Jump to content

uninstall avast makes utorrent freeze


napseis

Recommended Posts

hello,

Recently, I wanted to change my antivirus from avast to avira antivir. So I uninstalled avast, reboot, and before intalling avira, I launched utorrent. Surprisingly, utorrent totally freeze after 20 seconds. I have to shut it down, and kill the process (which takes up to two minutes). I had version 1.8.1, i upgraded to 1.8.2 and even tried the beta version, but that doesn't solve the problem. Only reinstalling avast solve the pb! but I don't want of avast anymore, and I really dislike the other torrent client.

this happen even if no file is downloading

when i start windows (vista) in failsafe mode, I have no freeze. (with no antivirus)

with avira and utorrent, same problem. i didn't test this case in failsafe mode yet

could you help me ?

thanks

edit: in fact, i found out that utorrent freeze for sure 20 sec after opening it, but 2-4 min later, it runs fine again. It prevent some programms to be loaded during the freeze period (exe, firefox, i have to launch it twice, only one open, and the second one launch when utorrebt "unfreeze", but every program already launched works fine

Link to comment
Share on other sites

hello,

first, i reinstalled avast for the moment, i've been trying a lot of things since this morning.

another one witouht avast installed, and utorrent crashed can be found at the bottom. Actually, utorrent freeze ramdomly during 2 or 4 minutes, and then runs fine again

in fact, i found out that utorrent freeze for sure 20 sec after opening it, but 2-3 min later, it runs fine again. It prevent some programms to be loaded during the freeze period (exe, firefox, i have to launch it twice, only one open, and the second one launch when utorrebt "unfreeze", but every program already launched works fine

i have installed avira antivir, and the pb is still there

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:00:43, on 14/02/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\ICW\bin\cygrunsrv.exe

C:\Program Files (x86)\ICW\bin\sshd.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\Java\jre6\bin\jusched.exe

C:\Program Files (x86)\PDFCreator\PDFCreator.exe

C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files (x86)\Hamachi\hamachi.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.100.1.4:9090

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [CamserviceHD] "C:\Program Files (x86)\Hercules\Hercules Dualpix Chat and Show\x64\Camservice.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [NVIDIA nTune] C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe resetprofile

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-21-1155804097-952730019-1010334339-1023\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SvcCOPSSH')

O4 - Startup: Hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: PDFCreator.lnk = C:\Program Files (x86)\PDFCreator\PDFCreator.exe

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O17 - HKLM\System\CCS\Services\Tcpip\..\{01CDB1D6-46AF-426E-A7B3-5805C2D6E28D}: NameServer = 212.27.40.240,212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{01CDB1D6-46AF-426E-A7B3-5805C2D6E28D}: NameServer = 212.27.40.240,212.27.40.241

O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Openssh SSHD (OpenSSHServer) - Unknown owner - C:\Program Files (x86)\ICW\bin\cygrunsrv.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: uvnc_service - UltraVNC - C:\Program Files (x86)\UltraVNC\winvnc.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 12144 bytes

Process PID CPU Description Company Name

System Idle Process 0 94.22

Interrupts n/a 0.39 Hardware Interrupts

DPCs n/a 0.77 Deferred Procedure Calls

System 4

smss.exe 468 Windows Session Manager Microsoft Corporation

csrss.exe 536 Processus d'exécuttion client-serveur Microsoft Corporation

wininit.exe 588 Application de démarrage de Windows Microsoft Corporation

services.exe 644 Applications Services et Contrôleur Microsoft Corporation

svchost.exe 824 Processus hôte pour les services Windows Microsoft Corporation

iashost.exe 3768 IAS Host Microsoft Corporation

hpqbam08.exe 4656 HP CUE Alert Popup Window Objects Hewlett-Packard Co.

