Sujet Précédent Sujet Suivant

Impossible de finir mes scan

Fermé
markkusss - 21 mars 2010 à 23:08
 markkusss - 22 mars 2010 à 19:33
bonjour,
impossible de finir mes scan avec avast internet security ou autre antivirus ?? est ce un virus ou autre? merci

mon rapport avec diaghelp est le suivant:

DiagHelp version v1.4 - http://www.malekal.com
excute le 21/03/2010 à 21:21:36,86

System information for \\PC-DE-MARC:
Uptime: Error reading uptime
Kernel version: Windows Vista (TM) Home Premium, Multiprocessor Free
Product type: Professional
Product version: 6.0
Service pack: 2
Kernel build number: 6002
Registered organization: TOSHIBA
Registered owner: marc
???, ???
Activation status: Error reading status
IE version: 8.0000
System root: C:\Windows
Processors: 2
Processor speed: 2.1 GHz
Processor type: Intel(R) Core(TM)2 Duo CPU T7500 @
Physical memory: 2046 MB
Video driver: ATI Mobility Radeon HD 2600
Volume Type Format Label Size Free Free
C: Fixed NTFS Vista 92.77 GB 45.82 GB 49.4%
D: Fixed NTFS all 186.31 GB 126.47 GB 67.9%
E: Fixed NTFS WinRE 1.46 GB 1.43 GB 97.5%
F: Fixed NTFS 92.07 GB 91.98 GB 99.9%
G: CD-ROM 0.0%


C:\Windows\prefetch\SEARCHFILTERHOST.EXE-77482212.pf -->21/03/2010 21:18:14
C:\Windows\prefetch\DLLHOST.EXE-5E46FA0D.pf -->21/03/2010 21:17:41
C:\Windows\prefetch\JAVA.EXE-E27B75C2.pf -->21/03/2010 21:17:30
C:\Windows\prefetch\WINRAR.EXE-94E7D80C.pf -->21/03/2010 21:17:19
C:\Windows\prefetch\WMIADAP.EXE-F8DFDFA2.pf -->21/03/2010 21:16:25
C:\Windows\prefetch\WMPNSCFG.EXE-FC0D39BF.pf -->21/03/2010 21:15:52
C:\Windows\prefetch\MOBSYNC.EXE-C5E2284F.pf -->21/03/2010 21:14:21
C:\Windows\prefetch\FIREFOX.EXE-A606B53C.pf -->21/03/2010 21:14:20
C:\Windows\prefetch\MSFEEDSSYNC.EXE-6E6FBDF4.pf -->21/03/2010 21:14:10
C:\Windows\prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf -->21/03/2010 21:14:02

C:\Windows\System32\drivers\aswFW.sys -->09/03/2010 11:14:36
C:\Windows\System32\drivers\aswSnx.sys -->09/03/2010 11:14:20
C:\Windows\System32\drivers\aswNdis2.sys -->09/03/2010 11:14:00
C:\Windows\System32\drivers\aswTdi.sys -->09/03/2010 11:12:54
C:\Windows\System32\drivers\aswSP.sys -->09/03/2010 11:12:33
C:\Windows\System32\drivers\aswRdr.sys -->09/03/2010 11:09:08
C:\Windows\System32\drivers\aswMonFlt.sys -->09/03/2010 11:08:52

C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -->21/03/2010 21:11:59
C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -->21/03/2010 21:11:59
C:\Windows\System32\PerfStringBackup.INI -->21/03/2010 20:34:56
C:\Windows\System32\perfh00C.dat -->21/03/2010 20:34:56
C:\Windows\System32\perfh009.dat -->21/03/2010 20:34:56
C:\Windows\System32\perfc00C.dat -->21/03/2010 20:34:56
C:\Windows\System32\perfc009.dat -->21/03/2010 20:34:56
C:\Windows\System32\bdod.bin -->19/03/2010 18:43:22
C:\Windows\System32\config.nt -->19/03/2010 18:40:24
C:\Windows\System32\avastSS.scr -->09/03/2010 11:24:23
C:\Windows\System32\aswBoot.exe -->09/03/2010 11:24:05
C:\Windows\System32\mrt.exe -->02/03/2010 05:30:12
C:\Windows\System32\FNTCACHE.DAT -->24/02/2010 21:15:22
C:\Windows\System32\MpSigStub.exe -->24/02/2010 10:16:06
C:\Windows\System32\nshhttp.dll -->20/02/2010 23:06:41
C:\Windows\System32\httpapi.dll -->20/02/2010 23:05:14
C:\Windows\System32\BDUpdateV1.xml -->13/02/2010 10:13:10
C:\Windows\System32\browserchoice.exe -->12/02/2010 10:32:56
C:\Windows\System32\secproc_ssp_isv.dll -->25/01/2010 12:00:35
C:\Windows\System32\secproc_ssp.dll -->25/01/2010 12:00:35
C:\Windows\System32\secproc_isv.dll -->25/01/2010 12:00:35
C:\Windows\System32\secproc.dll -->25/01/2010 12:00:22
C:\Windows\System32\msdrm.dll -->25/01/2010 11:58:52
C:\Windows\System32\RMActivate_ssp_isv.exe -->25/01/2010 08:21:20
C:\Windows\System32\RMActivate_isv.exe -->25/01/2010 08:21:20

