Aide pour log hijackthis

mgb35 Messages postés 32 Statut Membre -  
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
Bonjour,

Voici mon log. Pourriez vous m'aider s'il vous plait.
Merci.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:39:21, on 29/06/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)

FIREFOX: 9.0.1 (fr)
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe
C:\Users\ian\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\ian\Downloads\HijackThis (1).exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQNOT/3
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=FR&userid=ad328f1d-9f48-4933-9224-b9b6b8daacb5&searchtype=ds&q={searchTerms}&installDate=10/05/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=TightropeYB&dpid=TightropeYB&co=FR&userid=ad328f1d-9f48-4933-9224-b9b6b8daacb5&searchtype=ds&q={searchTerms}&installDate=10/05/2013
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe"
O4 - Startup: Dropbox.lnk = ian\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Rechercher sur le Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{944AA725-6141-43F4-AEC3-5F4C7361715D}: NameServer = 85.62.229.133 85.62.229.134
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Easybits Shared Services for Windows (ezSharedSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Ma-Config Agent (MaConfigAgent) - Unknown owner - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 24465 bytes

4 réponses

  1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
     
    bonjour, passes adwcleaner mode suppression !!

    Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.

    si problème avec la sécurité de internet explorer regarde se lien : http://general-changelog-team.fr/fr/accueil/58-multilangue/securite/214-fausse-alerte-du-filtre-smartscreen-sur-le-telechargement-d-adwcleaner

    Lance le, clique sur [Suppression] puis patiente le temps du scan.

    Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

    Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

    0
  2. mgb35 Messages postés 32 Statut Membre 1
     
    Merci.
    Voici le rapport :
    # AdwCleaner v2.303 - Rapport créé le 29/06/2013 à 16:50:05
    # Mis à jour le 08/06/2013 par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : ian - IAN-PC
    # Mode de démarrage : Normal
    # Exécuté depuis : C:\Users\ian\Downloads\adwcleaner.exe
    # Option [Suppression]

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****

    Dossier Supprimé : C:\Program Files (x86)\Boxore
    Dossier Supprimé : C:\Program Files (x86)\Common Files\spigot
    Dossier Supprimé : C:\Program Files (x86)\DAEMON Tools Toolbar
    Dossier Supprimé : C:\Program Files (x86)\FREEzeFrog
    Dossier Supprimé : C:\Program Files (x86)\HBLite
    Dossier Supprimé : C:\Program Files (x86)\Mozilla Firefox\Extensions\{34EFA911-B536-4C08-BECE-CD5E55C875B0}
    Dossier Supprimé : C:\Program Files (x86)\Software
    Dossier Supprimé : C:\Program Files\DomaIQ Uninstaller
    Dossier Supprimé : C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
    Dossier Supprimé : C:\ProgramData\Ask
    Dossier Supprimé : C:\ProgramData\Babylon
    Dossier Supprimé : C:\ProgramData\FREEzeFrogSA
    Dossier Supprimé : C:\ProgramData\HBLiteSA
    Dossier Supprimé : C:\ProgramData\HotbarSA
    Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotbar
    Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports
    Dossier Supprimé : C:\ProgramData\PC Optimizer Pro
    Dossier Supprimé : C:\Users\ian\AppData\Local\Supreme Savings
    Dossier Supprimé : C:\Users\ian\AppData\LocalLow\Conduit
    Dossier Supprimé : C:\Users\ian\AppData\LocalLow\PriceGong
    Dossier Supprimé : C:\Users\ian\AppData\Roaming\Babylon
    Dossier Supprimé : C:\Users\ian\AppData\Roaming\HBLite
    Dossier Supprimé : C:\Users\ian\AppData\Roaming\iWin
    Dossier Supprimé : C:\Users\ian\AppData\Roaming\Mozilla\Firefox\Profiles\xuh5i6ge.default\SweetPacksToolbarData
    Dossier Supprimé : C:\Users\ian\AppData\Roaming\ShopperReports3
    Dossier Supprimé : C:\Users\ian\AppData\Roaming\WeatherDPA
    Fichier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
    Fichier Supprimé : C:\Users\ian\AppData\Roaming\Mozilla\Firefox\Profiles\xuh5i6ge.default\searchplugins\Web Search.xml