hpqgpc01.exe 4848 GPCore COM object Hewlett-Packard

unsecapp.exe 4540 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation

WmiPrvSE.exe 4736 WMI Provider Host Microsoft Corporation

nvvsvc.exe 908 NVIDIA Driver Helper Service, Version 182.05 NVIDIA Corporation

rundll32.exe 2040 Processus hôte Windows (Rundll32) Microsoft Corporation

svchost.exe 940 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 1000 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 260 Processus hôte pour les services Windows Microsoft Corporation

audiodg.exe 524 Isolation graphique de périphérique audio Windows Microsoft Corporation

svchost.exe 368 Processus hôte pour les services Windows Microsoft Corporation

wisptis.exe 1128 Microsoft Tablet PC Input Component Microsoft Corporation

TabTip.exe 1152 Tablet PC Input Panel Accessory Microsoft Corporation

dwm.exe 2096 Gestionnaire de fenêtres du Bureau Microsoft Corporation

wisptis.exe 2136 Microsoft Tablet PC Input Component Microsoft Corporation

TabTip.exe 2144 Tablet PC Input Panel Accessory Microsoft Corporation

TabTip32.exe 2208 Tablet PC Input Panel Helper Microsoft Corporation

svchost.exe 380 Processus hôte pour les services Windows Microsoft Corporation

taskeng.exe 2116 Moteur du Planificateur de tâches Microsoft Corporation

InputPersonalization.exe 4748 Serveur de personnalisation d'entrée Microsoft Corporation

taskeng.exe 2312 Moteur du Planificateur de tâches Microsoft Corporation

wuauclt.exe 4916 Windows Update Automatic Updates Microsoft Corporation

SLsvc.exe 744 Service de gestion des licences Microsoft Microsoft Corporation

svchost.exe 1048 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 1164 Processus hôte pour les services Windows Microsoft Corporation

aswUpdSv.exe 1268 avast! Antivirus updating service ALWIL Software

ashServ.exe 1284 avast! antivirus service ALWIL Software

spoolsv.exe 1612 Application sous-système spouleur Microsoft Corporation

svchost.exe 1636 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 2360 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 2436 Processus hôte pour les services Windows Microsoft Corporation

nTuneService.exe 2464 NVIDIA Performance Service NVIDIA

cygrunsrv.exe 2832

IoctlSvc.exe 2928 PLFlash DeviceIoControl Service Prolific Technology Inc.

svchost.exe 2940 Processus hôte pour les services Windows Microsoft Corporation

PnkBstrA.exe 2952

svchost.exe 2976 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 3000 Processus hôte pour les services Windows Microsoft Corporation

Pen_Tablet.exe 2284 Tablet Service for consumer driver Wacom Technology, Corp.

Pen_TabletUser.exe 2884 Tablet user module for consumer driver Wacom Technology, Corp.

Pen_Tablet.exe 2872 Tablet Service for consumer driver Wacom Technology, Corp.

winvnc.exe 2804 VNC server for Win32 UltraVNC

winvnc.exe 3792 0.39 VNC server for Win32 UltraVNC

svchost.exe 2856 Processus hôte pour les services Windows Microsoft Corporation

wmpnetwk.exe 3092 Service Partage réseau du Lecteur Windows Media Microsoft Corporation

SearchIndexer.exe 3484 Indexeur Microsoft Windows Search Microsoft Corporation

SearchProtocolHost.exe 4484 Microsoft Windows Search Protocol Host Microsoft Corporation

SearchFilterHost.exe 1336 Microsoft Windows Search Filter Host Microsoft Corporation

ashMaiSv.exe 696 avast! e-Mail Scanner Service ALWIL Software

ashWebSv.exe 3776 avast! Web Scanner ALWIL Software

svchost.exe 3480 Processus hôte pour les services Windows Microsoft Corporation

usnsvc.exe 3656 Messenger Sharing USN Journal Reader Service Microsoft Corporation

TrustedInstaller.exe 4988 Programme d'installation de modules Windows Microsoft Corporation

lsass.exe 656 Processus de l'autorité de sécurité locale Microsoft Corporation

lsm.exe 664 Service du gestionnaire de session locale Microsoft Corporation

csrss.exe 608 Processus d'exécuttion client-serveur Microsoft Corporation

winlogon.exe 892 Application d'ouverture de session Windows Microsoft Corporation

taskmgr.exe 3252 0.39 Gestionnaire des tâches de Windows Microsoft Corporation

explorer.exe 2580 1.16 Explorateur Windows Microsoft Corporation

MSASCui.exe 2788 Windows Defender User Interface Microsoft Corporation

LGDevAgt.exe 2808 Logitech GamePanel Agent Logitech Inc.

