Probleme mon pc rame
manulmalin
-
Destrio5 Messages postés 99820 Statut Modérateur -
Destrio5 Messages postés 99820 Statut Modérateur -
Bonjour,
depuis quelques temps mon netbook rame (samsung nc10 intel atom cpu n270 1,6ghz 0,99 go de rame xp familliale sp3) donc hier j ai decider de faire un nettoyage de printemps: scan et nettoyage avec spyboot, netoyage avec ccleaner et enfin un scan avec ad-aware qui me trouve un trojan. Malheureusement je ne sais pas comment m en debarrasser, quelqu un pourrais t il me donner un coup de main a effacer cette saloperie, merci d avance, je vous poste le rapport Ad-aware
Logfile created: 16/05/2012 18:14:59
Ad-Aware version: Internal build
Extended engine: 3
Extended engine version: 3.1.2770
User performing scan: Admin
*********************** Definitions database information ***********************
Lavasoft definition file: 150.597
Genotype definition file version: 2012/02/13 12:34:34
Extended engine definition file: 11924.0
******************************** Scan results: *********************************
Scan profile name: Full Scan (ID: full)
Objects scanned: 131117
Objects detected: 71
Type Detected
==========================
Processes.......: 1
Registry entries: 17
Hostfile entries: 0
Files...........: 4
Folders.........: 1
LSPs............: 0
Cookies.........: 48
Browser hijacks.: 0
MRU objects.....: 0
Skipped items:
Description: c:\program files\yontoo layers runtime\yontooieclient.dll Family Name: Yontoo[1519] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: 2a9f7520aa15394ae479957fd38d8a70
Description: HKCR:CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 0 Family ID: 5601240
Description: HKLM:Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 0 Family ID: 5601240
Description: HKCR:AppID\YontooIEClient.DLL: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601242 Family ID: 5601240
Description: HKCR:YontooIEClient.Api: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601246 Family ID: 5601240
Description: HKCR:YontooIEClient.Api.1: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601247 Family ID: 5601240
Description: HKCR:YontooIEClient.Layers: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601248 Family ID: 5601240
Description: HKCR:AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601249 Family ID: 5601240
Description: HKCR:CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601250 Family ID: 5601240
Description: HKCR:CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601251 Family ID: 5601240
Description: HKCR:CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601252 Family ID: 5601240
Description: HKCR:Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601253 Family ID: 5601240
Description: HKCR:TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601254 Family ID: 5601240
Description: HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601255 Family ID: 5601240
Description: HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601256 Family ID: 5601240
Description: HKLM:SOFTWARE\Tarma Installer\Products\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601257 Family ID: 5601240
Description: HKU:S-1-5-21-191312552-3647956876-3586848069-1006\Software\OfferBox: Family Name: Win32.Adware.OfferBox Engine: 1 Clean status: Success Item ID: 5781357 Family ID: 5781348
Description: HKLM:SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom: Family Name: Win32.Adware.OfferBox Engine: 1 Clean status: Success Item ID: 5781364 Family ID: 5781348
Description: c:\program files\offerbox Family Name: Win32.Adware.OfferBox Engine: 1 Clean status: Success Item ID: 5781369 Family ID: 5781348
Removed items:
Description: *247realmedia* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408945 Family ID: 0
Description: *realmedia* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409139 Family ID: 0
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408943 Family ID: 0
Description: *ad.yieldmanager* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409172 Family ID: 0
Description: *adbrite* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409218 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adtech* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409018 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *adultfriendfinder* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409164 Family ID: 0
Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408918 Family ID: 0
Description: *adviva* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409016 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *bs.serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408902 Family ID: 0
Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0
Description: *clickbank* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408890 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Description: *clickz* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408888 Family ID: 0
Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408873 Family ID: 0
Description: *fastclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408869 Family ID: 0
Description: *.comclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409086 Family ID: 0
Description: *mediaplex* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408991 Family ID: 0
Description: *overture* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408834 Family ID: 0
Description: *partypoker* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409141 Family ID: 0
Description: *revenue* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409138 Family ID: 0
Description: *searchportal.information* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409134 Family ID: 0
Description: *server.iad.liveperson* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409131 Family ID: 0
Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0
Description: *tradedoubler* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408964 Family ID: 0
Description: *tribalfusion* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408785 Family ID: 0
Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409017 Family ID: 0
Description: zedo* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408736 Family ID: 0
Description: *adtech* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409018 Family ID: 0
Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408873 Family ID: 0
Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *tradedoubler* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408964 Family ID: 0
Description: *adviva* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409016 Family ID: 0
Description: *bs.serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408902 Family ID: 0
Description: *.comclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409086 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Quarantined items:
