous semble inconnu ou ne
correspondant a rien d'installé et faite une recherche sur google voir de
quoi il s'agit
si rien n'est anormale recocher les un après les autres jusqu'a ce que ça
bloque ... pour trouver ce qui bloque ...

--
Olivier B.
[MVP Windows Shell/User]
"le savoir est fait pour être partagé"

merci de ne repondre que dans le newsgroup
sinon retirer le "pas_de_spam_" devant mon adresse
(adresse rarement relevée)

Claude LaFrenière

16/03/2005 à 00:11

Bonjour *Loulyon* :

Juste une précision, ce fichier nvCpl.dll semble appartenir à Nvidia!?
Est ce un leure fait expres? Bref puis je le supprimer sans danger?
Merci

Fait pas ça à la mitaine....
Utilise les bon outils pour virer ce truc.
Suit les conseils de JAB.

:)
--
Claude LaFrenière

Loulyon

16/03/2005 à 00:14

tu peux les laisser décochés mais pour ce qui est de quick time tu peux le
désinstaller si il ne te sert pas, realone player aussi ça sert pas beaucoup
maintenant .
moi je désactiverais la restauration et passerais un bon coup de
l'antispyware de MS mais en mode sans échec et un bon coup de Avast en mode
sans échec aussi pour enfin remettre la restauration si tout marche bien .
Bonne chance

Voici résultat pour info :

Logfile of HijackThis v1.99.1
Scan saved at 00:12:49, on 16/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinPortraitwpctrl.exe
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
f:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesFichiers communsEPSONEBAPIeEBSVC.exe
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
F:Program FilesFirebirdFirebird_1_5binfbserver.exe
C:WINDOWSsystem32devldr32.exe
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
D:Program FilesPalickSoftHDD TemperatureHDDTSvc.exe
C:PROGRA~1IomegaSystem32AppServices.exe
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
C:Program FilesWinPortraitfloater.exe
C:WINDOWSsystem32nvsvc32.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:Program FilesIomegaAutoDiskADService.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
C:WINDOWSSystem32Fast.exe
f:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
f:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesNielsenNetratingsbininsight.exe
C:WINDOWSSystem32svchost.exe
F:Program FilesAlwil SoftwareAvast4ashDisp.exe
d:Program FilesRealRealOne PlayerRealPlay.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
F:Program FilesICQLiteICQLite.exe
F:Program FilesMicrosoft MoneySystemmnyschdl.exe
F:Program FilesMicrosoft MoneySystemmisuser.exe
F:Program FilesMicrosoft MoneySystemmis.exe
H:Program FilesSkypePhoneSkype.exe
F:Program Filesthunderbirdthunderbird.exe
F:Program FilesMozilla Firefoxfirefox.exe
F:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
F:Program FilesMicrosoft AntiSpywaregcasServ.exe
N:HijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyServer = http7.0.0.1:8010
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride =
setup.msn.com;memberservices.msn.com;localhost;loulyon.dyndns.org;barnet.*;<local>
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
n:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} -
C:WINDOWSSystem32nzdd.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
F:Program FilesICQToolbartoolbaru.dll
O4 - HKLM..Run: [PivotSoftware] "C:Program FilesWinPortraitwpctrl.exe"
O4 - HKLM..Run: [MSConfig]
C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKLM..Run: [IMONTRAY] C:Program FilesIntelIntel(R) Active
Monitorimontray.exe
O4 - HKLM..Run: [gcasServ] "F:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKLM..Run: [avast!] f:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [Deskup] C:Program FilesIomegaDriveIconsdeskup.exe
/IMGSTART
O4 - HKLM..Run: [CoolSwitch] C:WINDOWSSystem32taskswitch.exe