C:\Windows\bootstat.dat -->21/03/2010 21:11:52
C:\Windows\WindowsUpdate.log -->21/03/2010 20:28:54
C:\Windows\PFRO.log -->20/03/2010 09:45:32
C:\Windows\npornap.INI -->16/03/2010 18:22:20
C:\Windows\ToDisc.INI -->16/01/2010 15:25:41
C:\Windows\system.ini -->16/01/2010 14:02:24
C:\Windows\iun6002.exe -->13/01/2010 20:28:36
C:\Windows\Babar 3.scr -->07/01/2010 22:07:18
C:\Windows\Babar 3.exe -->07/01/2010 22:07:18
C:\Windows\Babar 3.dll -->07/01/2010 22:07:18
C:\Windows\Babar 3.dat -->07/01/2010 22:07:18
C:\Windows\Babar 2.scr -->07/01/2010 22:06:52
C:\Windows\Babar 2.exe -->07/01/2010 22:06:52
C:\Windows\Babar 2.dll -->07/01/2010 22:06:52
C:\Windows\Babar 2.dat -->07/01/2010 22:06:52


Le volume dans le lecteur C s'appelle Vista
Le numéro de série du volume est 1679-A1BD

Répertoire de C:\Windows

21/03/2010 16:49 <REP> Installer
19/03/2010 22:14 <REP> msdownld.tmp
1 fichier(s) 749 octets
2 Rép(s) 49 199 353 856 octets libres
Le volume dans le lecteur C s'appelle Vista
Le numéro de série du volume est 1679-A1BD

Répertoire de C:\Windows\system32

21/03/2010 21:11 3 568 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
21/03/2010 21:11 3 568 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2 fichier(s) 7 136 octets
0 Rép(s) 49 199 353 856 octets libres
winlogon.exe
Verified: Signed
svchost.exe
Verified: Signed
ws2_32.dll
Verified: Signed
user32.dll
Verified: Signed
tcpip.sys
Verified: Signed
ndis.sys
Verified: Signed
null.sys
Verified: Signed
userinit.exe
kernel32.dll


ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
explorer.exe pid: 380
Command line: C:\Windows\Explorer.EXE

