Ordinateur lent
steph1207
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
mon ordinateure es assez lent depuis un certain temps
je poste les rapports
http://www.cijoint.fr/cjlink.php?file=cj201108/cijFIqCW04.txt
voici un autre rapport
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Version de la base de données: 7375
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19088
04/08/2011 16:25:48
mbam-log-2011-08-04 (16-25-48).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 160879
Temps écoulé: 4 minute(s), 4 seconde(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 29
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 12
Processus mémoire infecté(s):
c:\Windows\microsoft.net\framework\v2.0.50727\System (Trojan.Gorech) -> 3532 -> Unloaded process successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsa.exe (Adware.FreezeFrog) -> 4012 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsahook.dll (Adware.FreezeFrog) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSysINM (Trojan.Gorech) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FREEzeFrogAx.Info (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FREEzeFrogAx.Info.1 (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FREEZEFROGSA (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FREEzeFrogSA (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\freezefrogsa\actionurl_current_version (Adware.FreezeFrog) -> Value: actionurl_current_version -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FREEzeFrogSA (Adware.FreezeFrog) -> Value: FREEzeFrogSA -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin\2.7.37 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0 (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa (Adware.FreezeFrog) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\Windows\microsoft.net\framework\v2.0.50727\System (Trojan.Gorech) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsahook.dll (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\Windows\microsoft.net\framework\v2.0.50727\iislog\winservice.exe (Trojan.Gorech) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsa.exe (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Uninst.exe (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefroguninstaller.exe (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\launchhelp.dll (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsa.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsaabout.mht (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsaau.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsaeula.mht (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsa_kyf.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
mon ordinateure es assez lent depuis un certain temps
je poste les rapports
http://www.cijoint.fr/cjlink.php?file=cj201108/cijFIqCW04.txt
voici un autre rapport
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Version de la base de données: 7375
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19088
04/08/2011 16:25:48
mbam-log-2011-08-04 (16-25-48).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 160879
Temps écoulé: 4 minute(s), 4 seconde(s)
Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 29
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 12
Processus mémoire infecté(s):
c:\Windows\microsoft.net\framework\v2.0.50727\System (Trojan.Gorech) -> 3532 -> Unloaded process successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsa.exe (Adware.FreezeFrog) -> 4012 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsahook.dll (Adware.FreezeFrog) -> Delete on reboot.
Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSysINM (Trojan.Gorech) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D44FD6F0-9746-484E-B5C4-C66688393872} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6} (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602F07D-8BF3-4c08-BDD6-DDDB1C48AEDC} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4f36-8D02-8C43722EE5DA} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6D819E-AA8F-4418-A3BB-D165C1B18BB5} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FREEzeFrogAx.Info (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FREEzeFrogAx.Info.1 (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ShoppingReport2.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FREEZEFROGSA (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FREEzeFrogSA (Adware.FreezeFrog) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\freezefrogsa\actionurl_current_version (Adware.FreezeFrog) -> Value: actionurl_current_version -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FREEzeFrogSA (Adware.FreezeFrog) -> Value: FREEzeFrogSA -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 (Adware.Seekmo) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Bin\2.7.37 (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0 (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa (Adware.FreezeFrog) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\Windows\microsoft.net\framework\v2.0.50727\System (Trojan.Gorech) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsahook.dll (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\Windows\microsoft.net\framework\v2.0.50727\iislog\winservice.exe (Trojan.Gorech) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefrogsa.exe (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\program files\shoppingreport2\Uninst.exe (Adware.ShoppingReport2) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\freezefroguninstaller.exe (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\program files\freezefrog\bin\1.0.670.0\launchhelp.dll (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsa.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsaabout.mht (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsaau.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsaeula.mht (Adware.FreezeFrog) -> Quarantined and deleted successfully.
c:\programdata\freezefrogsa\freezefrogsa_kyf.dat (Adware.FreezeFrog) -> Quarantined and deleted successfully.
A voir également:
- Ordinateur lent
- Nettoyer ordinateur portable lent - Guide
- Réinitialiser ordinateur - Guide
- Clavier de l'ordinateur - Guide
- Mon mac est lent comment le nettoyer - Guide
- # Sur ordinateur - Guide
4 réponses
Bonjour
Tu as du Magic Control et autres cochonneries
Télécharge Ad-Remover sur ton bureau:
http://www.teamxscript.org/adremoverTelechargement.html ( Lien officiel )
https://www.androidworld.fr/ ( Miroir )
/!\ Ferme toutes tes applications ouvertes. /!\
Double clique sur le fichier que tu viens de télécharger, à l'écran qui apparait, clique sur Nettoyer.
Laisse travailler l'outil.
Poste le rapport qui s'affiche à l'écran quand l'analyse est terminée.
Il est sauvegardé dans C:\Ad-Remover-CLEAN[1].txt
Tu as du Magic Control et autres cochonneries
Télécharge Ad-Remover sur ton bureau:
http://www.teamxscript.org/adremoverTelechargement.html ( Lien officiel )
https://www.androidworld.fr/ ( Miroir )
/!\ Ferme toutes tes applications ouvertes. /!\
Double clique sur le fichier que tu viens de télécharger, à l'écran qui apparait, clique sur Nettoyer.