O4 - HKLM..Run: [CASpeed] "D:Program FilesCable e ADSL
SpeedNtwCA.exe" /HIDE
O4 - HKLM..Run: [ADUserMon] C:Program FilesIomegaAutoDiskADUserMon.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..RunOnce: [ICQ Lite] F:Program FilesICQLiteICQLite.exe
-trayboot
O4 - Global Startup: Nielsen NetRatings.lnk = C:Program
FilesNielsenNetratingsbininsight.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://F:PROGRA~1MICROS~1Office10EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://F:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} -
F:Program FilesIcqICQ.exe
O9 - Extra 'Tools' menuitem: ICQ -
{6224f700-cba3-4071-b251-47cb894244cd} - F:Program FilesIcqICQ.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
F:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
f:Program FilesICQLiteICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite -
{B863453A-26C3-4e1f-A54D-A2CD196348E9} - f:Program
FilesICQLiteICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert -
https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Dominoes -
http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb
Control) - http://69.226.2.133/img/NetCamPlayerWeb.ocx
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20011004/qtinstall.info.apple.com/qt503/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093816404329
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://65.40.136.141/activex/AxisCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A5DC33CE-214B-4C26-8596-8A45456C9EB8} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) -
http://services.moviesystem.com/cabs/msway.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools
English Online) -
http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - f:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:Program
FilesFichiers communsEPSONEBAPIeEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO
EPSON CORPORATION - C:Program FilesFichiers
communsEPSONEBAPISAgent2.exe
O23 - Service: Firebird Server - DefaultInstance
(FirebirdServerDefaultInstance) - The Firebird Project - F:Program
FilesFirebirdFirebird_1_5binfbserver.exe
O23 - Service: GhostStartService - Symantec Corporation -
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
O23 - Service: Groove Installer Service (GrooveInstallerService) -
Groove Networks, Inc. - g:Program FilesGroove
NetworksGrooveBinGrooveInstallerService.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - D:Program
FilesPalickSoftHDD TemperatureHDDTSvc.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. -
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
O23 - Service: Firebird Guardian Service (InterBaseGuardian) - Unknown
owner - f:Program.exe (file missing)
O23 - Service: Iomega App Services - Iomega Corporation -
C:PROGRA~1IomegaSystem32AppServices.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies -
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesFichiers
communsSony SharedAVLibPACSPTISVR.exe
O23 - Service: SDB P2P Proxy (SEP2PProxyService) - Creative IT -
f:Program FilesCreative ITP2PProxyP2PProxy.exe
O23 - Service: QuBES Peon (SEPeonService) - Creative IT - f:Program
FilesCreative ITQuBESQuBESPeon.exe
O23 - Service: QuBES Guardian (SEQuBESGuardian) - Creative IT -
F:Program FilesCreative ITQuBESGuardianQuBESGuardian.exe
O23 - Service: QuBES Indexer (SEQuBESIndexer) - Creative IT - f:Program
FilesCreative ITQuBESIndexerQuBESIndexer.exe
O23 - Service: QuBES Express Web Server (SEWebService) - Creative IT -
f:Program FilesCreative ITQuBESExpressQuBESExpress.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
C:Program FilesFichiers communsSony SharedAVLibSPTISRV.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) -
Iomega Corporation - C:Program FilesIomegaAutoDiskADService.exe