Base Size Version Path
0x00680000 0x2cd000 6.00.6002.18005 C:\Windows\Explorer.EXE
0x77010000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x756c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x757f0000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75a40000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x757a0000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x76f70000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x771c0000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75f20000 0x59000 6.00.6002.18005 C:\Windows\system32\SHLWAPI.dll
0x75fd0000 0xb10000 6.00.6002.18005 C:\Windows\system32\SHELL32.dll
0x758f0000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x76e60000 0x8d000 6.00.6002.18005 C:\Windows\system32\OLEAUT32.dll
0x6fc00000 0x108000 6.00.6002.18005 C:\Windows\system32\SHDOCVW.dll
0x74730000 0x3f000 6.00.6001.18000 C:\Windows\system32\UxTheme.dll
0x749d0000 0x1a000 6.00.6002.18005 C:\Windows\system32\POWRPROF.dll
0x71140000 0xc000 6.00.6001.18000 C:\Windows\system32\dwmapi.dll
0x733a0000 0x1ab000 5.02.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll
0x74fb0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x73140000 0xbb000 7.00.6002.18005 C:\Windows\system32\PROPSYS.dll
0x6fab0000 0x146000 6.00.6002.18005 C:\Windows\system32\BROWSEUI.dll
0x75fb0000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.dll
0x75e50000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x747d0000 0x30000 6.00.6001.18000 C:\Windows\system32\DUser.dll
0x77140000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x76ef0000 0x7d000 1.626.6002.18005 C:\Windows\system32\USP10.dll
0x74590000 0x19e000 6.10.6002.18005 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
0x71b90000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x754f0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x75c50000 0x84000 2001.12.6931.18000 C:\Windows\system32\CLBCatQ.DLL
0x6fa90000 0x1f000 5.02.3790.1830 C:\Windows\system32\EhStorShell.dll
0x64d80000 0x28000 5.00.0462.0000 C:\Program Files\Alwil Software\Avast5\snxPlugins.dll
0x64d00000 0x25000 5.00.0462.0000 C:\Program Files\Alwil Software\Avast5\snxBorder.dll
0x6fa70000 0x6000 6.00.6000.16386 C:\Windows\system32\IconCodecService.dll
0x75550000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x74a70000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x6f900000 0xb2000 6.00.6002.18127 C:\Windows\system32\timedate.cpl
0x73120000 0x14000 3.05.2284.0002 C:\Windows\system32\ATL.DLL
0x753b0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x75620000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x74030000 0x3d000 7.00.6002.18155 C:\Windows\system32\OLEACC.dll
0x6e710000 0x53000 6.00.6001.18000 C:\Windows\system32\ACTXPRXY.DLL
0x75570000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x6f4e0000 0x2b000 6.00.6002.18005 C:\Windows\system32\msutb.dll
0x74820000 0xa000 6.00.6001.18000 C:\Windows\system32\WTSAPI32.dll
0x6d040000 0x1b000 11.00.6002.18005 C:\PROGRA~1\WI4EB4~1\wmpband.dll
0x75100000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll
0x6cae0000 0x22000 9.00.0003.0015 C:\Program Files\iTunes\iTunesMiniPlayer.dll
0x74930000 0x5000 6.00.6000.16386 C:\Windows\system32\MSIMG32.dll
0x74940000 0x8000 6.00.6002.18005 C:\Windows\system32\VERSION.dll
0x6d070000 0xe000 9.00.0003.0011 C:\Program Files\iTunes\iTunesMiniPlayer.Resources\fr.lproj\iTunesMiniPlayerLocalized.dll
0x6c9b0000 0x23000 9.00.0003.0015 C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
0x74ae0000 0xd7000 6.00.6000.16386 C:\Windows\system32\WINBRAND.dll
0x73200000 0x16000 6.00.6001.18000 C:\Windows\System32\shacct.dll
0x75180000 0x11000 6.00.6002.18005 C:\Windows\System32\SAMLIB.dll
0x6c930000 0x3c000 7.00.6002.18005 C:\Windows\System32\msshsq.dll
0x6c790000 0xc7000 6.00.6002.18005 C:\Windows\System32\NaturalLanguage6.dll
0x74ff0000 0xf2000 6.00.6002.18005 C:\Windows\System32\CRYPT32.dll
0x75160000 0x12000 6.00.6002.18106 C:\Windows\System32\MSASN1.dll
0x6c270000 0x28c000 6.00.6001.18000 C:\Windows\System32\NLSData000c.dll
0x6b670000 0x5f4000 6.00.6000.16386 C:\Windows\System32\NLSLexicons000c.dll
0x73550000 0x1e8000 6.00.6002.18005 C:\Windows\system32\authui.dll
0x6d0e0000 0x9000 6.00.6000.16386 C:\Windows\system32\LINKINFO.dll
0x6e870000 0xa93000 8.00.6001.18882 C:\Windows\system32\ieframe.dll
0x76c70000 0x1e8000 8.00.6001.18882 C:\Windows\system32\iertutil.dll
0x75b10000 0x132000 8.00.6001.18882 C:\Windows\system32\urlmon.dll
0x74070000 0x32000 6.00.6002.18005 C:\Windows\system32\WINMM.dll
0x71af0000 0x2f000 6.00.6002.18005 C:\Windows\system32\wdmaud.drv
0x72f80000 0x4000 6.00.6000.16386 C:\Windows\system32\ksuser.dll
0x74440000 0x28000 6.00.6002.18005 C:\Windows\system32\MMDevAPI.DLL
0x74000000 0x7000 6.00.6001.18000 C:\Windows\system32\AVRT.dll
0x76ae0000 0x18a000 6.00.6002.18005 C:\Windows\system32\SETUPAPI.dll
0x6f720000 0xb000 6.00.6002.18005 C:\Windows\system32\cscapi.dll
0x749f0000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x77160000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75f80000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x771b0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x743e0000 0x2d000 6.00.6001.18000 C:\Windows\system32\WINTRUST.dll
0x758c0000 0x29000 6.00.6001.18000 C:\Windows\system32\imagehlp.dll
0x71a70000 0x21000 6.00.6002.18005 C:\Windows\system32\AUDIOSES.DLL
0x71a00000 0x66000 6.00.6001.18000 C:\Windows\system32\audioeng.dll
0x71ae0000 0x9000 6.00.6002.18005 C:\Windows\system32\msacm32.drv
0x719e0000 0x14000 6.00.6001.18000 C:\Windows\system32\MSACM32.dll
0x719d0000 0x7000 6.00.6002.18005 C:\Windows\system32\midimap.dll
0x6cb30000 0x9000 6.00.6002.18005 C:\Windows\system32\ExplorerFrame.dll