    ***** [Registre] *****

    Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider
    Clé Supprimée : HKCU\Software\AppDataLow\Software\Hotbar
    Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
    Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
    Clé Supprimée : HKCU\Software\BabylonToolbar
    Clé Supprimée : HKCU\Software\DataMngr
    Clé Supprimée : HKCU\Software\FREEzeFrogSA
    Clé Supprimée : HKCU\Software\hblitesa
    Clé Supprimée : HKCU\Software\hotbarsa
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Rechercher sur le Web
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
    Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7CDDCDC-BEEB-4685-A062-978F5E07CEEE}
    Clé Supprimée : HKCU\Software\pc optimizer pro
    Clé Supprimée : HKCU\Software\ShopperReports3
    Clé Supprimée : HKCU\Software\SmartBar
    Clé Supprimée : HKCU\Software\Softonic
    Clé Supprimée : HKCU\Software\YahooPartnerToolbar
    Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Clé Supprimée : HKLM\Software\Babylon
    Clé Supprimée : HKLM\Software\Boxore
    Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
    Clé Supprimée : HKLM\Software\DataMngr
    Clé Supprimée : HKLM\Software\FREEzeFrog
    Clé Supprimée : HKLM\Software\HBLite
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\HostOL.MailAnim
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\HostOL.MailAnim
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-CD68-4F36-8D02-8C43722EE5DA}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7555B87D-D711-48B2-B97D-04DF700652BA}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4D03-A0CF-8203604C3DA6}
    Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483C-A137-731E8F113DD5}
    Clé Supprimée : HKLM\Software\ShopperReports3
    Clé Supprimée : HKLM\Software\Supreme Savings
    Clé Supprimée : HKLM\Software\VDownloader\OpenCandy
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2F9AD413-2E0B-4A85-BB2A-CF961238262A}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8C788AA2-7530-43BE-97B7-4D491F13BEA3}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjglfdldpdljgfjkfgieaocdapejkdlh
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7555B87D-D711-48B2-B97D-04DF700652BA}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2CF1B20B-BE6A-4C4A-8F3A-590EBCF676C7}
    Clé Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller
    Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
    Clé Supprimée : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
    Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{9CD2384C-143B-4790-A075-E7FEFE2A554B}]
    Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [hblite@hblite.com]
    Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Hotbar@Hotbar.com]
    Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ShopperReports@ShopperReports.com]
    Valeur Supprimée : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
    Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

    ***** [Navigateurs] *****

    -\\ Internet Explorer v10.0.9200.16611

    Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=TightropeYB&dpid=TightropeYB&co=FR&userid=ad328f1d-9f48-4933-9224-b9b6b8daacb5&searchtype=ds&q={searchTerms}&installDate=10/05/2013 --> hxxp://www.google.com

    -\\ Mozilla Firefox v9.0.1 (fr)

    Fichier : C:\Users\ian\AppData\Roaming\Mozilla\Firefox\Profiles\xuh5i6ge.default\prefs.js

    C:\Users\ian\AppData\Roaming\Mozilla\Firefox\Profiles\xuh5i6ge.default\user.js ... Supprimé !

    Supprimée : user_pref("extensions.helperbar.SmartbarDisabled", false);
    Supprimée : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
    Supprimée : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
    Supprimée : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
    Supprimée : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
    Supprimée : user_pref("sweetim.toolbar.Visibility.enable", "true");
    Supprimée : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
    Supprimée : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
    Supprimée : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
    Supprimée : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
    Supprimée : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
    Supprimée : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
    Supprimée : user_pref("sweetim.toolbar.dialogs.0.height", "335");
    Supprimée : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
    Supprimée : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
    Supprimée : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
    Supprimée : user_pref("sweetim.toolbar.dialogs.0.width", "761");
    Supprimée : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
    Supprimée : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
    Supprimée : user_pref("sweetim.toolbar.dialogs.1.height", "300");
    Supprimée : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
    Supprimée : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
    Supprimée : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
    Supprimée : user_pref("sweetim.toolbar.dialogs.1.width", "500");
    Supprimée : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
    Supprimée : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
    Supprimée : user_pref("sweetim.toolbar.dialogs.2.height", "150");
    Supprimée : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
    Supprimée : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
    Supprimée : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
    Supprimée : user_pref("sweetim.toolbar.dialogs.2.width", "530");
    Supprimée : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
    Supprimée : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
    Supprimée : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
    Supprimée : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
    Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
    Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
    Supprimée : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
    Supprimée : user_pref("sweetim.toolbar.mode.debug", "false");
    Supprimée : user_pref("sweetim.toolbar.newtab.created", "false");
    Supprimée : user_pref("sweetim.toolbar.newtab.enable", "true");
    Supprimée : user_pref("sweetim.toolbar.previous.keyword.URL", "");
    Supprimée : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...]
    Supprimée : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
    Supprimée : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
    Supprimée : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
    Supprimée : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
    Supprimée : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
    Supprimée : user_pref("sweetim.toolbar.scripts.0.enable", "false");
    Supprimée : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
    Supprimée : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
    Supprimée : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
    Supprimée : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
    Supprimée : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
    Supprimée : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
    Supprimée : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
    Supprimée : user_pref("sweetim.toolbar.scripts.1.enable", "false");
    Supprimée : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
    Supprimée : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
    Supprimée : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
    Supprimée : user_pref("sweetim.toolbar.scripts.2.callback", "");
    Supprimée : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
    Supprimée : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
    Supprimée : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
    Supprimée : user_pref("sweetim.toolbar.scripts.2.enable", "false");
    Supprimée : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
    Supprimée : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
    Supprimée : user_pref("sweetim.toolbar.search.history.capacity", "10");
    Supprimée : user_pref("sweetim.toolbar.searchguard.enable", "false");
    Supprimée : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
    Supprimée : user_pref("sweetim.toolbar.simapp_id", "{D7120AEB-89A0-11E1-A54D-00269ED2E7AB}");
    Supprimée : user_pref("sweetim.toolbar.version", "1.9.0.0");