Laisse travailler l'outil.
Poste le rapport qui s'affiche à l'écran quand l'analyse est terminée.
Il est sauvegardé dans C:\Ad-Remover-CLEAN[1].txt
merci je te donne le rapport mais mon ordi es tj aussi lent
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 17:34:05 le 04/08/2011, Mode normal
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
utilisateur@PC-DE-UTILISATE (Packard Bell BV EASYNOTE TN65)
============== ACTION(S) ==============
Dossier supprimé: C:\Users\utilisateur\AppData\LocalLow\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Users\utilisateur\AppData\Roaming\FunkyEmoticons
Erreur suppression dossier: C:\Program Files\FunkyEmoticons
Dossier supprimé: C:\Users\utilisateur\AppData\Local\OpenCandy
Dossier supprimé: C:\Program Files\Search Settings
Dossier supprimé: C:\Users\utilisateur\AppData\LocalLow\ShoppingReport2
Fichier supprimé: C:\Users\utilisateur\AppData\Local\kqnsf_nav.dat
Fichier supprimé: C:\Users\utilisateur\AppData\Local\kqnsf.dat
Fichier supprimé: C:\Users\utilisateur\AppData\Local\kqnsf_navps.dat
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\awsoy
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2189218
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2452474
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2500339
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2795622
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2832594
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\FunkyEmoticons
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\FunkyEmoticons
Clé supprimée: HKCU\Software\Zugo
Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
Clé supprimée: HKCU\Software\AppDataLow\Software\ShoppingReport2
Clé supprimée: HKCU\Software\AppDataLow\Software\Toolbar
Clé supprimée: HKLM\Software\aTube Catcher\OpenCandy
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F756994E-FC37-29D0-B6B3-004938757426}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funky Emoticons
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2
Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|kqnsf
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|funkyemoticons
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} (x)
HKCU_URLSearchHooks|{6cba65db-3377-4af1-b6d8-2d57106ad569} (x)
HKCU_URLSearchHooks|{77f8c945-4b74-4bd6-a073-e0d1997edce8} (x)
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=282s08OT0Vm92DskhKFfAvSv-zI?q={searchTerms})
HKCU_Toolbar\WebBrowser|{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} (C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll)
HKCU_Toolbar\WebBrowser|{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} (x)
HKCU_Toolbar\WebBrowser|{77F8C945-4B74-4BD6-A073-E0D1997EDCE8} (x)
HKLM_Toolbar|{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} (C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKLM_ElevationPolicy\1b272336-55b0-4623-a798-de8b5807eeb8 - C:\Program Files\MAX_FR_Atube\MAX_FR_AtubeToolbarHelper.exe (x)
HKLM_ElevationPolicy\5bd0a8be-db8b-48ab-b872-29adf8c2f9f6 - C:\Program Files\MAX_FR_Atube\MAX_FR_AtubeToolbarHelper.exe (x)
HKLM_ElevationPolicy\7ca39b0d-128c-4ab2-86a5-c55737d49ec4 - C:\Program Files\Oryte_Games_1\Oryte_Games_1ToolbarHelper.exe (x)
HKLM_ElevationPolicy\9e330fdc-e1ae-4de0-a2cf-c32b751acb56 - C:\Program Files\Avanquest_FR\Avanquest_FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\ba7d3316-5b0c-43fb-9755-2e828ed4102d - C:\Program Files\Avanquest_FR\Avanquest_FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\dfe5f734-6053-4ca3-8426-ca4d9e8768f7 - C:\Program Files\Oryte_Games_1\Oryte_Games_1ToolbarHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{4daac69c-cba7-45e2-9bc8-1044483d3352} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
BHO\{CA6319C0-31B7-401E-A518-A07C3DB8F777} - "CBrowserHelperObject Object" (C:\Program Files\Google\Google_BAE\BAE.dll)
BHO\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} - "FDMIECookiesBHO Class" (C:\Program Files\Free Download Manager\iefdm2.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
BHO\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - "Yontoo Layers" (C:\Program Files\Yontoo Layers\YontooIEClient.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 35 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 04/08/2011 17:23:18 (552 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 04/08/2011 17:34:09 (7528 Octet(s))
Fin à: 17:35:18, 04/08/2011
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 17:34:05 le 04/08/2011, Mode normal
Microsoft® Windows Vista(TM) Édition Familiale Premium Service Pack 2 (X86)
utilisateur@PC-DE-UTILISATE (Packard Bell BV EASYNOTE TN65)
============== ACTION(S) ==============
Dossier supprimé: C:\Users\utilisateur\AppData\LocalLow\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Users\utilisateur\AppData\Roaming\FunkyEmoticons
Erreur suppression dossier: C:\Program Files\FunkyEmoticons
Dossier supprimé: C:\Users\utilisateur\AppData\Local\OpenCandy
Dossier supprimé: C:\Program Files\Search Settings
Dossier supprimé: C:\Users\utilisateur\AppData\LocalLow\ShoppingReport2