Description: c:\program files\yontoo layers runtime\yontooieclient.dll Family Name: Yontoo (v) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 2a9f7520aa15394ae479957fd38d8a70
Description: c:\program files\offerbox\offerboxbho.dll Family Name: Win32.Adware.OfferBox[1433] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: 4eb3e52316e7781759f33eac2937ac67
Description: c:\system volume information\_restore{76428814-a470-44cc-b33b-d2dd101deaab}\rp64\a0020019.dll Family Name: Win32.Adware.OfferBox[1433] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: c52d256b948ec03721de8f4e5683d360
Description: c:\system volume information\_restore{76428814-a470-44cc-b33b-d2dd101deaab}\rp70\a0025297.exe Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD5: 3de6ed2a14d0fb757fc473b78ec6d2e2
Scan and cleaning complete: Finished correctly after 8070 seconds
*********************************** Settings ***********************************
Scan profile:
ID: full, enabled:1, value: Full Scan
ID: folderstoscan, enabled:1, value: C:\,D:\
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: N/A
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Wed May 16 18:05:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Wed May 16 00:05:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Wed May 16 06:05:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Wed May 16 12:05:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Wed May 16 18:05:00 2012
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: true
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: maintainbackup, enabled:1, value: true
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: onaccessprotection, enabled:1, value: true
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true
****************************** System information ******************************
Computer name: ADMIN
Processor name: Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Processor identifier: x86 Family 6 Model 28 Stepping 2
Processor speed: ~1597MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 7170, number of processors 2, processor features: [MMX,SSE,SSE2]
Physical memory available: 268349440 bytes
Physical memory total: 1063628800 bytes
Virtual memory available: 1902989312 bytes
Virtual memory total: 2147352576 bytes
Memory load: 74%
Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Windows startup mode:
Running processes:
PID: 800 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE NT
PID: 856 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: AUTORITE NT
PID: 880 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: AUTORITE NT
PID: 924 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: AUTORITE NT
PID: 936 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: AUTORITE NT
PID: 1104 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1168 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1228 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1288 name: C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe owner: SYSTEM domain: AUTORITE NT
PID: 1412 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1456 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1676 name: C:\WINDOWS\Explorer.EXE owner: Admin domain: ADMIN
PID: 1732 name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 1988 name: C:\WINDOWS\RTHDCPL.EXE owner: Admin domain: ADMIN
PID: 2004 name: C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe owner: Admin domain: ADMIN
PID: 2020 name: C:\WINDOWS\system32\hkcmd.exe owner: Admin domain: ADMIN
PID: 2028 name: C:\WINDOWS\system32\igfxpers.exe owner: Admin domain: ADMIN
PID: 2036 name: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe owner: Admin domain: ADMIN
PID: 116 name: C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe owner: Admin domain: ADMIN
PID: 132 name: C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe owner: Admin domain: ADMIN
PID: 196 name: C:\WINDOWS\system32\igfxsrvc.exe owner: Admin domain: ADMIN
PID: 248 name: C:\Program Files\AVAST Software\Avast\avastUI.exe owner: Admin domain: ADMIN
PID: 396 name: C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe owner: Admin domain: ADMIN
PID: 416 name: C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe owner: Admin domain: ADMIN
PID: 436 name: C:\WINDOWS\system32\ctfmon.exe owner: Admin domain: ADMIN
PID: 492 name: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe owner: Admin domain: ADMIN
PID: 676 name: C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE owner: Admin domain: ADMIN
PID: 1564 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT
PID: 2712 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2832 name: C:\Program Files\Java\jre6\bin\jqs.exe owner: SYSTEM domain: AUTORITE NT
PID: 3024 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 3100 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 3184 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 3256 name: C:\WINDOWS\system32\RUNDLL32.EXE owner: SYSTEM domain: AUTORITE NT
PID: 3824 name: C:\WINDOWS\system32\wbem\wmiapsrv.exe owner: SYSTEM domain: AUTORITE NT
PID: 3960 name: C:\WINDOWS\system32\igfxext.exe owner: Admin domain: ADMIN
PID: 2012 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2592 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 3956 name: C:\Program Files\Internet Explorer\iexplore.exe owner: Admin domain: ADMIN
PID: 4060 name: C:\Program Files\Internet Explorer\iexplore.exe owner: Admin domain: ADMIN
PID: 2112 name: C:\WINDOWS\system32\wscntfy.exe owner: Admin domain: ADMIN
PID: 2128 name: C:\WINDOWS\system32\wuauclt.exe owner: Admin domain: ADMIN
PID: 3476 name: C:\WINDOWS\system32\msiexec.exe owner: SYSTEM domain: AUTORITE NT
PID: 1500 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT
PID: 3120 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT
PID: 1376 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: AUTORITE NT
PID: 828 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Admin domain: ADMIN
PID: 2848 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Admin domain: ADMIN
PID: 2668 name: C:\Program Files\Lavasoft\Ad-Aware\autolaunch.exe owner: Admin domain: ADMIN
Startup items:
Name: PostBootReminder
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: CTFMON.EXE
imagepath: C:\WINDOWS\system32\CTFMON.EXE
Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
imagepath: Pré-chargeur Browseui
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Démon de cache des catégories de composant
Name: RTHDCPL
imagepath: RTHDCPL.EXE
Name: Alcmtr
imagepath: ALCMTR.EXE
Name:
Name: EDS
imagepath: C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
Name: IgfxTray
imagepath: C:\WINDOWS\system32\igfxtray.exe
Name: HotKeysCmds
imagepath: C:\WINDOWS\system32\hkcmd.exe
Name: Persistence
imagepath: C:\WINDOWS\system32\igfxpers.exe
Name: SynTPEnh