0x75d60000 0xe6000 8.00.6001.18882 C:\Windows\system32\WININET.dll
0x77150000 0x3000 6.00.6000.16386 C:\Windows\system32\Normaliz.dll
0x6c970000 0x7000 4.00.6000.16386 C:\Windows\system32\msiltcfg.dll
0x6b330000 0x227000 4.05.6002.18005 C:\Windows\system32\msi.dll
0x74120000 0x30000 6.00.6001.18000 C:\Windows\system32\MLANG.dll
0x684f0000 0x92000 6.00.6002.18005 C:\Windows\system32\stobject.dll
0x682d0000 0xb6000 6.00.6000.16386 C:\Windows\system32\BatMeter.dll
0x74e00000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x71c90000 0x46000 2001.12.6932.18005 C:\Windows\system32\es.dll
0x685d0000 0x30000 6.00.6000.16386 C:\Windows\System32\SndVolSSO.dll
0x685a0000 0x21000 6.00.6002.18005 C:\Windows\ehome\ehSSO.dll
0x73240000 0x9000 6.00.6000.16386 C:\Windows\system32\HID.DLL
0x67cb0000 0x30b000 6.00.6002.18005 C:\Windows\System32\netshell.dll
0x74f50000 0x19000 6.00.6002.18005 C:\Windows\System32\IPHLPAPI.DLL
0x74f10000 0x35000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc.DLL
0x751a0000 0x2c000 6.00.6002.18005 C:\Windows\System32\DNSAPI.dll
0x74f00000 0x7000 6.00.6001.18000 C:\Windows\System32\WINNSI.DLL
0x74ed0000 0x22000 6.00.6002.18005 C:\Windows\System32\dhcpcsvc6.DLL
0x73250000 0xf000 6.00.6001.18000 C:\Windows\System32\nlaapi.dll
0x74520000 0x66000 6.00.6001.18000 C:\Windows\system32\FirewallAPI.dll
0x68110000 0x1bf000 6.00.6002.18005 C:\Windows\system32\pnidui.dll
0x6e2f0000 0x17000 6.00.6001.18000 C:\Windows\system32\QUtil.dll
0x74f70000 0x40000 6.00.6002.18005 C:\Windows\system32\wevtapi.dll
0x712c0000 0x6000 6.00.6000.16386 C:\Windows\system32\wlanutil.dll
0x6dce0000 0x28000 6.00.6002.18005 C:\Windows\system32\FunDisc.dll
0x6bc70000 0xa000 6.00.6002.18005 C:\Windows\system32\fdproxy.dll
0x6da60000 0x136000 8.100.5002.0000 C:\Windows\System32\msxml3.dll
0x6d520000 0x8000 6.00.6000.16386 C:\Windows\System32\npmproxy.dll
0x6e5a0000 0x12000 6.00.6002.18064 C:\Windows\system32\Wlanapi.dll
0x712d0000 0x17c000 6.00.6002.18005 C:\Windows\system32\OneX.DLL
0x71ad0000 0xe000 6.00.6001.18000 C:\Windows\system32\eappprxy.dll
0x71550000 0x24000 6.00.6002.18005 C:\Windows\system32\eappcfg.dll
0x74e30000 0x45000 6.00.6002.18005 C:\Windows\system32\bcrypt.dll
0x68620000 0xd000 6.00.6000.16386 C:\Windows\System32\AltTab.dll
0x68050000 0x19000 6.00.6002.18112 C:\Windows\system32\wpdshserviceobj.dll
0x67c80000 0x2b000 6.00.6002.18112 C:\Windows\system32\PortableDeviceTypes.dll
0x6d480000 0x56000 6.00.6002.18112 C:\Windows\system32\PortableDeviceApi.dll
0x67be0000 0x4a000 6.00.6001.18000 C:\Windows\system32\ntshrui.dll
0x6c8d0000 0xb000 7.00.6002.18005 C:\Windows\system32\mssprxy.dll
0x6dda0000 0x5a000 6.00.6001.18000 C:\Windows\system32\taskschd.dll
0x741b0000 0x2f000 1.02.1009.0000 C:\Windows\system32\XmlLite.dll
0x65e40000 0x4d000 7.00.6002.18005 C:\Windows\System32\srchadmin.dll
0x65e00000 0x3d000 8.00.6001.18702 C:\Windows\System32\webcheck.dll
0x646e0000 0x21c000 6.00.6002.18005 C:\Windows\System32\SyncCenter.dll
0x65ea0000 0x39000 6.00.6002.18005 C:\Windows\system32\wscntfy.dll
0x6f730000 0xb000 6.00.6002.18005 C:\Windows\system32\WSCAPI.dll
0x64ac0000 0x60000 6.00.6002.18005 C:\Windows\system32\imapi2.dll
0x6e2b0000 0x2e000 6.00.6001.18000 C:\Windows\System32\QAgent.dll
0x6e7d0000 0x96000 6.00.6002.18005 C:\Windows\System32\fwpuclnt.dll
0x6dc90000 0xb000 6.00.6002.18005 C:\Windows\system32\wbem\wbemprox.dll
0x6dba0000 0x5b000 6.00.6001.18000 C:\Windows\system32\wbemcomn.dll
0x6d4f0000 0x10000 6.00.6002.18005 C:\Windows\system32\wbem\wbemsvc.dll
0x75430000 0x5f000 6.00.6001.18000 C:\Windows\system32\SXS.DLL
0x6d100000 0x99000 6.00.6002.18005 C:\Windows\system32\wbem\fastprox.dll
0x75140000 0x18000 6.00.6001.18000 C:\Windows\system32\NTDSAPI.dll
0x64910000 0xa3000 6.00.6002.18005 C:\Windows\system32\bthprops.cpl
0x646a0000 0x13000 6.00.6001.18000 C:\Windows\System32\ntlanman.dll
0x64900000 0x8000 6.00.6000.16386 C:\Windows\System32\drprov.dll
0x64680000 0x12000 6.00.6002.18005 C:\Windows\System32\davclnt.dll
0x08d80000 0x1d6000 1.06.0002.0014 C:\PROGRA~1\SPYBOT~1\SDHelper.dll
0x75ce0000 0x73000 6.00.6002.18005 C:\Windows\system32\comdlg32.dll
0x6fa80000 0x7000 6.00.6001.18000 C:\Windows\system32\wsock32.dll
0x6e530000 0x42000 6.00.6002.18087 C:\Windows\system32\winspool.drv
0x6cb80000 0xd9000 6.00.6002.18005 C:\Windows\system32\wer.dll
0x6d4e0000 0x6000 6.00.6000.16386 C:\Windows\system32\SensApi.dll
0x6d090000 0x28000 6.00.6002.18005 C:\Windows\system32\faultrep.dll
0x6dd60000 0x18000 6.00.6002.18005 C:\Windows\system32\olepro32.dll
0x6a5a0000 0x9000 8.00.6001.18882 C:\Windows\system32\jsproxy.dll
0x611b0000 0x20c000 6.00.6002.18005 C:\Windows\system32\FunctionDiscoveryFolder.dll
0x741e0000 0x4a000 6.00.6002.18005 C:\Windows\system32\RASAPI32.dll
0x74500000 0x14000 6.00.6001.18000 C:\Windows\system32\rasman.dll
0x740b0000 0x31000 6.00.6000.16386 C:\Windows\system32\TAPI32.dll
0x74800000 0xc000 6.00.6002.18005 C:\Windows\system32\rtutils.dll
0x74de0000 0x7000 6.00.6001.18000 C:\Windows\system32\credssp.dll
0x74c80000 0x45000 6.00.6002.18051 C:\Windows\system32\schannel.dll
0x73280000 0x15000 6.00.6001.18000 C:\Windows\system32\Cabinet.dll
0x6a040000 0x20000 6.00.6002.18005 C:\Windows\System32\EhStorAPI.dll
0x68460000 0x60000 6.00.6002.18005 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
0x6cac0000 0x16000 6.00.6001.18000 C:\Windows\system32\thumbcache.dll
0x61440000 0x223000 6.00.6002.18005 C:\Windows\system32\NetworkExplorer.dll
0x61cf0000 0x53000 7.00.6002.18107 C:\Windows\system32\PhotoMetadataHandler.dll
0x78800000 0x15c000 5.20.1087.0000 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
0x10000000 0xf000 C:\Users\MARC~1.PC-\AppData\Local\Temp\catchme.dll