LGDCore.exe 2820 Logitech G-series Profiler Logitech Inc.

rundll32.exe 3116 Processus hôte Windows (Rundll32) Microsoft Corporation

msnmsgr.exe 3132 Windows Live Messenger Microsoft Corporation

hpqtra08.exe 3208 HP Digital Imaging Monitor Hewlett-Packard Co.

hpqste08.exe 4608 HP CUE Status Root Hewlett-Packard Co.

PDFCreator.exe 3332 PDFCreator pdfforge http://www.pdfforge.org/

hamachi.exe 3508 Hamachi Client LogMeIn Inc.

uTorrent.exe 4996 1.93 µTorrent BitTorrent, Inc.

firefox.exe 1488 Firefox Mozilla Corporation

explorer.exe 1944 Explorateur Windows Microsoft Corporation

procexp.exe 2112 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

procexp64.exe 4720 0.39 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

thunderbird.exe 1496 Mozilla Thunderbird Mozilla Corporation

sshd.exe 2960

jusched.exe 3320 Java Platform SE binary Sun Microsystems, Inc.

smax4pnp.exe 3340 SMax4PNP Analog Devices, Inc.

CamService.exe 3348 CamService Application Guillemot Corporation S.A.

acrotray.exe 3444 AcroTray Adobe Systems Inc.

hpwuSchd2.exe 3492 hpwuSchd Application Hewlett-Packard

ashDisp.exe 3500 avast! service GUI component ALWIL Software

Process: uTorrent.exe Pid: 4996

Name Description Company Name Version

actxprxy.dll ActiveX Interface Marshaling Library Microsoft Corporation 6.0.6001.18000

ADVAPI32.dll API avancées Windows 32 Microsoft Corporation 6.0.6001.18000

apphelp.dll Fichier DLL du client de compatibilité des applications Microsoft Corporation 6.0.6001.18000

browseui.dll Bibliothèque de l'interface utilisateur du navigateur Microsoft Corporation 6.0.6001.18000

browseui.dll.mui Bibliothèque de l'interface utilisateur du navigateur Microsoft Corporation 6.0.6001.18000

CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000

COMCTL32.dll Bibliothèque de contrôles de l'expérience utilisateur Microsoft Corporation 6.10.6001.18000

comctl32.dll.mui Bibliothèque de contrôles de l'expérience utilisateur Microsoft Corporation 6.10.6000.16386

comdlg32.dll DLL commune de boîtes de dialogues Microsoft Corporation 6.0.6001.18000

comdlg32.dll.mui DLL commune de boîtes de dialogues Microsoft Corporation 6.0.6000.16386

CRYPT32.dll Crypto API32 Microsoft Corporation 6.0.6001.18000

cscapi.dll Offline Files Win32 API Microsoft Corporation 6.0.6001.18000

davclnt.dll Web DAV Client DLL Microsoft Corporation 6.0.6000.16386

dhcpcsvc.DLL Service client DHCP Microsoft Corporation 6.0.6001.18000

dhcpcsvc6.DLL Client DHCPv6 Microsoft Corporation 6.0.6001.18000

DnsApi.dll DNS DLL de l'API Client Microsoft Corporation 6.0.6001.18000

drprov.dll Fournisseur de réseau Microsoft Terminal Server Microsoft Corporation 6.0.6000.16386

DUser.dll Windows DirectUser Engine Microsoft Corporation 6.0.6001.18000

FirewallAPI.dll API du Pare-feu Windows Microsoft Corporation 6.0.6001.18000

fsshext.8.5.1302.1018.dll Messenger File Sharing Shell Extensions Microsoft Corporation 8.5.1302.1018

