Problème virus, à l'aide !

Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention   -  
 Utilisateur anonyme -
Bonjour à tous,

Depuis quelques temps, j'ai des problèmes avec mon pc portable hp.
Tout d'abord, au démarrage, j'ai toujours un message d'erreur concernant recguard.exe, puis mon ordinateur est très lent, et c'est pratiquement impossible de lire une vidéo.

J'ai fait des scans avast (mon anti virus ), ccleaner, adwcleaner, malwarebytes, et même tune up. Grâce à tous ça, j'ai éliminé pas mal de chose, mon ordi rame moins, mais c'est pas revenu à la normal tout de même.

Je ne sais pas quoi faire d'autre ( je n'ai pas beaucoup de connaissance en informatique ) , est ce que quelqu'un peut m'aider, svp ?

52 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Un PC portable HP présente au démarrage un message d'erreur recguard.exe et une lenteur générale empêchant la lecture des vidéos, malgré des scans Avast, CCleaner, AdwCleaner, Malwarebytes et TuneUp qui ont réduit l’ampleur du ralentissement. Divers éléments évoquent une DLL manquante, BaseImg.dll, associée à l’erreur recguard.exe, et décrivent des tentatives de récupération via le cache Windows ou téléchargement sans succès. En parallèle, des procédures plus techniques suggèrent ZHPDiag et Malwarebytes avec Analyse des menaces, puis l’examen des rapports OTL et Fixlog pour identifier les infections et les éléments persistants. Enfin, des messages de mémoire virtuelle insuffisante et des retards de démarrage persistent, et certaines réponses suggèrent d’évaluer les paramètres mémoire et le navigateur pour éliminer une cause logicielle secondaire.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention  
     
    Je viens de faire un ZHPDiag, je joins :

    ~ Rapport de ZHPDiag v2014.6.25.98 - Nicolas Coolman (25/06/2014)
    ~ Lancé par KIAVU02 (07/08/2014 17:06:50)
    ~ Adresse du Site Web https://nicolascoolman.eu
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Nouvelle version disponible
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Not Found

    ---\\ Navigateurs Internet
    MSIE: Internet Explorer v7.0.5730.13 (Defaut)
    MFIE: Mozilla Firefox 30.0
    GCIE: Google Chrome v36.0.1985.125

    ---\\ Informations sur les produits Windows
    ~ Langage: Français
    Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
    Windows Automatic Updates : OK
    Windows Genuine Advantage : OK

    ---\\ Logiciels de protection du système
    avast! Free Antivirus v8.0.1489.0
    Malwarebytes Anti-Malware version 2.0.2.1012

    ---\\ Logiciels d'optimisation du système
    CCleaner v4.15

    ---\\ Logiciels de partage PeerToPeer

    ---\\ Surveillance de Logiciels
    Adobe Flash Player 11 Plugin
    Java 7 Update 65

    ---\\ Informations sur le système
    ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 1015 MB (72% free)
    System Restore: Activé (Enable)
    System drive C: has 56 GB (55%) free of 101 GB

    ---\\ Mode de connexion au système
    ~ Computer Name: PORT2
    ~ User Name: KIAVU02
    ~ All Users Names: SUPPORT_388945a0, KIAVU02, HelpAssistant, Administrateur,
    ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
    Logged in as Administrator

    ---\\ Variables d'environnement
    ~ System Unit : C:\
    ~ %AppZHP% : C:\Documents and Settings\KIAVU02\Application Data\ZHP\
    ~ %AppData% : C:\Documents and Settings\KIAVU02\Application Data\
    ~ %Desktop% : C:\Documents and Settings\KIAVU02\Bureau\
    ~ %Favorites% : C:\Documents and Settings\KIAVU02\Favoris\
    ~ %LocalAppData% : C:\Documents and Settings\KIAVU02\Local Settings\Application Data\
    ~ %StartMenu% : C:\Documents and Settings\KIAVU02\Menu Démarrer\
    ~ %Windir% : C:\WINDOWS\
    ~ %System% : C:\WINDOWS\system32\

    ---\\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 56 Go of 101 Go)
    D: CD-ROM drive (Not Inserted)
    E: Hard drive, Flash drive, Thumb drive (Free 11 Go of 11 Go)

    ---\\ Etat du Centre de Sécurité Windows
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
    ~ Security Center: 42 Legitimates Filtered in 00mn 00s

    ---\\ Recherche particulière de fichiers génériques
    [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 03:34:03.) -- C:\WINDOWS\Explorer.exe [1037824]
    [MD5.5FEBA0BF0D4953384BD1692C8BB762E6] - (.Microsoft Corporation - Internet Extensions for Win32.) (.19/12/2011 - 09:08:30.) -- C:\WINDOWS\system32\wininet.dll [832512]
    [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 03:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
    [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
    [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 19:40:30.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
    [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/04/2008 - 20:14:21.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
    [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/04/2008 - 19:40:46.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
    [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 02:57:38.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
    [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 17:36:05.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
    [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 03:00:52.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
    [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.13/04/2008 - 19:40:58.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
    [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.13/04/2008 - 19:57:15.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
    [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.13/04/2008 - 20:19:42.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
    [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
    [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.13/04/2008 - 20:21:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
    [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.13/04/2008 - 20:15:53.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
    [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 03:09:40.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
    [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/04/2008 - 20:19:43.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
    [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 19:32:51.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
    [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.14/04/2008 - 02:57:34.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
    [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 02:56:04.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
    ~ Generic Processes: Scanned in 00mn 00s

    ---\\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/21
    ~ Mes musiques (My Musics) : 1/2
    ~ Mes Favoris (My Favorites) : 1/21
    ~ Mes Documents (My Documents) : 2/1694
    ~ Mon Bureau (My Desktop) : 0/22
    ~ Menu demarrer (Programs) : 1/25
    ~ Hidden Files: Scanned in 00mn 04s

