babar91

Membres

Afficher le profil Afficher son activité

Compteur de contenus
37
Inscription
le 22 avril 2006
Dernière visite
le 28 septembre 2015

Contact Methods

Website URL
http://

Autres informations

Mes langues
Français avec des Fotes

babar91's Achievements

Member (4/12)

Réputation sur la communauté

Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

j'ai tout viré ~ ZHPCleaner v2015.9.20.353 by Nicolas Coolman (2015/09/20) ~ Run by Jean-Pierre (Administrator) (21/09/2015 19:52:52) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scanner ~ Report : C:\Users\Jean-Pierre\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Jean-Pierre\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1 Pro, 64-bit (Build 9600) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (23) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Base de Registres ( Clés, Valeurs, Données ). (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Bilan de la réparation ~ Aucune réparation effectuée. ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 90132 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 0 ~ End of search in 8 minutes =================== ZHPCleaner-[R]-18092015-13_16_43.txt ZHPCleaner--18092015-09_17_04.txt ZHPCleaner--18092015-13_12_26.txt ZHPCleaner--21092015-20_01_06.txt un truc quand je fais un clic droit sur le bureau explorer plante et je ne peu pas utiliser internet explorer il plante juste aprés l'ouverture
- le 21 septembre 2015
- 11 réponses
Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

he voila # AdwCleaner v5.008 - Rapport créé le 18/09/2015 à 18:21:02 # Mis à jour le 18/09/2015 par Xplode # Base de données : 2015-09-17.3 [serveur] # Système d'exploitation : Windows 8.1 Pro (x64) # Nom d'utilisateur : Jean-Pierre - BLACKY # Exécuté depuis : C:\Users\Jean-Pierre\Desktop\adwcleaner_5.008.exe # Option : Nettoyer # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Dossiers ] ***** [-] Dossier Supprimé : C:\Program Files (x86)\Company Name [-] Dossier Supprimé : C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} [-] Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Company Name [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ibr20r16.default-1401723926474\Extensions\ascsurfingprotection@iobit.com [!] Dossier Non Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ibr20r16.default-1401723926474\Extensions\ascsurfingprotection@iobit.com [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\Extensions\ascsurfingprotection@iobit.com [!] Dossier Non Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\Extensions\ascsurfingprotection@iobit.com ***** [ Fichiers ] ***** [-] Fichier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\user.js ***** [ Raccourcis ] ***** ***** [ Tâches planifiées ] ***** [-] Tâche Supprimée : dsmonitor [-] Tâche Supprimée : GoforFilesUpdate [-] Tâche Supprimée : MySearchDial ***** [ Registre ] ***** [-] Clé Supprimée : HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\bobrowser.exe [-] Clé Supprimée : HKCU\Software\Microsoft\IntelliType Pro\AppSpecific\vosteran.exe [-] Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} [-] Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FED6A736-129B-49C7-857E-25FC91E87DB3}] [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Clé Supprimée : HKU\.DEFAULT\Software\Boxore [-] Clé Supprimée : HKCU\Software\Headlight [-] Clé Supprimée : HKCU\Software\Myfree Codec [-] Clé Supprimée : HKCU\Software\SecuredDownload [-] Clé Supprimée : HKCU\Software\WTools [-] Clé Supprimée : HKLM\SOFTWARE\Myfree Codec [-] Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec [!] Clé Non Supprimée : [x64] HKCU\Software\Headlight [!] Clé Non Supprimée : [x64] HKCU\Software\Myfree Codec [!] Clé Non Supprimée : [x64] HKCU\Software\SecuredDownload [!] Clé Non Supprimée : [x64] HKCU\Software\WTools [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EDF0464A38B673448DE688FB6EED214 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0 ***** [ Navigateurs ] ***** [-] [C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\prefs.js] [Preference] Supprimée : user_pref("extensions.dashlane.safesearchcapable", false); ************************* :: Paramètres Winsock réinitialisés ************************* C:\AdwCleaner[R2].txt - [19615 octets] - [19/08/2013 06:36:50] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [6849 octets] ########## Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 18/09/2015 Heure de l'analyse: 21:13 Fichier journal: mam 2015-09-18.txt Administrateur: Oui Version: 2.1.8.1057 Base de données de programmes malveillants: v2015.09.18.08 Base de données de rootkits: v2015.08.16.01 Licence: Essai Protection contre les programmes malveillants: Activé Protection contre les sites Web malveillants: Activé Autoprotection: Désactivé Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Jean-Pierre Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 473801 Temps écoulé: 47 min, 38 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Activé Heuristique: Activé PUP: Avertir PUM: Activé Processus: 0 (Aucun élément malveillant détecté) Modules: 0 (Aucun élément malveillant détecté) Clés du registre: 2 PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnceCB908BABCE06467D8A83A9FC2C61E4FF, , [6af687aa4e3d1620c8b95854798b25db], PUP.Optional.Wajam, HKU\S-1-5-21-3302536689-2769176284-1198973107-1000\SOFTWARE\WOW6432NODE\Wajam, , [fd6357da2b600c2a04ce824048bcda26], Valeurs du registre: 0 (Aucun élément malveillant détecté) Données du registre: 0 (Aucun élément malveillant détecté) Dossiers: 0 (Aucun élément malveillant détecté) Fichiers: 3 PUP.Optional.Wajam, C:\Users\Jean-Pierre\AppData\Roaming\ZHP\Quarantine\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancer.exe, , [dd83d75af49765d1d0557d4346bb2cd4], PUP.Optional.Wajam, C:\Users\Jean-Pierre\AppData\Roaming\ZHP\Quarantine\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe, , [86dab67b3754e84e56cd15abf90860a0], PUP.Optional.RelevantKnowledge, C:\WINDOWS\System32\rlls64.dll, , [a1bfcb66b3d82016f46d5d2851b4837d], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)
- le 18 septembre 2015
- 11 réponses
Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

