De l'aide contre Win32 VB-ELK

Résolu
fnz Messages postés 11 Statut Membre -  
fnz Messages postés 11 Statut Membre -
Bonjour, cela fais 2 jours que je suis infecté par "Win32 VB-ELk et qu' une fenêtre avec "Connexion à 125.212.47.5." s'ouvre à intervalles régulier. J'ai effectué des scans avec asquare free, spybot, adaware sans pouvoir le supprimer.
Je dispose de avast, et d'une connexion en wifi sur une freebox.
Je vous affiche mon log et j'attend une âme charitable. Merci d'avance.........

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:04:03, on 28/07/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\WINDOWS\Dispatcher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\ehome\ehtray.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\WINDOWS\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\SOLEIL\Downloads\Hbcd.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Dispatcher] C:\Windows\dispatcher.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6A148963-DE74-4772-9D1E-69CCE3713277}: NameServer = 212.27.54.252,212.27.53.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{92F1FA06-6446-45AE-9682-27654EB9720E}: NameServer = 217.27.32.5,213.228.0.168
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7635 bytes
Configuration: Windows Vista
Firefox 3.0.1

14 réponses

  1. benurrr Messages postés 9766 Statut Contributeur sécurité 107
     
    Bonjour ;

    telecharge malwarbyte http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware a l'intallation verifie que mise a jour et lançer program et scan complet sont bien cocher

    Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

    A la fin du scan clique sur Afficher les résultats

    Suppression des éléments détectés >>>> clique sur Supprimer la sélection ou supprimer tout
    S'il t'es demandé de redémarrer >>> clique sur "Yes"

    Et tu poste le raport generer
    et on attendant une reponse tu peut refaire un scan malwarbyte mais on mode sans echec car beaucoup plus efficace

    comment demarer on mode sans echec içi tuto http://www.infos-du-net.com/forum/272325-11-tuto-demarrer-mode-echec

    tu enregistre le raport generer de facon a le retrouver et tu poste le nouveau rapport raport
    0
  2. chimay8 Messages postés 7947 Statut Contributeur sécurité 60
     
    il est redirigé vers un serveur des Phillipines...faut utiliser SDFix
    0
    1. benurrr Messages postés 9766 Statut Contributeur sécurité 107
       
      je suis encore a analyser son rapport si t dire sont exact il lui faut FixWareout je vait voir et je te confirme
      0
      1. benurrr Messages postés 9766 Statut Contributeur sécurité 107 > benurrr Messages postés 9766 Statut Contributeur sécurité
         
        aller tient sa coute rien de le lui passer quand meme l'outil

        Redémarre ton PC en mode Normal

        Télécharge FixWareout de l'un de ces deux liens :
        http://downloads.subratam.org/Fixwareout.exe
        http://download.bleepingcomputer.com/lonny/Fixwareout.exe

        Sauvegarde-le sur ton Bureau, puis lance-le.
        Clique Next, puis Install, et assure-toi que "Run fixit" soit coché, puis clique Finish.
        Suis les directives à l'écran.
        L'outil va te demander de redémarrer ton PC; fais-le s'il te plaît.
        Le redémarrage risque de prendre un peu plus de temps; ceci est normal.

        Lorsque redémarré, un fichier texte apparaîtra (report.txt); copie/colle ce rapport dans ta prochaine réponse, avec
        0
      2. fnz Messages postés 11 Statut Membre > benurrr Messages postés 9766 Statut Contributeur sécurité
         
        salut, j'avais tester malwarebyte sans résultat, je viens de tester Fixwareout mais il ne supporte pas ma version de windows. Je vais voir le post de chimay et je vous tiens au courant.
        0
  3. chimay8 Messages postés 7947 Statut Contributeur sécurité 60
     
    voila les lignes;pour ma part j'aurai utiliser sdfix(ceci dit si FixWareout fonctionne,je suis preneur pour le futur!)
    C:\WINDOWS\Dispatcher.exe
    O4 - HKLM\..\Run: [Dispatcher] C:\Windows\dispatcher.exe
    0
  4. chimay8 Messages postés 7947 Statut Contributeur sécurité 60
     
    oui celle-ci aussi
    https://www.dnsstuff.com/
    0
    1. benurrr Messages postés 9766 Statut Contributeur sécurité 107
       
      desoler je ne voit pas de philippine j'ai vu chypre mais je suis pas sur mais je vait voir un ancien pour conseil je ne connait pas trop les outils de nettoyage pour vista
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Salut à tous les deux ,

    sdfix ne marche pas sous vista

    je répond a la demande en mp de benurr

    fnz,

    fais un clic droit sur hijackthis
    choisi executer en tant qu administrateur
    fais scan only
    coche ces lignes :

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6A148963-DE74-4772-9D1E-69CCE3713277}: NameServer = 212.27.54.252,212.27.53.252
    O17 - HKLM\System\CCS\Services\Tcpip\..\{92F1FA06-6446-45AE-9682-27654EB9720E}: NameServer = 217.27.32.5,213.228.0.168

    tu les coches et tu clc sur fix checked

    ensuite :

    -> Redémarre en mode sans échec :

    Comment redémarrer en mode sans echec?

    Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter.
    Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal!
    Ps : si F8 ne marche pas utilise la touche F5.

    -> Tuto :https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/

    click sur demarrer >accesoire puis executer > dans la boite de dialogue tape > cmd et valide

    dans la fenetre noir tape ceci : ipconfig /flushdns et valide par entree

    ensuite en mode normal :

    Télécharge sur ton bureau DSS (ex Comboscan) de Deckard:

    http://deckard.geekstogo.com/dss.exe

    (choisis enregistrer, puis Bureau comme emplacement)

    Ferme toutes les applications en cours.

    Double-clic sur DSS.exe pour lancer l'outil.

    Une fenêtre s'ouvre, invitant à fermer toutes les applications, clique sur OK.

    A la fin de l'analyse, une fenêtre s'ouvre, clique sur OK.

    Le rapport main.txt va s'afficher, copie le dans ta prochaine réponse.
    Si un rapport complémentaire a été créé ( extra.txt ), poste le aussi dans ta réponse.

    Les rapports sont ici :
    (!) C:\Deckard\System Scanner\main.txt
    (!) C:\Deckard\System Scanner\extra.txt

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    0
    1. benurrr Messages postés 9766 Statut Contributeur sécurité 107
       
      merci chiquitine d'etre passer

      y'a t'il infection Wareout oui ou non merci
      0
  7. Utilisateur anonyme
     
    re

    du coup j avais pas verifié xd

    non y a pas de wareout

    fnz ne fait pas ça :

    fais un clic droit sur hijackthis
    choisi executer en tant qu administrateur
    fais scan only
    coche ces lignes :

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/s­wflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6A148963-DE74-4772-9D1E-6­9CCE3713277}: NameServer = 212.27.54.252,212.27.53.252
    O17 - HKLM\System\CCS\Services\Tcpip\..\{92F1FA06-6446-45AE-9682-2­7654EB9720E}: NameServer = 217.27.32.5,213.228.0.168

    tu les coches et tu clc sur fix checked

    ensuite :

    -> Redémarre en mode sans échec :

    Comment redémarrer en mode sans echec?

    Tu redemarre le pc et tapote la touche F8 des le début de l allumage sans t´arrêter.
    Une fenêtre sur fond noir va s’ouvrir, tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau si il n y a pas toutes les couleurs et autres c´est normal!
    Ps : si F8 ne marche pas utilise la touche F5.

    -> Tuto :https://www.wekyo.com/demarrer-le-pc-en-mode-sans-echec-windows-7-et-8/

    click sur demarrer >accesoire puis executer > dans la boite de dialogue tape > cmd et valide

    dans la fenetre noir tape ceci : ipconfig /flushdns et valide par entree

    ip :

    Final results obtained from whois.ripe.net.
    Results:
    % This is the RIPE Whois query server #3.
    % The objects are in RPSL format.
    %
    % Rights restricted by copyright.
    % See http://www.ripe.net/db/copyright.html

    % Note: This output has been filtered.
    % To receive output for a database update, use the "-B" flag.

    % Information related to '213.228.0.0 - 213.228.0.255'

    inetnum: 213.228.0.0 - 213.228.0.255
    netname: FR-PROXAD
    descr: Proxad / Free
    descr: Servers (Courbevoie)
    descr: NCC#2002110278
    country: FR
    admin-c: ACP23-RIPE
    tech-c: TCP8-RIPE
    status: ASSIGNED PA
    mnt-by: PROXAD-MNT
    source: RIPE # Filtered

    role: Administrative Contact for ProXad
    address: Free SAS / ProXad
    address: 8, rue de la Ville L'Eveque
    address: 75008 Paris
    phone: +33 1 73 50 20 00
    fax-no: +33 1 73 92 25 69
    remarks: trouble: Information: http://www.proxad.net/
    remarks: trouble: Spam/Abuse requests: mailto:abuse@proxad.net
    admin-c: RA999-RIPE
    tech-c: FG4214-RIPE
    nic-hdl: ACP23-RIPE
    mnt-by: PROXAD-MNT
    source: RIPE # Filtered
    abuse-mailbox: abuse@proxad.net

    role: Technical Contact for ProXad
    address: Free SAS / ProXad
    address: 8, rue de la Ville L'Eveque
    address: 75008 Paris
    phone: +33 1 73 50 20 00
    fax-no: +33 1 73 92 25 69
    remarks: trouble: Information: http://www.proxad.net/
    remarks: trouble: Spam/Abuse requests: mailto:abuse@proxad.net
    admin-c: RA999-RIPE
    tech-c: FG4214-RIPE
    nic-hdl: TCP8-RIPE
    mnt-by: PROXAD-MNT
    source: RIPE # Filtered
    abuse-mailbox: abuse@proxad.net