    -\\ Google Chrome v23.0.1271.97

    Fichier : C:\Users\ian\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.

    *************************

    AdwCleaner[S1].txt - [14717 octets] - [29/06/2013 16:50:05]

    ########## EOF - C:\AdwCleaner[S1].txt - [14778 octets] ##########
    0
    1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      ok postes un zhpdiag pour voire si pas de reste !!

      Ouvre ce lien et télécharge ZHPDiag :

      https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/


      Enregistres le sur ton Bureau.

      Une fois le téléchargement achevé

      pour XP, double-clique sur ZHPDiag

      pour Vista,et seven ou wind 8 tu fais un clic droit sur l'icône et exécute en tant qu'administrateur.

      N'oublies pas de cocher la case qui permet de mettre un raccourci sur le Bureau.

      /|\ l'outil a créé 3 icônes ZHPDiag et ZHPFix et MBRCheck,

      Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !!

      Cliques sur la loupe pour lancer l'analyse. "" celle avec le - complètement sur gauche""

      si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire un rapport plus complet et pouvoir en faire une lecture plus approfondis

      Laisses l'outil travailler, il peut être assez long

      A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau.


      Fermes ZHPDiag en fin d'analyse.


      Pour me le transmettre clique sur ce lien :

      https://www.cjoint.com/


      Clique sur "choisissez un fichier " et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt

      ou directement en choisissant bureau et ZHPDiag.txt clique dessus

      Clique sur Ouvrir.

      Clique sur "créer le lien cjoint".

      Un lien de cette forme :

      http://cjoint.com/data/0KAoeRbq7Szgg.htm

      est ajouté dans la page.

      Copie ce lien dans ta réponse.


      et si problème passe par celui ci : http://pjjoint.malekal.com/
      0
  3. mgb35 Messages postés 32 Statut Membre 1
     
    Voila le rapport.
    Et encore merci

    Rapport de ZHPDiag v2013.6.28.43 par Nicolas Coolman, Update du 28/06/2013
    Run by ian at 29/06/2013 17:26:12
    WebSite: https://nicolascoolman.webs.com/
    State : Version à jour.
    WhiteList : Enable
    High Elevated Privileges : OK
    UAC : Activate by user

    ---\\ Web Browser
    MSIE: Internet Explorer v10.0.9200.16618
    MFIE: Mozilla Firefox 9.0.1
    GCIE: Google Chrome v23.0.1271.97 (Defaut)

    ---\\ Windows Product Information
    ~ Langage: Français
    Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 3Q6C9
    Windows License : OK
    ~ Windows Remaining Initializations Number : 2
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    ---\\ System Protection
    avast! Free Antivirus v8.0.1489.0
    Windows Defender W7

    ---\\ System Optimizer
    CCleaner v4.03 =>Piriform Ltd

    ---\\ Peer To Peer (P2P)

    ---\\ Software Update
    Adobe Flash Player 11 Plugin
    Adobe Reader XI
    Java 7 Update 25

    ---\\ System Information
    ~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3998 MB (53% free)
    System Restore: Activé (Enable)
    System drive C: has 151 GB (33%) free of 453 GB