    ---\\ Processus lancés
    [MD5.FAC83C27D09DA59E9687B33BC100CF67] - (.SafeBoot International - Drive Encryption for HP ProtectTools Servic.) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [221184] [PID.1480]
    [MD5.0ECE2B1910527AE85691151D56621891] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [266295] [PID.1644]
    [MD5.28D6701C710AD7BA3CB95E75F8F1A9AA] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808] [PID.1908]
    [MD5.213822072085B5BBAD9AF30AB577D817] - (.InterVideo - RegMgr Module.) -- C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe [112152] [PID.1024]
    [MD5.A980296E1EC9921356F0D8AD06A6EF9C] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.1036]
    [MD5.31D8B705DCD5F2366186E731F87C7A71] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [75304] [PID.1196]
    [MD5.B6D347C26F861DDD4AD4863F5A1596B9] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [540448] [PID.1784]
    [MD5.E4D20625DBD37ADEE96383B1B010EDA0] - (.Microsoft Corporation - Message Queuing Service.) -- C:\WINDOWS\system32\mqsvc.exe [4608] [PID.300]
    [MD5.F8968C9778F25A90A35755C3C97C7F62] - (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [144688] [PID.480]
    [MD5.9D33A0FFF7798747F9C98A75912C0042] - (.Microsoft Corporation - Windows NT MSMQ Trigger Service.) -- C:\WINDOWS\system32\mqtgsvc.exe [117248] [PID.2276]
    [MD5.3F91D1056D2CEBEF374BE0E55428190A] - (.Cognizance Corporation - Global Virtual Card Host.) -- C:\Program Files\Hewlett-Packard\IAM\bin\asghost.exe [65536] [PID.1052]
    [MD5.450497C656D16B45EE9D121D64D3289F] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [827392] [PID.3056]
    [MD5.15D0C090E4223C68CC2DAF471584F4A8] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [872448] [PID.3348]
    [MD5.023E3E343A8BCACD4F666B1DCFE670E0] - (.Pas de propriétaire - Scheduler.) -- C:\WINDOWS\SMINST\Scheduler.exe [697976] [PID.3584]
    [MD5.0C2E780785B2E0CF09B439E874C50990] - (.Hewlett-Packard Development Company, L.P. - HP ProtectTools Security Manager.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.exe [145184] [PID.3660]
    [MD5.F64E95CE6438CE4B3413026CCB7AE194] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [138008] [PID.3712]
    [MD5.189143A3943760112DE09B584DD7ED81] - (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files\PDF Complete\pdfsty.exe [331552] [PID.3884]
    [MD5.33D4FD2EB74538ED0F3F2E7D4E089FF0] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [138008] [PID.3972]
    [MD5.7EF35FE7D40E3C5AA2373DFD994E8F0D] - (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe [162584] [PID.4044]
    [MD5.21293443961A4E2597453EE7A9347F22] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [54840] [PID.1592]
    [MD5.3F11B20D12D89365D7721BDC860CE5F0] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968] [PID.280]
    [MD5.1DE859B82E381A645C44284A5044BC33] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [256896] [PID.1056]
    [MD5.9B6414517444980F2ECAD8FA5F66E162] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe [484904] [PID.2252]
    [MD5.11EDB1E847C271B97657CE77D2AD9D7A] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\system32\igfxsrvc.exe [252696] [PID.3516]
    [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.4000]
    [MD5.5CCD80006B12D3B10348B37011859770] - (.Glarysoft Ltd - Glary Utilities 5.) -- C:\Program Files\Glary Utilities 5\Integrator.exe [793376] [PID.3252]
    [MD5.C22109DF306064F8254217B76AB88998] - (.Oracle Corporation - Java(TM) Update Checker.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe [511872] [PID.2956]
    [MD5.1F62DCBF33A67CAA5E68ADECBB25C3C7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8071680] [PID.3112]
    ~ Processes Running: Scanned in 00mn 05s

    ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
    G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé)
    G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
    G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
    G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

    ---\\ Liste des dossiers d'extension Google Chrome
    ~ Google Lines Browser: 11 Legitimates Filtered in 00mn 01s

    ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:\Documents and Settings\KIAVU02\Application Data\Mozilla\Firefox\Profiles\bqrz0iwr.default\prefs.js
    C:\Documents and Settings\KIAVU02\Application Data\Mozilla\Firefox\Profiles\bqrz0iwr.default\user.js
    ~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww25.allssearch.com/ =>Adware.SocialSkinz
    R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
    ~ IE Browser: 11 Legitimates Filtered in 00mn 00s

    ---\\ Internet Explorer, Proxy Management (R5)
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
    F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
    F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
    F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
    ~ Keys: Scanned in 00mn 00s

    ---\\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 20

    ---\\ Internet Explorer Toolbars (O3)
    O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{F2CF5485-4E02-4F68-819C-B92DE9277049} Clé orpheline
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
    O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    ---\\ Applications lancées au démarrage du système (O4)
    O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] . (.Analog Devices, Inc. - Audio Control Panel.) -- C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    O4 - HKLM\..\Run: [Scheduler] . (.Pas de propriétaire - Scheduler.) -- C:\WINDOWS\SMINST\Scheduler.exe
    O4 - HKLM\..\Run: [QlbCtrl] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
    O4 - HKLM\..\Run: [PTHOSTTR] . (.Hewlett-Packard Development Company, L.P. - HP ProtectTools Security Manager.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.exe
    O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files\PDF Complete\pdfsty.exe =>.PDF Complete Inc
    O4 - HKLM\..\Run: [MsmqIntCert] Clé orpheline
    O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Cpqset] . (...) -- C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
    O4 - HKLM\..\Run: [CognizanceTS] . (.Cognizance Corporation - Terminal Services Virtual Channel Client.) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll
    O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
    O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
    O4 - HKLM\..\Run: [WatchDog] . (.InterVideo Inc. - DVDCheck Application.) -- C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
    O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
    O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
    O4 - HKUS\S-1-5-21-1539749069-2811952864-2798303929-1005\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    O4 - HKUS\S-1-5-21-1539749069-2811952864-2798303929-1005\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-21-1539749069-2811952864-2798303929-1005\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Google\Update\GoogleUpdate.exe =>.Google Inc
    O4 - HKUS\S-1-5-21-1539749069-2811952864-2798303929-1005\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files\Glary Utilities 5\StartupManager.exe
    ~ Application: Scanned in 00mn 01s

    ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
    ~ IE Extra Buttons: Scanned in 00mn 00s

    ---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
    O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://www.hp.com
    ~ IE Paramètres WEB: Scanned in 00mn 00s