    % Information related to '213.228.0.0/18AS12322'

    route: 213.228.0.0/18
    descr: ProXad network / Free SA
    descr: Paris, France
    origin: AS12322
    mnt-by: PROXAD-MNT
    source: RIPE # Filtered

    post un rapport dss

    0
    1. fnz Messages postés 11 Statut Membre
       
      salut, j'ai effectué ta manip et après avoir tapé "ipconfig...."j'ai se message "impossible de vider le cache dns.la fonction a echoué l'ors de l'exécution"
      Et en redémarrant j'ai été obligé de faire une restauration pour ma connection internet.
      0
  8. Utilisateur anonyme
     
    oui et m en excuse j ai été enduit en erreure les 017 presentent sur hijackthis sont légitimes dans ton cas

    j avais rectifié le tire mais trop tard je vois

    donc je m excuse

    la restauration a t elle réglé le probleme initiale ?
    0
    1. fnz Messages postés 11 Statut Membre
       
      Oui pas de probléme après la restauration mais le trojan est tjrs là ....
      0
  9. Utilisateur anonyme
     
    explique les soucis :

    Télécharge sur ton bureau DSS (ex Comboscan) de Deckard:

    http://deckard.geekstogo.com/dss.exe

    (choisis enregistrer, puis Bureau comme emplacement)

    Ferme toutes les applications en cours.

    Double-clic sur DSS.exe pour lancer l'outil.

    Une fenêtre s'ouvre, invitant à fermer toutes les applications, clique sur OK.

    A la fin de l'analyse, une fenêtre s'ouvre, clique sur OK.

    Le rapport main.txt va s'afficher, copie le dans ta prochaine réponse.
    Si un rapport complémentaire a été créé ( extra.txt ), poste le aussi dans ta réponse.

    Les rapports sont ici :
    (!) C:\Deckard\System Scanner\main.txt
    (!) C:\Deckard\System Scanner\extra.txt

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    0
    1. fnz Messages postés 11 Statut Membre
       
      Mission effectuée, je te poste les 2....

      Deckard's System Scanner v20071014.68
      Extra logfile - please post this as an attachment with your post.
      --------------------------------------------------------------------------------

      -- System Information ----------------------------------------------------------

      Microsoft® Windows Vista™ Édition Familiale Premium (build 6001) SP 1.0
      Architecture: X86; Language: French

      CPU 0: AMD Turion(tm) 64 X2 Mobile Technology TL-50
      Percentage of Memory in Use: 39%
      Physical Memory (total/avail): 2045.87 MiB / 1231.82 MiB
      Pagefile Memory (total/avail): 4329.02 MiB / 3475.02 MiB
      Virtual Memory (total/avail): 2047.88 MiB / 1889.24 MiB

      C: is Fixed (NTFS) - 106.42 GiB total, 38.11 GiB free.
      D: is Fixed (NTFS) - 5.37 GiB total, 1.31 GiB free.
      E: is CDROM (No Media)

      \\.\PHYSICALDRIVE0 - FUJITSU MHV2120BH PL SCSI Disk Device - 111.79 GiB - 2 partitions
      \PARTITION0 (bootable) - Système de fichiers installable - 106.42 GiB - C:
      \PARTITION1 - Système de fichiers installable - 5.37 GiB - D:



      -- Security Center -------------------------------------------------------------

      AUOptions is set to notify before download.
      Windows Internal Firewall is enabled.

      AV: avast! antivirus 4.8.1229 [VPS 080729-1] v4.8.1229 (ALWIL Software)
      AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) [COLOR=RED]Disabled[/COLOR] [COLOR=RED]Outdated[/COLOR]
      AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) [COLOR=RED]Disabled[/COLOR] [COLOR=RED]Outdated[/COLOR]
      AS: avast! antivirus 4.8.1229 [VPS 080729-1] v4.8.1229 (ALWIL Software)

      [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

      [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


      -- Environment Variables -------------------------------------------------------

      ALLUSERSPROFILE=C:\ProgramData
      APPDATA=C:\Users\SOLEIL\AppData\Roaming
      CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
      CommonProgramFiles=C:\Program Files\Common Files
      COMPUTERNAME=FNZ
      ComSpec=C:\Windows\system32\cmd.exe
      DEFAULT_CA_NR=CA8
      FP_NO_HOST_CHECK=NO
      HOMEDRIVE=C:
      HOMEPATH=\Users\SOLEIL
      LOCALAPPDATA=C:\Users\SOLEIL\AppData\Local
      LOGONSERVER=\\FNZ
      NUMBER_OF_PROCESSORS=2
      OnlineServices=Services en ligne
      OS=Windows_NT
      Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Satsuki Decoder Pack\filtres;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Satsuki Decoder Pack\filtres;C:\Program Files\Common Files\Ahead\Lib\
      PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
      PCBRAND=Pavilion
      PLATFORM=MCD
      PROCESSOR_ARCHITECTURE=x86
      PROCESSOR_IDENTIFIER=x86 Family 15 Model 72 Stepping 2, AuthenticAMD
      PROCESSOR_LEVEL=15
      PROCESSOR_REVISION=4802
      ProgramData=C:\ProgramData
      ProgramFiles=C:\Program Files
      PROMPT=$P$G
      PUBLIC=C:\Users\Public
      QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
      SESSIONNAME=Console
      SystemDrive=C:
      SystemRoot=C:\Windows
      TEMP=C:\Users\SOLEIL\AppData\Local\Temp
      TMP=C:\Users\SOLEIL\AppData\Local\Temp
      USERDOMAIN=FNZ
      USERNAME=SOLEIL
      USERPROFILE=C:\Users\SOLEIL
      windir=C:\Windows