Fichier supprimé: C:\Users\utilisateur\AppData\Local\kqnsf_nav.dat
Fichier supprimé: C:\Users\utilisateur\AppData\Local\kqnsf.dat
Fichier supprimé: C:\Users\utilisateur\AppData\Local\kqnsf_navps.dat
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKLM\Software\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Clé supprimée: HKLM\Software\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\awsoy
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2189218
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2452474
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2500339
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2795622
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2832594
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\FunkyEmoticons
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\FunkyEmoticons
Clé supprimée: HKCU\Software\Zugo
Clé supprimée: HKCU\Software\AppDataLow\Software\Conduit
Clé supprimée: HKCU\Software\AppDataLow\Software\ShoppingReport2
Clé supprimée: HKCU\Software\AppDataLow\Software\Toolbar
Clé supprimée: HKLM\Software\aTube Catcher\OpenCandy
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F756994E-FC37-29D0-B6B3-004938757426}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C878CD69-85DB-426B-81A3-E71175AAEB91}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funky Emoticons
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2
Valeur supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Run|kqnsf
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|funkyemoticons
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} (x)
HKCU_URLSearchHooks|{6cba65db-3377-4af1-b6d8-2d57106ad569} (x)
HKCU_URLSearchHooks|{77f8c945-4b74-4bd6-a073-e0d1997edce8} (x)
HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=282s08OT0Vm92DskhKFfAvSv-zI?q={searchTerms})
HKCU_Toolbar\WebBrowser|{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} (C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll)
HKCU_Toolbar\WebBrowser|{6EC85FCF-87AD-41D7-AE1F-F116F8AD4848} (x)
HKCU_Toolbar\WebBrowser|{77F8C945-4B74-4BD6-A073-E0D1997EDCE8} (x)
HKLM_Toolbar|{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} (C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
HKLM_ElevationPolicy\1b272336-55b0-4623-a798-de8b5807eeb8 - C:\Program Files\MAX_FR_Atube\MAX_FR_AtubeToolbarHelper.exe (x)
HKLM_ElevationPolicy\5bd0a8be-db8b-48ab-b872-29adf8c2f9f6 - C:\Program Files\MAX_FR_Atube\MAX_FR_AtubeToolbarHelper.exe (x)
HKLM_ElevationPolicy\7ca39b0d-128c-4ab2-86a5-c55737d49ec4 - C:\Program Files\Oryte_Games_1\Oryte_Games_1ToolbarHelper.exe (x)
HKLM_ElevationPolicy\9e330fdc-e1ae-4de0-a2cf-c32b751acb56 - C:\Program Files\Avanquest_FR\Avanquest_FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\ba7d3316-5b0c-43fb-9755-2e828ed4102d - C:\Program Files\Avanquest_FR\Avanquest_FRToolbarHelper.exe (x)
HKLM_ElevationPolicy\dfe5f734-6053-4ca3-8426-ca4d9e8768f7 - C:\Program Files\Oryte_Games_1\Oryte_Games_1ToolbarHelper.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
HKLM_ElevationPolicy\{aa851425-0109-43f3-9ed2-7b7090125861} - C:\Program Files\Microsoft\BingBar\BingBar.exe (Microsoft Corporation.)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{02478D38-C3F9-4efb-9B51-7695ECA05670} (?)
BHO\{4daac69c-cba7-45e2-9bc8-1044483d3352} (?)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
BHO\{CA6319C0-31B7-401E-A518-A07C3DB8F777} - "CBrowserHelperObject Object" (C:\Program Files\Google\Google_BAE\BAE.dll)
BHO\{CC59E0F9-7E43-44FA-9FAA-8377850BF205} - "FDMIECookiesBHO Class" (C:\Program Files\Free Download Manager\iefdm2.dll)
BHO\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "Bing Bar Helper" ("C:\Program Files\Microsoft\BingBar\BingExt.dll") (x)
BHO\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - "Yontoo Layers" (C:\Program Files\Yontoo Layers\YontooIEClient.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 35 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 04/08/2011 17:23:18 (552 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 04/08/2011 17:34:09 (7528 Octet(s))
Fin à: 17:35:18, 04/08/2011
============== E.O.F ==============
C'est pas finit
* Télécharge ZHPDiag (de Nicolas Coolman)
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
ftp://zebulon.fr/ZHPDiag2.exe
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Surtout, n'oublie pas d'installer son icône sur le bureau
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
Héberge le rapport ICI
Note : Le rapport est sauvegardé dans C:\ZHP\ZHPDiag.txt
Vide la quarantaine de Malwarebytes
O.o°*??? Ex Nathandre aux 13643 messages depuis le 27.10.2008 °.Oø¤º°'°º¤ø
* Télécharge ZHPDiag (de Nicolas Coolman)
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
ftp://zebulon.fr/ZHPDiag2.exe
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Surtout, n'oublie pas d'installer son icône sur le bureau
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
Héberge le rapport ICI
Note : Le rapport est sauvegardé dans C:\ZHP\ZHPDiag.txt
Vide la quarantaine de Malwarebytes
O.o°*??? Ex Nathandre aux 13643 messages depuis le 27.10.2008 °.Oø¤º°'°º¤ø