tu peux les laisser décochés mais pour ce qui est de quick time tu peux le
désinstaller si il ne te sert pas, realone player aussi ça sert pas beaucoup
maintenant .
moi je désactiverais la restauration et passerais un bon coup de
l'antispyware de MS mais en mode sans échec et un bon coup de Avast en mode
sans échec aussi pour enfin remettre la restauration si tout marche bien .
Bonne chance

Voici résultat pour info :

Logfile of HijackThis v1.99.1
Scan saved at 00:12:49, on 16/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinPortraitwpctrl.exe
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
f:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesFichiers communsEPSONEBAPIeEBSVC.exe
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
F:Program FilesFirebirdFirebird_1_5binfbserver.exe
C:WINDOWSsystem32devldr32.exe
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
D:Program FilesPalickSoftHDD TemperatureHDDTSvc.exe
C:PROGRA~1IomegaSystem32AppServices.exe
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
C:Program FilesWinPortraitfloater.exe
C:WINDOWSsystem32nvsvc32.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:Program FilesIomegaAutoDiskADService.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
C:WINDOWSSystem32Fast.exe
f:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
f:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesNielsenNetratingsbininsight.exe
C:WINDOWSSystem32svchost.exe
F:Program FilesAlwil SoftwareAvast4ashDisp.exe
d:Program FilesRealRealOne PlayerRealPlay.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
F:Program FilesICQLiteICQLite.exe
F:Program FilesMicrosoft MoneySystemmnyschdl.exe
F:Program FilesMicrosoft MoneySystemmisuser.exe
F:Program FilesMicrosoft MoneySystemmis.exe
H:Program FilesSkypePhoneSkype.exe
F:Program Filesthunderbirdthunderbird.exe
F:Program FilesMozilla Firefoxfirefox.exe
F:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
F:Program FilesMicrosoft AntiSpywaregcasServ.exe
N:HijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyServer = http7.0.0.1:8010
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride =
setup.msn.com;memberservices.msn.com;localhost;loulyon.dyndns.org;barnet.*;<local>
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
n:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} -
C:WINDOWSSystem32nzdd.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
F:Program FilesICQToolbartoolbaru.dll
O4 - HKLM..Run: [PivotSoftware] "C:Program FilesWinPortraitwpctrl.exe"
O4 - HKLM..Run: [MSConfig]
C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKLM..Run: [IMONTRAY] C:Program FilesIntelIntel(R) Active
Monitorimontray.exe
O4 - HKLM..Run: [gcasServ] "F:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKLM..Run: [avast!] f:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [Deskup] C:Program FilesIomegaDriveIconsdeskup.exe
/IMGSTART
O4 - HKLM..Run: [CoolSwitch] C:WINDOWSSystem32taskswitch.exe
O4 - HKLM..Run: [CASpeed] "D:Program FilesCable e ADSL
SpeedNtwCA.exe" /HIDE
O4 - HKLM..Run: [ADUserMon] C:Program FilesIomegaAutoDiskADUserMon.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..RunOnce: [ICQ Lite] F:Program FilesICQLiteICQLite.exe
-trayboot
O4 - Global Startup: Nielsen NetRatings.lnk = C:Program
FilesNielsenNetratingsbininsight.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://F:PROGRA~1MICROS~1Office10EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://F:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} -
F:Program FilesIcqICQ.exe
O9 - Extra 'Tools' menuitem: ICQ -
{6224f700-cba3-4071-b251-47cb894244cd} - F:Program FilesIcqICQ.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
F:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
f:Program FilesICQLiteICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite -
{B863453A-26C3-4e1f-A54D-A2CD196348E9} - f:Program
FilesICQLiteICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert -
https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Dominoes -
http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb
Control) - http://69.226.2.133/img/NetCamPlayerWeb.ocx
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20011004/qtinstall.info.apple.com/qt503/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093816404329
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://65.40.136.141/activex/AxisCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A5DC33CE-214B-4C26-8596-8A45456C9EB8} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) -
http://services.moviesystem.com/cabs/msway.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools
English Online) -
http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - f:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:Program
FilesFichiers communsEPSONEBAPIeEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO
EPSON CORPORATION - C:Program FilesFichiers
communsEPSONEBAPISAgent2.exe
O23 - Service: Firebird Server - DefaultInstance
(FirebirdServerDefaultInstance) - The Firebird Project - F:Program
FilesFirebirdFirebird_1_5binfbserver.exe
O23 - Service: GhostStartService - Symantec Corporation -
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
O23 - Service: Groove Installer Service (GrooveInstallerService) -
Groove Networks, Inc. - g:Program FilesGroove
NetworksGrooveBinGrooveInstallerService.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - D:Program
FilesPalickSoftHDD TemperatureHDDTSvc.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. -
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
O23 - Service: Firebird Guardian Service (InterBaseGuardian) - Unknown
owner - f:Program.exe (file missing)
O23 - Service: Iomega App Services - Iomega Corporation -
C:PROGRA~1IomegaSystem32AppServices.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies -
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesFichiers
communsSony SharedAVLibPACSPTISVR.exe
O23 - Service: SDB P2P Proxy (SEP2PProxyService) - Creative IT -
f:Program FilesCreative ITP2PProxyP2PProxy.exe
O23 - Service: QuBES Peon (SEPeonService) - Creative IT - f:Program
FilesCreative ITQuBESQuBESPeon.exe
O23 - Service: QuBES Guardian (SEQuBESGuardian) - Creative IT -
F:Program FilesCreative ITQuBESGuardianQuBESGuardian.exe
O23 - Service: QuBES Indexer (SEQuBESIndexer) - Creative IT - f:Program
FilesCreative ITQuBESIndexerQuBESIndexer.exe
O23 - Service: QuBES Express Web Server (SEWebService) - Creative IT -
f:Program FilesCreative ITQuBESExpressQuBESExpress.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
C:Program FilesFichiers communsSony SharedAVLibSPTISRV.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) -
Iomega Corporation - C:Program FilesIomegaAutoDiskADService.exe

Vous avez filtré cet utilisateur ! Consultez son message

tu peux les laisser décochés mais pour ce qui est de quick time tu peux le
désinstaller si il ne te sert pas, realone player aussi ça sert pas beaucoup
maintenant .
moi je désactiverais la restauration et passerais un bon coup de
l'antispyware de MS mais en mode sans échec et un bon coup de Avast en mode
sans échec aussi pour enfin remettre la restauration si tout marche bien .
Bonne chance

Voici résultat pour info :