imagepath: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Name: DMHotKey
imagepath: C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe
Name: BatteryManager
imagepath: C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
Name: SunJavaUpdateSched
imagepath: "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
Name: avast
imagepath: "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
Name: Adobe Reader Speed Launcher
imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: Adobe ARM
imagepath: "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
Name: KernelFaultCheck
imagepath: %systemroot%\system32\dumprep 0 -k
Name:
location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk
imagepath: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Name:
imagepath: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
Name:
location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
imagepath: C:\Program Files\Microsoft Office\Office\OSA9.EXE
Name:
imagepath: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\desktop.ini
Bootexecute items:
Name:
imagepath: autocheck autochk *
Running services:
Name: 6to4
displayname: Service d'application d'assistance IPv6
Name: ALG
displayname: Service de la passerelle de la couche Application
Name: AudioSrv
displayname: Audio Windows
Name: avast! Antivirus
displayname: avast! Antivirus
Name: BITS
displayname: Service de transfert intelligent en arrière-plan
Name: Browser
displayname: Explorateur d'ordinateur
Name: btwdins
displayname: Bluetooth Service
Name: CryptSvc
displayname: Services de cryptographie
Name: DcomLaunch
displayname: Lanceur de processus serveur DCOM
Name: Dhcp
displayname: Client DHCP
Name: Dnscache
displayname: Client DNS
Name: ERSvc
displayname: Service de rapport d'erreurs
Name: Eventlog
displayname: Journal des événements
Name: EventSystem
displayname: Système d'événements de COM+
Name: FastUserSwitchingCompatibility
displayname: Compatibilité avec le Changement rapide d'utilisateur
Name: helpsvc
displayname: Aide et support
Name: HTTPFilter
displayname: HTTP SSL
Name: JavaQuickStarterService
displayname: Java Quick Starter
Name: LanmanServer
displayname: Serveur
Name: lanmanworkstation
displayname: Station de travail
Name: LmHosts
displayname: Assistance TCP/IP NetBIOS
Name: MSIServer
displayname: Windows Installer
Name: Net Driver HPZ12
displayname: Net Driver HPZ12
Name: Netman
displayname: Connexions réseau
Name: Nla
displayname: NLA (Network Location Awareness)
Name: PlugPlay
displayname: Plug-and-Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: Services IPSEC
Name: ProtectedStorage
displayname: Emplacement protégé
Name: RasMan
displayname: Gestionnaire de connexions d'accès distant
Name: RpcSs
displayname: Appel de procédure distante (RPC)
Name: SamSs
displayname: Gestionnaire de comptes de sécurité
Name: Schedule
displayname: Planificateur de tâches
Name: seclogon
displayname: Connexion secondaire
Name: SENS
displayname: Notification d'événement système
Name: SharedAccess
displayname: Pare-feu Windows / Partage de connexion Internet
Name: ShellHWDetection
displayname: Détection matériel noyau
Name: Spooler
displayname: Spouleur d'impression
Name: srservice
displayname: Service de restauration système
Name: SSDPSRV
displayname: Service de découvertes SSDP
Name: stisvc
displayname: Acquisition d'image Windows (WIA)
Name: TapiSrv
displayname: Téléphonie
Name: TermService
displayname: Services Terminal Server
Name: Themes
displayname: Thèmes
Name: TrkWks
displayname: Client de suivi de lien distribué
Name: W32Time
displayname: Horloge Windows
Name: WebClient
displayname: WebClient
Name: winmgmt
displayname: Infrastructure de gestion Windows
Name: WmiApSrv
displayname: Carte de performance WMI
Name: wscsvc
displayname: Centre de sécurité
Name: wuauserv
displayname: Mises à jour automatiques
Name: WZCSVC
displayname: Configuration automatique sans fil
Name: yksvc
displayname: Marvell Yukon Service
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
depuis quelques temps mon netbook rame (samsung nc10 intel atom cpu n270 1,6ghz 0,99 go de rame xp familliale sp3) donc hier j ai decider de faire un nettoyage de printemps: scan et nettoyage avec spyboot, netoyage avec ccleaner et enfin un scan avec ad-aware qui me trouve un trojan. Malheureusement je ne sais pas comment m en debarrasser, quelqu un pourrais t il me donner un coup de main a effacer cette saloperie, merci d avance, je vous poste le rapport Ad-aware
Logfile created: 16/05/2012 18:14:59
Ad-Aware version: Internal build
Extended engine: 3
Extended engine version: 3.1.2770
User performing scan: Admin
*********************** Definitions database information ***********************
Lavasoft definition file: 150.597
Genotype definition file version: 2012/02/13 12:34:34
Extended engine definition file: 11924.0
******************************** Scan results: *********************************
Scan profile name: Full Scan (ID: full)
Objects scanned: 131117
Objects detected: 71
Type Detected
==========================
Processes.......: 1
Registry entries: 17
Hostfile entries: 0
Files...........: 4
Folders.........: 1
LSPs............: 0
Cookies.........: 48
Browser hijacks.: 0
MRU objects.....: 0
Skipped items:
Description: c:\program files\yontoo layers runtime\yontooieclient.dll Family Name: Yontoo[1519] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: 2a9f7520aa15394ae479957fd38d8a70
Description: HKCR:CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 0 Family ID: 5601240
Description: HKLM:Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 0 Family ID: 5601240
Description: HKCR:AppID\YontooIEClient.DLL: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601242 Family ID: 5601240
Description: HKCR:YontooIEClient.Api: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601246 Family ID: 5601240
Description: HKCR:YontooIEClient.Api.1: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601247 Family ID: 5601240
Description: HKCR:YontooIEClient.Layers: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601248 Family ID: 5601240
Description: HKCR:AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601249 Family ID: 5601240
Description: HKCR:CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601250 Family ID: 5601240
Description: HKCR:CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601251 Family ID: 5601240
Description: HKCR:CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601252 Family ID: 5601240
Description: HKCR:Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601253 Family ID: 5601240
Description: HKCR:TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601254 Family ID: 5601240
Description: HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601255 Family ID: 5601240
Description: HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601256 Family ID: 5601240