      -- User Profiles ---------------------------------------------------------------

      SOLEIL [I](admin)[/I]


      -- Add/Remove Programs ---------------------------------------------------------

      --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
      --> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
      --> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
      --> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
      --> C:\Windows\UNNeroShowTime.exe /UNINSTALL
      --> C:\Windows\UNNeroVision.exe /UNINSTALL
      --> C:\Windows\UNRecode.exe /UNINSTALL
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
      2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
      a-squared Free 3.0 --> "C:\Program Files\a-squared Free\unins000.exe"
      Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) --> MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
      Adobe AIR --> C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
      Adobe AIR --> MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
      Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
      Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
      Adobe Reader 8.1.2 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
      Adobe Reader 8.1.2 Security Update 1 (KB403742) -->
      Analyseur et SDK MSXML 4.0 SP2 --> MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
      Apple Software Update --> MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
      ASL_HS_Installer32 --> MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
      Assistant de connexion Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
      Atlas Routier Michelin France --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1B43CBA-E31D-11D4-8AA9-00500499FAAB}/setup.exe"
      AusLogics Disk Defrag --> "C:\Program Files\AusLogics Disk Defrag\unins000.exe"
      avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
      Azureus Vuze --> C:\Users\SOLEIL\PeerToPeer\Torrent\Azureus\uninstall.exe
      Broadcom 802.11 Wireless LAN Adapter --> "C:\Program Files\Broadcom\Broadcom 802.11\Driver\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11\Driver"
      CanoScan Toolbox Ver4.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BCE46757-7674-4416-BEDB-68205A60409E}\Setup.exe" -l0x40c anything
      CartoExploreur --> C:\Program Files\CartoExploreur\Uninstal.exe
      CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
      Conexant HD Audio --> C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.exe -U -IwisR30B7.INF
      DualTV USB --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{71A1BDEE-1290-4C77-9FBF-32FBDBA44A00}\setup.exe" -l0x40c -removeonly
      DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
      DxO Optics Pro v4.0 --> C:\Program Files\DxO Labs\DxO Optics Pro v4\uninst.exe
      eMulev0.48a.-MorphXTv10.4 --> "C:\Users\SOLEIL\PeerToPeer\eMule\unins000.exe"
      Encyclopédie Hachette des Vins 2005 --> "C:\Program Files\Hachette Multimédia\Encyclopédie Hachette des Vins 2005\unins000.exe"
      Free - Kit de connexion --> C:\Program Files\Free.fr\uninstall.exe
      Google Earth --> MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
      HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_HDA_HSF\UIU32m.exe -U -IwqcVenz.inf
      Hewlett-Packard Active Check --> MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
      Hewlett-Packard Asset Agent --> MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
      HP Active Support Library --> C:\Program Files\InstallShield Installation Information\{21E62565-8639-457C-B64C-A3FF0A8B4D80}\setup.exe -runfromtemp -l0x0409
      HP Customer Experience Enhancements --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
      HP Easy Setup - Core --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}\setup.exe" -l0x9
      HP Easy Setup - Frontend --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
      HP Help and Support --> MsiExec.exe /I{E4DDBA93-769B-49D8-BA33-8814E45ED0C1}
      HP Pavilion Webcam Driver for Vista v061.001.00005 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CA81D12-9EC2-4082-972B-43ECA63F41F2}\setup.exe" -l0x40c -removeonly
      HP Quick Launch Buttons 6.10 B9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x40c uninst
      HP QuickPlay 3.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe" -uninstall
      HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
      HP User Guide 42 --> MsiExec.exe /I{EED81D76-80ED-443D-90B3-FC5E838D2F5F}
      HP Wireless Assistant --> MsiExec.exe /I{02F33FB0-F7D5-4C0A-B4AD-8CE5CE230BBE}
      INFORAD MANAGER 3.4 --> "C:\Program Files\INFORAD\unins000.exe"
      IZArc 3.81 --> "C:\Program Files\IZArc\unins001.exe"
      Jasc Paint Shop Pro 9 --> MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
      Jasc Paint Shop Pro 9.01 Patch --> C:\Program Files\Jasc Software Inc\Paint Shop Pro 9\Unwise.exe /R /U C:\PROGRA~1\JASCSO~1\PAINTS~1\INSTALL.LOG
      Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
      Kaspersky On-line Scanner --> C:\Windows\system32\KASPER~1\KASPER~1\kavuninstall.exe
      Kaspersky Online Scanner --> C:\Windows\system32\KASPER~1\KASPER~1\kavuninstall.exe
      L&H Power Translator Pro 7.0 --> C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\LHSP\L&H Power Translator Pro\Uninst.isu" -c"C:\Program Files\LHSP\L&H Power Translator Pro\Uninstall.dll"
      Macromedia Shockwave Player --> C:\WINDOWS\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\System32\Macromed\SHOCKW~1\Install.log
      MasterCook 5 : LGLC --> C:\Windows\IsUn040c.exe -f"c:\program files\SIERRA\MasterCook 5\Uninst.isu" -c"c:\program files\SIERRA\MasterCook 5\uninst32.DLL"
      Media Player Classic fr --> "C:\Program Files\Media Player Classic\uninstall.exe"
