arkane2002

Voilà c'est fait. autre chose ?

J'ajoute que après avoir : - désactiver la désactivation de la carte wifi dans la gestion de l'alimentation pour économiser de l'énergie - restaurer les paramètres du parefeu windows aux valeurs par défaut Toujours error 105 : Erreur 105 (net::ERR_NAME_NOT_RESOLVED) : Serveur introuvable Ca ressemble à un pb de serveur DNS, mais bon.

Le voici. Results of screen317's Security Check version 0.99.5 Windows 7 [color=red][b](UAC is disabled!)[/b][/color] Internet Explorer 8 [b]`````````````````````````````` [u]Antivirus/Firewall Check:[/u][/b] Symantec Endpoint Protection [size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size] [b]``````````````````````````````` [u]Anti-malware/Other Utilities Check:[/u][/b] Malwarebytes' Anti-Malware Java(TM) 6 Update 21 Adobe Flash Player Adobe Reader 9.3.4 - Français [b]```````````````````````````````` Process Check: [u]objlist.exe by Laurent[/u][/b] Norton ccSvcHst.exe gbataillon Desktop Virus Removal Tool setup_9.0.0.722_05.10.2010_14-32\setup_9.0.0.722_05.10.2010_14-32.exe [b]```````````````````````````````` [u]DNS Vulnerability Check:[/u][/b] [b]POOR! (Vulnerable to DNS cache poisoning!!-- Consider OPENDNS)[/b] [b]``````````End of Log````````````[/b] A+ Arka

Voilà, c'est fini. voici le log de ESET : C:\Program Files (x86)\Ad-Remover\Quarantine\C\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe.vir Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined C:\Program Files (x86)\Ad-Remover\Quarantine\C\Program Files (x86)\pdfforge Toolbar\SearchSettingsRes409.dll.vir Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined C:\Users\Ludivine\AppData\Roaming\WinRAR\drvmsms21\msftcore.dll a variant of Win32/Agent.RPY trojan cleaned by deleting - quarantined C:\Users\Ludivine\AppData\Roaming\WinRAR\drvmsms21\msftstp.exe a variant of Win32/Agent.RPY trojan cleaned by deleting - quarantined C:\Users\Ludivine\AppData\Roaming\WinRAR\drvmsms21\msfttcp.dll Win32/Agent.RWR trojan cleaned by deleting - quarantined D:\Utilisateurs\Ludivine\Downloads\install_movimaker.exe multiple threats deleted - quarantined D:\Utilisateurs\Ludivine\Downloads\backups\backup-20100901-161318-989.dll Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined Bon j'administre cette machine à distance, donc je terminerai par ça car j'ai besoin d'un opérateur à domicile A vous de jouer Merci d'avance, A + Arka

Voilà le rapport de KVRT : 05/10/2010 17:22:39 Task started 05/10/2010 17:27:24 Processing error C:\Documents and Settings\gbataillon\AppData\Local\Microsoft\Outlook\archive.pst Read error 05/10/2010 17:27:24 Processing error C:\Documents and Settings\gbataillon\AppData\Local\Microsoft\Outlook\outlook.ost Read error 05/10/2010 22:14:25 Detected: not-a-virus:AdWare.Win32.Agent.rlh C:\swsetup\PreRq\Setup.exe 05/10/2010 22:15:52 Deleted: not-a-virus:AdWare.Win32.Agent.rlh C:\swsetup\PreRq\Setup.exe 05/10/2010 22:16:24 Detected: not-a-virus:AdWare.Win32.Agent.rbc C:\swsetup\Wpaper\Disk1\Setup.exe 05/10/2010 22:16:42 Deleted: not-a-virus:AdWare.Win32.Agent.rbc C:\swsetup\Wpaper\Disk1\Setup.exe 06/10/2010 11:48:40 Task completed Y'a pas l'air d'avoir gd chose de bien méchant ... A + Arka