ListDLLs v2.25 - DLL lister for Win9x/NT
Copyright (C) 1997-2004 Mark Russinovich
Sysinternals - www.sysinternals.com

------------------------------------------------------------------------------
winlogon.exe pid: 944
Command line: winlogon.exe

Base Size Version Path
0x00810000 0x50000 6.00.6002.18005 C:\Windows\system32\winlogon.exe
0x77010000 0x127000 6.00.6002.18005 C:\Windows\system32\ntdll.dll
0x756c0000 0xdc000 6.00.6002.18005 C:\Windows\system32\kernel32.dll
0x757f0000 0xc6000 6.00.6002.18005 C:\Windows\system32\ADVAPI32.dll
0x75a40000 0xc3000 6.00.6002.18024 C:\Windows\system32\RPCRT4.dll
0x76f70000 0x9d000 6.00.6002.18005 C:\Windows\system32\USER32.dll
0x757a0000 0x4b000 6.00.6002.18005 C:\Windows\system32\GDI32.dll
0x771c0000 0xaa000 7.00.6002.18005 C:\Windows\system32\msvcrt.dll
0x75550000 0x14000 6.00.6002.18051 C:\Windows\system32\Secur32.dll
0x74e00000 0x25000 6.00.6001.18000 C:\Windows\system32\WINSTA.dll
0x75620000 0x7000 6.00.6000.16386 C:\Windows\system32\PSAPI.DLL
0x75570000 0x1e000 6.00.6002.18005 C:\Windows\system32\USERENV.dll
0x75fb0000 0x1e000 6.00.6002.18005 C:\Windows\system32\IMM32.DLL
0x75e50000 0xc8000 6.00.6002.18005 C:\Windows\system32\MSCTF.dll
0x77140000 0x9000 6.00.6002.18051 C:\Windows\system32\LPK.DLL
0x76ef0000 0x7d000 1.626.6002.18005 C:\Windows\system32\USP10.dll
0x754f0000 0x2c000 6.00.6002.18005 C:\Windows\system32\apphelp.dll
0x749f0000 0x21000 6.00.6002.18005 C:\Windows\system32\NTMARTA.DLL
0x77160000 0x49000 6.00.6002.18005 C:\Windows\system32\WLDAP32.dll
0x75f80000 0x2d000 6.00.6001.18000 C:\Windows\system32\WS2_32.dll
0x771b0000 0x6000 6.00.6001.18000 C:\Windows\system32\NSI.dll
0x75180000 0x11000 6.00.6002.18005 C:\Windows\system32\SAMLIB.dll
0x758f0000 0x145000 6.00.6002.18005 C:\Windows\system32\ole32.dll
0x730a0000 0x3e000 6.00.6002.18005 C:\Windows\system32\SHSVCS.dll
0x74730000 0x3f000 6.00.6001.18000 C:\Windows\system32\uxtheme.dll
0x74a70000 0x3b000 6.00.6002.18005 C:\Windows\system32\rsaenh.dll
0x71b90000 0xf4000 7.00.6002.18107 C:\Windows\system32\WindowsCodecs.dll
0x753b0000 0x76000 6.00.6002.18005 C:\Windows\system32\NETAPI32.dll
0x74fb0000 0x3a000 6.00.6002.18005 C:\Windows\system32\slc.dll
0x75100000 0x14000 6.00.6002.18005 C:\Windows\system32\MPR.dll


Contenu de Downloaded Program Files
Le volume dans le lecteur C s'appelle Vista
Le numéro de série du volume est 1679-A1BD

Répertoire de C:\Windows\Downloaded Program Files

26/10/2009 11:54 <REP> .
26/10/2009 11:54 <REP> ..
18/09/2006 21:26 65 desktop.ini
1 fichier(s) 65 octets

Total des fichiers listés :
1 fichier(s) 65 octets
2 Rép(s) 49 198 903 296 octets libres

Recherche de rootkit! (Merci S!Ri)

Recherche d'infections connues

Export des clefs sensibles..