      MeuhMeuhTV (désinstallation uniquement) --> C:\Program Files\MeuhMeuhTV\UninstMMTV.exe
      MeuhMeuhTV Alpha 3.0.0.32 --> "C:\Users\SOLEIL\MeuhMeuhTV Alpha\unins000.exe"
      MFCDLL Shared Library - Retail Version --> MsiExec.exe /I{51D569E2-8A28-11D2-B962-006097C4DE24}
      Microsoft (R) C Runtime Library --> MsiExec.exe /I{51D569E0-8A28-11D2-B962-006097C4DE24}
      Microsoft (R) C++ Runtime Library --> MsiExec.exe /I{51D569E3-8A28-11D2-B962-006097C4DE24}
      Microsoft .NET Framework 1.1 --> msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
      Microsoft .NET Framework 1.1 --> MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
      Microsoft .NET Framework 1.1 Hotfix (KB929729) --> "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
      Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
      Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
      Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
      Microsoft Office Language Pack 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
      Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
      Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
      Microsoft Office Professional Plus 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
      Microsoft Office Professional Plus 2007 --> MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
      Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
      Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
      Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
      Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
      Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
      Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
      Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
      Microsoft Works --> MsiExec.exe /I{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
      Mozilla Firefox (3.0.1) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
      MSXML 3.0 --> MsiExec.exe /I{930E3A4D-70B7-4D0D-AF8D-0B351A9B55BE}
      MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
      MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
      MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
      Nero 7 --> MsiExec.exe /X{CF097717-F174-4144-954A-FBC4BF301036}
      neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
      NVIDIA Drivers --> C:\Windows\system32\NVUNINST.EXE UninstallGUI
      OpenOffice.org 2.3 --> MsiExec.exe /I{417E90DF-A9C4-43C4-90D9-FD7F107B68DB}
      Pochette Express 2 --> C:\Program Files\Pochette Express 2\uninstall.exe
      Poker Academy Pro 2 --> "C:\Program Files\PokerAcademyPro2\désinstaller.exe"
      PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
      ProCave --> "C:\Cavomatic\WDUNINST.EXE" /REG="CAVOMATIC"
      QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
      RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
      REALTEK USB Wireless LAN Driver and Utility --> C:\Program Files\InstallShield Installation Information\{BE686891-3C56-4714-AFEF-341A7867BA80}\SETUP.EXE -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x040c -removeonly
      Satsuki Decoder Pack --> C:\Program Files\Satsuki Decoder Pack\Uninstall.exe
      Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
      Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
      Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
      Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
      Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
      Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
      Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
      Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
      Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
      Sony Ericsson Device Data --> MsiExec.exe /I{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}
      Sony Ericsson PC Suite --> C:\Windows\Installer\{D6BF6477-8369-489F-8DE6-3731F4B88560}\Setup.exe /uninstall
      Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins001.exe"
      Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
      TerraExplorer --> C:\Program Files\Skyline\TerraExplorer\Setup.exe [OP]/U
      TubeMaster --> "C:\Program Files\TubeMaster\uninstall.exe"
      Update for Microsoft Office Outlook 2007 (KB952142) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
      Update for Office 2007 (KB946691) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
      Update for Outlook 2007 Junk Email Filter (kb953463) --> msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1B78D541-9FF1-4330-ADD8-CED14F0C1E8E}
      VideoLAN VLC media player 0.8.6e --> C:\Program Files\VideoLAN\VLC\uninstall.exe
      Virtual Audio Cable 4.01 --> C:\Program Files\Virtual Audio Cable\setup.exe -u
      Visualisateur 1.0 --> "C:\Program Files\Visualisateur\unins000.exe"
      Webshots Desktop --> "C:\Program Files\Webshots\unins000.exe"
      Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
      Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
      Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}


      -- Application Event Log -------------------------------------------------------

      Event Record #/Type28204 / Success
      Event Submitted/Written: 07/29/2008 10:55:49 PM
      Event ID/Source: 5617 / WinMgmt
      Event Description:


      Event Record #/Type28201 / Success
      Event Submitted/Written: 07/29/2008 10:55:46 PM
      Event ID/Source: 5615 / WinMgmt
      Event Description:


      Event Record #/Type28199 / Success
      Event Submitted/Written: 07/29/2008 10:55:45 PM
      Event ID/Source: 902 / Software Licensing Service
      Event Description:
      Le service de gestion des licences du logiciel a démarré.