Bonjour Merci pour la réponse. Voilà le log de MBAM, qui a bien trouvé un certain nombre de problèmes : Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Version de la base de données: 4587 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 05/10/2010 21:07:06 mbam-log-2010-10-05 (21-07-06).txt Type d'examen: Examen complet (C:\|D:\|L:\|) Elément(s) analysé(s): 365431 Temps écoulé: 1 heure(s), 27 minute(s), 28 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 6 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\MSoftware (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\wnxmal (Rogue.SecuritySuite) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Program Files (x86)\Ad-Remover\Quarantine\C\Program Files (x86)\pdfforge Toolbar\WidgiHelper.exe.vir (Adware.WidgiToolbar) -> Quarantined and deleted successfully. C:\Users\Ludivine\AppData\Roaming\WinRAR\drvmsms21\msftdm.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Users\Ludivine\AppData\Roaming\WinRAR\drvmsms21\msftdm32.exe (Trojan.Agent) -> Quarantined and deleted successfully. D:\Utilisateurs\Ludivine\Downloads\backups\backup-20100901-161318-695.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully. Que faire ensuite ^^ Merci d'avance.

Bon, rebonjour, Voilà, en attendant que ma propre machine fait tourner KVRT je m'occupe du PC de ma couz'ine ^^ Symptomes rencontrés : -Machine très lente, alors que c pas un bouzin du tout. -Obligé de réparer la connexion Wifi a chaque reboot/sortie de veille sinon error 105 en ouvrant un navigateur (IE/FF/GC) Donc j'ai repris les étapes demandées pour ma machine pour Appollo en espérant que ce soit tout bon : 1) Execution de AD-R Scan AD-R Scan Log : ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 16/09/10 à 13:30 Contact: AdRemover.contact[AT]gmail.com Site web: [url=http://www.teamxscript.org]TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill[/url] C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 15:29:34 le 05/10/2010, Mode normal Microsoft Windows 7 Édition Familiale Premium (X64) Ludivine@ASUS-PC (ASUSTeK Computer Inc. N71Vn) ============== RECHERCHE ============== Service: "Application Updater" Présent 0,Dossier trouvé: C:\Program Files (x86)\Application Updater 0,Dossier trouvé: C:\Program Files (x86)\pdfforge Toolbar 3,Fichier trouvé: C:\Windows\Installer\10a80b1.msi 0,Clé trouvée: HKLM\Software\Application Updater 0,Clé trouvée: HKLM\Software\pdfforge 0,Clé trouvée: HKLM\Software\Search Settings 0,Clé trouvée: HKCU\Software\AppDataLow\Software\pdfforge 3,Clé trouvée: HKLM\Software\Classes\Installer\Products\3D7B197543B881247905A6E8540DDA23 0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5791B7D3-8B34-4218-9750-6A8E45D0AD32} 0,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings ============== SCAN ADDITIONNEL ============== ** Internet Explorer Version [8.0.7600.16385] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://asus.msn.com Default_Search_URL: hxxp://www.google.com/ie Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://www.google.com/ie Search Page: hxxp://www.google.com Show_ToolBar: yes Start Page: hxxp://asus.msn.com [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157 Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\SysWOW64\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157 [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 05/10/2010 (2308 Octet(s)) Fin à: 15:33:07, 05/10/2010 ============== E.O.F ============== 2) Execution de AD-R Clean : AD-R CLEAN : ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 16/09/10 à 13:30 Contact: AdRemover.contact[AT]gmail.com Site web: [url=http://www.teamxscript.org]TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill[/url] C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 15:53:20 le 05/10/2010, Mode normal Microsoft Windows 7 Édition Familiale Premium (X64) Ludivine@ASUS-PC (ASUSTeK Computer Inc. N71Vn) ============== ACTION(S) ============== Service: "Application Updater" Stoppé et supprimé 0,Dossier supprimé: C:\Program Files (x86)\Application Updater 0,Dossier supprimé: C:\Program Files (x86)\pdfforge Toolbar 3,Fichier supprimé: C:\Windows\Installer\10a80b1.msi (!) -- Fichiers temporaires supprimés. 0,Clé supprimée: HKLM\Software\Application Updater 0,Clé supprimée: HKLM\Software\pdfforge 0,Clé supprimée: HKLM\Software\Search Settings 0,Clé supprimée: HKCU\Software\AppDataLow\Software\pdfforge 3,Clé supprimée: HKLM\Software\Classes\Installer\Products\3D7B197543B881247905A6E8540DDA23 0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5791B7D3-8B34-4218-9750-6A8E45D0AD32} 0,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings ============== SCAN ADDITIONNEL ============== ** Internet Explorer Version [8.0.7600.16385] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Enable Browser Extensions: yes Local Page: C:\Windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\SysWOW64\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 23 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 05/10/2010 (2501 Octet(s)) C:\Ad-Report-SCAN[1].txt - 05/10/2010 (2437 Octet(s)) Fin à: 15:56:51, 05/10/2010 ============== E.O.F ============== 3) Execution de RSIT. A la différence de ma machine la sienne a généré le info.txt en quasi 10min ... en étant hyper long sur : listing Events log Voici les logs générés : RSIT Log : info.txt log.txt Est-ce que je lui passe MBAM dans la foulée ? Un hijackthis aussi ou RSIT suffit ? Merci