GDI32.dll GDI Client DLL Microsoft Corporation 6.0.6001.18159

gdiplus.dll Microsoft GDI+ Microsoft Corporation 5.2.6001.18065

ieframe.dll Internet Explorer Microsoft Corporation 7.0.6001.18157

ieframe.dll.mui Internet Explorer Microsoft Corporation 7.0.6000.16386

iertutil.dll Run time utility for Internet Explorer Microsoft Corporation 7.0.6001.18157

imagehlp.dll Windows NT Image Helper Microsoft Corporation 6.0.6001.18000

IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.0.6001.18000

index.dat

index.dat

index.dat

Iphlpapi.dll API de l'application d'assistance IP Microsoft Corporation 6.0.6001.18000

kernel32.dll DLL du client API BASE Windows NT Microsoft Corporation 6.0.6001.18000

kernel32.dll.mui DLL du client API BASE Windows NT Microsoft Corporation 6.0.6001.18000

LINKINFO.dll Windows Volume Tracking Microsoft Corporation 6.0.6000.16386

locale.nls

locale.nls

LPK.DLL Language Pack Microsoft Corporation 6.0.6001.18000

MPR.dll DLL de routeur de fournisseurs multiples Microsoft Corporation 6.0.6001.18000

mpr.dll.mui DLL de routeur de fournisseurs multiples Microsoft Corporation 6.0.6000.16386

MSASN1.dll ASN.1 Runtime APIs Microsoft Corporation 6.0.6000.16386

MSCTF.dll DLL de MSCTF Server Microsoft Corporation 6.0.6001.18000

msctf.dll.mui DLL de MSCTF Server Microsoft Corporation 6.0.6000.16386

msieftp.dll Extension Shell dossier FTP Microsoft Internet Explorer. Microsoft Corporation 6.0.6001.18000

msshsq.dll Structured Query Microsoft Corporation 7.0.6001.16503

MSVCR80.dll Microsoft® C Runtime Library Microsoft Corporation 8.0.50727.1434

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.6001.18000

mswsock.dll Fournisseur de service Sockets 2.0 de Microsoft Windows Microsoft Corporation 6.0.6001.18000

napinsp.dll Fournisseur Shim d'affectation de noms de messagerie Microsoft Corporation 6.0.6001.18000

NETAPI32.dll Net Win32 API DLL Microsoft Corporation 6.0.6001.18157

NetworkExplorer.dll Explorateur de réseaux Microsoft Corporation 6.0.6001.18000

NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.0.6001.18000

Normaliz.dll Unicode Normalization DLL Microsoft Corporation 6.0.6000.16386

npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.0.6000.16386

NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.0.6001.18000

ntdll.dll DLL Couche NT Microsoft Corporation 6.0.6001.18000

ntdll.dll DLL Couche NT Microsoft Corporation 6.0.6001.18000

ntlanman.dll Gestionnaire de réseau local Microsoft® Microsoft Corporation 6.0.6001.18000

NTMARTA.DLL Fournisseur MARTA Windows NT Microsoft Corporation 6.0.6001.18000

ntshrui.dll Extensions de l'interpréteur de commandes pour le partage Microsoft Corporation 6.0.6001.18000

ole32.dll Microsoft OLE pour Windows Microsoft Corporation 6.0.6001.18000

oleacc.dll Active Accessibility Core Component Microsoft Corporation 4.2.5406.0

oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 4.2.5406.0

oleaut32.dll Microsoft Corporation 6.0.6001.18000

pnrpnsp.dll Fournisseur d'espace de noms PNRP Microsoft Corporation 6.0.6001.18000

PortableDeviceApi.dll Windows Portable Device API Components Microsoft Corporation 6.0.6001.18160

PROPSYS.dll Système de propriétés Microsoft Microsoft Corporation 7.0.6001.16503

propsys.dll.mui Système de propriétés Microsoft Microsoft Corporation 7.0.6001.16503

PSAPI.DLL Process Status Helper Microsoft Corporation 6.0.6000.16386

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.0.6000.16386

RPCRT4.dll Runtime d'appel de procédure distante Microsoft Corporation 6.0.6001.18051

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.0.6001.18000

SAMLIB.dll SAM Library DLL Microsoft Corporation 6.0.6001.18000

Secur32.dll Security Support Provider Interface Microsoft Corporation 6.0.6001.18000

SETUPAPI.dll Installation de L'API Windows Microsoft Corporation 6.0.6001.18000

setupapi.dll.mui Installation de L'API Windows Microsoft Corporation 6.0.6001.18000