    ---\\ Logged in mode
    ~ Computer Name: IAN-PC
    ~ User Name: ian
    ~ All Users Names: ian, HomeGroupUser$, Administrateur,
    ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
    Logged in as Administrator

    ---\\ Environnement Variables
    ~ System Unit : C:\
    ~ %AppData% : C:\Users\ian\AppData\Roaming\
    ~ %Desktop% : C:\Users\ian\Desktop\
    ~ %Favorites% : C:\Users\ian\Favorites\
    ~ %LocalAppData% : C:\Users\ian\AppData\Local\
    ~ %StartMenu% : C:\Users\ian\AppData\Roaming\Microsoft\Windows\Start Menu\
    ~ %Windir% : C:\Windows\
    ~ %System% : C:\Windows\System32\

    ---\\ DOS/Devices
    C:\ Hard drive, Flash drive, Thumb drive (Free 151 Go of 453 Go)
    D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
    E:\ CD-ROM drive (Free 0 Go of 1 Go)
    F:\ CD-ROM drive (Not Inserted)

    ---\\ Security Center & Tools Informations
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
    ~ Security Center: 32 Legitimates Filtered in 00mn 00s

    ---\\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
    [MD5.12716D987D475B051F35895659159705] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/05/2013 - 01:59:03.) -- C:\Windows\System32\wininet.dll [2241024]
    [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
    [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
    [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
    [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
    [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
    [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
    ~ Generic Processes: Scanned in 00mn 00s

    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/850
    ~ Mes musiques (My Musics) : 286/1845
    ~ Mes Videos (My Videos) : 2/770
    ~ Mes Favoris (My Favorites) : 1/20
    ~ Mes Documents (My Documents) : 2/317
    ~ Mon Bureau (My Desktop) : 1/2527
    ~ Menu demarrer (Programs) : 1/48
    ~ Hidden Files: Scanned in 00mn 07s

    ---\\ Processus lancés
    [MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.1320]
    [MD5.FCBA15DD6E51399A66BC7816E4589DBF] - (.SFR - Media Center.) -- C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe [726336] [PID.2168]
    [MD5.4320E53A6127FCCEF5C7B59576C44736] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\ian\AppData\Roaming\Dropbox\bin\Dropbox.exe [24275928] [PID.2300]
    [MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [11322880] [PID.2412]
    [MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [11314688] [PID.2484]
    [MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968] [PID.1152]
    [MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.2156]
    [MD5.2D08AC1443FFA7FBED9A5EA5FD49AEB3] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1242728] [PID.3604]
    [MD5.BCAE94105D572D937326354FA8122BEA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7596544] [PID.4544]
    [MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808] [PID.1304]
    [MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1812]
    [MD5.A6B41F3044B2C099BBB5531CAA0551D5] - (.Canal+ Active - CanalPlus.VOD.Service.) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe [188416] [PID.1872]
    [MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [PID.1980]
    [MD5.2238B91AC1A12CC6CC4C4FED41258B2A] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.1340]
    [MD5.625C98D60AD5AB1FCCBD0E2C0AC0D905] - (...) -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe [655712] [PID.2532]
    [MD5.498EB62A160674E793FA40FD65390625] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.2600]
    ~ Processes Running: Scanned in 00mn 01s

    ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:\Users\ian\AppData\Local\Google\Chrome\User Data\Default\Preferences
    G0 - GCSP: Preference [User Data\Default][HomePage] https://www.lequipe.fr/
    G0 - GCSP: Preference [User Data\Default] https://www.lequipe.fr/
    G2 - GCE: Preference [User Data\Default] [djjdicogloiccgiandeocgphindanplc] Lyrics Kid v.1.111 (Désactivé)
    G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Désactivé) =>PUP.SweetIM
    ~ Google Browser: 9 Legitimates Filtered in 00mn 11s

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:\Users\ian\AppData\Roaming\Mozilla\Firefox\Profiles\xuh5i6ge.default\prefs.js
    ~ Firefox Browser: 22 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?q=
    R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
    ~ IE Browser: 19 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
    F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
    F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
    F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    ---\\ Redirection du fichier Hosts (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    ---\\ Browser Helper Objects de navigateur (O2)
    O2 - BHO: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} Clé orpheline
    O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    ~ BHO: 6 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    ---\\ Applications démarrées par registre & par dossier (O4)
    O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
    O4 - HKCU\..\Run: [Neuf Media Center] . (.SFR - Media Center.) -- C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe
    O4 - HKLM\..\Wow6432Node\Run: [NortonOnlineBackupReminder] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
    O4 - HKLM\..\Wow6432Node\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
    O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
    O4 - HKUS\S-1-5-21-2885199706-1984395135-1139149304-1000\..\Run: [Neuf Media Center] . (.SFR - Media Center.) -- C:\Program Files (x86)\SFR\Media Center\MediaCenter.exe
    ~ Application: Scanned in 00mn 00s