      Event Record #/Type28182 / Success
      Event Submitted/Written: 07/29/2008 10:53:09 PM
      Event ID/Source: 8196 / System Restore
      Event Description:
      La restauration du système a été activée (Processus = Point de contrôle planifié ; Volume = [C:\]).

      Event Record #/Type28175 / Success
      Event Submitted/Written: 07/29/2008 10:45:37 PM
      Event ID/Source: 5617 / WinMgmt
      Event Description:




      -- Security Event Log ----------------------------------------------------------

      No Errors/Warnings found.


      -- System Event Log ------------------------------------------------------------

      Event Record #/Type142182 / Error
      Event Submitted/Written: 07/29/2008 10:56:04 PM
      Event ID/Source: 7026 / Service Control Manager
      Event Description:
      PxHelp20

      Event Record #/Type142112 / Error
      Event Submitted/Written: 07/29/2008 10:56:04 PM
      Event ID/Source: 7000 / Service Control Manager
      Event Description:
      General Purpose USB Driver (adildr.sys)%%2

      Event Record #/Type142106 / Warning
      Event Submitted/Written: 07/29/2008 10:55:49 PM
      Event ID/Source: 134 / W32Time
      Event Description:
      NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x1 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)

      Event Record #/Type142103 / Warning
      Event Submitted/Written: 07/29/2008 10:55:47 PM
      Event ID/Source: 134 / W32Time
      Event Description:
      NtpClient n'a pas pu définir d'homologue manuel à utiliser comme source de temps en raison d'une erreur de résolution DNS sur " time.windows.com,0x1 ". NtpClient réessaiera dans 15 minutes, et à nouveau une fois le double de l'intervalle de nouvelle tentative écoulé. L'erreur était : Hôte inconnu. (0x80072AF9)

      Event Record #/Type142102 / Error
      Event Submitted/Written: 07/29/2008 10:55:44 PM
      Event ID/Source: 15016 / HTTP
      Event Description:
      \Device\Http\ReqQueueKerberos



      -- End of Deckard's System Scanner: finished at 2008-07-29 23:51:07 ------------

      *******************************************************************

      Deckard's System Scanner v20071014.68
      Run by SOLEIL on 2008-07-29 23:42:59
      Computer is in Normal Mode.
      --------------------------------------------------------------------------------

      -- Last 5 Restore Point(s) --
      11: 2008-07-29 20:52:31 UTC - RP571 - Opération de restauration
      10: 2008-07-29 19:15:49 UTC - RP570 - Point de contrôle planifié
      9: 2008-07-28 19:49:25 UTC - RP569 - Removed Ad-Aware
      8: 2008-07-28 18:49:23 UTC - RP568 - Installed Ad-Aware
      7: 2008-07-28 18:00:34 UTC - RP567 - Point de contrôle planifié


      -- First Restore Point --
      1: 2008-07-21 12:44:50 UTC - RP561 - Point de contrôle planifié


      Backed up registry hives.
      Performed disk cleanup.



      -- HijackThis Clone ------------------------------------------------------------


      Emulating logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 2008-07-29 23:47:03
      Platform: Windows Vista Service Pack 1 (6.00.6001)
      MSIE: Internet Explorer (7.00.6000.16386)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\dwm.exe
      C:\WINDOWS\explorer.exe
      C:\WINDOWS\System32\taskeng.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
      C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
      C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
      C:\Program Files\Alwil Software\Avast4\ashDisp.exe
      C:\WINDOWS\Dispatcher.exe
      C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      C:\Program Files\Synaptics\SynTP\SynTPStart.exe
      C:\WINDOWS\System32\rundll32.exe
      C:\WINDOWS\ehome\ehtray.exe
      C:\Program Files\Webshots\Webshots.scr
      C:\WINDOWS\System32\rundll32.exe
      C:\WINDOWS\ehome\ehmsas.exe
      C:\WINDOWS\System32\wbem\unsecapp.exe
      C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
      C:\Program Files\Windows Media Player\wmpnscfg.exe
      C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
      C:\Users\SOLEIL\Desktop\dss.exe
      C:\WINDOWS\System32\conime.exe
      C:\WINDOWS\System32\SearchFilterHost.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
      O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
      O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
      O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
      O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [Dispatcher] C:\Windows\dispatcher.exe
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
      O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
      O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
      O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
      O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{6A148963-DE74-4772-9D1E-69CCE3713277}: NameServer = 212.27.54.252,212.27.53.252
      O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{92F1FA06-6446-45AE-9682-27654EB9720E}: NameServer = 217.27.32.5,213.228.0.168
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
      O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
      O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
      O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
      O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
      O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
      O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
      O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
      O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
      O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
      O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
      O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
      O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\System32\drivers\XAudio.exe

      0
  10. Utilisateur anonyme
     
    Rends toi sur ce site :

    https://www.virustotal.com/gui/

    Clique sur parcourir et cherche ce fichier : C:\Windows\system32\ifdreset.exe
    Clique sur Send File.