SHDOCVW.dll Bibliothèque d'objets et de contrôles de documents de l'environnement Microsoft Corporation 6.0.6001.18000

shdocvw.dll.mui Bibliothèque d'objets et de contrôles de documents de l'environnement Microsoft Corporation 6.0.6000.16386

SHELL32.dll DLL commune du shell Windows Microsoft Corporation 6.0.6001.18167

shell32.dll.mui DLL commune du shell Windows Microsoft Corporation 6.0.6001.18000

shfolder.dll Shell Folder Service Microsoft Corporation 6.0.6000.16386

SHLWAPI.dll Bibliothèque d'utilitaires légers du Shell Microsoft Corporation 6.0.6001.18000

slc.dll Dll de client de gestion de licences du logiciel Microsoft Corporation 6.0.6001.18000

SXS.DLL Fusion 2.5 Microsoft Corporation 6.0.6001.18000

thumbcache.dll Cache de miniatures Microsoft Microsoft Corporation 6.0.6001.18000

tiptsf.dll Structure des services de texte du Panneau de saisie Tablet PC Microsoft Corporation 6.0.6001.18000

urlmon.dll Extensions OLE32 pour Win32 Microsoft Corporation 7.0.6001.18157

USER32.dll DLL client de l'API uilisateur de Windows multi-utilisateurs Microsoft Corporation 6.0.6001.18000

user32.dll.mui DLL client de l'API uilisateur de Windows multi-utilisateurs Microsoft Corporation 6.0.6001.18000

USERENV.dll Userenv Microsoft Corporation 6.0.6001.18000

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000

uTorrent.exe µTorrent BitTorrent, Inc. 1.8.2.14458

uxtheme.dll Bibliothèque de thèmes Ux Microsoft Microsoft Corporation 6.0.6001.18000

version.dll Version Checking and File Installation Libraries Microsoft Corporation 6.0.6001.18000

WindowsCodecs.dll Microsoft Windows Codecs Library Microsoft Corporation 6.0.6001.18131

WININET.dll Extensions Internet pour Win32 Microsoft Corporation 7.0.6001.18157

WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.0.6001.18000

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.0.6000.16386

WINTRUST.dll Microsoft Trust Verification APIs Microsoft Corporation 6.0.6001.18000

WLDAP32.dll DLL API LDAP Win32 Microsoft Corporation 6.0.6001.18000

wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.0.6001.18000

wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.0.6001.18000

wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.0.6001.18000

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.0.6001.18000

wship6.dll DLL d'application d'assistance Winsock2 (TL/IPv6) Microsoft Corporation 6.0.6001.18000

wshtcpip.dll DLL d'application d'assistance Winsock2 (TL/IPv4) Microsoft Corporation 6.0.6001.18000

another one witouht avast installed, and utorrent running

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:17:41, on 14/02/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ICW\bin\cygrunsrv.exe

C:\Program Files (x86)\ICW\bin\sshd.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files (x86)\PDFCreator\PDFCreator.exe

C:\Program Files (x86)\Hamachi\hamachi.exe

C:\Program Files (x86)\Java\jre6\bin\jusched.exe

C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.100.1.4:9090

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [CamserviceHD] "C:\Program Files (x86)\Hercules\Hercules Dualpix Chat and Show\x64\Camservice.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [NVIDIA nTune] C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe resetprofile

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-21-1155804097-952730019-1010334339-1023\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SvcCOPSSH')

O4 - Startup: Hamachi.lnk = C:\Program Files (x86)\Hamachi\hamachi.exe

O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: PDFCreator.lnk = C:\Program Files (x86)\PDFCreator\PDFCreator.exe

O8 - Extra context menu item: Ajouter la cible du lien à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Ajouter à un fichier PDF existant - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convertir au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Convertir la cible du lien au format Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O17 - HKLM\System\CCS\Services\Tcpip\..\{01CDB1D6-46AF-426E-A7B3-5805C2D6E28D}: NameServer = 212.27.40.240,212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{01CDB1D6-46AF-426E-A7B3-5805C2D6E28D}: NameServer = 212.27.40.240,212.27.40.241