    ---\\ Objets ActiveX (Downloaded Program Files)(O16)
    O16 - DPF: {2C8A837B-143F-4F3C-80E4-FDF025E8421E} ((no name)) - http://192.168.1.171/OCXEDITIONSCAISSE.cab
    O16 - DPF: {36731ACA-A8CD-4727-835F-BB4C14801260} ((no name)) - http://192.168.1.171/OCXTICKET.cab
    O16 - DPF: {39B4085B-9645-4C7A-BC87-9FCA87B2C3AD} ((no name)) - http://192.168.1.171/OCXETIQUETTES.cab
    O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} ((no name)) - http://ua.foto.com/ImageUploader6.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1207207000042
    O16 - DPF: {6A3F4AA4-B157-4AE7-930C-8C71AC35F80B} ((no name)) - http://192.168.1.171/FICHECLIENT.cab
    O16 - DPF: {6FB5F96F-CD47-4C91-9168-6B3F69C4E00F} ((no name)) - http://192.168.1.171/PARAM.cab
    O16 - DPF: {8EF96D47-7B14-4FA3-87E5-228D5D1DE1B7} ((no name)) - http://192.168.1.171/OCXSUIVI.cab
    O16 - DPF: {C2279994-71D7-41BA-BBBD-8FD5D3B117EB} ((no name)) - http://192.168.1.10/OCXEDITIONSCA.cab
    O16 - DPF: {C408970D-1DDF-410F-85B7-35687A3798FA} ((no name)) - http://192.168.1.171/OCXEDITIONS.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} ((no name)) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
    O16 - DPF: {FDEECFB9-424E-4E87-B2C5-FE4C1854FAD4} ((no name)) - http://192.168.1.171/FICHECAISSE.cab
    ~ Objets ActiveX: Scanned in 00mn 00s

    ---\\ Modification Domaine/Adresses DNS (O17)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5AE71619-18B7-4EE0-9E0B-81527A6F1FD7}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{5AE71619-18B7-4EE0-9E0B-81527A6F1FD7}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CS2\Services\Tcpip\..\{5AE71619-18B7-4EE0-9E0B-81527A6F1FD7}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS3\Services\Tcpip\..\{5AE71619-18B7-4EE0-9E0B-81527A6F1FD7}: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    ---\\ Protocole additionnel (O18)
    O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation
    O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
    ~ Protocole Additionnel: Scanned in 00mn 00s

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
    O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
    O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
    O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
    O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\WINDOWS\system32\igfxdev.dll
    O20 - Winlogon Notify: OneCard . (.Cognizance Corporation - Winlogon notification handler.) -- C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
    O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
    O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
    O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
    O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
    ~ Winlogon: Scanned in 00mn 00s

    ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 - AppInit_DLLs: . (.Bioscrypt Inc. - Application Protection Hook.) - C:\WINDOWS\system32\APSHook.dll
    ~ AppInit DLL: Scanned in 00mn 00s

    ---\\ Enumération Active Desktop & MHTML Editor (O24)
    O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
    ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

    ---\\ Enumère les données de BootExecute (BEX) (O34)
    O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
    O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
    ~ BEX: 2 Legitimates Filtered in 00mn 00s

    ---\\ Tâches planifiées en automatique (O39)
    O39 - APT: - (..) -- C:\WINDOWS\Tasks\defrag c.job [286]
    ~ Scheduled Task: 16 Legitimates Filtered in 00mn 00s

    ---\\ HKCU & HKLM Software Keys
    [HKCU\Software\LanConfig] =>Adware.Navipromo
    [HKCU\Software\ParetoLogic] =>PUP.Paretologic
    [HKCU\Software\YahooPartnerToolbar]
    [HKLM\Software\ParetoLogic] =>PUP.Paretologic
    ~ Key Software: 224 Legitimates Filtered in 00mn 00s

    ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 - CFD: 23/07/2014 - 13:24:26 - [] ----D C:\Documents and Settings\All Users\Application Data\ParetoLogic =>PUP.Paretologic
    O43 - CFD: 23/07/2014 - 17:24:24 - [0] -SH-D C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
    O43 - CFD: 23/07/2014 - 12:47:41 - [] ----D C:\Documents and Settings\KIAVU02\Application Data\ParetoLogic =>PUP.Paretologic
    ~ Program Folder: 130 Legitimates Filtered in 00mn 01s

    ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 - LFC:[MD5.8D6BCA441D42A34E68725812036FCF37] - 24/07/2014 - 14:32:41 ---A- . (...) -- C:\Ciam_LogFile.log [2530]
    O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 30/07/2014 - 17:38:54 ---A- . (...) -- C:\WINDOWS\system.ini [227]
    O44 - LFC:[MD5.36E6982DA5407AC591EA0BF99443F1AE] - 30/07/2014 - 17:38:54 ---A- . (...) -- C:\WINDOWS\win.ini [491]
    ~ Files: 19 Legitimates Filtered in 00mn 16s

    ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
    O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
    ~ ShellExecuteHooks: Scanned in 00mn 00s

    ---\\ Déni du service (Local Security Authority) (O48)
    O48 - LSA:Local Security Authority Notification Packages . (...) -- C:\WINDOWS\system32\SbHpNp.dll
    ~ LSA: 8 Legitimates Filtered in 00mn 00s

    ---\\ Image File Execution Options (IFEO) (O50)
    O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
    ~ IFEO: Scanned in 00mn 00s

    ---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
    O53 - SMSR:HKLM\...\startupreg\Recguard [Key] . (.Pas de propriétaire - Recguard Application.) -- C:\WINDOWS\Sminst\Recguard.exe
    ~ SMSR Keys: 1 Legitimates Filtered in 00mn 00s

    ---\\ Liste des pilotes du système (SDL) (O58)
    O58 - SDL:09/01/2007 - 16:50:24 ---A- . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\WINDOWS\system32\Drivers\ADIHdAud.sys [288768]
    O58 - SDL:09/05/2013 - 09:59:10 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49376] =>.ALWIL Software
    O58 - SDL:11/07/2013 - 16:39:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSnx.sys.sum [175]
    O58 - SDL:11/07/2013 - 16:39:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswSP.sys.sum [175]
    O58 - SDL:11/07/2013 - 16:39:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [175176] =>.ALWIL Software
    O58 - SDL:11/07/2013 - 16:39:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys.sum [175] =>.ALWIL Software
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
    O58 - SDL:13/04/2008 - 17:36:05 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
    O58 - SDL:07/01/2005 - 17:07:16 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Function Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\Hdaudio.sys [145920]
    O58 - SDL:03/08/2004 - 21:41:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlmnt5.sys [126686]
    O58 - SDL:03/08/2004 - 21:41:38 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlstrm.sys [1309184]
    O58 - SDL:03/08/2004 - 21:29:38 ----- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\Drivers\mtxparhm.sys [452736]
    O58 - SDL:03/08/2004 - 21:41:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\ntmtlfax.sys [180360]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
    O58 - SDL:03/08/2004 - 21:41:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\recagent.sys [13776]
    O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\SafeBoot.sys [100095]
    O58 - SDL:09/10/2006 - 13:31:46 ---A- . (.SafeBoot N.V. - SafeBoot FIPS AES Algorithm (256 bit).) -- C:\WINDOWS\system32\Drivers\SbAlg.sys [44720]
    O58 - SDL:03/08/2004 - 21:41:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnt7554.sys [129535]
    O58 - SDL:03/08/2004 - 21:41:44 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slntamr.sys [404990]
    O58 - SDL:03/08/2004 - 21:41:46 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnthal.sys [95424]
    O58 - SDL:03/08/2004 - 21:41:46 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slwdmsup.sys [13240]
    O58 - SDL:23/08/2001 - 17:21:42 ---A- . (.SMC - Pilote de périphérique infrarouge SMC IrCC NDIS 5.0 IrDA FIR.) -- C:\WINDOWS\system32\Drivers\smcirda.sys [36937]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
    O58 - SDL:26/06/2004 - 14:22:00 ---A- . (.RDV Soft - VNC Communication.) -- C:\WINDOWS\system32\Drivers\vnccom.SYS [6016]
    O58 - SDL:26/06/2004 - 14:22:00 ---A- . (.RDV Soft - Ultravnc Mirror Driver.) -- C:\WINDOWS\system32\Drivers\vncdrv.sys [4736]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
    O58 - SDL:05/08/2004 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
    ~ Drivers: 124 Legitimates Filtered in 00mn 05s