    ---\\ Autres liens utilisateurs (O4)
    O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    O4 - GS\TaskBar: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
    O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
    O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    O4 - GS\Programs: WinSetupFromUSB.lnk . (...) -- G:\usb installer\Uninstall.exe (.not file.)
    O4 - GS\QuickLaunch: Around The World in 80 Days.lnk . (...) -- C:\Program Files (x86)\MyPlayCity.com\Around The World in 80 Days\Around The World in 80 Days.exe
    O4 - GS\QuickLaunch: Foxit Reader.lnk . (.Foxit Corporation - Foxit Reader 4.3, Best Reader for Everyday.) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
    O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    O4 - GS\QuickLaunch: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
    O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
    O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe
    O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
    O4 - GS\Desktop: Downloads - Raccourci.lnk . (...) -- C:\Users\ian\Downloads
    ~ Global Startup: Scanned in 00mn 00s

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{944AA725-6141-43F4-AEC3-5F4C7361715D}: NameServer = 85.62.229.133 85.62.229.134
    O17 - HKLM\System\CCS\Services\Tcpip\..\{92A4E285-EED8-448B-9D71-B7ACAE1E8BDB}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CEC783A0-A7AB-456C-8EF8-16C7CBDE457E}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{944AA725-6141-43F4-AEC3-5F4C7361715D}: NameServer = 85.62.229.133 85.62.229.134
    O17 - HKLM\System\CS1\Services\Tcpip\..\{92A4E285-EED8-448B-9D71-B7ACAE1E8BDB}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{CEC783A0-A7AB-456C-8EF8-16C7CBDE457E}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{944AA725-6141-43F4-AEC3-5F4C7361715D}: NameServer = 85.62.229.133 85.62.229.134
    O17 - HKLM\System\CS2\Services\Tcpip\..\{92A4E285-EED8-448B-9D71-B7ACAE1E8BDB}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{CEC783A0-A7AB-456C-8EF8-16C7CBDE457E}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    ---\\ Protocole additionnel (O18)
    O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
    O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
    ~ Protocole Additionnel: Scanned in 00mn 00s

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    ---\\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) . (...) - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
    O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
    ~ Services: 11 Legitimates Filtered in 00mn 09s

    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PC Optimizer Pro64 startups.job [410] =>PUP.OptimizerPro
    [MD5.00000000000000000000000000000000] [APT] [PC Optimizer Pro64 startups] (...) -- C:\Program Files\PC Optimizer Pro\StartApps.exe (.not file.) [0] =>PUP.OptimizerPro
    [MD5.5DBEF07D9637CC0E29AF5EC0DD5CC239] [APT] [{3CAC777A-2AB7-40BF-BCFE-6944079E70D5}] (.Tagès SA.) -- C:\Users\ian\Downloads\TagesSetup.exe [208288]
    [MD5.00000000000000000000000000000000] [APT] [{40C1502F-C87E-4F22-99BD-32EB4693C23F}] (...) -- E:\AOEINST.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{88B0C4EA-8881-4A4F-B816-79FB96A2047A}] (...) -- C:\Users\ian\Downloads\OOo_3.3.0_Win_x86_install_fr.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{98FEBEB6-4CBD-4C24-BD70-D91B5765FEAB}] (...) -- G:\WinSetupFromUSB_0-2-3.exe (.not file.) [0]
    [MD5.2981CEAE69D25C21D7BFB94A64E246CE] [APT] [{A0D97A66-9882-4E45-A539-F7098313D1CE}] (.Nexway.) -- C:\Users\ian\Downloads\fifa-11.exe [2112552]
    ~ Scheduled Task: 23 Legitimates Filtered in 00mn 10s

    ---\\ Logiciels installés (O42)
    O42 - Logiciel: Conquist - (...) [HKLM][64Bits] -- Conquist
    O42 - Logiciel: MOTIX - (...) [HKLM][64Bits] -- MOTIX
    ~ Logic: 142 Legitimates Filtered in 00mn 00s

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\SweetIM] =>PUP.SweetIM
    [HKLM\Software\DomaIQ] =>Toolbar.DomaIQ
    [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
    ~ Key Software: 243 Legitimates Filtered in 00mn 00s