Description: HKLM:SOFTWARE\Tarma Installer\Products\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}: Family Name: Yontoo Engine: 1 Clean status: Success Item ID: 5601257 Family ID: 5601240
Description: HKU:S-1-5-21-191312552-3647956876-3586848069-1006\Software\OfferBox: Family Name: Win32.Adware.OfferBox Engine: 1 Clean status: Success Item ID: 5781357 Family ID: 5781348
Description: HKLM:SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom: Family Name: Win32.Adware.OfferBox Engine: 1 Clean status: Success Item ID: 5781364 Family ID: 5781348
Description: c:\program files\offerbox Family Name: Win32.Adware.OfferBox Engine: 1 Clean status: Success Item ID: 5781369 Family ID: 5781348
Removed items:
Description: *247realmedia* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408945 Family ID: 0
Description: *realmedia* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409139 Family ID: 0
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408943 Family ID: 0
Description: *ad.yieldmanager* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409172 Family ID: 0
Description: *adbrite* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409218 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adtech* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409018 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *adultfriendfinder* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409164 Family ID: 0
Description: *advertis* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408918 Family ID: 0
Description: *adviva* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409016 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *bs.serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408902 Family ID: 0
Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0
Description: *clickbank* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408890 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Description: *clickz* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408888 Family ID: 0
Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408873 Family ID: 0
Description: *fastclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408869 Family ID: 0
Description: *.comclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409086 Family ID: 0
Description: *mediaplex* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408991 Family ID: 0
Description: *overture* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408834 Family ID: 0
Description: *partypoker* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409141 Family ID: 0
Description: *revenue* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409138 Family ID: 0
Description: *searchportal.information* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409134 Family ID: 0
Description: *server.iad.liveperson* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409131 Family ID: 0
Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0
Description: *tradedoubler* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408964 Family ID: 0
Description: *tribalfusion* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408785 Family ID: 0
Description: *advertising* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409017 Family ID: 0
Description: zedo* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408736 Family ID: 0
Description: *adtech* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409018 Family ID: 0
Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408873 Family ID: 0
Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *tradedoubler* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408964 Family ID: 0
Description: *adviva* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409016 Family ID: 0
Description: *bs.serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408902 Family ID: 0
Description: *.comclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409086 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Quarantined items:
Description: c:\program files\yontoo layers runtime\yontooieclient.dll Family Name: Yontoo (v) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 2a9f7520aa15394ae479957fd38d8a70
Description: c:\program files\offerbox\offerboxbho.dll Family Name: Win32.Adware.OfferBox[1433] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: 4eb3e52316e7781759f33eac2937ac67
Description: c:\system volume information\_restore{76428814-a470-44cc-b33b-d2dd101deaab}\rp64\a0020019.dll Family Name: Win32.Adware.OfferBox[1433] Engine: 1 Clean status: Success Item ID: 0 Family ID: 0 MD5: c52d256b948ec03721de8f4e5683d360
Description: c:\system volume information\_restore{76428814-a470-44cc-b33b-d2dd101deaab}\rp70\a0025297.exe Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 2 Family ID: 0 MD5: 3de6ed2a14d0fb757fc473b78ec6d2e2
Scan and cleaning complete: Finished correctly after 8070 seconds
*********************************** Settings ***********************************
Scan profile:
ID: full, enabled:1, value: Full Scan
ID: folderstoscan, enabled:1, value: C:\,D:\
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: N/A
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Wed May 16 18:05:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Wed May 16 00:05:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Wed May 16 06:05:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Wed May 16 12:05:00 2012
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Wed May 16 18:05:00 2012
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: true
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: true
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: maintainbackup, enabled:1, value: true
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: onaccessprotection, enabled:1, value: true
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true
****************************** System information ******************************
Computer name: ADMIN
Processor name: Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Processor identifier: x86 Family 6 Model 28 Stepping 2
Processor speed: ~1597MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 6, processor revision 7170, number of processors 2, processor features: [MMX,SSE,SSE2]
Physical memory available: 268349440 bytes
Physical memory total: 1063628800 bytes
Virtual memory available: 1902989312 bytes
Virtual memory total: 2147352576 bytes
Memory load: 74%
Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Windows startup mode:
Running processes:
PID: 800 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: AUTORITE NT
PID: 856 name: C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: AUTORITE NT
PID: 880 name: C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: AUTORITE NT
PID: 924 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: AUTORITE NT