Logfile of HijackThis v1.99.1
Scan saved at 00:12:49, on 16/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinPortraitwpctrl.exe
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
f:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesFichiers communsEPSONEBAPIeEBSVC.exe
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
F:Program FilesFirebirdFirebird_1_5binfbserver.exe
C:WINDOWSsystem32devldr32.exe
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
D:Program FilesPalickSoftHDD TemperatureHDDTSvc.exe
C:PROGRA~1IomegaSystem32AppServices.exe
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
C:Program FilesWinPortraitfloater.exe
C:WINDOWSsystem32nvsvc32.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:Program FilesIomegaAutoDiskADService.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
C:WINDOWSSystem32Fast.exe
f:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
f:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesNielsenNetratingsbininsight.exe
C:WINDOWSSystem32svchost.exe
F:Program FilesAlwil SoftwareAvast4ashDisp.exe
d:Program FilesRealRealOne PlayerRealPlay.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
F:Program FilesICQLiteICQLite.exe
F:Program FilesMicrosoft MoneySystemmnyschdl.exe
F:Program FilesMicrosoft MoneySystemmisuser.exe
F:Program FilesMicrosoft MoneySystemmis.exe
H:Program FilesSkypePhoneSkype.exe
F:Program Filesthunderbirdthunderbird.exe
F:Program FilesMozilla Firefoxfirefox.exe
F:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
F:Program FilesMicrosoft AntiSpywaregcasServ.exe
N:HijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyServer = http7.0.0.1:8010
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride =
setup.msn.com;memberservices.msn.com;localhost;loulyon.dyndns.org;barnet.*;<local>
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
n:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} -
C:WINDOWSSystem32nzdd.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
F:Program FilesICQToolbartoolbaru.dll
O4 - HKLM..Run: [PivotSoftware] "C:Program FilesWinPortraitwpctrl.exe"
O4 - HKLM..Run: [MSConfig]
C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKLM..Run: [IMONTRAY] C:Program FilesIntelIntel(R) Active
Monitorimontray.exe
O4 - HKLM..Run: [gcasServ] "F:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKLM..Run: [avast!] f:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [Deskup] C:Program FilesIomegaDriveIconsdeskup.exe
/IMGSTART
O4 - HKLM..Run: [CoolSwitch] C:WINDOWSSystem32taskswitch.exe
O4 - HKLM..Run: [CASpeed] "D:Program FilesCable e ADSL
SpeedNtwCA.exe" /HIDE
O4 - HKLM..Run: [ADUserMon] C:Program FilesIomegaAutoDiskADUserMon.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..RunOnce: [ICQ Lite] F:Program FilesICQLiteICQLite.exe
-trayboot
O4 - Global Startup: Nielsen NetRatings.lnk = C:Program
FilesNielsenNetratingsbininsight.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://F:PROGRA~1MICROS~1Office10EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://F:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} -
F:Program FilesIcqICQ.exe
O9 - Extra 'Tools' menuitem: ICQ -
{6224f700-cba3-4071-b251-47cb894244cd} - F:Program FilesIcqICQ.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
F:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
f:Program FilesICQLiteICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite -
{B863453A-26C3-4e1f-A54D-A2CD196348E9} - f:Program
FilesICQLiteICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert -
https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Dominoes -
http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb
Control) - http://69.226.2.133/img/NetCamPlayerWeb.ocx
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20011004/qtinstall.info.apple.com/qt503/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093816404329
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://65.40.136.141/activex/AxisCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A5DC33CE-214B-4C26-8596-8A45456C9EB8} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) -
http://services.moviesystem.com/cabs/msway.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools
English Online) -
http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - f:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:Program
FilesFichiers communsEPSONEBAPIeEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO
EPSON CORPORATION - C:Program FilesFichiers
communsEPSONEBAPISAgent2.exe
O23 - Service: Firebird Server - DefaultInstance
(FirebirdServerDefaultInstance) - The Firebird Project - F:Program
FilesFirebirdFirebird_1_5binfbserver.exe
O23 - Service: GhostStartService - Symantec Corporation -
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
O23 - Service: Groove Installer Service (GrooveInstallerService) -
Groove Networks, Inc. - g:Program FilesGroove
NetworksGrooveBinGrooveInstallerService.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - D:Program
FilesPalickSoftHDD TemperatureHDDTSvc.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. -
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
O23 - Service: Firebird Guardian Service (InterBaseGuardian) - Unknown
owner - f:Program.exe (file missing)
O23 - Service: Iomega App Services - Iomega Corporation -
C:PROGRA~1IomegaSystem32AppServices.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies -
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesFichiers
communsSony SharedAVLibPACSPTISVR.exe
O23 - Service: SDB P2P Proxy (SEP2PProxyService) - Creative IT -
f:Program FilesCreative ITP2PProxyP2PProxy.exe
O23 - Service: QuBES Peon (SEPeonService) - Creative IT - f:Program
FilesCreative ITQuBESQuBESPeon.exe
O23 - Service: QuBES Guardian (SEQuBESGuardian) - Creative IT -
F:Program FilesCreative ITQuBESGuardianQuBESGuardian.exe
O23 - Service: QuBES Indexer (SEQuBESIndexer) - Creative IT - f:Program
FilesCreative ITQuBESIndexerQuBESIndexer.exe
O23 - Service: QuBES Express Web Server (SEWebService) - Creative IT -
f:Program FilesCreative ITQuBESExpressQuBESExpress.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
C:Program FilesFichiers communsSony SharedAVLibSPTISRV.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) -
Iomega Corporation - C:Program FilesIomegaAutoDiskADService.exe

Claude LaFrenière

16/03/2005 à 00:26

Bonjour *Loulyon* :

[9 lignes citées masquées]
Voici résultat pour info :