    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 27/04/2013 - 15:37:46 - [0,161] ----D C:\Program Files (x86)\GovernorofPoker2_at
    O43 - CFD: 12/10/2010 - 18:43:32 - [13,486] ----D C:\Program Files (x86)\TripleA
    O43 - CFD: 15/11/2010 - 23:42:16 - [0,004] ----D C:\Users\ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Risk
    O43 - CFD: 12/10/2010 - 18:43:37 - [0] ----D C:\Users\ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TripleA
    ~ 4 Dossiers CLSID vides (CLSID Empty Folders)
    ~ Program Folder: 222 Legitimates Filtered in 01mn 25s

    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.A5F29AC2F0ADE8B995B49D7350CE3AC0] - 29/06/2013 - 10:00:12 RSHAD . (...) -- C:\Windows\System32\Drivers\aswSP.sys.sum [175]
    O44 - LFC:[MD5.2E83D2621E87C493AB45DC6655BA77D4] - 29/06/2013 - 10:00:12 RSHAD . (...) -- C:\Windows\System32\Drivers\aswSnx.sys.sum [175]
    O44 - LFC:[MD5.A799A774BE3B2DD828A53B08A2400D29] - 29/06/2013 - 09:50:41 ----- . (...) -- C:\Windows\SysNative\athrextx.cat [78369]
    O44 - LFC:[MD5.42AA3C3FE3D185B0C5571A287D73952A] - 29/06/2013 - 09:50:41 ----- . (...) -- C:\Windows\SysNative\netathrx.inf [523828]
    O44 - LFC:[MD5.A799A774BE3B2DD828A53B08A2400D29] - 29/06/2013 - 09:50:41 RSHAD . (...) -- C:\Windows\System32\athrextx.cat [78369]
    O44 - LFC:[MD5.42AA3C3FE3D185B0C5571A287D73952A] - 29/06/2013 - 09:50:41 RSHAD . (...) -- C:\Windows\System32\netathrx.inf [523828]
    ~ Files: 66 Legitimates Filtered in 00mn 26s

    ---\\ MountPoints2 Shell Key (O51)
    O51 - MPSK:{1650a969-ee77-11df-b5eb-00269ed2e7ab}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
    O51 - MPSK:{8f912866-d966-11e1-8aab-00269ed2e7ab}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
    O51 - MPSK:{8f912879-d966-11e1-8aab-00269ed2e7ab}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
    O51 - MPSK:{8f9128c1-d966-11e1-8aab-00269ed2e7ab}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
    O51 - MPSK:{9601c91a-2adb-11df-80d8-806e6f6e6963}\AutoRun\command. (.Electronic Arts Inc. - rungame MFC Application.) -- E:\RunGame.exe
    O51 - MPSK:{b3ae8ce4-3856-11df-8a32-00269ed2e7ab}\AutoRun\command. (...) -- F:\Startme.exe (.not file.)
    ~ Keys: Scanned in 00mn 04s

    ---\\ ShareTools MSconfig StartupReg (O53)
    O53 - SMSR:HKLM\...\startupreg\CANAL+ CANALSAT A LA DEMANDE [Key] . (.Canal+ - Lancer CANAL+ CANALSAT A LA DEMANDE.) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe
    O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (...) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (.not file.) =>Adware.SearchSettings
    ~ SMSR Keys: 12 Legitimates Filtered in 00mn 00s

    ---\\ Microsoft Windows Policies System (O55)
    O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
    O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
    ~ MWPS: 19 Legitimates Filtered in 00mn 00s

    ---\\ Microsoft Windows Policies Explorer (O56)
    O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
    ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

    ---\\ Liste des Drivers Système (O58)
    O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
    O58 - SDL:[MD5.6C572A50FB2BF1F70281FEB67188A486] - 22/11/2012 - 19:51:26 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [3831808]
    O58 - SDL:[MD5.DB30AA4DAA0D492FA5D7717D8181FFA1] - 02/09/2009 - 18:58:08 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\SysWOW64\drivers\RtsUStor.sys [225280]
    ~ Drivers: Scanned in 00mn 00s

    ---\\ Liste des outils de nettoyage (O63)
    O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
    ~ ADS: Scanned in 00mn 00s

    ---\\ File Associations Shell Spawning (O67)
    O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
    ~ FASS Keys: 19 Legitimates Filtered in 00mn 00s

    ---\\ Start Menu Internet (O68)
    O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    ~ Keys: Scanned in 00mn 00s