O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Openssh SSHD (OpenSSHServer) - Unknown owner - C:\Program Files (x86)\ICW\bin\cygrunsrv.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: TabletServicePen - Unknown owner - C:\Windows\system32\Pen_Tablet.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: uvnc_service - UltraVNC - C:\Program Files (x86)\UltraVNC\winvnc.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11648 bytes

Process PID CPU Description Company Name

System Idle Process 0 99.25

Interrupts n/a Hardware Interrupts

DPCs n/a Deferred Procedure Calls

System 4

smss.exe 464 Windows Session Manager Microsoft Corporation

csrss.exe 532 Processus d'exécuttion client-serveur Microsoft Corporation

wininit.exe 584 Application de démarrage de Windows Microsoft Corporation

services.exe 640 Applications Services et Contrôleur Microsoft Corporation

svchost.exe 816 Processus hôte pour les services Windows Microsoft Corporation

iashost.exe 2356 IAS Host Microsoft Corporation

hpqbam08.exe 4644 HP CUE Alert Popup Window Objects Hewlett-Packard Co.

hpqgpc01.exe 4844 GPCore COM object Hewlett-Packard

unsecapp.exe 3548 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation

WmiPrvSE.exe 4492 WMI Provider Host Microsoft Corporation

WmiPrvSE.exe 4816 WMI Provider Host Microsoft Corporation

nvvsvc.exe 860 NVIDIA Driver Helper Service, Version 182.05 NVIDIA Corporation

rundll32.exe 2548 Processus hôte Windows (Rundll32) Microsoft Corporation

svchost.exe 916 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 960 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 260 Processus hôte pour les services Windows Microsoft Corporation

audiodg.exe 524 Isolation graphique de périphérique audio Windows Microsoft Corporation

svchost.exe 360 0.39 Processus hôte pour les services Windows Microsoft Corporation

wisptis.exe 2604 Microsoft Tablet PC Input Component Microsoft Corporation

TabTip.exe 2612 Tablet PC Input Panel Accessory Microsoft Corporation

dwm.exe 3008 Gestionnaire de fenêtres du Bureau Microsoft Corporation

wisptis.exe 3060 Microsoft Tablet PC Input Component Microsoft Corporation

TabTip.exe 3068 Tablet PC Input Panel Accessory Microsoft Corporation

TabTip32.exe 2700 Tablet PC Input Panel Helper Microsoft Corporation

svchost.exe 384 Processus hôte pour les services Windows Microsoft Corporation

taskeng.exe 3040 Moteur du Planificateur de tâches Microsoft Corporation

InputPersonalization.exe 4696 Serveur de personnalisation d'entrée Microsoft Corporation

msfeedssync.exe 4164 Microsoft Feeds Synchronization Microsoft Corporation

taskeng.exe 2792 Moteur du Planificateur de tâches Microsoft Corporation

wuauclt.exe 592 Windows Update Automatic Updates Microsoft Corporation

SLsvc.exe 656 Service de gestion des licences Microsoft Microsoft Corporation

svchost.exe 1052 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 1156 Processus hôte pour les services Windows Microsoft Corporation

spoolsv.exe 1352 Application sous-système spouleur Microsoft Corporation

svchost.exe 1376 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 1744 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 1836 Processus hôte pour les services Windows Microsoft Corporation

nTuneService.exe 1852 NVIDIA Performance Service NVIDIA

cygrunsrv.exe 1976

svchost.exe 1060 Processus hôte pour les services Windows Microsoft Corporation

IoctlSvc.exe 2032 PLFlash DeviceIoControl Service Prolific Technology Inc.

PnkBstrA.exe 1120

svchost.exe 480 Processus hôte pour les services Windows Microsoft Corporation

svchost.exe 1152 Processus hôte pour les services Windows Microsoft Corporation

Pen_Tablet.exe 1536 Tablet Service for consumer driver Wacom Technology, Corp.

Pen_TabletUser.exe 3784 Tablet user module for consumer driver Wacom Technology, Corp.