C'est parti. J'editerai qd ce sera fini. pdt que ca tourne je vais aller courir, bonne idée

Très juste je vais chercher mon chauffe-tasse USB pour m'imoler par le feu en guise d'excuse Absolument ! C'est surtout que bien souvent, sans utilitaire c'est une vrai galère de supprimer ces temporaires. Bon sinon, comme je le craignais MBAM n'a rien trouvé de nuisible. Que puis-je faire de plus ?

Ah ah ah On en écrit pas mal des aneries Donc je voulais dire (mais tu l'as compris) si y'a des softs qui ont été installés dont la pertinence dans leur rôle est douteuse n'hésitez pas à me faire supprimer ces logiciels C'est fait +800Mo de fichiers temporaires supprimé. Interessant cet outil, je vais le garder sous la main. Avant de venir sur le fofo j'avais déjà passé un MBAM, qui n'avait rien trouvé. Je l'ai relancé totu de même mais je doute qu'il trouve qqchose. A +

Pas de soucis. Merci d'avance. C'est fait. Par contre après un reboot, nécessaire pour l'UAC, impossible de redemarrer. Obligé d'arreter le PC au bouton. Le démarrage suivant s'est passé normalement. le voici AD-Report Scan: ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 16/09/10 à 13:30 Contact: AdRemover.contact[AT]gmail.com Site web: [url=http://www.teamxscript.org]TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill[/url] C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 10:34:25 le 05/10/2010, Mode normal Microsoft Windows 7 Professionnel (X86) gbataillon@BATAILLONGP (Hewlett-Packard HP ProBook 4720s) ============== RECHERCHE ============== 0,Dossier trouvé: C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,Fichier trouvé: C:\windows\system32\Tasks\Scheduled Update for Ask Toolbar 0,Dossier trouvé: C:\Program Files\Ask.com 0,Dossier trouvé: C:\Users\gbataillon\AppData\Local\AskToolbar 3,Fichier trouvé: C:\windows\Installer\238d75bc.msi 1,Clé trouvée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} 1,Clé trouvée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Clé trouvée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} 1,Clé trouvée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} 1,Clé trouvée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} 1,Clé trouvée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} 0,Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd 0,Clé trouvée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 0,Clé trouvée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL 1,Clé trouvée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} 0,Clé trouvée: HKCU\Software\Ask.com 0,Clé trouvée: HKCU\Software\AskToolbar 0,Clé trouvée: HKCU\Software\AppDataLow\AskToolbarInfo 0,Clé trouvée: HKCU\Software\AppDataLow\Software\AskToolbar 3,Clé trouvée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF 3,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF 3,Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 3,Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 0,Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,Clé trouvée: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar 0,Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} 0,Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== SCAN ADDITIONNEL ============== ** Internet Explorer Version [8.0.7600.16385] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://g.uk.msn.com/HPCOM/9 Default_Search_URL: hxxp://www.google.com/ie Do404Search: 0x01000000 Local Page: C:\windows\system32\blank.htm Search bar: hxxp://www.google.com/ie Search Page: hxxp://www.google.com Show_ToolBar: yes Start Page: hxxp://search.orbitdownloader.com [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://g.uk.msn.com/HPCOM/9 Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\System32\blank.htm Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Start