Logfile of HijackThis v1.99.1
Scan saved at 00:12:49, on 16/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinPortraitwpctrl.exe
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
f:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesFichiers communsEPSONEBAPIeEBSVC.exe
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
F:Program FilesFirebirdFirebird_1_5binfbserver.exe
C:WINDOWSsystem32devldr32.exe
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
D:Program FilesPalickSoftHDD TemperatureHDDTSvc.exe
C:PROGRA~1IomegaSystem32AppServices.exe
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
C:Program FilesWinPortraitfloater.exe
C:WINDOWSsystem32nvsvc32.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:Program FilesIomegaAutoDiskADService.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
C:WINDOWSSystem32Fast.exe
f:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
f:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesNielsenNetratingsbininsight.exe
C:WINDOWSSystem32svchost.exe
F:Program FilesAlwil SoftwareAvast4ashDisp.exe
d:Program FilesRealRealOne PlayerRealPlay.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
F:Program FilesICQLiteICQLite.exe
F:Program FilesMicrosoft MoneySystemmnyschdl.exe
F:Program FilesMicrosoft MoneySystemmisuser.exe
F:Program FilesMicrosoft MoneySystemmis.exe
H:Program FilesSkypePhoneSkype.exe
F:Program Filesthunderbirdthunderbird.exe
F:Program FilesMozilla Firefoxfirefox.exe
F:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
F:Program FilesMicrosoft AntiSpywaregcasServ.exe
N:HijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyServer = http7.0.0.1:8010
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride =
setup.msn.com;memberservices.msn.com;localhost;loulyon.dyndns.org;barnet.*;<local>
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
n:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} -
C:WINDOWSSystem32nzdd.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
F:Program FilesICQToolbartoolbaru.dll
O4 - HKLM..Run: [PivotSoftware] "C:Program FilesWinPortraitwpctrl.exe"
O4 - HKLM..Run: [MSConfig]
C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKLM..Run: [IMONTRAY] C:Program FilesIntelIntel(R) Active
Monitorimontray.exe
O4 - HKLM..Run: [gcasServ] "F:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKLM..Run: [avast!] f:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [Deskup] C:Program FilesIomegaDriveIconsdeskup.exe
/IMGSTART
O4 - HKLM..Run: [CoolSwitch] C:WINDOWSSystem32taskswitch.exe
O4 - HKLM..Run: [CASpeed] "D:Program FilesCable e ADSL
SpeedNtwCA.exe" /HIDE
O4 - HKLM..Run: [ADUserMon] C:Program FilesIomegaAutoDiskADUserMon.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..RunOnce: [ICQ Lite] F:Program FilesICQLiteICQLite.exe
-trayboot
O4 - Global Startup: Nielsen NetRatings.lnk = C:Program
FilesNielsenNetratingsbininsight.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://F:PROGRA~1MICROS~1Office10EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://F:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} -
F:Program FilesIcqICQ.exe
O9 - Extra 'Tools' menuitem: ICQ -
{6224f700-cba3-4071-b251-47cb894244cd} - F:Program FilesIcqICQ.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
F:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
f:Program FilesICQLiteICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite -
{B863453A-26C3-4e1f-A54D-A2CD196348E9} - f:Program
FilesICQLiteICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert -
https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Dominoes -
http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb
Control) - http://69.226.2.133/img/NetCamPlayerWeb.ocx
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20011004/qtinstall.info.apple.com/qt503/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093816404329
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://65.40.136.141/activex/AxisCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A5DC33CE-214B-4C26-8596-8A45456C9EB8} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) -
http://services.moviesystem.com/cabs/msway.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools
English Online) -
http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - f:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:Program
FilesFichiers communsEPSONEBAPIeEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO
EPSON CORPORATION - C:Program FilesFichiers
communsEPSONEBAPISAgent2.exe
O23 - Service: Firebird Server - DefaultInstance
(FirebirdServerDefaultInstance) - The Firebird Project - F:Program
FilesFirebirdFirebird_1_5binfbserver.exe
O23 - Service: GhostStartService - Symantec Corporation -
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
O23 - Service: Groove Installer Service (GrooveInstallerService) -
Groove Networks, Inc. - g:Program FilesGroove
NetworksGrooveBinGrooveInstallerService.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - D:Program
FilesPalickSoftHDD TemperatureHDDTSvc.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. -
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
O23 - Service: Firebird Guardian Service (InterBaseGuardian) - Unknown
owner - f:Program.exe (file missing)
O23 - Service: Iomega App Services - Iomega Corporation -
C:PROGRA~1IomegaSystem32AppServices.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies -
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesFichiers
communsSony SharedAVLibPACSPTISVR.exe
O23 - Service: SDB P2P Proxy (SEP2PProxyService) - Creative IT -
f:Program FilesCreative ITP2PProxyP2PProxy.exe
O23 - Service: QuBES Peon (SEPeonService) - Creative IT - f:Program
FilesCreative ITQuBESQuBESPeon.exe
O23 - Service: QuBES Guardian (SEQuBESGuardian) - Creative IT -
F:Program FilesCreative ITQuBESGuardianQuBESGuardian.exe
O23 - Service: QuBES Indexer (SEQuBESIndexer) - Creative IT - f:Program
FilesCreative ITQuBESIndexerQuBESIndexer.exe
O23 - Service: QuBES Express Web Server (SEWebService) - Creative IT -
f:Program FilesCreative ITQuBESExpressQuBESExpress.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
C:Program FilesFichiers communsSony SharedAVLibSPTISRV.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) -
Iomega Corporation - C:Program FilesIomegaAutoDiskADService.exe