PID: 936 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: AUTORITE NT
PID: 1104 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1168 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1228 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1288 name: C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe owner: SYSTEM domain: AUTORITE NT
PID: 1412 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1456 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1676 name: C:\WINDOWS\Explorer.EXE owner: Admin domain: ADMIN
PID: 1732 name: C:\Program Files\AVAST Software\Avast\AvastSvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 1988 name: C:\WINDOWS\RTHDCPL.EXE owner: Admin domain: ADMIN
PID: 2004 name: C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe owner: Admin domain: ADMIN
PID: 2020 name: C:\WINDOWS\system32\hkcmd.exe owner: Admin domain: ADMIN
PID: 2028 name: C:\WINDOWS\system32\igfxpers.exe owner: Admin domain: ADMIN
PID: 2036 name: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe owner: Admin domain: ADMIN
PID: 116 name: C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe owner: Admin domain: ADMIN
PID: 132 name: C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe owner: Admin domain: ADMIN
PID: 196 name: C:\WINDOWS\system32\igfxsrvc.exe owner: Admin domain: ADMIN
PID: 248 name: C:\Program Files\AVAST Software\Avast\avastUI.exe owner: Admin domain: ADMIN
PID: 396 name: C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe owner: Admin domain: ADMIN
PID: 416 name: C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe owner: Admin domain: ADMIN
PID: 436 name: C:\WINDOWS\system32\ctfmon.exe owner: Admin domain: ADMIN
PID: 492 name: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe owner: Admin domain: ADMIN
PID: 676 name: C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE owner: Admin domain: ADMIN
PID: 1564 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT
PID: 2712 name: C:\WINDOWS\system32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2832 name: C:\Program Files\Java\jre6\bin\jqs.exe owner: SYSTEM domain: AUTORITE NT
PID: 3024 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 3100 name: C:\WINDOWS\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 3184 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 3256 name: C:\WINDOWS\system32\RUNDLL32.EXE owner: SYSTEM domain: AUTORITE NT
PID: 3824 name: C:\WINDOWS\system32\wbem\wmiapsrv.exe owner: SYSTEM domain: AUTORITE NT
PID: 3960 name: C:\WINDOWS\system32\igfxext.exe owner: Admin domain: ADMIN
PID: 2012 name: C:\WINDOWS\System32\alg.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2592 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 3956 name: C:\Program Files\Internet Explorer\iexplore.exe owner: Admin domain: ADMIN
PID: 4060 name: C:\Program Files\Internet Explorer\iexplore.exe owner: Admin domain: ADMIN
PID: 2112 name: C:\WINDOWS\system32\wscntfy.exe owner: Admin domain: ADMIN
PID: 2128 name: C:\WINDOWS\system32\wuauclt.exe owner: Admin domain: ADMIN
PID: 3476 name: C:\WINDOWS\system32\msiexec.exe owner: SYSTEM domain: AUTORITE NT
PID: 1500 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT
PID: 3120 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT
PID: 1376 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: AUTORITE NT
PID: 828 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Admin domain: ADMIN
PID: 2848 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Admin domain: ADMIN
PID: 2668 name: C:\Program Files\Lavasoft\Ad-Aware\autolaunch.exe owner: Admin domain: ADMIN
Startup items:
Name: PostBootReminder
imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
Name: CDBurn
imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: SysTray
imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
Name: CTFMON.EXE
imagepath: C:\WINDOWS\system32\CTFMON.EXE
Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
imagepath: Pré-chargeur Browseui
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Démon de cache des catégories de composant
Name: RTHDCPL
imagepath: RTHDCPL.EXE
Name: Alcmtr
imagepath: ALCMTR.EXE
Name:
Name: EDS
imagepath: C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
Name: IgfxTray
imagepath: C:\WINDOWS\system32\igfxtray.exe
Name: HotKeysCmds
imagepath: C:\WINDOWS\system32\hkcmd.exe
Name: Persistence
imagepath: C:\WINDOWS\system32\igfxpers.exe
Name: SynTPEnh
imagepath: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Name: DMHotKey
imagepath: C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe
Name: BatteryManager
imagepath: C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
Name: SunJavaUpdateSched
imagepath: "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
Name: avast
imagepath: "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
Name: Adobe Reader Speed Launcher
imagepath: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Name: Adobe ARM
imagepath: "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
Name: KernelFaultCheck
imagepath: %systemroot%\system32\dumprep 0 -k
Name:
location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\BTTray.lnk
imagepath: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Name:
imagepath: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
Name:
location: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
imagepath: C:\Program Files\Microsoft Office\Office\OSA9.EXE
Name:
imagepath: C:\WINDOWS\system32\config\systemprofile\Menu Démarrer\Programmes\Démarrage\desktop.ini
Bootexecute items:
Name:
imagepath: autocheck autochk *
Running services:
Name: 6to4
displayname: Service d'application d'assistance IPv6
Name: ALG
displayname: Service de la passerelle de la couche Application
Name: AudioSrv
displayname: Audio Windows
Name: avast! Antivirus
displayname: avast! Antivirus
Name: BITS
displayname: Service de transfert intelligent en arrière-plan
Name: Browser
displayname: Explorateur d'ordinateur
Name: btwdins
displayname: Bluetooth Service
Name: CryptSvc
displayname: Services de cryptographie
Name: DcomLaunch
displayname: Lanceur de processus serveur DCOM
Name: Dhcp
displayname: Client DHCP
Name: Dnscache
displayname: Client DNS
Name: ERSvc
displayname: Service de rapport d'erreurs
Name: Eventlog
displayname: Journal des événements
Name: EventSystem
displayname: Système d'événements de COM+
Name: FastUserSwitchingCompatibility
displayname: Compatibilité avec le Changement rapide d'utilisateur
Name: helpsvc
displayname: Aide et support
Name: HTTPFilter
displayname: HTTP SSL
Name: JavaQuickStarterService
displayname: Java Quick Starter
Name: LanmanServer
displayname: Serveur
Name: lanmanworkstation
displayname: Station de travail
Name: LmHosts
displayname: Assistance TCP/IP NetBIOS
Name: MSIServer
displayname: Windows Installer
Name: Net Driver HPZ12
displayname: Net Driver HPZ12
Name: Netman
displayname: Connexions réseau
Name: Nla