Liste des fichiers en exception sur le pare-feu XP SP2

Export de la clef SharedTaskScheduler

[SharedTaskScheduler]



exports des policies
REGEDIT4

[System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000000
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
"EnableUIADesktopToggle"=dword:00000000

[System\UIPI]

[System\UIPI\Clipboard]

[System\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011



Export des clefs sensibles..
Rechercher adresses sensibles dans le fichier HOSTS...
127.0.0.1 activexupdate.com
127.0.0.1 www.activexupdate.com
127.0.0.1 www.antispywareupdates.net
127.0.0.1 antispywareupdates.net
127.0.0.1 www.aviupdate.com
127.0.0.1 aviupdate.com
127.0.0.1 avpcheckupdate.com
127.0.0.1 www.avpcheckupdate.com
127.0.0.1 www.bsplupdate.com
127.0.0.1 bsplupdate.com
127.0.0.1 client.exeupdate.com
127.0.0.1 dl765.privacy-update.com
127.0.0.1 www.eupdatepage.com
127.0.0.1 eupdatepage.com
127.0.0.1 www.exeupdate.com
127.0.0.1 exeupdate.com
127.0.0.1 www.flwupdate.com
127.0.0.1 flwupdate.com
127.0.0.1 www.hotwinupdates.com
127.0.0.1 hotwinupdates.com
127.0.0.1 www.lavasoftupdate.com
127.0.0.1 lavasoftupdate.com
127.0.0.1 www.liveprotectionupdate.cn
127.0.0.1 liveprotectionupdate.cn
127.0.0.1 www.malwarewipeupdate.com
127.0.0.1 malwarewipeupdate.com
127.0.0.1 www.movupdate.com
127.0.0.1 movupdate.com
127.0.0.1 www.mpegupdate.com
127.0.0.1 mpegupdate.com
127.0.0.1 www.msupdate.net
127.0.0.1 msupdate.net
127.0.0.1 www.msupdater.net
127.0.0.1 msupdater.net
127.0.0.1 necessaryupdates.com
127.0.0.1 www.necessaryupdates.com
127.0.0.1 newupdates.lzio.com
127.0.0.1 plupdate.com
127.0.0.1 www.plupdate.com
127.0.0.1 privacy-update.com
127.0.0.1 www.privacy-update.com
127.0.0.1 redirect.msupdate.net
127.0.0.1 www.registryupdate.org
127.0.0.1 registryupdate.org
127.0.0.1 search.keyword.exeupdate.com
127.0.0.1 www.securityupdatesite.com
127.0.0.1 securityupdatesite.com
127.0.0.1 settings.updatemysettings.com
127.0.0.1 www.spyaxeupdate.com
127.0.0.1 spyaxeupdate.com
127.0.0.1 www.spyfalconupdate.com
127.0.0.1 spyfalconupdate.com
127.0.0.1 www.systemupdates.net
127.0.0.1 systemupdates.net
127.0.0.1 trial.updates.winsoftware.com
127.0.0.1 update.680180.net
127.0.0.1 update.shareaza.com
127.0.0.1 www.updatemics.com
127.0.0.1 updatemics.com
127.0.0.1 www.updatemysettings.com
127.0.0.1 updatemysettings.com
127.0.0.1 www.updatepcnow.com
127.0.0.1 updatepcnow.com
127.0.0.1 updates.spywarequake.com
127.0.0.1 www.updatesantivirus.com
127.0.0.1 updatesantivirus.com
127.0.0.1 www.urgentsystemupdate.biz
127.0.0.1 urgentsystemupdate.biz
127.0.0.1 www.urgentsystemupdate.com
127.0.0.1 urgentsystemupdate.com
127.0.0.1 windupdates.com
127.0.0.1 xp-vista-update.net
127.0.0.1 www.xp-vista-update.net
127.0.0.1 pandaantivirus-2007.com
127.0.0.1 www.pandaantivirus-2007.com
127.0.0.1 pandadownload-now.com
127.0.0.1 www.pandadownload-now.com
127.0.0.1 www.panda-hq.com
127.0.0.1 panda-hq.com
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-21 21:23:06
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden services & system hive ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\\xa6]z\xb1]
"CacheSizeInMB"=dword:00000000
"CacheStatus"=dword:00000002
"USBVersion"=dword:00020000
"ReadSpeedKBs"=dword:00000000
"WriteSpeedKBs"=dword:00000000
"PhysicalDeviceSizeMB"=dword:000000f7
"RecommendedCacheSizeMB"=dword:00000000
"HasSlowRegions"=dword:00000000
"DoRetestDevice"=dword:00000000
"DeviceStatus"=dword:00000001
"LastTestedTime"=hex(b):00,00,00,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\\xbbk\t0]
"CacheSizeInMB"=dword:00000000
"CacheStatus"=dword:00000002
"USBVersion"=dword:00020000
"ReadSpeedKBs"=dword:00000000
"WriteSpeedKBs"=dword:00000000
"PhysicalDeviceSizeMB"=dword:000000f7
"RecommendedCacheSizeMB"=dword:00000000
"HasSlowRegions"=dword:00000000
"DoRetestDevice"=dword:00000000
"DeviceStatus"=dword:00000001
"LastTestedTime"=hex(b):00,00,00,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\EMDMgmt\os\x201aqm]
"CacheSizeInMB"=dword:00000000
"CacheStatus"=dword:00000002
"USBVersion"=dword:00020000
"ReadSpeedKBs"=dword:00000000
"WriteSpeedKBs"=dword:00000000
"PhysicalDeviceSizeMB"=dword:0004a85b
"RecommendedCacheSizeMB"=dword:00000000
"HasSlowRegions"=dword:00000000
"DoRetestDevice"=dword:00000000
"DeviceStatus"=dword:00000001
"LastTestedTime"=hex(b):00,00,00,00,00,00,00,00