Pen_Tablet.exe 3836 Tablet Service for consumer driver Wacom Technology, Corp.

winvnc.exe 1648 VNC server for Win32 UltraVNC

winvnc.exe 3504 VNC server for Win32 UltraVNC

svchost.exe 1992 Processus hôte pour les services Windows Microsoft Corporation

SearchIndexer.exe 2056 Indexeur Microsoft Windows Search Microsoft Corporation

SearchProtocolHost.exe 4900 Microsoft Windows Search Protocol Host Microsoft Corporation

SearchFilterHost.exe 3176 Microsoft Windows Search Filter Host Microsoft Corporation

wmpnetwk.exe 2108 Service Partage réseau du Lecteur Windows Media Microsoft Corporation

svchost.exe 2720 Processus hôte pour les services Windows Microsoft Corporation

usnsvc.exe 3000 Messenger Sharing USN Journal Reader Service Microsoft Corporation

TrustedInstaller.exe 4708 Programme d'installation de modules Windows Microsoft Corporation

lsass.exe 652 Processus de l'autorité de sécurité locale Microsoft Corporation

lsm.exe 660 Service du gestionnaire de session locale Microsoft Corporation

csrss.exe 604 Processus d'exécuttion client-serveur Microsoft Corporation

winlogon.exe 908 Application d'ouverture de session Windows Microsoft Corporation

sshd.exe 2024

explorer.exe 3188 Explorateur Windows Microsoft Corporation

MSASCui.exe 3336 Windows Defender User Interface Microsoft Corporation

LGDevAgt.exe 3344 Logitech GamePanel Agent Logitech Inc.

LGDCore.exe 3352 Logitech G-series Profiler Logitech Inc.

rundll32.exe 3372 Processus hôte Windows (Rundll32) Microsoft Corporation

msnmsgr.exe 3388 Windows Live Messenger Microsoft Corporation

hpqtra08.exe 3436 HP Digital Imaging Monitor Hewlett-Packard Co.

hpqste08.exe 4416 HP CUE Status Root Hewlett-Packard Co.

PDFCreator.exe 3452 PDFCreator pdfforge http://www.pdfforge.org/

hamachi.exe 3468 Hamachi Client LogMeIn Inc.

uTorrent.exe 3032 µTorrent BitTorrent, Inc.

firefox.exe 3916 Firefox Mozilla Corporation

procexp.exe 4360 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

procexp64.exe 1928 1.16 Sysinternals Process Explorer Sysinternals - www.sysinternals.com

jusched.exe 3476 Java Platform SE binary Sun Microsystems, Inc.

smax4pnp.exe 3516 SMax4PNP Analog Devices, Inc.

CamService.exe 3524 CamService Application Guillemot Corporation S.A.

acrotray.exe 3616 AcroTray Adobe Systems Inc.

hpwuSchd2.exe 3644 hpwuSchd Application Hewlett-Packard

Process: uTorrent.exe Pid: 3032

Name Description Company Name Version

ADVAPI32.dll API avancées Windows 32 Microsoft Corporation 6.0.6001.18000

CLBCatQ.DLL COM+ Configuration Catalog Microsoft Corporation 2001.12.6931.18000

COMCTL32.dll Bibliothèque de contrôles de l'expérience utilisateur Microsoft Corporation 6.10.6001.18000

comdlg32.dll DLL commune de boîtes de dialogues Microsoft Corporation 6.0.6001.18000

dhcpcsvc.DLL Service client DHCP Microsoft Corporation 6.0.6001.18000

dhcpcsvc6.DLL Client DHCPv6 Microsoft Corporation 6.0.6001.18000

DnsApi.dll DNS DLL de l'API Client Microsoft Corporation 6.0.6001.18000

FirewallAPI.dll API du Pare-feu Windows Microsoft Corporation 6.0.6001.18000

GDI32.dll GDI Client DLL Microsoft Corporation 6.0.6001.18159

IMM32.DLL Multi-User Windows IMM32 API Client DLL Microsoft Corporation 6.0.6001.18000