    ---\\ Search Browser Infection (O69)
    O69 - SBI: prefs.js [ian - xuh5i6ge.default] user_pref("extensions.crossrider.bic", "13eb826a7ce1dfa367b10b786ee57fa2"); =>PUP.CrossRider
    O69 - SBI: prefs.js [ian - xuh5i6ge.default] user_pref("extensions.helperbar.DockingPositionDown", false);
    O69 - SBI: prefs.js [ian - xuh5i6ge.default] user_pref("extensions.helperbar.Visibility", false);
    ~ Keys: Scanned in 00mn 00s

    ---\\ Recherche particuliere à la racine de certains dossiers (O84)
    [MD5.725091208040F56DC633C680E380BFB5] [SPRF][12/03/2010] (.Yahoo! Inc. - BrowserPlus Uninstaller.) -- C:\Users\ian\AppData\Local\Temp\bpuninstall.exe [411136]
    [MD5.6241A1403E4DB858B4D49785A32CF05E] [SPRF][29/06/2013] (...) -- C:\Users\ian\AppData\Local\Temp\chart_data.dat [20612]
    [MD5.C82AB54C276A1734876D911EC622A7C2] [SPRF][29/06/2013] (...) -- C:\Users\ian\AppData\Local\Temp\utt89A9.tmp.bat [53]
    [MD5.6BA2E75393D6791B01909F3E23C74A34] [SPRF][25/09/2009] (.Macrovision Corporation - Setup.exe.) -- C:\Users\ian\AppData\Local\Temp\_isE733.exe [453720]
    ~ Files: Scanned in 00mn 00s

    ---\\ Scan Additionnel (O88)
    Database Version : v2.12613 - (28/06/2013)
    Clés trouvées (Keys found) : 11
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 3
    Fichiers trouvés (Files found) : 0

    [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings] =>PUP.Dealio
    [HKCU\Software\SweetIM] =>PUP.SweetIM
    [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9] =>PUP.Dealio
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24] =>PUP.Dealio
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607] =>PUP.Dealio
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F] =>PUP.Dealio
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21] =>PUP.Dealio
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF] =>PUP.Dealio
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
    C:\ProgramData\Software =>Adware.Boxore
    C:\Users\ian\AppData\Local\Software =>Adware.Boxore
    C:\Users\ian\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit
    ~ Additionnel Scan: 380301 Items scanned in 00mn 46s

    ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    SS - | Demand 14/06/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    SR - | Auto 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
    SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    SR - | Auto 06/07/2010 188416 | (CanalPlus.VOD) . (.Canal+ Active.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
    SS - | Demand 25/02/2010 227896 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
    SS - | Auto 07/08/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    SS - | Demand 07/08/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    SR - | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    SS - | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
    SR - | Auto 346976 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
    SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    SR - | Auto 20/08/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    SS - | Auto 655712 | (Mobile Partner. RunOuc) . (...) - C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
    SS - | Demand 24/02/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    SR - | Auto 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    SR - | Auto 13/08/2009 240640 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
    SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
    SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
    SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
    ~ Services: Scanned in 00mn 01s

    ---\\ Malicius Software Information
    ~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
    ~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
    ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
    ~ MSI: Scanned in 00mn 01s

    ~ 1286 Legitimates filtered by white list
    End of the scan (460 lines in 03mn 54s)(0)
    0
    1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      bonjour, fais zhpfix et tu nous dira comment il va le pc !!

      tu fais zhpfix comme expliqué , tu prends le temps de lire la procédure avant de lancer , merci

      . Copie les lignes suivantes en GRAS




      SysRestore
      G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Désactivé)
      R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = https://search.safefinder.com/?q=
      O4 - HKLM\..\Wow6432Node\Run: [NortonOnlineBackupReminder] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PC Optimizer Pro64 startups.job [410]
      [MD5.00000000000000000000000000000000] [APT] [PC Optimizer Pro64 startups] (...) -- C:\Program Files\PC Optimizer Pro\StartApps.exe (.not file.) [0]
      [HKCU\Software\SweetIM]
      [HKLM\Software\Wow6432Node\SweetIM]
      O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (...) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (.not file.)
      O69 - SBI: prefs.js [ian - xuh5i6ge.default] user_pref("extensions.crossrider.bic", "13eb826a7ce1dfa367b10b786ee57fa2");
      O69 - SBI: prefs.js [ian - xuh5i6ge.default] user_pref("extensions.helperbar.DockingPositionDown", false);
      O69 - SBI: prefs.js [ian - xuh5i6ge.default] user_pref("extensions.helperbar.Visibility", false);
      [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings]
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9]
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24]
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607]
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F]
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21]
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF]
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]
      C:\ProgramData\Software
      C:\Users\ian\AppData\Local\Software
      FirewallRAZ
      EmptyCLSID
      EmptyTemp
      EmptyFlash