voili voila http://www.cjoint.com/
- le 18 septembre 2015
- 11 réponses
Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

Bon 1) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.2 (09.14.2015:1) OS: Windows 8.1 Pro x64 Ran by Jean-Pierre on 18/09/2015 at 18:08:22,86 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (Jean-Pierre) Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_Jean-Pierre Successfully deleted: [Task] C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jean-Pierre.job ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} ~~~ Files ~~~ Folders Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster Successfully deleted: [Folder] C:\ProgramData\productdata Successfully deleted: [Folder] C:\Users\Jean-Pierre\Appdata\Local\pdfforge Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\iobit\driver booster Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\new version available Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\pdfforge Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\productdata Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\wtools ~~~ Chrome [C:\Users\Jean-Pierre\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Jean-Pierre\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Jean-Pierre\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Jean-Pierre\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 18/09/2015 at 18:14:16,03 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2) # AdwCleaner v5.008 - Rapport créé le 18/09/2015 à 18:21:02 # Mis à jour le 18/09/2015 par Xplode # Base de données : 2015-09-17.3 [serveur] # Système d'exploitation : Windows 8.1 Pro (x64) # Nom d'utilisateur : Jean-Pierre - BLACKY # Exécuté depuis : C:\Users\Jean-Pierre\Desktop\adwcleaner_5.008.exe # Option : Nettoyer # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Dossiers ] ***** [-] Dossier Supprimé : C:\Program Files (x86)\Company Name [-] Dossier Supprimé : C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} [-] Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Company Name [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ibr20r16.default-1401723926474\Extensions\ascsurfingprotection@iobit.com [!] Dossier Non Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ibr20r16.default-1401723926474\Extensions\ascsurfingprotection@iobit.com [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\Extensions\ascsurfingprotection@iobit.com [!] Dossier Non Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\Extensions\ascsurfingprotection@iobit.com ***** [ Fichiers ] ***** [-] Fichier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\user.js ***** [ Raccourcis ] ***** ***** [ Tâches planifiées ] ***** [-] Tâche Supprimée : dsmonitor [-] Tâche Supprimée : GoforFilesUpdate [-] Tâche Supprimée : MySearchDial ***** [ Registre ] ***** [-] Clé Supprimée : HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\bobrowser.exe [-] Clé Supprimée : HKCU\Software\Microsoft\IntelliType Pro\AppSpecific\vosteran.exe [-] Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} [-] Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FED6A736-129B-49C7-857E-25FC91E87DB3}] [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Clé Supprimée : HKU\.DEFAULT\Software\Boxore [-] Clé Supprimée : HKCU\Software\Headlight [-] Clé Supprimée : HKCU\Software\Myfree Codec [-] Clé Supprimée : HKCU\Software\SecuredDownload [-] Clé Supprimée : HKCU\Software\WTools [-] Clé Supprimée : HKLM\SOFTWARE\Myfree Codec [-] Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec [!] Clé Non Supprimée : [x64] HKCU\Software\Headlight [!] Clé Non Supprimée : [x64] HKCU\Software\Myfree Codec [!] Clé Non Supprimée : [x64] HKCU\Software\SecuredDownload [!] Clé Non Supprimée : [x64] HKCU\Software\WTools [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EDF0464A38B673448DE688FB6EED214 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0 ***** [ Navigateurs ] ***** [-] [C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\prefs.js] [Preference] Supprimée : user_pref("extensions.dashlane.safesearchcapable", false); ************************* :: Paramètres Winsock réinitialisés ************************* C:\AdwCleaner[R2].txt - [19615 octets] - [19/08/2013 06:36:50] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [6849 octets] ########## Allors C koi tous ces trucs ? merci
- le 18 septembre 2015
- 11 réponses
Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