    ---\\ Liste des outils de désinfection (LATC) (O63)
    O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    ---\\ Liste les services legacy du registre (LALS) (O64)
    O64 - Services: CurCS - 09/05/2013 - C:\WINDOWS\system32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
    O64 - Services: CurCS - 22/04/2007 - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (HpFkCryptService) .(.SafeBoot International - Drive Encryption for HP ProtectTools Servic.) - LEGACY_HPFKCRYPTSERVICE
    ~ Legacy: 152 Legitimates Filtered in 00mn 00s

    ---\\ Associations Shell Spawning (O67)
    O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.)
    ~ FASS Keys: 10 Legitimates Filtered in 00mn 00s

    ---\\ Menu de démarrage Internet (SMI) (O68)
    O68 - StartMenuInternet: <chrome.exe> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
    O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
    ~ Keys: Scanned in 00mn 00s

    ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
    O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
    O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
    ~ Keys: Scanned in 00mn 00s

    ---\\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.5DCD085AD9EDD8B0BD097E3D5748B532] [SPRF][09/08/2007] (...) -- C:\WINDOWS\Downloaded Program Files\LMIProxyHelper.exe [71248]
    [MD5.7E66721241EE1A09D03D49CBA349050A] [SPRF][17/01/2008] (...) -- C:\WINDOWS\Downloaded Program Files\RACtrl.dll [2745672]
    ~ Files: 7 Legitimates Filtered in 00mn 00s

    ---\\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 - PUC: "A6A9B7407E12FC548852A060E1FEB932" . (.SweetIM Toolbar for Internet Explorer 4.3.) -- C:\WINDOWS\Installer\{047B9A6A-21E7-45CF-8825-0A061EEF9B23}\ARPPRODUCTICON.exe =>PUP.SweetIM
    O90 - PUC: "F479A18A22A86E3429341589FF57D81A" . (.SweetIM for Messenger 3.6.) -- C:\WINDOWS\Installer\{A81A974F-8A22-43E6-9243-5198FF758DA1}\ARPPRODUCTICON.exe =>PUP.SweetIM
    ~ Update Products: 2 Legitimates Filtered in 00mn 00s

    ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
    SS - | Auto 03/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SS - | Demand 03/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
    SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    SS - | Demand 06/06/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    SS - | Demand 06/11/2006 887544 | (RoxMediaDB9) . (.Sonic Solutions.) - c:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    SS - | Demand 01/11/2006 73728 | (stllssvr) . (.MicroVision Development, Inc..) - c:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
    SR - | Auto 14/04/2008 14336 | C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (ASBroker) . (.Cognizance Corporation.) - C:\WINDOWS\system32\svchost.exe
    SR - | Auto 14/04/2008 14336 | C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll (ASChannel) . (.Cognizance Corporation.) - C:\WINDOWS\system32\svchost.exe
    SR - | Auto 09/05/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    SR - | Auto 06/02/2007 266295 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    SR - | Auto 22/04/2007 221184 | (HpFkCryptService) . (.SafeBoot International.) - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    SR - | Auto 05/12/2007 144688 | (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    SR - | Auto 04/01/2007 112152 | (IviRegMgr) . (.InterVideo.) - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
    SR - | Auto 11/07/2014 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
    SR - | Auto 19/04/2007 75304 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    SR - | Auto 08/05/2007 540448 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files\PDF Complete\pdfsvc.exe
    SR - | Auto 14/04/2008 14336 | C:\WINDOWS\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\WINDOWS\system32\svchost.exe
    ~ Services: Scanned in 00mn 16s

    ---\\ Scan Additionnel (O88)
    Database Version : 13026 - (25/06/2014)
    Clés trouvées (Keys found) : 75
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 2
    Fichiers trouvés (Files found) : 0

    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
    [HKLM\Software\Classes\Installer\Features\A6A9B7407E12FC548852A060E1FEB932] =>PUP.SweetIM
    [HKLM\Software\Classes\Installer\Products\A6A9B7407E12FC548852A060E1FEB932] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6A9B7407E12FC548852A060E1FEB932] =>PUP.SweetIM
    [HKLM\Software\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
    [HKLM\Software\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
    [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>Toolbar.Wajam
    [HKCU\Software\LanConfig] =>Adware.Navipromo
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{047B9A6A-21E7-45CF-8825-0A061EEF9B23}] =>PUP.SweetIM
    [HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
    [HKCU\Software\ParetoLogic] =>PUP.Paretologic
    [HKLM\Software\ParetoLogic] =>PUP.Paretologic
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
    C:\Documents and Settings\All Users\Application Data\ParetoLogic =>PUP.Paretologic^
    C:\Documents and Settings\KIAVU02\Application Data\ParetoLogic =>PUP.Paretologic^
    ~ Additionnel Scan: 254668 Items scanned in 00mn 59s

    ---\\ Informations complémentaires sur les modules
    ~ https://nicolascoolman.eu =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    ~ https://nicolascoolman.eu =>.Internet Explorer, Proxy Management (R5)
    ~ https://nicolascoolman.eu =>.Internet Explorer Toolbars (O3)
    ~ https://nicolascoolman.eu =>.Applications lancées au démarrage du système (O4)
    ~ https://nicolascoolman.eu =>.Image File Execution Options (IFEO) (O50)
    ~ AMI: 5 Legitimates Filtered in 00mn 00s