Va évaluer ton log sur ce site :
http://www.hijackthis.de/index.php?langselect=french

N.B. Corrige ton copié-collé : pas retour à la ligne ...

S'il trouve quelque chose de suspect revient sur le forum pour confirmaer
avant de supprimer.

:)
--
Claude LaFrenière

Bonjour *Loulyon* :

[9 lignes citées masquées]
Voici résultat pour info :

Logfile of HijackThis v1.99.1
Scan saved at 00:12:49, on 16/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinPortraitwpctrl.exe
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
f:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesFichiers communsEPSONEBAPIeEBSVC.exe
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
F:Program FilesFirebirdFirebird_1_5binfbserver.exe
C:WINDOWSsystem32devldr32.exe
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
D:Program FilesPalickSoftHDD TemperatureHDDTSvc.exe
C:PROGRA~1IomegaSystem32AppServices.exe
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
C:Program FilesWinPortraitfloater.exe
C:WINDOWSsystem32nvsvc32.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:Program FilesIomegaAutoDiskADService.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
C:WINDOWSSystem32Fast.exe
f:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
f:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesNielsenNetratingsbininsight.exe
C:WINDOWSSystem32svchost.exe
F:Program FilesAlwil SoftwareAvast4ashDisp.exe
d:Program FilesRealRealOne PlayerRealPlay.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
F:Program FilesICQLiteICQLite.exe
F:Program FilesMicrosoft MoneySystemmnyschdl.exe
F:Program FilesMicrosoft MoneySystemmisuser.exe
F:Program FilesMicrosoft MoneySystemmis.exe
H:Program FilesSkypePhoneSkype.exe
F:Program Filesthunderbirdthunderbird.exe
F:Program FilesMozilla Firefoxfirefox.exe
F:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
F:Program FilesMicrosoft AntiSpywaregcasServ.exe
N:HijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyServer = http7.0.0.1:8010
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride =
setup.msn.com;memberservices.msn.com;localhost;loulyon.dyndns.org;barnet.*;<local>
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
n:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} -
C:WINDOWSSystem32nzdd.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
F:Program FilesICQToolbartoolbaru.dll
O4 - HKLM..Run: [PivotSoftware] "C:Program FilesWinPortraitwpctrl.exe"
O4 - HKLM..Run: [MSConfig]
C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKLM..Run: [IMONTRAY] C:Program FilesIntelIntel(R) Active
Monitorimontray.exe
O4 - HKLM..Run: [gcasServ] "F:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKLM..Run: [avast!] f:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [Deskup] C:Program FilesIomegaDriveIconsdeskup.exe
/IMGSTART
O4 - HKLM..Run: [CoolSwitch] C:WINDOWSSystem32taskswitch.exe
O4 - HKLM..Run: [CASpeed] "D:Program FilesCable e ADSL
SpeedNtwCA.exe" /HIDE
O4 - HKLM..Run: [ADUserMon] C:Program FilesIomegaAutoDiskADUserMon.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..RunOnce: [ICQ Lite] F:Program FilesICQLiteICQLite.exe
-trayboot
O4 - Global Startup: Nielsen NetRatings.lnk = C:Program
FilesNielsenNetratingsbininsight.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://F:PROGRA~1MICROS~1Office10EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://F:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} -
F:Program FilesIcqICQ.exe
O9 - Extra 'Tools' menuitem: ICQ -
{6224f700-cba3-4071-b251-47cb894244cd} - F:Program FilesIcqICQ.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
F:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
f:Program FilesICQLiteICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite -
{B863453A-26C3-4e1f-A54D-A2CD196348E9} - f:Program
FilesICQLiteICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert -
https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Dominoes -
http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb
Control) - http://69.226.2.133/img/NetCamPlayerWeb.ocx
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20011004/qtinstall.info.apple.com/qt503/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093816404329
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://65.40.136.141/activex/AxisCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A5DC33CE-214B-4C26-8596-8A45456C9EB8} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) -
http://services.moviesystem.com/cabs/msway.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools
English Online) -
http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - f:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:Program
FilesFichiers communsEPSONEBAPIeEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO
EPSON CORPORATION - C:Program FilesFichiers
communsEPSONEBAPISAgent2.exe
O23 - Service: Firebird Server - DefaultInstance
(FirebirdServerDefaultInstance) - The Firebird Project - F:Program
FilesFirebirdFirebird_1_5binfbserver.exe
O23 - Service: GhostStartService - Symantec Corporation -
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
O23 - Service: Groove Installer Service (GrooveInstallerService) -
Groove Networks, Inc. - g:Program FilesGroove
NetworksGrooveBinGrooveInstallerService.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - D:Program
FilesPalickSoftHDD TemperatureHDDTSvc.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. -
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
O23 - Service: Firebird Guardian Service (InterBaseGuardian) - Unknown
owner - f:Program.exe (file missing)
O23 - Service: Iomega App Services - Iomega Corporation -
C:PROGRA~1IomegaSystem32AppServices.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies -
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesFichiers
communsSony SharedAVLibPACSPTISVR.exe
O23 - Service: SDB P2P Proxy (SEP2PProxyService) - Creative IT -
f:Program FilesCreative ITP2PProxyP2PProxy.exe
O23 - Service: QuBES Peon (SEPeonService) - Creative IT - f:Program
FilesCreative ITQuBESQuBESPeon.exe
O23 - Service: QuBES Guardian (SEQuBESGuardian) - Creative IT -
F:Program FilesCreative ITQuBESGuardianQuBESGuardian.exe
O23 - Service: QuBES Indexer (SEQuBESIndexer) - Creative IT - f:Program
FilesCreative ITQuBESIndexerQuBESIndexer.exe
O23 - Service: QuBES Express Web Server (SEWebService) - Creative IT -
f:Program FilesCreative ITQuBESExpressQuBESExpress.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
C:Program FilesFichiers communsSony SharedAVLibSPTISRV.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) -
Iomega Corporation - C:Program FilesIomegaAutoDiskADService.exe