Page: hxxp://g.uk.msn.com/HPCOM/9 [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 05/10/2010 (4155 Octet(s)) Fin à: 10:36:00, 05/10/2010 ============== E.O.F ============== le voici - AD-Report Clean : ======= RAPPORT D'AD-REMOVER 2.0.0.1,F | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par C_XX le 16/09/10 à 13:30 Contact: AdRemover.contact[AT]gmail.com Site web: [url=http://www.teamxscript.org]TEAM X SCRIPT : UsbFix - AD-Remover - FindyKill[/url] C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 10:42:57 le 05/10/2010, Mode normal Microsoft Windows 7 Professionnel (X86) gbataillon@BATAILLONGP (Hewlett-Packard HP ProBook 4720s) ============== ACTION(S) ============== 0,Dossier supprimé: C:\windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,Fichier supprimé: C:\windows\system32\Tasks\Scheduled Update for Ask Toolbar 0,Dossier supprimé: C:\Program Files\Ask.com 0,Dossier supprimé: C:\Users\gbataillon\AppData\Local\AskToolbar 3,Fichier supprimé: C:\windows\Installer\238d75bc.msi (!) -- Fichiers temporaires supprimés. 1,Clé supprimée: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} 1,Clé supprimée: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} 1,Clé supprimée: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} 1,Clé supprimée: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} 1,Clé supprimée: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} 1,Clé supprimée: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} 0,Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd 0,Clé supprimée: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 0,Clé supprimée: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL 1,Clé supprimée: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} 0,Clé supprimée: HKCU\Software\Ask.com 0,Clé supprimée: HKCU\Software\AskToolbar 0,Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo 0,Clé supprimée: HKCU\Software\AppDataLow\Software\AskToolbar 3,Clé supprimée: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF 3,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF 3,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 3,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} 0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} 0,Erreur suppression clé: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar (Error code: 1) 0,Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} 0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== SCAN ADDITIONNEL ============== ** Internet Explorer Version [8.0.7600.16385] ** [HKCU\Software\Microsoft\Internet Explorer\Main] Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Do404Search: 0x01000000 Local Page: C:\windows\system32\blank.htm Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896 Show_ToolBar: yes Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\Main] AutoHide: yes Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896 Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Delete_Temp_Files_On_Exit: yes Local Page: C:\Windows\System32\blank.htm Search bar: hxxp://search.msn.com/spbasic.htm Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page: hxxp://fr.msn.com/ [HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS] Tabs: res://ieframe.dll/tabswelcome.htm Blank: res://mshtml.dll/blank.htm ======================================== C:\Program Files\Ad-Remover\Quarantine: 13 Fichier(s) C:\Program Files\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 05/10/2010 (4414 Octet(s)) C:\Ad-Report-SCAN[1].txt - 05/10/2010 (4284 Octet(s)) Fin à: 10:44:52, 05/10/2010 ============== E.O.F ============== Lien vers info.txt Lien vers log.txt Voilà. A vous de jouer, je reste à l'écoute si vous voulez me faire faire plus de choses. A + Arka