    ---\\ Récapitulatif des détections trouvées sur votre station
    https://nicolascoolman.eu =>Adware.SocialSkinz
    http://nicolascoolman.fr/27191871-adware-navipromo =>Adware.Navipromo
    http://nicolascoolman.fr/30068076-pup-paretologic =>PUP.Paretologic
    https://nicolascoolman.eu =>PUP.SweetIM
    https://nicolascoolman.eu =>PUP.Babylon
    ~ MSI: 5 link(s) detected in 00mn 00s

    ~ 796 Legitimates filtered by white list
    End of the scan (608 lines in 02mn 26s)(0)
    0
  2. Utilisateur anonyme
     
    Salut,

    Post moi le rapport d'adwcleaner . (Un double du rapport ce trouve => C:\AdwCleaner\AdwCleaner[S0].txt)

    - Copie les lignes qui sont dans le lien ci-dessous:

    https://textup.fr/101277TU

    - Ouvre ZHPfix, (icône seringue)

    Note: Pour les utilisateurs de Vista/Seven/8, cliquer droit sur l'icône et "Exécuter en tant qu'administrateur",

    - Clique sur Importer, puis colle les lignes dans la partie prévue pour,

    - Clique sur Go.

    - Clique sur Oui pour confirmer le nettoyage des données et celui de la corbeille.

    - Héberge le rapport ZHPFix.txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

    Aide : Comment utiliser Cjoint ?

    P.S. Si le bureau disparaît, fais Ctrl + Alt + Suppr afin d'ouvrir le gestionnaire des tâches puis dans Applications, clique sur Nouvelle tâche puis tape explorer.exe. Le bureau devrait normalement réapparaître.

    /!\ Attention, ta corbeille va être vidée. Vérifie qu'il n'y ait aucun fichier supprimé par mégarde à l'intérieur. /!\
    0
  3. Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention  
     
    Voila le rapport adwcleaner

    # AdwCleaner v1.609 - Rapport créé le 23/07/2014 à 13:13:10
    # Mis à jour le 10/06/2012 par Xplode
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
    # Nom d'utilisateur : KIAVU02 - PORT2
    # Exécuté depuis : C:\Documents and Settings\KIAVU02\Mes documents\Téléchargements\adwcleaner.exe
    # Option [Recherche]

    ***** [Services] *****

    ***** [Fichiers / Dossiers] *****

    ***** [Registre] *****

    Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A81A974F-8A22-43E6-9243-5198FF758DA1}

    ***** [Registre - GUID] *****

    ***** [Navigateurs] *****

    -\\ Internet Explorer v7.0.5730.13

    [OK] Le registre ne contient aucune entrée illégitime.

    -\\ Mozilla Firefox v30.0 (fr)

    Nom du profil : default
    Fichier : C:\Documents and Settings\KIAVU02\Application Data\Mozilla\Firefox\Profiles\bqrz0iwr.default\prefs.js

    [OK] Le fichier ne contient aucune entrée illégitime.

    -\\ Google Chrome v36.0.1985.125

    Fichier : C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

    [OK] Le fichier ne contient aucune entrée illégitime.
    0
  4. Utilisateur anonyme
     
    Re,

    Le rapport date de matusalem :)

    AdwCleaner v1.609

    Bon on va reprendre :

    - Télécharge DelFix sur ton bureau.

    - Lance le,

    Note: Pour les utilisateurs de Vista/Seven/8, cliquer droit sur l'icône et "Exécuter en tant qu'administrateur",

    - Coche la case "Suppression des outils ...".

    - Patiente pendant le scan jusqu'à l'ouverture du rapport.

    - Héberge le rapport DelFixSuppr.txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

    Aide : Comment utiliser Cjoint ?

    Note : Le rapport se trouve également sous C:\DelFixSuppr.txt
    ________________________________________________________
    - Télécharge OTL sur ton bureau.

    - Fais un double clic sur l'icône pour le lancer.

    Vérifie que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.

    - Quand la fenêtre apparaît, coche la case "Tous les utilisateurs"

    - Sous Processus, Modules, Services, Pilotes, Registre: standard, Registre: approfondi coche "Tous".

    - Coche également les cases "Recherche Lop" et "Recherche Purity".

    - Dans la partie Personnalisation, colle ceci :


    HKCU\Software
    HKCU\Software\AppDataLow /s
    HKLM\Software
    HKCU\Software\Microsoft\Command Processor /s
    HKLM\Software\Microsoft\Command Processor /s
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunMRU /s
    HKLM\System\CurrentControlSet\Control\Session Manager\AppcertDlls /s
    %Homedrive%\*
    %Homedrive%\*.
    %Homedrive%\Recycler\*.exe /s
    %Homedrive%\Recycler\*.scr /s
    %Homedrive%\Recycler\*.pif /s
    %Homedrive%\Recycler\*.vb* /s
    %Homedrive%\$Recycle.bin\*.exe /s
    %Homedrive%\$Recycle.bin\*.scr /s
    %Homedrive%\$Recycle.bin\*.pif /s
    %Homedrive%\$Recycle.bin\*.vb* /s
    %Userprofile%\*
    %Userprofile%\*.
    %Allusersprofile%\*
    %Allusersprofile%\*.
    %LocalAppData%\*
    %LocalAppData%\*.
    %Userprofile%\Local Settings\*
    %Userprofile%\Local Settings\*.
    %Userprofile%\Local Settings\Application Data\*
    %Userprofile%\Local Settings\Application Data\*.
    %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*
    %Userprofile%\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*.
    %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*
    %Userprofile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\*.
    %programFiles%\*
    %programFiles%\*.
    %programfiles%\Google\Desktop\*.
    %ProgramFiles%\Common Files\*.
    %ProgramFiles(X86)%\Common Files\*.
    %Systemroot%\Installer\*.
    %Systemroot%\Temp\*.exe /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\system32\*.in*
    %systemroot%\PSS\* /s
    %systemroot%\Tasks\*
    %systemroot%\Tasks\*.
    %systemroot%\system32\Tasks\*
    %systemroot%\system32\Tasks\*.
    %systemroot%\syswow64\Tasks\*
    %systemroot%\syswow64\Tasks\*.
    %systemroot%\system32\drivers\*.sy* /lockedfiles
    %systemroot%\system32\config\*.exe /s
    %Systemroot%\ServiceProfiles\*.exe /s
    %systemroot%\system32\*.sys
    dir %Homedrive%\* /S /A:L /C
    msconfig
    activex
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    volsnap.sys
    atapi.sys
    ndis.sys
    cdrom.sys
    i8042prt.sys
    iastor.sys
    tdx.sys
    netbt.sys
    afd.sys
    /md5stop
    netsvcs
    safebootminimal
    safebootnetwork
    CREATERESTOREPOINT



    - Clique sur le bouton Analyse. L'analyse ne va pas durer longtemps.