voila C fé ensuite ? merci ! ~ ZHPCleaner v2015.9.18.349 by Nicolas Coolman (2015/09/18) ~ Run by Jean-Pierre (Administrator) (18/09/2015 13:15:10) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Nettoyer ~ Report : C:\Users\Jean-Pierre\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Jean-Pierre\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1 Pro, 64-bit (Build 9600) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (3) SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [bad : <-loopback>] =>Hijacker.Proxy SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [bad : Port=60994 <-Loopback>] =>Hijacker.Proxy SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [bad : Port=60994 <-Loopback>] =>Hijacker.Proxy ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (23) ---\\ Tâche planifiée. (6) SUPPRIMÉ tâche: [Driver Detective-RTMRules] [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ tâche: [Driver Detective-RTMScan] [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ tâche: [Driver Detective-RTMUpdater] [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ tâche: [Go for FilesUpdate] [C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (Not File) ] =>PUP.Optional.YourFileDownloader SUPPRIMÉ tâche: [LaunchSignup] [C:\Program Files (x86)\JustCloud\Signup Wizard.exe (Not File) ] =>PUP.Optional.JustCloud SUPPRIMÉ tâche: [Run_Bobby_Browser] [C:\Users\Jean-Pierre\AppData\Local\BoBrowser\Application\bobrowser.exe (Not File) ] =>PUP.Optional.BoBrowser ---\\ Explorateur ( Dossiers, Fichiers ). (61) DEPLACÉ fichier: C:\Users\Public\Desktop\Driver Detective.lnk [bad : P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\inst.exe =>PUP.Optional.Pirrit DEPLACÉ fichier: C:\END =>PUP.Optional.Conduit DEPLACÉ fichier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{34EE8DB6-3208-4B08-A9E3-7A2AEF0DAF40}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\ContinueToSave\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\ContinueToSave\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.boostrap.log =>PUP.Optional.BubbleDock DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.installation.log =>PUP.Optional.BubbleDock DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Selection Tools.installation.log =>PUP.Optional.Nosibay DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\WindApp.boostrap.log =>PUP.Optional.Nosibay DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\WindApp.installation.log =>PUP.Optional.Nosibay DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\0S1P1R2Y1C1P1Q0D1F2W1G1I1F1T1Q =>Adware.InstallCore DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z =>Adware.InstallCore DEPLACÉ dossier: C:\Program Files (x86)\WaInterEnhance =>PUP.Optional.Multiplug DEPLACÉ dossier: C:\ProgramData\InstallMate =>PUP.Optional.Tarma DEPLACÉ dossier: C:\ProgramData\Uniblue =>PUP.Optional.Uniblue DEPLACÉ dossier: C:\ProgramData\PC Drivers HeadQuarters =>PUP.Optional.Generic DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue =>PUP.Optional.Uniblue DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance =>PUP.Optional.Multiplug DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\Nosibay =>PUP.Optional.SPointer DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\Store =>PUP.Optional.Nosibay DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\Boxore =>PUP.Optional.Boxore DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\PC_Drivers_Headquarters =>PUP.Optional.Generic DEPLACÉ dossier: C:\Program Files (x86)\Software =>PUP.Optional.Boxore DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\Software =>PUP.Optional.Boxore DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{097AD88A-A02F-4B0A-8991-D1FB250201F6} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{1E070CD6-E4F2-4CDF-B2B8-211EABC24D20} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{3153BE78-6268-4AC7-B064-4B53B78DDC64} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{3E9E40B1-E6CE-4FFF-AFC5-F289E09DD627} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{51372429-A171-468B-80CA-31854B951280} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{655C164D-3DF2-424E-9BB4-108EDA543019} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{6D39A831-A65B-4604-AF5B-F915DA8868C7} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{6EB25C1E-D6D0-495C-875D-6FF3E307FFEA} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{76CC15D2-277A-4B75-881C-1B5C3877DCE8} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{8517B58B-60A6-4B4B-904D-71EA8A944FBA} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{8601A165-2C5B-4097-A59F-463D2A4BD6DE} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{904A4EDD-C290-4DCE-A41C-58080F8EBCA7} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{9BB91A86-2643-471B-9EC6-344F558320DD} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{B2316779-B6D1-4581-A74F-C6E71C4B3DB4} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{B56C94F4-FEA1-4B07-BBD3-C46BC03A0C44} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{BA9DFD06-0563-40C9-AAD1-90194CF001BA} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{D61C712E-5C83-4115-AB9E-29CF5E18F53C} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{D81FC177-C4DB-4B79-8D74-62FE47D4600D} =>Empty ---\\ Base de Registres ( Clés, Valeurs, Données ). (59) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN149032[...]] [entrusted Customized Web Search] (PUP.Optional.Conduit) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3327155&octid=EB_ORIGINAL_CTID&ISID=MDF0FDE04-A938-48CC[...]] [Trovi search] (PUP.Optional.Trovigo) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D3F8269A-35D1-4B9A-933E-9FBC6C62352D} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Vosteran] (PUP.Optional.Vosteran) SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Vosteran] (PUP.Optional.Vosteran) SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{1840BB45-BFFE-E008-B403-066558FB0B70} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) SUPPRIMÉ clé*: HKCU\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [] =>PUP.Optional.Vosteran SUPPRIMÉ clé*: [X64] HKLM\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [] =>PUP.Optional.Vosteran SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN14903294502408712] =>PUP.Optional.Conduit SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3327155&octid=EB_ORIGINAL_CTID&ISID=MDF0FDE04-A938-48CC-8023-7B8BA84EAFA1&SearchSource=58&CUI=&UM=8&UP=SP63C77537-C65F-42BE-BCA3-E5B1D0BEDE67&q={searchTerms}&SSPV=] =>PUP.Optional.Trovigo SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D3F8269A-35D1-4B9A-933E-9FBC6C62352D} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu2Z1P1I1P1H1B1Q&cr=197052872&ir=] =>PUP.Optional.MySearchDial SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0StCtDzyyDtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtDyDyD0Azy0B0FtGzyyCyCyCtG0E0FyE0EtGyE0DtB0FtGtA0E0B0Dzy0AtD0DyB0BtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtB0EtBtC0FyEtAtGzz0B0FyBtGyEtB0F0CtGzz0AyE0CtGyE0Dzz0B0F0FyD0D0D0B0E0B2Q&cr=1460749499&ir=] =>PUP.Optional.Vosteran SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu2Z1P1I1P1H1B1Q&cr=197052872&ir=] =>PUP.Optional.MySearchDial SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0StCtDzyyDtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtDyDyD0Azy0B0FtGzyyCyCyCtG0E0FyE0EtGyE0DtB0FtGtA0E0B0Dzy0AtD0DyB0BtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtB0EtBtC0FyEtAtGzz0B0FyBtGyEtB0F0CtGzz0AyE0CtGyE0Dzz0B0F0FyD0D0D0B0E0B2Q&cr=1460749499&ir=] =>PUP.Optional.Vosteran SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{1840BB45-BFFE-E008-B403-066558FB0B70} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu2Z1P1I1P1H1B1Q&cr=197052872&ir=] =>PUP.Optional.MySearchDial SUPPRIMÉ clé*: HKCU\Software\WajIEnhance [] =>PUP.Optional.Wajam SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\ccnfd_1_10_0_4 [C:\WINDOWS\System32\drivers\ccnfd_1_10_0_4.sys (Not File)] =>PUP.Optional.ClickCaption SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\wpnfd_1_10_0_6 [C:\WINDOWS\System32\drivers\wpnfd_1_10_0_6.sys (Not File)] =>PUP.Optional.Shopperz SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Boxore [] =>PUP.Optional.Boxore SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Conduit [] =>PUP.Optional.Conduit SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\InstallCore [] =>Adware.InstallCore SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Nosibay [] =>PUP.Optional.SPointer SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\nuevos-programas.com [] =>PUP.Optional.Generic SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\WaInterEnhance [] =>PUP.Optional.Multiplug SUPPRIMÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\WajIEnhance [] =>PUP.Optional.Multiplug SUPPRIMÉ clé: HKCU\Software\Boxore [] =>PUP.Optional.Boxore SUPPRIMÉ clé: HKCU\Software\Conduit [] =>PUP.Optional.Conduit SUPPRIMÉ clé: HKCU\Software\InstallCore [] =>Adware.InstallCore SUPPRIMÉ clé: HKCU\Software\Nosibay [] =>PUP.Optional.SPointer SUPPRIMÉ clé: HKCU\Software\nuevos-programas.com [] =>PUP.Optional.Generic SUPPRIMÉ clé: HKCU\Software\WaInterEnhance [] =>PUP.Optional.Multiplug SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\DynConIE [] =>PUP.Optional.DynConIE SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore SUPPRIMÉ clé*: HKCU\Software\Store [] =>PUP.Optional.Generic SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [iOutlookSecurityManager] =>PUP.Optional.WhiteSmoke SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL [] =>PUP.Optional.BearShare SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Products\1EDF0464A38B673448DE688FB6EED214 [Driver Detective] =>PUP.Optional.DriverDetective SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Driver Detective [] =>PUP.Optional.DriverDetective SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] =>PUP.Optional.WpManager SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave [betterSoft] =>PUP.Optional.Multiplug SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe [] =>PUP.Optional.Boxore SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00888B8A5D16B5A4D9F9DF44E3F268A9 [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\fr\Agent.ExceptionLogging.resources.dll] =>PUP.Optional.Generic SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Boxore [] =>PUP.Optional.Boxore SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Clara [] =>PUP.Optional.SupTab SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ClickCaption_1.10.0.4 [] =>PUP.Optional.Generic SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\vi-viewSoftware [] =>PUP.Optional.MyhomeViview SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\WaInterEnhance [] =>PUP.Optional.Multiplug SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\WordProser_1.10.0.6 [] =>PUP.Optional.WordProser SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [iOutlookSecurityManager] =>PUP.Optional.WhiteSmoke SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\WMHelper.DLL [] =>PUP.Optional.BearShare SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 [] =>PUP.Optional.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASMANCS [] =>PUP.Optional.BProtector SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Features\1EDF0464A38B673448DE688FB6EED214 [Acresso Software Inc.] =>PUP.Optional.DriverDetective ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Opera Software) ~ Le système a été redémarré. ---\\ Statistiques ~ Items scannés : 756 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 129 ~ End of clean in 1 minutes =================== ZHPCleaner-[R]-18092015-13_16_43.txt ZHPCleaner--18092015-09_17_04.txt ZHPCleaner--18092015-13_12_26.txt
- le 18 septembre 2015
- 11 réponses
Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