    Un rapport va s'élaborer ligne à ligne.

    Attends la fin. Il doit comprendre la taille du fichier envoyé.

    Sauvegarde le rapport avec le bloc-note.

    Copie le dans ta réponse.
    0
  11. fnz Messages postés 11 Statut Membre
     
    Bonjour chiquitine, voilà le rapport :

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.7.29.1 2008.07.30 -
    AntiVir 7.8.1.12 2008.07.29 -
    Authentium 5.1.0.4 2008.07.30 -
    Avast 4.8.1195.0 2008.07.29 -
    AVG 8.0.0.130 2008.07.29 -
    BitDefender 7.2 2008.07.30 -
    CAT-QuickHeal 9.50 2008.07.29 -
    ClamAV 0.93.1 2008.07.30 -
    DrWeb 4.44.0.09170 2008.07.30 -
    eSafe 7.0.17.0 2008.07.29 -
    eTrust-Vet 31.6.5994 2008.07.30 -
    Ewido 4.0 2008.07.29 -
    F-Prot 4.4.4.56 2008.07.30 -
    F-Secure 7.60.13501.0 2008.07.30 -
    Fortinet 3.14.0.0 2008.07.30 -
    GData 2.0.7306.1023 2008.07.30 -
    Ikarus T3.1.1.34.0 2008.07.30 -
    Kaspersky 7.0.0.125 2008.07.30 -
    McAfee 5349 2008.07.29 -
    Microsoft 1.3704 2008.07.28 -
    NOD32v2 3308 2008.07.29 -
    Norman 5.80.02 2008.07.28 -
    Panda 9.0.0.4 2008.07.29 -
    PCTools 4.4.2.0 2008.07.30 -
    Prevx1 V2 2008.07.30 -
    Rising 20.55.20.00 2008.07.30 -
    Sophos 4.31.0 2008.07.30 -
    Sunbelt 3.1.1537.1 2008.07.29 -
    Symantec 10 2008.07.30 -
    TheHacker 6.2.96.389 2008.07.25 -
    TrendMicro 8.700.0.1004 2008.07.30 -
    VBA32 3.12.8.1 2008.07.29 -
    ViRobot 2008.7.29.1315 2008.07.29 -
    VirusBuster 4.5.11.0 2008.07.29 -
    Webwasher-Gateway 6.6.2 2008.07.30 -
    Information additionnelle
    File size: 134144 bytes
    MD5...: 5b216db7cf5c3cdf1769c31ae26a10c3
    SHA1..: dabfbf21d593662c7a5ce0fe6c0d27aff820296c
    SHA256: 5bedf257fdf2410b36339be5ba8bdd87d0e7f7ccb0743bff9d27b2dc0ef569c7
    SHA512: 1a811a77ca47fbcc480801adc6b245e2a057bdb01ad208988dd9881ac0951cfd
    69015156863c48c7be8d30dccef2f53c62d25042c4db689f36488e149efbca80
    PEiD..: -
    PEInfo: PE Structure information

    ( base data )
    entrypointaddress.: 0x41c408
    timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
    machinetype.......: 0x14c (I386)

    ( 8 sections )
    name viradd virsiz rawdsiz ntrpy md5
    CODE 0x1000 0x1b43c 0x1b600 6.50 1b0ae5548e12895b556f51e4d22954fb
    DATA 0x1d000 0x808 0xa00 3.92 ced02703e88efc7124119087c1dbfcea
    BSS 0x1e000 0x8c1 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
    .idata 0x1f000 0xd7e 0xe00 4.79 d16f2d702d6959f89a1a80d58c9f8296
    .tls 0x20000 0xc 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
    .rdata 0x21000 0x18 0x200 0.17 e7abd6a66ea6bb8607d344b6b3362e7b
    .reloc 0x22000 0x20d8 0x2200 6.61 7ba571c11db36a59e20f5440db398c5d
    .rsrc 0x25000 0x1600 0x1600 3.54 92fe8876898690b83b7752b057bc6093