    - Quand l'analyse est terminée, deux fenêtres du Bloc-notes vont s'ouvrir. >OTL.Txt et Extras.Txt. Ces fichiers sont sauvegardés au même endroit que OTL.

    - Héberge les rapports OTL.Txt et Extras.Txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

    Aide :

    - Comment utiliser Cjoint ?

    - Tutoriel OTL
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention  
     
    voici le rapport:

    Rapport de ZHPFix 2014.4.13.3 par Nicolas Coolman, Update du 13/04/2014
    Fichier d'export Registre :
    Run by KIAVU02 at 07/08/2014 18:27:56
    High Elevated Privileges : OK
    Windows XP Professional Service Pack 3 (Build 2600)

    Corbeille vidée (00mn 03s)
    Dossier Prefetcher vidé

    ========== Clés du Registre ==========
    SUPPRIMÉ: HKCU\Software\LanConfig
    SUPPRIMÉ: HKCU\Software\ParetoLogic
    SUPPRIMÉ: HKLM\Software\ParetoLogic
    SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\A6A9B7407E12FC548852A060E1FEB932]
    SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\A6A9B7407E12FC548852A060E1FEB932]
    SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\F479A18A22A86E3429341589FF57D81A]
    SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A]
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6A9B7407E12FC548852A060E1FEB932
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{047B9A6A-21E7-45CF-8825-0A061EEF9B23}
    SUPPRIMÉ: HKLM\Software\Classes\Prod.cap
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
    SUPPRIMÉ: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
    SUPPRIMÉ: CLSID DPF: {2C8A837B-143F-4F3C-80E4-FDF025E8421E}
    SUPPRIMÉ: [HKLM\SOFTWARE\Classes\CLSID\{2C8A837B-143F-4F3C-80E4-FDF025E8421E}]
    SUPPRIMÉ: CLSID DPF: {36731ACA-A8CD-4727-835F-BB4C14801260}
    SUPPRIMÉ: [HKLM\SOFTWARE\Classes\CLSID\{36731ACA-A8CD-4727-835F-BB4C14801260}]
    SUPPRIMÉ: CLSID DPF: {39B4085B-9645-4C7A-BC87-9FCA87B2C3AD}
    SUPPRIMÉ: [HKLM\SOFTWARE\Classes\CLSID\{39B4085B-9645-4C7A-BC87-9FCA87B2C3AD}]
    SUPPRIMÉ: CLSID DPF: {6A3F4AA4-B157-4AE7-930C-8C71AC35F80B}
    SUPPRIMÉ: [HKLM\SOFTWARE\Classes\CLSID\{6A3F4AA4-B157-4AE7-930C-8C71AC35F80B}]
    SUPPRIMÉ: CLSID DPF: {6FB5F96F-CD47-4C91-9168-6B3F69C4E00F}
    0
  7. Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention  
     
    voici :

    # DelFix v10.8 - Rapport créé le 07/08/2014 à 18:32:24
    # Mis à jour le 29/07/2014 par Xplode
    # Nom d'utilisateur : KIAVU02 - PORT2
    # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)

    ~ Suppression des outils de désinfection ...

    Supprimé : C:\Documents and Settings\KIAVU02\Application Data\ZHP
    Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
    Supprimé : C:\Program Files\ZHPDiag
    Supprimé : C:\AdwCleaner[R1].txt
    Supprimé : C:\AdwCleaner[R2].txt
    Supprimé : C:\AdwCleaner[R3].txt
    Supprimé : C:\AdwCleaner[R4].txt
    Supprimé : C:\AdwCleaner[R5].txt
    Supprimé : C:\AdwCleaner[S1].txt
    Supprimé : C:\AdwCleaner[S2].txt
    Supprimé : C:\AdwCleaner[S3].txt
    Supprimé : C:\AdwCleaner[S4].txt
    Supprimé : C:\AdwCleaner[S5].txt
    Supprimé : C:\AdwCleaner[S6].txt
    Supprimé : C:\Documents and Settings\KIAVU02\Bureau\adwcleaner.lnk
    Supprimé : C:\Documents and Settings\KIAVU02\Bureau\ZHPDiag.lnk
    Supprimé : C:\Documents and Settings\KIAVU02\Bureau\ZHPDiag.txt
    Supprimé : C:\Documents and Settings\KIAVU02\Bureau\ZHPFix.lnk
    Supprimé : C:\Documents and Settings\KIAVU02\Bureau\ZHPFixReport.txt
    Supprimé : C:\Documents and Settings\KIAVU02\Mes documents\Téléchargements\adwcleaner.exe
    Supprimé : C:\Documents and Settings\KIAVU02\Mes documents\Downloads\ZHPDiag2.exe
    Supprimée : HKLM\SOFTWARE\AdwCleaner
    Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

    ########## - EOF - ##########
    0
  8. Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention  
     
    voici de nouveau :

    OTL logfile created on: 07/08/2014 18:34:51 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\KIAVU02\Mes documents\Downloads
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1015,23 Mb Total Physical Memory | 388,75 Mb Available Physical Memory | 38,29% Memory free
    2,70 Gb Paging File | 2,04 Gb Available in Paging File | 75,49% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 101,00 Gb Total Space | 55,84 Gb Free Space | 55,28% Space Free | Partition Type: NTFS
    Drive E: | 10,79 Gb Total Space | 10,52 Gb Free Space | 97,51% Space Free | Partition Type: NTFS

    Computer Name: PORT2 | User Name: KIAVU02 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    [color=#E56717]========== Processes (SafeList) ==========/color