displayname: NLA (Network Location Awareness)
Name: PlugPlay
displayname: Plug-and-Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: Services IPSEC
Name: ProtectedStorage
displayname: Emplacement protégé
Name: RasMan
displayname: Gestionnaire de connexions d'accès distant
Name: RpcSs
displayname: Appel de procédure distante (RPC)
Name: SamSs
displayname: Gestionnaire de comptes de sécurité
Name: Schedule
displayname: Planificateur de tâches
Name: seclogon
displayname: Connexion secondaire
Name: SENS
displayname: Notification d'événement système
Name: SharedAccess
displayname: Pare-feu Windows / Partage de connexion Internet
Name: ShellHWDetection
displayname: Détection matériel noyau
Name: Spooler
displayname: Spouleur d'impression
Name: srservice
displayname: Service de restauration système
Name: SSDPSRV
displayname: Service de découvertes SSDP
Name: stisvc
displayname: Acquisition d'image Windows (WIA)
Name: TapiSrv
displayname: Téléphonie
Name: TermService
displayname: Services Terminal Server
Name: Themes
displayname: Thèmes
Name: TrkWks
displayname: Client de suivi de lien distribué
Name: W32Time
displayname: Horloge Windows
Name: WebClient
displayname: WebClient
Name: winmgmt
displayname: Infrastructure de gestion Windows
Name: WmiApSrv
displayname: Carte de performance WMI
Name: wscsvc
displayname: Centre de sécurité
Name: wuauserv
displayname: Mises à jour automatiques
Name: WZCSVC
displayname: Configuration automatique sans fil
Name: yksvc
displayname: Marvell Yukon Service
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
A voir également:
- Probleme mon pc rame
- Pc qui rame - Guide
- Reinitialiser pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Plus de son sur mon pc - Guide
- Forcer demarrage pc - Guide
9 réponses
Bonjour,
--> Télécharge et lance AdwCleaner (de Xplode), choisis l'option "Suppression" et poste le rapport :
http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
--> Télécharge et lance AdwCleaner (de Xplode), choisis l'option "Suppression" et poste le rapport :
http://general-changelog-team.fr/fr/downloads/viewdownload/20-outils-de-xplode/2-adwcleaner
# AdwCleaner v1.606 - Rapport créé le 17/05/2012 à 13:22:04
# Mis à jour le 10/05/2012 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Admin - ADMIN
# Exécuté depuis : C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\W5C9IDW4\adwcleaner[1].exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Documents and Settings\Admin\Local Settings\Application Data\Conduit
Dossier Supprimé : C:\Documents and Settings\Admin\Application Data\OfferBox
Dossier Supprimé : C:\Documents and Settings\Admin\Application Data\PriceGong
Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon
Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Dossier Supprimé : C:\Program Files\BarDiscover
Dossier Supprimé : C:\Program Files\OfferBox
Dossier Supprimé : C:\Program Files\Yontoo Layers Runtime
Fichier Supprimé : C:\WINDOWS\system32\conduitEngine.tmp
***** [Registre] *****
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2613520
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2849852
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\PriceGong
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKLM\SOFTWARE\ASKInstaller
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\Offerbox
Clé Supprimée : HKLM\SOFTWARE\Tarma Installer
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\elhjaoldnkkbifioodjndkijecdeinld
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{DB38E21A-0133-419d-92AD-ECDFD5244D6D}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{EB620C54-E229-4942-87CE-E717109FC8C6}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [Hotbar 11.0.175.0]
***** [Registre - GUID] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4F36-8D02-8C43722EE5DA}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3E67DAA-DA01-4DA5-98BE-3088B554A11E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D95C7240-0282-4C01-93F5-673BCA03DA86}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FFA7469-654F-423E-84FE-6A583CB1C284}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[S1].txt - [6935 octets] - [17/05/2012 13:22:04]
########## EOF - C:\AdwCleaner[S1].txt - [7063 octets] ##########
# Mis à jour le 10/05/2012 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Admin - ADMIN
# Exécuté depuis : C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\W5C9IDW4\adwcleaner[1].exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Documents and Settings\Admin\Local Settings\Application Data\Conduit
Dossier Supprimé : C:\Documents and Settings\Admin\Application Data\OfferBox
Dossier Supprimé : C:\Documents and Settings\Admin\Application Data\PriceGong
Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Babylon
Dossier Supprimé : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Dossier Supprimé : C:\Program Files\BarDiscover
Dossier Supprimé : C:\Program Files\OfferBox
Dossier Supprimé : C:\Program Files\Yontoo Layers Runtime
Fichier Supprimé : C:\WINDOWS\system32\conduitEngine.tmp
***** [Registre] *****
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2613520
[*] Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2849852
Clé Supprimée : HKCU\Software\Offerbox
Clé Supprimée : HKCU\Software\PriceGong
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKLM\SOFTWARE\ASKInstaller
Clé Supprimée : HKLM\SOFTWARE\Conduit
Clé Supprimée : HKLM\SOFTWARE\Offerbox
Clé Supprimée : HKLM\SOFTWARE\Tarma Installer
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Clé Supprimée : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\elhjaoldnkkbifioodjndkijecdeinld
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{DB38E21A-0133-419d-92AD-ECDFD5244D6D}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Extensions\CmdMapping [{EB620C54-E229-4942-87CE-E717109FC8C6}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [Hotbar 11.0.175.0]
***** [Registre - GUID] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4F36-8D02-8C43722EE5DA}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A3E67DAA-DA01-4DA5-98BE-3088B554A11E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D95C7240-0282-4C01-93F5-673BCA03DA86}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{258C9770-1713-4021-8D7E-1F184A2BD754}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FFA7469-654F-423E-84FE-6A583CB1C284}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B8B761-DF2B-48AC-BBE0-BCC03A819B3B}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB38E21A-0133-419D-92AD-ECDFD5244D6D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB620C54-E229-4942-87CE-E717109FC8C6}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[S1].txt - [6935 octets] - [17/05/2012 13:22:04]
########## EOF - C:\AdwCleaner[S1].txt - [7063 octets] ##########
AdwCleaner a fait son boulot, désinstalle-le.