Va évaluer ton log sur ce site :
http://www.hijackthis.de/index.php?langselect=french

N.B. Corrige ton copié-collé : pas retour à la ligne ...

S'il trouve quelque chose de suspect revient sur le forum pour confirmaer
avant de supprimer.

:)
--
Claude LaFrenière

Vous avez filtré cet utilisateur ! Consultez son message

Bonjour *Loulyon* :

[9 lignes citées masquées]
Voici résultat pour info :

Logfile of HijackThis v1.99.1
Scan saved at 00:12:49, on 16/03/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesWinPortraitwpctrl.exe
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
f:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSSystem32dllhost.exe
C:Program FilesFichiers communsEPSONEBAPIeEBSVC.exe
C:Program FilesFichiers communsEPSONEBAPISAgent2.exe
F:Program FilesFirebirdFirebird_1_5binfbserver.exe
C:WINDOWSsystem32devldr32.exe
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
D:Program FilesPalickSoftHDD TemperatureHDDTSvc.exe
C:PROGRA~1IomegaSystem32AppServices.exe
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
C:Program FilesWinPortraitfloater.exe
C:WINDOWSsystem32nvsvc32.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:Program FilesIomegaAutoDiskADService.exe
f:Program FilesKerioPersonal Firewall 4kpf4gui.exe
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
C:WINDOWSSystem32Fast.exe
f:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
f:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesNielsenNetratingsbininsight.exe
C:WINDOWSSystem32svchost.exe
F:Program FilesAlwil SoftwareAvast4ashDisp.exe
d:Program FilesRealRealOne PlayerRealPlay.exe
C:Program FilesFichiers communsRealUpdate_OBrealsched.exe
F:Program FilesICQLiteICQLite.exe
F:Program FilesMicrosoft MoneySystemmnyschdl.exe
F:Program FilesMicrosoft MoneySystemmisuser.exe
F:Program FilesMicrosoft MoneySystemmis.exe
H:Program FilesSkypePhoneSkype.exe
F:Program Filesthunderbirdthunderbird.exe
F:Program FilesMozilla Firefoxfirefox.exe
F:Program FilesMicrosoft AntiSpywaregcasDtServ.exe
F:Program FilesMicrosoft AntiSpywaregcasServ.exe
N:HijackThisHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://fr.yahoo.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://www.google.fr
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://fr.yahoo.com/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyServer = http7.0.0.1:8010
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride =
setup.msn.com;memberservices.msn.com;localhost;loulyon.dyndns.org;barnet.*;<local>
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
n:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} -
C:WINDOWSSystem32nzdd.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
F:Program FilesICQToolbartoolbaru.dll
O4 - HKLM..Run: [PivotSoftware] "C:Program FilesWinPortraitwpctrl.exe"
O4 - HKLM..Run: [MSConfig]
C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKLM..Run: [IMONTRAY] C:Program FilesIntelIntel(R) Active
Monitorimontray.exe
O4 - HKLM..Run: [gcasServ] "F:Program FilesMicrosoft
AntiSpywaregcasServ.exe"
O4 - HKLM..Run: [avast!] f:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesFichiers
communsRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE
C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [Deskup] C:Program FilesIomegaDriveIconsdeskup.exe
/IMGSTART
O4 - HKLM..Run: [CoolSwitch] C:WINDOWSSystem32taskswitch.exe
O4 - HKLM..Run: [CASpeed] "D:Program FilesCable e ADSL
SpeedNtwCA.exe" /HIDE
O4 - HKLM..Run: [ADUserMon] C:Program FilesIomegaAutoDiskADUserMon.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..RunOnce: [ICQ Lite] F:Program FilesICQLiteICQLite.exe
-trayboot
O4 - Global Startup: Nielsen NetRatings.lnk = C:Program
FilesNielsenNetratingsbininsight.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://F:PROGRA~1MICROS~1Office10EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://F:PROGRA~1MICROS~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSystem32msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSystem32msjava.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} -
F:Program FilesIcqICQ.exe
O9 - Extra 'Tools' menuitem: ICQ -
{6224f700-cba3-4071-b251-47cb894244cd} - F:Program FilesIcqICQ.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