    PRC - [2014/08/07 18:34:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\KIAVU02\Mes documents\Downloads\OTL.exe
    PRC - [2014/07/21 05:00:22 | 000,793,376 | ---- | M] (Glarysoft Ltd) -- C:\Program Files\Glary Utilities 5\Integrator.exe
    PRC - [2014/07/15 11:24:50 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
    PRC - [2014/07/11 02:59:05 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
    PRC - [2014/07/11 02:39:16 | 000,511,872 | ---- | M] (Oracle Corporation) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe
    PRC - [2014/07/11 02:39:16 | 000,256,896 | ---- | M] (Oracle Corporation) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
    PRC - [2013/05/09 10:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    PRC - [2013/05/09 10:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2008/04/14 04:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2007/05/08 09:38:46 | 000,540,448 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
    PRC - [2007/05/08 09:38:44 | 000,331,552 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsty.exe
    PRC - [2007/04/22 17:32:42 | 000,221,184 | ---- | M] (SafeBoot International) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
    PRC - [2007/04/19 14:35:46 | 000,075,304 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    PRC - [2007/04/19 14:26:52 | 000,484,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
    PRC - [2007/02/07 03:30:00 | 000,065,536 | R--- | M] (Cognizance Corporation) -- C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
    PRC - [2007/01/09 16:52:32 | 000,145,184 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
    PRC - [2007/01/04 19:48:52 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
    PRC - [2006/10/09 12:23:06 | 000,697,976 | ---- | M] () -- C:\WINDOWS\SMINST\Scheduler.exe
    0
  9. Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention  
     
    et enfin :

    OTL Extras logfile created on: 07/08/2014 18:34:51 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\KIAVU02\Mes documents\Downloads
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy

    1015,23 Mb Total Physical Memory | 388,75 Mb Available Physical Memory | 38,29% Memory free
    2,70 Gb Paging File | 2,04 Gb Available in Paging File | 75,49% Paging File free
    Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 101,00 Gb Total Space | 55,84 Gb Free Space | 55,28% Space Free | Partition Type: NTFS
    Drive E: | 10,79 Gb Total Space | 10,52 Gb Free Space | 97,51% Space Free | Partition Type: NTFS

    Computer Name: PORT2 | User Name: KIAVU02 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    [color=#E56717]========== Extra Registry (SafeList) ==========[/color]

    [color=#E56717]========== File Associations ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = htmlfile] -- Reg Error: Key error. File not found

    [color=#E56717]========== Shell Spawning ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Key error.
    InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [color=#E56717]========== Security Center Settings ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled" = 1
    "AntiVirusDisableNotify" = 0
    "FirewallDisableNotify" = 0
    "UpdatesDisableNotify" = 0
    "AntiVirusOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    [color=#E56717]========== System Restore Settings ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
    "Start" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
    "Start" = 2

    [color=#E56717]========== Firewall Settings ==========[/color]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
    "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
    "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
    "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
    "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
    "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
    "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

    [color=#E56717]========== Authorized Applications List ==========[/color]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
    "C:\WINDOWS\system32\mqsvc.exe" = C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing -- (Microsoft Corporation)
    "C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
    "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
    "C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live FolderShare -- (Microsoft Corporation)
    "C:\Program Files\Java\jre7\bin\java.exe" = C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
    "C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\KIAVU02\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)

    [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0289B18A-F99F-423F-B79F-1150D0F85492}" = HP Wireless Assistant
    "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
    "{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
    "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
    "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
    "{1CF925D3-1E33-4447-889B-0751D2CF886D}" = Drive Encryption for HP ProtectTools
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Outil de téléchargement Windows Live
    "{2075CB0A-D26F-4DAA-B424-5079296B43BA}" = Windows Live FolderShare
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
    "{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 65
    "{2DB165DC-DDB4-403F-B985-19F3EC7D0357}" = HP ProtectTools Security Manager
    "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
    "{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
    "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
    "{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 B2
    "{350C940c-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
    "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = Installation de HP Backup and Recovery Manager
    "{429E92A4-159F-4AEC-85A1-D693E1E4274D}" = HP 3D DriveGuard
    "{4634B21A-CC07-4396-890C-2B8168661FEA}" = Windows Live Writer
    "{46ABBC54-1872-4AA3-95E2-F2C063A63F31}" = Installation Windows Live
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{521F72F4-FFE4-4959-AA88-EED06125211F}" = HP Notebook Accessories Product Tour
    "{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
    "{5DD76286-9BE7-4894-A990-E905E91AC818}" = Windows Live Mail
    "{617093CF-0B62-4B8B-87D0-DB8FD2A5156B}" = HP BIOS Configuration for ProtectTools
    "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
    "{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
    "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
    "{70CEFEBA-F757-4DBE-8A21-027C326137CE}" = Application Installer 4.00.B14
    "{748B1880-9025-439D-B5D1-E078F2329993}" = HP LaserJet P3005
    "{770F1BEC-2871-4E70-B837-FB8525FFA3B1}" = Windows Live Messenger
    "{7FD8231E-3991-48D7-A2C8-2C42A7075FB1}" = HP User Guide Bluetooth Addendum 0062
    "{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}" = Windows Live Call
    "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
    "{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
    "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9A394342-4A68-4EBA-85A6-55B559F4E700}" = Microsoft .NET Framework 1.1 French Language Pack
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A122962F-331A-4C2E-93DB-AD92D8A4FB14}" = OpenOffice.org 2.4
    "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
    "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
    "{B131E59D-202C-43C6-84C9-68F0C37541F1}" = Galerie de photos Windows Live
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{BE41F3D2-FC73-4C3E-A2C2-5D2B08A5B2D0}" = Credential Manager for HP ProtectTools
    "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
    "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
    "{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}" = Assistant de connexion Windows Live
    "{E25AA53F-6878-4C64-8130-EB8D678DF303}" = HP User Guides 0064
    "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
    "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
    "{F196AC50-7C95-42E1-9947-BDAB18BF3C8C}" = Microsoft .NET Framework 2.0 Language Pack - FRA
    "Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Agere Systems Soft Modem" = Agere Systems HDA Modem
    "avast" = avast! Free Antivirus
    "CCleaner" = CCleaner
    "Glary Utilities 5" = Glary Utilities 5.4
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HP LaserJet P3005" = HP LaserJet P3005
    "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
    "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 2.0 Language Pack - FRA" = Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Mozilla Firefox 30.0 (x86 fr)" = Mozilla Firefox 30.0 (x86 fr)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
    "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
    "PDF Complete" = PDF Complete
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "VLC media player" = VLC media player 2.0.1
    "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    "Windows Media Format Runtime" = Windows Media Format 11 runtime
    "Windows Media Player" = Lecteur Windows Media 11
    "Windows XP Service" = Windows XP Service Pack 3
    "WinLiveSuite_Wave3" = Installation Windows Live
    "WMFDist11" = Windows Media Format 11 runtime
    "wmp11" = Windows Media Player 11
    "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

    [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Google Chrome" = Google Chrome
    "Notification de cadeaux MSN" = Notification de cadeaux MSN

    [color=#E56717]========== Last 20 Event Log Errors ==========[/color]

    [ Antivirus Events ]
    Error - 15/04/2008 05:18:47 | Computer Name = PORT2 | Source = avast! | ID = 33554522
    Description =

    [ Application Events ]
    Error - 07/08/2014 08:35:38 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

    Error - 07/08/2014 08:35:38 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

    Error - 07/08/2014 10:20:25 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

    Error - 07/08/2014 10:20:25 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

    Error - 07/08/2014 10:20:39 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

    Error - 07/08/2014 10:20:39 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

    Error - 07/08/2014 11:57:26 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

    Error - 07/08/2014 11:57:26 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

    Error - 07/08/2014 12:16:49 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {7B849a69-220F-451E-B3FE-2CB811AF94AE}.