Iphlpapi.dll API de l'application d'assistance IP Microsoft Corporation 6.0.6001.18000

kernel32.dll DLL du client API BASE Windows NT Microsoft Corporation 6.0.6001.18000

kernel32.dll.mui DLL du client API BASE Windows NT Microsoft Corporation 6.0.6001.18000

locale.nls

locale.nls

LPK.DLL Language Pack Microsoft Corporation 6.0.6001.18000

MSCTF.dll DLL de MSCTF Server Microsoft Corporation 6.0.6001.18000

msctf.dll.mui DLL de MSCTF Server Microsoft Corporation 6.0.6000.16386

msvcrt.dll Windows NT CRT DLL Microsoft Corporation 7.0.6001.18000

mswsock.dll Fournisseur de service Sockets 2.0 de Microsoft Windows Microsoft Corporation 6.0.6001.18000

napinsp.dll Fournisseur Shim d'affectation de noms de messagerie Microsoft Corporation 6.0.6001.18000

NLAapi.dll Network Location Awareness 2 Microsoft Corporation 6.0.6001.18000

npmproxy.dll Network List Manager Proxy Microsoft Corporation 6.0.6000.16386

NSI.dll NSI User-mode interface DLL Microsoft Corporation 6.0.6001.18000

ntdll.dll DLL Couche NT Microsoft Corporation 6.0.6001.18000

ntdll.dll DLL Couche NT Microsoft Corporation 6.0.6001.18000

ole32.dll Microsoft OLE pour Windows Microsoft Corporation 6.0.6001.18000

oleacc.dll Active Accessibility Core Component Microsoft Corporation 4.2.5406.0

oleaccrc.dll Active Accessibility Resource DLL Microsoft Corporation 4.2.5406.0

oleaut32.dll Microsoft Corporation 6.0.6001.18000

pnrpnsp.dll Fournisseur d'espace de noms PNRP Microsoft Corporation 6.0.6001.18000

PSAPI.DLL Process Status Helper Microsoft Corporation 6.0.6000.16386

rasadhlp.dll Remote Access AutoDial Helper Microsoft Corporation 6.0.6000.16386

RPCRT4.dll Runtime d'appel de procédure distante Microsoft Corporation 6.0.6001.18051

rsaenh.dll Microsoft Enhanced Cryptographic Provider Microsoft Corporation 6.0.6001.18000

Secur32.dll Security Support Provider Interface Microsoft Corporation 6.0.6001.18000

SHELL32.dll DLL commune du shell Windows Microsoft Corporation 6.0.6001.18167

shfolder.dll Shell Folder Service Microsoft Corporation 6.0.6000.16386

SHLWAPI.dll Bibliothèque d'utilitaires légers du Shell Microsoft Corporation 6.0.6001.18000

tiptsf.dll Structure des services de texte du Panneau de saisie Tablet PC Microsoft Corporation 6.0.6001.18000

USER32.dll DLL client de l'API uilisateur de Windows multi-utilisateurs Microsoft Corporation 6.0.6001.18000

USERENV.dll Userenv Microsoft Corporation 6.0.6001.18000

USP10.dll Uniscribe Unicode script processor Microsoft Corporation 1.626.6001.18000

uTorrent.exe µTorrent BitTorrent, Inc. 1.8.2.14458

uxtheme.dll Bibliothèque de thèmes Ux Microsoft Microsoft Corporation 6.0.6001.18000

version.dll Version Checking and File Installation Libraries Microsoft Corporation 6.0.6001.18000

WINNSI.DLL Network Store Information RPC interface Microsoft Corporation 6.0.6001.18000

winrnr.dll LDAP RnR Provider DLL Microsoft Corporation 6.0.6000.16386

WLDAP32.dll DLL API LDAP Win32 Microsoft Corporation 6.0.6001.18000

wow64.dll Win32 Emulation on NT64 Microsoft Corporation 6.0.6001.18000

wow64cpu.dll AMD64 Wow64 CPU Microsoft Corporation 6.0.6001.18000

wow64win.dll Wow64 Console and Win32 API Logging Microsoft Corporation 6.0.6001.18000

WS2_32.dll Windows Socket 2.0 32-Bit DLL Microsoft Corporation 6.0.6001.18000

wship6.dll DLL d'application d'assistance Winsock2 (TL/IPv6) Microsoft Corporation 6.0.6001.18000

wshtcpip.dll DLL d'application d'assistance Winsock2 (TL/IPv4) Microsoft Corporation 6.0.6001.18000

thanks

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...