      . Lance ZHPFix de Nicolas Coolman qui se trouve sur ton bureau

      . double-clique sur ZHPFix accepte l'élévation des droits avec ok


      Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaître .

      si c'est pas le cas: Clique sur gauche sur l'icone du milieu (« coller le presse papier »)

      si le bouton go est pas présent Clique sur gauche sur l'icone du milieu (« coller le presse papier ») cela devrait le faire apparaître

      Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.



      !! Déconnecte toi, désactive tes défenses (anti-virus, anti-spyware ) et ferme bien toutes autres applications ( navigateurs compris ) !!



      . cliques sur GO confirmes le nettoyage !!

      Accepte la désinstallation des programmes si proposé, mais refuse le redémarrage de ton PC si également proposé, car cela stopperait ZHPFix.

      . Copie/colle la totalité du rapport dans ta prochaine réponse
      tu le trouveras dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport

      tuto si besoin merci saachaa !!
      0
  4. mgb35 Messages postés 32 Statut Membre 1
     
    Voila :
    Rapport de ZHPFix 2013.6.12.3 par Nicolas Coolman, Update du 12/06/2013
    Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-29-06-2013-19-05-16.txt
    Run by ian at 29/06/2013 19:05:15
    High Elevated Privileges : OK
    Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

    Corbeille vidée

    ========== Clé(s) du Registre ==========
    ABSENT Key: HKCU\Software\SweetIM
    ABSENT Key: HKLM\Software\Wow6432Node\SweetIM
    ABSENT Key: StartupReg: SearchSettings
    ABSENT Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
    ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC

    ========== Valeur(s) du Registre ==========
    ABSENT RunValue: NortonOnlineBackupReminder
    ABSENT Valeur Standard Profile: FirewallRaz :
    ABSENT Valeur Domain Profile: FirewallRaz :

    ========== Elément(s) de donnée du Registre ==========
    SUPPRIME R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant

    ========== Préférences navigateur ==========
    ABSENT Folder Chrome: jcdgjdiieiljkfkdcloehkohchhpekkn
    SUPPRIME Mozilla Pref: user_pref("extensions.crossrider.bic", "13eb826a7ce1dfa367b10b786ee57fa2");
    SUPPRIME Mozilla Pref: user_pref("extensions.helperbar.DockingPositionDown", false);
    SUPPRIME Mozilla Pref: user_pref("extensions.helperbar.Visibility", false);

    ========== Dossier(s) ==========
    Aucun dossiers CLSID Local utilisateur vide
    SUPPRIME Temporaires Windows
    SUPPRIME Flash Cookies

    ========== Fichier(s) ==========
    ABSENT File: c:\program files (x86)\symantec\norton online backup\activation\nobuactivation.exe
    ABSENT File: c:\windows\tasks\pc optimizer pro64 startups.job
    ABSENT Folder/File: c:\programdata\software
    ABSENT Folder/File: c:\users\ian\appdata\local\software
    SUPPRIME Temporaires Windows
    SUPPRIME Flash Cookies

    ========== Tache planifiée ==========
    ABSENT Task: PC Optimizer Pro64 startups

    ========== Restauration Système ==========
    Point de restauration du système créé avec succès

    ========== Récapitulatif ==========
    11 : Clé(s) du Registre
    3 : Valeur(s) du Registre
    1 : Elément(s) de donnée du Registre
    3 : Dossier(s)
    6 : Fichier(s)
    4 : Préférences navigateur
    1 : Tache planifiée
    1 : Restauration Système

    End of clean in 00mn 14s

    ========== Chemin de fichier rapport ==========
    C:\ZHP\ZHPFix[R1].txt - 29/06/2013 18:04:33 [3848]
    C:\ZHP\ZHPFix[R2].txt - 29/06/2013 19:05:16 [3209]
    0
    1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      bonjour, tu as fais 2 fois zhpfix en 1 heure et tu me poste le R2 et il donne en ABSENT pourrais tu me poster le R1 C:\ZHP\ZHPFix[R1].txt et puis dis nous comment va le pc et ton problème de départ !
      0