    ( 10 imports )
    > kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle
    > user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA
    > advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
    > oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen
    > kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
    > advapi32.dll: SetSecurityDescriptorSacl, SetSecurityDescriptorOwner, SetSecurityDescriptorGroup, SetSecurityDescriptorDacl, SetKernelObjectSecurity, RegQueryInfoKeyA, RegOpenKeyExA, RegFlushKey, RegEnumKeyExA, RegDeleteKeyA, RegCreateKeyExA, RegCloseKey, OpenProcessToken, LookupAccountSidA, LookupAccountNameA, IsValidSid, IsValidAcl, InitializeSecurityDescriptor, GetUserNameA, GetTokenInformation, GetSidSubAuthorityCount, GetSidSubAuthority, GetSidIdentifierAuthority, GetSecurityDescriptorSacl, GetSecurityDescriptorOwner, GetSecurityDescriptorGroup, GetSecurityDescriptorDacl, GetLengthSid, GetKernelObjectSecurity, EqualSid
    > kernel32.dll: WriteFile, WaitForSingleObject, VirtualQuery, SetFilePointer, SetEvent, SetEndOfFile, ResetEvent, ReadFile, LocalFree, LocalAlloc, LoadLibraryExA, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GetVersionExW, GetVersionExA, GetVersion, GetThreadLocale, GetStringTypeExA, GetStdHandle, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentProcess, GetCPInfo, GetACP, InterlockedIncrement, InterlockedDecrement, FreeLibrary, FormatMessageA, EnumCalendarInfoA, EnterCriticalSection, DeleteCriticalSection, CreateFileA, CreateEventA, CompareStringA, CloseHandle
    > user32.dll: MessageBoxA, LoadStringA, GetSystemMetrics, CharNextA, CharToOemA
    > kernel32.dll: Sleep
    > oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopy, VariantClear, VariantInit

    ( 0 exports )
    0
  12. Utilisateur anonyme
     
    Salut

    Télécharge Flash_Disinfector (de sUBs) sur ton bureau : http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe
    - Double clique dessus puis laisse toi guider.
    - Poste son rapport après nettoyage stp.

    ensuite :

    Télécharge RavAntivirus d'Evosla sur ton bureau : http://ww25.evosla.com/compteur.php?soft=rav_antivirus
    - Branche tes sources de données externes à ton PC (clé USB, disque dur externe, etc...) sans les ouvrir avant de lancer ce FIX
    - Clique droit sur le fichier .ZIP, puis "Extraire vers" Bureau.
    - Doucle-clique sur "RAV.exe" pour lancer le fix.
    - Laisse le programme agir : il scanne automatiquement tout les lecteurs (disques fixes et amovibles)
    - En cas d'infections un rapport sera généré : poste le dans ta prochaine réponse stp.
    - Ensuite : retire tes disques amovibles et redémarre le PC.

    ensuite refais un scan DSS et post le rapport main.txt

    0
  13. fnz Messages postés 11 Statut Membre
     
    Le 1 rapport après Flash desinfector :

    Deckard's System Scanner v20071014.68
    Run by SOLEIL on 2008-07-30 09:24:44
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- HijackThis Clone ------------------------------------------------------------

    Emulating logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2008-07-30 09:25:33
    Platform: Windows Vista Service Pack 1 (6.00.6001)
    MSIE: Internet Explorer (7.00.6000.16386)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\dwm.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\WINDOWS\Dispatcher.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\WINDOWS\System32\taskeng.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\Webshots\Webshots.scr
    C:\WINDOWS\ehome\ehmsas.exe
    C:\WINDOWS\System32\wbem\unsecapp.exe
    C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Users\SOLEIL\PeerToPeer\eMule\emule.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\WINDOWS\System32\conime.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\System32\SearchFilterHost.exe
    C:\Users\SOLEIL\Desktop\dss.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Dispatcher] C:\Windows\dispatcher.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{6A148963-DE74-4772-9D1E-69CCE3713277}: NameServer = 212.27.54.252,212.27.53.252
    O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{92F1FA06-6446-45AE-9682-27654EB9720E}: NameServer = 217.27.32.5,213.228.0.168
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
    O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
    O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
    O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\WINDOWS\System32\drivers\XAudio.exe

    0
  14. fnz Messages postés 11 Statut Membre
     
    Et celui après Ravanti, il a supprimer quelque chose mais j'ai fermé la boîte sans sauvegarder le log .

    Deckard's System Scanner v20071014.68
    Run by SOLEIL on 2008-07-30 09:33:06
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- HijackThis (run as SOLEIL.exe) ----------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:33:43, on 30/07/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\WINDOWS\Dispatcher.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Windows\system32\taskeng.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\System32\rundll32.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\PROGRA~1\Webshots\webshots.scr
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Users\SOLEIL\PeerToPeer\eMule\emule.exe
    C:\Program Files\Windows Mail\WinMail.exe
    C:\Windows\system32\conime.exe
    C:\Windows\explorer.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\SOLEIL\Desktop\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\SOLEIL.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Internet Explorer\IEUser.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Dispatcher] C:\Windows\dispatcher.exe
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{6A148963-DE74-4772-9D1E-69CCE3713277}: NameServer = 212.27.54.252,212.27.53.252
    O17 - HKLM\System\CCS\Services\Tcpip\..\{92F1FA06-6446-45AE-9682-27654EB9720E}: NameServer = 217.27.32.5,213.228.0.168
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
    O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
    O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
    0
  15. fnz Messages postés 11 Statut Membre
     
    Après redémarage le cheval continu de courir à l'intèrieur...
    0