Bonjour à tous, Je ne sais plus quoi faire. Depuis quelques temps, sur un HP Probook 4720s, le ventilo de l'ordi se met à "souffler" un maximum de façon totalement aléatoire. Dans le même temps le clavier rate un nombre incroyable de frappe (pour écrire ce texte ce fut une vrai galère). Seul moyen de revenir à la normal, mettre en veille le portable. A la sortie de veille tout est rentré dans l'ordre pour quelques minutes (heues .. ça dépend). A priori ça n'a rien a voir avec la t° du pc qui est plutôt faible. J'ai passer plusieurs antimalware qui n'ont rien trouvé, mon antivirus de société est à jour (Symantec Endpoint). J'ai cherché dans la base de connaissance HP, sans succès. Donc ma dernière solution vous proposer une analyse de mon log Hijackthis en espérant que vous trouverez plus de choses que moi ... ci-dessous le log : Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:25:41, on 04/10/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\windows\Explorer.EXE C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Users\gbataillon\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Trillian\trillian.exe C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Users\gbataillon\Downloads\ole.exe C:\Program Files\Quest Software\Toad for Oracle 10.5\Toad.exe C:\Program Files\Avencall\XiVO\xivoclient.exe C:\Program Files\Quest Software\SQL Navigator 5\SQLNav5.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Orbitdownloader\orbitnet.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Kit Internet Mobile Bouygues Telecom\Kit Internet Mobile Bouygues Telecom.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files\Microsoft Office\Office12\EXCEL.EXE C:\windows\system32\mstsc.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\windows\system32\NOTEPAD.EXE C:\windows\system32\NOTEPAD.EXE C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\windows\system32\mmc.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\gbataillon\AppData\Local\Google\Chrome\Application\chrome.exe C:\windows\system32\NOTEPAD.EXE C:\windows\system32\NOTEPAD.EXE C:\windows\system32\SearchFilterHost.exe C:\windows\system32\taskhost.exe C:\windows\system32\taskeng.exe C:\Users\gbataillon\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://g.uk.msn.com/HPCOM/9]HP Commercial | MSN[/url] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://search.orbitdownloader.com]Orbit Downloader Start[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://g.uk.msn.com/HPCOM/9]HP Commercial | MSN[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://g.uk.msn.com/HPCOM/9]HP Commercial | MSN[/url] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (file missing) O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.0.2156.0\npwinext.dll O3 - Toolbar: Trillian Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NVC] "C:\Program Files\Nortel\Nortel VPN Client\Nvc.exe" -autostart O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [bTE] C:\Program Files\Emailer\bin\emailer.exe -vhidden O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\gbataillon\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Startup: Dropbox.lnk = C:\Users\gbataillon\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: Trillian.lnk = C:\Program Files\Trillian\trillian.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Envoyer l'ℑ au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O15 - Trusted Zone: [url=http://t-aspf.gzsi.local][url=http://t-aspf.gzsi.local]http://t-aspf.gzsi.local[/url][/url] O15 - Trusted Zone: http://*.mcafee.com (HKLM) O15 - Trusted Zone: [url=http://betavscan.mcafeeasap.com]McAfee Security-as-a-Service Beta[/url] (HKLM) O15 - Trusted Zone: [url=http://vs.mcafeeasap.com][url=http://vs.mcafeeasap.com]http://vs.mcafeeasap.com[/url][/url] (HKLM) O15 - Trusted Zone: [url=http://www.mcafeeasap.com][url=http://www.mcafeeasap.com]http://www.mcafeeasap.com[/url][/url] (HKLM) O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: [url=http://betavscan.mcafeeasap.com]McAfee Security-as-a-Service Beta[/url] (HKLM) O15 - ESC Trusted Zone: [url=http://vs.mcafeeasap.com][url=http://vs.mcafeeasap.com]http://vs.mcafeeasap.com[/url][/url] (HKLM) O15 - ESC Trusted Zone: [url=http://www.mcafeeasap.com][url=http://www.mcafeeasap.com]http://www.mcafeeasap.com[/url][/url] (HKLM) O16 - DPF: {5C0E257E-9DFE-4955-AA93-0A9B166BAB50} (SSObject Control) - [url=http://78.227.82.204:5000/surveillance/object/SSObject.cab][url=http://78.227.82.204:5000/surveillance/object/SSObject.cab]http://78.227.82.204:5000/surveillance/object/SSObject.cab[/url][/url] O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = adgz.lan O17 - HKLM\Software\..\Telephony: DomainName = adgz.lan O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = adgz.lan O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = adgz.lan O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing) O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\aestsrv.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: DB2 Management Service (TACOM26) (DB2MGMTSVC_TACOM26) - International Business Machines Corporation - C:\Program Files\Quest Software\Toad for Data Analysts 2.6.1\SQLLIB\BIN\db2mgmtsvc.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\system32\flcdlock.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.Exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\windows\system32\Hpservice.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: Net Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: Nortel VPN Client (NvcSvcMgr) - Nortel Networks - C:\Program Files\Nortel\Nortel VPN Client\NvcSvcMgr.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: Client de gestion Symantec (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9fc8b38ddee9fbba\STacSV.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\windows\servicing\TrustedInstaller.exe O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system32\uArcCapture.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\windows\system32\svchost.exe O23 - Service: XobniService - Xobni Corporation - C:\Program Files\Xobni\XobniService.exe -- End of file - 32070 byte s N'hésitez pas à me faire supprimer tout ce qui vous semble inutile. Ce pc est passé entre les mains d'un collègue cet été pt mes congés et jai déjà supprimé un paquet de conneries du genre msn+, lo.st, ... Merci d'avance.