--> Télécharge ZHPDiag (de Nicolas Coolman).
--> Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (N'oublie pas de cocher "Créer une icône sur le Bureau").
--> Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.
(Sous Vista/Win7, il faut cliquer droit sur le raccourci de ZHPDiag et choisir Exécuter en tant qu'administrateur)
--> Clique sur la loupe (Lancer le diagnostic) puis laisse l'outil scanner.
--> Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier (le rapport de l'analyse) sur ton Bureau.
--> Pour me transmettre le rapport, utilise le site http://pjjoint.malekal.com/ car le rapport ZHPDiag est plutôt long. Copie-colle le lien donné par le site ici.
--> Télécharge ZHPDiag (de Nicolas Coolman).
--> Double-clique sur le fichier d'installation. Installe ZHPDiag avec les paramètres par défaut (N'oublie pas de cocher "Créer une icône sur le Bureau").
--> Lance ZHPDiag en double-cliquant sur le raccourci présent sur ton Bureau.
(Sous Vista/Win7, il faut cliquer droit sur le raccourci de ZHPDiag et choisir Exécuter en tant qu'administrateur)
--> Clique sur la loupe (Lancer le diagnostic) puis laisse l'outil scanner.
--> Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier (le rapport de l'analyse) sur ton Bureau.
--> Pour me transmettre le rapport, utilise le site http://pjjoint.malekal.com/ car le rapport ZHPDiag est plutôt long. Copie-colle le lien donné par le site ici.
re destrio5,
voila le lien du rapport
http://pjjoint.malekal.com/files.php?id=ZHPDiag_20120517_k13f8w6g98
voila le lien du rapport
http://pjjoint.malekal.com/files.php?id=ZHPDiag_20120517_k13f8w6g98
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
--> Copie tout le texte présent en gras ci-dessous (Sélectionne-le, clique droit dessus et choisis "Copier").
SysRestore
P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (...) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll (.not file.)
O3 - Toolbar: (no name) - [HKLM]{CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (...) -- (.not file.)
[HKCU\Software\AVG Security Toolbar]
[HKLM\Software\AVG Security Toolbar]
[HKLM\Software\AVG]
[HKLM\Software\Gtyitwiz]
[HKCU\Software\Zone Labs]
[HKLM\Software\Zone Labs]
O43 - CFD: 24/06/2010 - 00:36:26 - [1,301] ----D C:\Program Files\CheckPoint
O43 - CFD: 12/03/2011 - 17:02:21 - [0] ----D C:\Program Files\Protection_ZoneAlarm
O43 - CFD: 06/05/2012 - 21:14:34 - [0,039] ----D C:\Documents and Settings\Admin\Application Data\WebPlayerBdd
O43 - CFD: 12/03/2011 - 17:01:20 - [0] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Protection_ZoneAlarm
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O69 - SBI: SearchScopes [HKCU] {66D9ABC2-996A-498A-9645-2BB461630793} - (AVG Secure Search) - https://search.avg.com/
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - https://isearch.avg.com/
O69 - SBI: SearchScopes [HKCU] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (AVG Secure Search) - https://search.avg.com/
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
[HKCU\Software\G DATA]
[HKLM\Software\CheckPoint]
EmptyFlash
EmptyTemp
--> Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.
(Sous Vista/Win7, il faut cliquer droit sur le raccourci de ZHPFix et choisir Exécuter en tant qu'administrateur)
--> Une fois ZHPFix ouvert, clique sur le bouton "H" (Coller les lignes Helper).
--> Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître. Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
--> Clique sur "GO" pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.
--> Une fois terminé, copie-colle le rapport dans ton prochain message.
SysRestore
P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (...) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll (.not file.)
O3 - Toolbar: (no name) - [HKLM]{CCC7A320-B3CA-4199-B1A6-9F516DD69829} . (...) -- (.not file.)
[HKCU\Software\AVG Security Toolbar]
[HKLM\Software\AVG Security Toolbar]
[HKLM\Software\AVG]
[HKLM\Software\Gtyitwiz]
[HKCU\Software\Zone Labs]
[HKLM\Software\Zone Labs]
O43 - CFD: 24/06/2010 - 00:36:26 - [1,301] ----D C:\Program Files\CheckPoint
O43 - CFD: 12/03/2011 - 17:02:21 - [0] ----D C:\Program Files\Protection_ZoneAlarm
O43 - CFD: 06/05/2012 - 21:14:34 - [0,039] ----D C:\Documents and Settings\Admin\Application Data\WebPlayerBdd
O43 - CFD: 12/03/2011 - 17:01:20 - [0] ----D C:\Documents and Settings\Admin\Local Settings\Application Data\Protection_ZoneAlarm
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O69 - SBI: SearchScopes [HKCU] {66D9ABC2-996A-498A-9645-2BB461630793} - (AVG Secure Search) - https://search.avg.com/
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - https://isearch.avg.com/
O69 - SBI: SearchScopes [HKCU] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (AVG Secure Search) - https://search.avg.com/
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}]
[HKCU\Software\G DATA]
[HKLM\Software\CheckPoint]
EmptyFlash
EmptyTemp
--> Puis lance ZHPFix depuis le raccourci situé sur ton Bureau.
(Sous Vista/Win7, il faut cliquer droit sur le raccourci de ZHPFix et choisir Exécuter en tant qu'administrateur)
--> Une fois ZHPFix ouvert, clique sur le bouton "H" (Coller les lignes Helper).