F:PROGRA~1MICROS~1OFFICE11REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
f:Program FilesICQLiteICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite -
{B863453A-26C3-4e1f-A54D-A2CD196348E9} - f:Program
FilesICQLiteICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program
FilesMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.fr/
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert -
https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: Yahoo! Dominoes -
http://download.games.yahoo.com/games/clients/y/dot8_x.cab
O16 - DPF: {1D9EFA3B-4E85-41A8-9092-14012CD447C9} (NetCamPlayerWeb
Control) - http://69.226.2.133/img/NetCamPlayerWeb.ocx
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20011004/qtinstall.info.apple.com/qt503/fr/win/QuickTimeInstaller.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093816404329
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield
International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://65.40.136.141/activex/AxisCamControl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A5DC33CE-214B-4C26-8596-8A45456C9EB8} -
http://activex.microsoft.com/objects/ocget.dll
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) -
http://services.moviesystem.com/cabs/msway.cab
O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools
English Online) -
http://www.seagate.com/support/disc/asp/tools/en/bin/npseatools.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer
Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
f:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - f:Program FilesAlwil
SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - f:Program
FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: EpsonBidirectionalService - Unknown owner - C:Program
FilesFichiers communsEPSONEBAPIeEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO
EPSON CORPORATION - C:Program FilesFichiers
communsEPSONEBAPISAgent2.exe
O23 - Service: Firebird Server - DefaultInstance
(FirebirdServerDefaultInstance) - The Firebird Project - F:Program
FilesFirebirdFirebird_1_5binfbserver.exe
O23 - Service: GhostStartService - Symantec Corporation -
F:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE
O23 - Service: Groove Installer Service (GrooveInstallerService) -
Groove Networks, Inc. - g:Program FilesGroove
NetworksGrooveBinGrooveInstallerService.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - D:Program
FilesPalickSoftHDD TemperatureHDDTSvc.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. -
C:Program FilesIntelIntel(R) Active Monitorimonnt.exe
O23 - Service: Firebird Guardian Service (InterBaseGuardian) - Unknown
owner - f:Program.exe (file missing)
O23 - Service: Iomega App Services - Iomega Corporation -
C:PROGRA~1IomegaSystem32AppServices.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies -
f:Program FilesKerioPersonal Firewall 4kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA
Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesFichiers
communsSony SharedAVLibPACSPTISVR.exe
O23 - Service: SDB P2P Proxy (SEP2PProxyService) - Creative IT -
f:Program FilesCreative ITP2PProxyP2PProxy.exe
O23 - Service: QuBES Peon (SEPeonService) - Creative IT - f:Program
FilesCreative ITQuBESQuBESPeon.exe
O23 - Service: QuBES Guardian (SEQuBESGuardian) - Creative IT -
F:Program FilesCreative ITQuBESGuardianQuBESGuardian.exe
O23 - Service: QuBES Indexer (SEQuBESIndexer) - Creative IT - f:Program
FilesCreative ITQuBESIndexerQuBESIndexer.exe
O23 - Service: QuBES Express Web Server (SEWebService) - Creative IT -
f:Program FilesCreative ITQuBESExpressQuBESExpress.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation -
C:Program FilesFichiers communsSony SharedAVLibSPTISRV.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) -
Iomega Corporation - C:Program FilesIomegaAutoDiskADService.exe

Va évaluer ton log sur ce site :
http://www.hijackthis.de/index.php?langselect=french

N.B. Corrige ton copié-collé : pas retour à la ligne ...

S'il trouve quelque chose de suspect revient sur le forum pour confirmaer
avant de supprimer.

:)
--
Claude LaFrenière

Windows se bloque juste à la fin du demarrage

10 réponses

Veuillez sélectionner un problème