    Error - 07/08/2014 12:16:49 | Computer Name = PORT2 | Source = Userenv | ID = 1041
    Description = Windows ne peut pas effectuer de requête sur l'entrée DllName du Registre
    pour {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}.

    [ System Events ]
    Error - 05/08/2014 03:32:34 | Computer Name = PORT2 | Source = Service Control Manager | ID = 7000
    Description = Le service avast! Standard Shield Support n'a pas pu démarrer en raison
    de l'erreur : %%2

    Error - 05/08/2014 03:32:36 | Computer Name = PORT2 | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : Aavmker4

    Error - 05/08/2014 03:32:39 | Computer Name = PORT2 | Source = Service Control Manager | ID = 7024
    Description = Le service Service de transfert intelligent en arrière-plan s'est
    arrêté avec l'erreur service particulière 2147500037 (0x80004005).

    Error - 05/08/2014 03:33:09 | Computer Name = PORT2 | Source = DCOM | ID = 10010
    Description = Le serveur {4991D34B-80A1-4291-83B6-3328366B9097} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    Error - 06/08/2014 03:24:58 | Computer Name = PORT2 | Source = Service Control Manager | ID = 7000
    Description = Le service avast! Standard Shield Support n'a pas pu démarrer en raison
    de l'erreur : %%2

    Error - 06/08/2014 03:25:01 | Computer Name = PORT2 | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : Aavmker4

    Error - 07/08/2014 03:21:38 | Computer Name = PORT2 | Source = Service Control Manager | ID = 7000
    Description = Le service avast! Standard Shield Support n'a pas pu démarrer en raison
    de l'erreur : %%2

    Error - 07/08/2014 03:21:40 | Computer Name = PORT2 | Source = Service Control Manager | ID = 7026
    Description = Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se
    charger : Aavmker4

    Error - 07/08/2014 03:21:44 | Computer Name = PORT2 | Source = Service Control Manager | ID = 7024
    Description = Le service Service de transfert intelligent en arrière-plan s'est
    arrêté avec l'erreur service particulière 2147500037 (0x80004005).

    Error - 07/08/2014 03:22:14 | Computer Name = PORT2 | Source = DCOM | ID = 10010
    Description = Le serveur {4991D34B-80A1-4291-83B6-3328366B9097} ne s'est pas enregistré
    sur DCOM avant la fin du temps imparti.

    < End of report >
    0
  10. Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention  
     
    Désolé, je vais me mettre à cjoint. Mais j'ai fais les rapports vite, car je dois m'en aller. Je reviens demain matin, pour suivre vos instructions. Merci beaucoup !
    0
  11. Utilisateur anonyme
     
    Re,

    Ok, post moi les liens Cjoint et je donne la suite demain alors ;)

    ++
    0
  12. Utilisateur anonyme
     
    Re,

    - Double-clique sur Poste de Travail
    - Clique sur Panneau de configuration
    - Clique sur Ajout/suppression de programmes
    - Désinstalle les programmes suivants:

    - Glary Utilities 5 => Sert à rien.
    - TuneUp Software => Sert à rien.

    - Sélectionne l'application
    - Clique sur le bouton Modifier/Supprimer

    _____________________________________________________________
    - Lance OTL Clique sur l'icône présent sur ton bureau

    Note: Sous Vista, Seven, 8 clique droit ""Exécuter en tant qu'Administrateur"

    - Important :Copie-colle correctement le script contenu dans le lien ci-dessous dans la fenêtre personnalisation :

    https://textup.fr/101335qD

    - Clique ensuite sur Correction laisse l'outil travailler.

    un fichier "LOG" doit s'ouvrir avec le bloc-notes.

    Autrement Il est sauvegardé dans le dossier C:\_OTL\Moved Files\

    - Héberge le rapport xxxx2014_xxxxxx.log présent sur ton bureau au redémarrage de ton PC sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

    Aide :

    - Comment utiliser Cjoint ?

    - Tutoriel OTL
    0
  13. Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention  
     
    Bonjour,

    J'ai bien supprimé Glary utilities 5, mais j'ai pas trouver Tunup Software dans la liste de programme.

    Sinon, voici le rapport OTL : https://www.cjoint.com/?3Hilbs0ToRA

    :-)
    0
  14. Utilisateur anonyme
     
    Re,

    Lis le tutoriel ci-dessous de malwarebytes

    Paramètre malwarebytes comme indiqué dans le tutoriel surtout pour la recherche de Rootkits lance un "Examen menaces" puis post moi le rapport via cjoint.

    - Tutoriel Malwarebyte

    ++

    Ce ne sont pas les mauvaises herbes qui étouffent le bon grain, c'est la négligence du cultivateur.
    0
  15. Ana2007 Messages postés 16 Date d'inscription   Statut Membre Dernière intervention  
     
    Tu es toujours là V - X ?

    J'ai aussi oublié de dire, de temps en temps en bas à droite, j'ai un message dans une bulle qui me dit mémoire virtuelle minimale insuffisante.

    Sinon, je viens de redémarrer, et j'ai toujours le message d'erreur recguard.exe, et toujours impossible de lire une vidéo (chargement interminable).
    0
  16. Utilisateur anonyme
     
    Re,

    - Télécharge ZHPDiag sur ton bureau

    - Laisse-toi guider lors de l'installation.

    - Ouvre ZHPDiag (icône parchemin)

    - Clique sur Complet.

    Note: Pour les utilisateurs de Vista/Seven/8, cliquer droit sur l'icône et "Exécuter en tant qu'administrateur",

    - Héberge le rapport ZHPDiag.txt présent sur ton bureau sur Cjoint puis copie/colle le lien fourni dans ta prochaine réponse.

    - Aide : Comment utiliser Cjoint ?

    Tutoriel ZHPDiag
    0
  • 1
  • 2
  • 3