--> Dans l'encadré principal, tu verras donc les lignes que tu as copié précédemment apparaître. Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
--> Clique sur "GO" pour lancer le nettoyage. Laisse l'outil travailler et ne touche à rien.
--> Une fois terminé, copie-colle le rapport dans ton prochain message.
Rapport de ZHPFix 1.2.05 par Nicolas Coolman, Update du 30/04/2012
Fichier d'export Registre :
Run by Admin at 17/05/2012 14:16:05
Windows XP Home Edition Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Clé(s) du Registre ==========
SUPPRIME Key*: Mozilla Plugin: @checkpoint.com/FFApi
SUPPRIME Key*: HKCU\Software\AVG Security Toolbar
SUPPRIME Key*: HKLM\Software\AVG Security Toolbar
SUPPRIME Key*: HKLM\Software\AVG
SUPPRIME Key*: HKLM\Software\Gtyitwiz
SUPPRIME Key*: HKCU\Software\Zone Labs
SUPPRIME Key*: HKLM\Software\Zone Labs
SUPPRIME Key*: SearchScopes :{66D9ABC2-996A-498A-9645-2BB461630793}
SUPPRIME Key*: SearchScopes :{95B7759C-8C7F-4BF1-B163-73684A933233}
SUPPRIME Key*: SearchScopes :{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
SUPPRIME Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
SUPPRIME Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
SUPPRIME Key*: HKCU\Software\G DATA
SUPPRIME Key*: HKLM\Software\CheckPoint
========== Valeur(s) du Registre ==========
SUPPRIME Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
ABSENT IFC: [FEATURE_BROWSER_EMULATION] svchost.exe
========== Dossier(s) ==========
SUPPRIME Folder: C:\Program Files\CheckPoint
SUPPRIME Folder: C:\Program Files\Protection_ZoneAlarm
SUPPRIME Folder: C:\Documents and Settings\Admin\Application Data\WebPlayerBdd
SUPPRIME Folder: C:\Documents and Settings\Admin\Local Settings\Application Data\Protection_ZoneAlarm
SUPPRIME Flash Cookies:
SUPPRIME Temporaires Windows:
========== Fichier(s) ==========
ABSENT File: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npffapi.dll
SUPPRIME Flash Cookies:
SUPPRIME Temporaires Windows:
========== Restauration Système ==========
Point de restauration du système créé avec succès
========== Récapitulatif ==========
15 : Clé(s) du Registre
2 : Valeur(s) du Registre
6 : Dossier(s)
3 : Fichier(s)
1 : Restauration Système
End of clean in 00mn 18s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 17/05/2012 14:16:05 [2294]
Fichier d'export Registre :
Run by Admin at 17/05/2012 14:16:05
Windows XP Home Edition Service Pack 3 (Build 2600)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Clé(s) du Registre ==========
SUPPRIME Key*: Mozilla Plugin: @checkpoint.com/FFApi
SUPPRIME Key*: HKCU\Software\AVG Security Toolbar
SUPPRIME Key*: HKLM\Software\AVG Security Toolbar
SUPPRIME Key*: HKLM\Software\AVG
SUPPRIME Key*: HKLM\Software\Gtyitwiz
SUPPRIME Key*: HKCU\Software\Zone Labs
SUPPRIME Key*: HKLM\Software\Zone Labs
SUPPRIME Key*: SearchScopes :{66D9ABC2-996A-498A-9645-2BB461630793}
SUPPRIME Key*: SearchScopes :{95B7759C-8C7F-4BF1-B163-73684A933233}
SUPPRIME Key*: SearchScopes :{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
SUPPRIME Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}
SUPPRIME Key*: HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
SUPPRIME Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d7f26d0e-9801-45c3-a091-8a65e4ed73b5}
SUPPRIME Key*: HKCU\Software\G DATA
SUPPRIME Key*: HKLM\Software\CheckPoint
========== Valeur(s) du Registre ==========
SUPPRIME Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
ABSENT IFC: [FEATURE_BROWSER_EMULATION] svchost.exe
========== Dossier(s) ==========
SUPPRIME Folder: C:\Program Files\CheckPoint
SUPPRIME Folder: C:\Program Files\Protection_ZoneAlarm
SUPPRIME Folder: C:\Documents and Settings\Admin\Application Data\WebPlayerBdd
SUPPRIME Folder: C:\Documents and Settings\Admin\Local Settings\Application Data\Protection_ZoneAlarm
SUPPRIME Flash Cookies:
SUPPRIME Temporaires Windows:
========== Fichier(s) ==========
ABSENT File: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npffapi.dll
SUPPRIME Flash Cookies:
SUPPRIME Temporaires Windows:
========== Restauration Système ==========
Point de restauration du système créé avec succès
========== Récapitulatif ==========
15 : Clé(s) du Registre
2 : Valeur(s) du Registre
6 : Dossier(s)
3 : Fichier(s)
1 : Restauration Système
End of clean in 00mn 18s
========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 17/05/2012 14:16:05 [2294]
ça a l air d aller mieux quand j explore windows mais quand jvais sur le net ça rame encore pas mal, voici le lien: http://pjjoint.malekal.com/files.php?id=ZHPDiag_20120517_y7l8o13f15n13
"avast! Free Antivirus v6.0.1125.0"
--> Mets à jour Avast, on en est à la version 7.
Tu peux faire un scan avec ce logiciel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
--> Mets à jour Avast, on en est à la version 7.
Tu peux faire un scan avec ce logiciel :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