scanning hidden files ...

scan completed successfully
hidden services: 0
hidden files: 0


Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Sorry, this version supports only Win2K/XP

KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg)

Sorry, this version supports only Win2K/XP

Le volume dans le lecteur C s'appelle Vista
Le numéro de série du volume est 1679-A1BD

Répertoire de C:\Program Files

21/03/2010 19:57 <REP> .
21/03/2010 19:57 <REP> ..
15/11/2009 10:45 <REP> Adobe
19/03/2010 18:36 <REP> Alwil Software
13/01/2010 20:28 <REP> AndreaMosaic
14/09/2009 13:35 <REP> Apple Software Update
24/08/2008 12:58 <REP> ATI
24/08/2008 13:00 <REP> ATI Technologies
30/12/2009 17:58 <REP> Bonjour
24/08/2008 13:01 <REP> Camera Assistant Software for Toshiba
30/12/2009 17:29 <REP> CCleaner
19/03/2010 22:50 <REP> Common Files
16/03/2010 16:50 <REP> DesignSoft
30/11/2009 17:10 <REP> eMule
15/03/2010 22:48 <REP> IKEA HomePlanner
24/08/2008 13:17 <REP> Intel
28/01/2010 17:02 <REP> Internet Explorer
10/07/2007 14:49 <REP> InterVideo
10/02/2010 17:22 <REP> iPod
10/02/2010 17:23 <REP> iTunes
09/11/2009 20:15 <REP> Java
02/09/2009 11:58 <REP> K-Lite Codec Pack
24/11/2009 18:20 <REP> LimeWire
18/04/2007 06:05 <REP> ltmoh
20/03/2010 10:33 <REP> Malwarebytes' Anti-Malware
05/10/2009 15:19 <REP> MarkAny
26/08/2009 22:51 <REP> Micro Application
26/08/2009 17:04 <REP> Microsoft
02/11/2006 12:37 <REP> Microsoft Games
04/11/2009 23:23 <REP> Microsoft Office
20/01/2010 08:49 <REP> Microsoft Silverlight
09/11/2009 11:29 <REP> Microsoft Works
04/11/2009 23:22 <REP> Microsoft.NET
11/03/2010 17:59 <REP> Movie Maker
27/02/2010 08:50 <REP> Mozilla Firefox
02/11/2006 12:37 <REP> MSBuild
10/07/2007 13:49 <REP> MSXML 4.0
18/04/2007 06:14 <REP> My Company Name
11/11/2009 18:27 <REP> OpenOffice.org 3
16/03/2010 18:17 <REP> Orange
19/03/2010 17:45 <REP> QuickTime
10/07/2007 14:24 <REP> Realtek
02/11/2006 12:37 <REP> Reference Assemblies
10/02/2010 17:10 <REP> Safari
05/10/2009 15:18 <REP> Samsung
21/03/2010 20:03 <REP> Spybot - Search & Destroy
16/03/2010 17:43 <REP> Sweet Home 3D
24/08/2008 13:06 <REP> Synaptics
24/08/2008 13:18 <REP> TOSHIBA
20/03/2010 10:37 <REP> Trend Micro
10/07/2007 14:46 <REP> Ulead Systems
30/11/2009 13:05 <REP> VSO
23/09/2009 15:17 <REP> Windows Calendar
23/09/2009 15:17 <REP> Windows Collaboration
23/09/2009 15:17 <REP> Windows Defender
23/09/2009 15:17 <REP> Windows Journal
19/03/2010 17:45 <REP> Windows Live
11/03/2010 17:59 <REP> Windows Mail
18/04/2007 06:46 <REP> Windows Media Components
28/10/2009 22:35 <REP> Windows Media Player
24/08/2009 16:21 <REP> Windows NT
23/09/2009 15:17 <REP> Windows Photo Gallery
02/11/2009 17:24 <REP> Windows Portable Devices
23/09/2009 15:17 <REP> Windows Sidebar
12/11/2009 16:53 <REP> WinRAR
0 fichier(s) 0 octets
65 Rép(s) 49 185 476 608 octets libres
Le volume dans le lecteur C s'appelle Vista
Le numéro de série du volume est 1679-A1BD

Répertoire de C:\Program Files\fichiers communs

Le volume dans le lecteur C s'appelle Vista
Le numéro de série du volume est 1679-A1BD

Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

04/11/2009 23:23 <REP> .
04/11/2009 23:23 <REP> ..
04/11/2009 23:19 <REP> 1033
26/10/2006 20:12 40 256 MSOSV.DLL
1 fichier(s) 40 256 octets
3 Rép(s) 49 185 476 608 octets libres
Le volume dans le lecteur C s'appelle Vista
Le numéro de série du volume est 1679-A1BD

Répertoire de C:\Program Files\common files

19/03/2010 22:50 <REP> .
19/03/2010 22:50 <REP> ..
15/11/2009 10:46 <REP> Adobe
10/02/2010 17:22 <REP> Apple
19/03/2010 18:44 <REP> BitDefender
04/11/2009 23:23 <REP> DESIGNER
18/04/2007 06:47 <REP> InstallShield
18/04/2007 05:44 <REP> Java
09/11/2009 11:30 <REP> microsoft shared
01/09/2009 11:56 <REP> PX Storage Engine
02/11/2006 11:18 <REP> SpeechEngines
23/09/2009 15:17 <REP> System
10/07/2007 14:49 <REP> Ulead Systems
26/08/2009 16:58 <REP> Windows Live
15/03/2010 22:47 <REP> Wise Installation Wizard
0 fichier(s) 0 octets
15 Rép(s) 49 185 472 512 octets libres




c:\Users\marc.PC-de-marc\Documents\AndreaMosaicSetup.exe
c:\Users\marc.PC-de-marc\Documents\ccsetup227.exe
c:\Users\marc.PC-de-marc\Documents\DivX7Installer.exe
c:\Users\marc.PC-de-marc\Documents\eMule0.49c-Installer.exe
c:\Users\marc.PC-de-marc\Documents\iTunesSetup.exe
c:\Users\marc.PC-de-marc\Documents\klcodec505f.exe
c:\Users\marc.PC-de-marc\Documents\LimeWireWin.exe
c:\Users\marc.PC-de-marc\Documents\MultiLoader_V5.56.exe
c:\Users\marc.PC-de-marc\Documents\setup_ais_fre.exe
c:\Users\marc.PC-de-marc\Documents\wrar390fr.exe
c:\Users\marc.PC-de-marc\Documents\LimeWire\LimeWireWin(2).exe
c:\Users\marc.PC-de-marc\Documents\OpenOffice.org 3.1 (fr) Installation Files\instmsia.exe
c:\Users\marc.PC-de-marc\Documents\OpenOffice.org 3.1 (fr) Installation Files\instmsiw.exe
c:\Users\marc.PC-de-marc\Documents\OpenOffice.org 3.1 (fr) Installation Files\setup.exe
c:\Users\marc.PC-de-marc\Documents\OpenOffice.org 3.1 (fr) Installation Files\java\jre-windows-i586.exe
c:\Users\marc.PC-de-marc\Documents\OpenOffice.org 3.1 (fr) Installation Files\redist\vcredist_x86.exe

****** Fin du rapport DiagHelp
Veuillez svp envoyer le fichier C:\upload_moi_PC-de-marc.tar.gz a l'adresse http://upload.malekal.com
aa
A voir également:

2 réponses

Réponse 1 / 2
Utilisateur anonyme
22 mars 2010 à 02:34
▶ Telecharge UsbFix

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir


▶ Fais un clic droit sur le raccourci UsbFix présent sur ton bureau et choisis "éxécuter en tant qu'administrateur" .

▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

▶ Laisse travailler l outil.

▶ Ensuite post le rapport UsbFix.txt qui apparaitra.

Note : Le rapport UsbFix.txt est sauvegardé à la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
0
Réponse 2 / 2
markkusss
22 mars 2010 à 19:33
bonjour, voici le rapport d'Usbfix :

merci

############################## | UsbFix V6.100 |

User : marc (Administrateurs) # PC-DE-MARC
Update on 18/03/2010 by El Desaparecido , C_XX & Chimay8
Start at: 18:28:01 | 22/03/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
Microsoft® Windows Vista(TM) Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18882
Windows Firewall Status : Enabled
AV : BitDefender Antivirus 12.0 [ (!) Disabled | Updated ]
FW : BitDefender Firewall[ (!) Disabled ]12.0

C:\ -> Disque fixe local # 92,77 Go (45,69 Go free) [Vista] # NTFS
D:\ -> Disque fixe local # 186,31 Go (126,44 Go free) [all ] # NTFS
E:\ -> Disque fixe local # 1,46 Go (1,43 Go free) [WinRE] # NTFS
F:\ -> Disque fixe local # 92,07 Go (91,98 Go free) # NTFS
G:\ -> Disque CD-ROM
I:\ -> Disque amovible # 1,88 Go (1,21 Go free) [MARK] # FAT
J:\ -> Disque amovible

################## | Elements infectieux |


################## | Registre |


################## | Mountpoints2 |


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné !

################## | ! Fin du rapport # UsbFix V6.100 ! |
0

Discussions similaires

scan comics
daraen -
dsyren -

1 réponse
comment lire des bd gratuitement en ligne sur internet ?
theodu13480 -
Ereka -

2 réponses
Problème lecture Scan manga
léa -
nagisa_hl -

14 réponses
télécharger router scan v2.6
naf_2019 -
brucine -

2 réponses
scans GTO
motornico -
aïe -

9 réponses