C karément une colonie de truc et merci pour ZHPDiag ~ ZHPCleaner v2015.9.18.349 by Nicolas Coolman (2015/09/18) ~ Run by Jean-Pierre (Administrator) (18/09/2015 09:05:41) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Pas de fichier réseau ~ Type : Scanner ~ Report : C:\Users\Jean-Pierre\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Jean-Pierre\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1 Pro, 64-bit (Build 9600) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (5) TROUVÉ Chrome Secure Preferences: "http://fr.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adsrch_15_27&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0StCtBzztCtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCyDyC0A0C0DzyyEtGtA0D0E0BtGyDyB0EzytGyDyC0CyBtGyEzytCtByDyEtB0AtAzyyD0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtB0EtBtC0FyEtAtGzz0B0FyBtGyEtB0F0CtGzz0AyE0CtGyE0Dzz0B0F0FyD0D0D0B0E0B2QtN0A0LzutB%26cr%3D233983243%26a%3Dwncy_adsrch_15_27%26os%3DWindows 8.1 Pro" =>PUP.Optional.Browser TROUVÉ Chrome Secure Preferences: "http://www.trovi.com/?gd=&ctid=CT3327155&octid=EB_ORIGINAL_CTID&ISID=MDF0FDE04-A938-48CC-8023-7B8BA84EAFA1&SearchSource=55&CUI=&UM=8&UP=SP63C77537-C65F-42BE-BCA3-E5B1D0BEDE67&SSPV=" =>PUP.Optional.Trovigo TROUVÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [bad : <-loopback>] =>Hijacker.Proxy TROUVÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [bad : Port=60994 <-Loopback>] =>Hijacker.Proxy TROUVÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [bad : Port=60994 <-Loopback>] =>Hijacker.Proxy ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (23) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (88) TROUVÉ fichier: C:\Users\Public\Desktop\Driver Detective.lnk [bad : P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\inst.exe =>PUP.Optional.Pirrit TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\0S1P1R2Y1C1P1Q0D1F2W1G1I1F1T1Q =>Adware.InstallCore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z =>Adware.InstallCore TROUVÉ fichier: P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [PC Drivers Headquarters - Driver Detective] =>PUP.Optional.DriverDetective TROUVÉ fichier: C:\Users\Public\Desktop\Driver Detective.lnk =>PUP.Optional.DriverDetective TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\inst.exe =>Adware.GenericTask TROUVÉ fichier: C:\END =>PUP.Optional.Conduit TROUVÉ fichier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{34EE8DB6-3208-4B08-A9E3-7A2AEF0DAF40}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\ContinueToSave\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\ContinueToSave\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.boostrap.log =>PUP.Optional.BubbleDock TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.installation.log =>PUP.Optional.BubbleDock TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Selection Tools.installation.log =>PUP.Optional.Nosibay TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\WindApp.boostrap.log =>PUP.Optional.Nosibay TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\WindApp.installation.log =>PUP.Optional.Nosibay TROUVÉ fichier: C:\Program Files (x86)\WaInterEnhance\uninstall.exe =>PUP.Optional.Multiplug TROUVÉ dossier: C:\Program Files (x86)\WaInterEnhance\Logos =>PUP.Optional.Multiplug TROUVÉ dossier: C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer =>PUP.Optional.Multiplug TROUVÉ dossier: C:\Program Files (x86)\WaInterEnhance =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\InstallMate\ContinueToSave =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{34EE8DB6-3208-4B08-A9E3-7A2AEF0DAF40} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\Uniblue =>PUP.Optional.Uniblue TROUVÉ dossier: C:\ProgramData\PC Drivers HeadQuarters\Driver Detective =>PUP.Optional.Generic TROUVÉ dossier: C:\ProgramData\PC Drivers HeadQuarters =>PUP.Optional.Generic TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Settings.lnk =>PUP.Optional.Multiplug TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\SignIn with Facebook.lnk =>PUP.Optional.Multiplug TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\SignIn with Twitter.lnk =>PUP.Optional.Multiplug TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Wajam Website.lnk =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Explore Social Search =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Explore Social Shopping =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Uninstall Wajam =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue =>PUP.Optional.Uniblue TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance =>PUP.Optional.Multiplug TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\Nosibay =>PUP.Optional.SPointer TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\Store =>PUP.Optional.Nosibay TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Local\Boxore\state =>PUP.Optional.Boxore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\PC_Drivers_Headquarters\DriversHQ.DriverDetective_Url_uenscafeta3ej1h3okzwr43igkmes2ca =>PUP.Optional.Generic TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\Boxore =>PUP.Optional.Boxore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\PC_Drivers_Headquarters =>PUP.Optional.Generic TROUVÉ dossier: C:\Program Files (x86)\Software =>PUP.Optional.Boxore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\Software =>PUP.Optional.Boxore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{097AD88A-A02F-4B0A-8991-D1FB250201F6} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{1E070CD6-E4F2-4CDF-B2B8-211EABC24D20} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{3153BE78-6268-4AC7-B064-4B53B78DDC64} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{3E9E40B1-E6CE-4FFF-AFC5-F289E09DD627} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{51372429-A171-468B-80CA-31854B951280} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{655C164D-3DF2-424E-9BB4-108EDA543019} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{6D39A831-A65B-4604-AF5B-F915DA8868C7} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{6EB25C1E-D6D0-495C-875D-6FF3E307FFEA} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{76CC15D2-277A-4B75-881C-1B5C3877DCE8} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{8517B58B-60A6-4B4B-904D-71EA8A944FBA} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{8601A165-2C5B-4097-A59F-463D2A4BD6DE} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{904A4EDD-C290-4DCE-A41C-58080F8EBCA7} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{9BB91A86-2643-471B-9EC6-344F558320DD} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{B2316779-B6D1-4581-A74F-C6E71C4B3DB4} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{B56C94F4-FEA1-4B07-BBD3-C46BC03A0C44} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{BA9DFD06-0563-40C9-AAD1-90194CF001BA} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{D61C712E-5C83-4115-AB9E-29CF5E18F53C} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{D81FC177-C4DB-4B79-8D74-62FE47D4600D} =>Empty ---\\ Base de Registres ( Clés, Valeurs, Données ). (55) TROUVÉ clé: HKCU\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [] =>PUP.Optional.Vosteran TROUVÉ clé: [X64] HKLM\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [] =>PUP.Optional.Vosteran TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN149032[...]] [entrusted Customized Web Search] (PUP.Optional.Conduit) TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3327155&octid=EB_ORIGINAL_CTID&ISID=MDF0FDE04-A938-48CC[...]] [Trovi search] (PUP.Optional.Trovigo) TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D3F8269A-35D1-4B9A-933E-9FBC6C62352D} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Vosteran] (PUP.Optional.Vosteran) TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Vosteran] (PUP.Optional.Vosteran) TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{1840BB45-BFFE-E008-B403-066558FB0B70} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) TROUVÉ clé: HKCU\Software\WajIEnhance [] =>PUP.Optional.Wajam TROUVÉ clé: HKCU\Software\InstallCore\1I1T1Q1S [] =>Heuristic.InstallCore TROUVÉ clé: HKCU\Software\InstallCore\Uninstall [] =>Heuristic.InstallCore TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\ccnfd_1_10_0_4 [C:\WINDOWS\System32\drivers\ccnfd_1_10_0_4.sys (Not File)] =>PUP.Optional.ClickCaption TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\wpnfd_1_10_0_6 [C:\WINDOWS\System32\drivers\wpnfd_1_10_0_6.sys (Not File)] =>PUP.Optional.Shopperz TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Boxore [] =>PUP.Optional.Boxore TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Conduit [] =>PUP.Optional.Conduit TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\InstallCore [] =>Adware.InstallCore TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Nosibay [] =>PUP.Optional.SPointer TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\nuevos-programas.com [] =>PUP.Optional.Generic TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\WaInterEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\WajIEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: HKCU\Software\Boxore [] =>PUP.Optional.Boxore TROUVÉ clé: HKCU\Software\Conduit [] =>PUP.Optional.Conduit TROUVÉ clé: HKCU\Software\InstallCore [] =>Adware.InstallCore TROUVÉ clé: HKCU\Software\Nosibay [] =>PUP.Optional.SPointer TROUVÉ clé: HKCU\Software\nuevos-programas.com [] =>PUP.Optional.Generic TROUVÉ clé: HKCU\Software\WaInterEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: HKCU\Software\WajIEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: HKCU\Software\AppDataLow\Software\DynConIE [] =>PUP.Optional.DynConIE TROUVÉ clé: HKCU\Software\ProductSetup [] =>Adware.InstallCore TROUVÉ clé: HKCU\Software\Store [] =>PUP.Optional.Generic TROUVÉ clé: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [iOutlookSecurityManager] =>PUP.Optional.WhiteSmoke TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL [] =>PUP.Optional.BearShare TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec TROUVÉ clé: [X64] HKLM\Software\Classes\Installer\Products\1EDF0464A38B673448DE688FB6EED214 [Driver Detective] =>PUP.Optional.DriverDetective TROUVÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Driver Detective [] =>PUP.Optional.DriverDetective TROUVÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] =>PUP.Optional.WpManager TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave [betterSoft] =>PUP.Optional.Multiplug TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe [] =>PUP.Optional.Boxore TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00888B8A5D16B5A4D9F9DF44E3F268A9 [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\fr\Agent.ExceptionLogging.resources.dll] =>PUP.Optional.Generic TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Boxore [] =>PUP.Optional.Boxore TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Clara [] =>PUP.Optional.SupTab TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\ClickCaption_1.10.0.4 [] =>PUP.Optional.Generic TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\vi-viewSoftware [] =>PUP.Optional.MyhomeViview TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\WaInterEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\WordProser_1.10.0.6 [] =>PUP.Optional.WordProser TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [iOutlookSecurityManager] =>PUP.Optional.WhiteSmoke TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\WMHelper.DLL [] =>PUP.Optional.BearShare TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 [] =>PUP.Optional.BProtector TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASMANCS [] =>PUP.Optional.BProtector TROUVÉ clé: [X64] HKLM\Software\Classes\Installer\Features\1EDF0464A38B673448DE688FB6EED214 [Driver Detective] =>PUP.Optional.DriverDetective ---\\ Bilan de la réparation ~ Aucune réparation effectuée. ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 90723 ~ Items trouvés : 157 ~ Items annulés : 0 ~ Items réparés : 0 ~ End of search in 11 minutes =================== ZHPCleaner--18092015-09_17_04.txt
- le 18 septembre 2015
- 11 réponses
Des trucs bizarres

babar91 a posté un sujet dans Analyses et éradication malwares

il se passe des trucs bizar sur mon PC Windows 8.1 Pro Proc Pentium dual-core E5300 2.60 GHz 64 bits merci pour l'aide Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:50:46, on 17/09/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17840) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe P:\Program Files (x86)\IObit Uninstaller\UninstallMonitor.exe P:\Program Files (x86)\Microsoft Money\System\mnyexpr.exe C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\Dashlane.exe C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\DashlanePlugin.exe C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe P:\Program Files (x86)\Unlocker\UnlockerAssistant.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe P:\Program Files (x86)\Hard Drive Inspector\HDInspector.exe P:\Program Files (x86)\Cobian Backup 11\Cobian.exe P:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe P:\Program Files (x86)\Cobian Backup 11\cbInterface.exe P:\Program Files (x86)\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe P:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe P:\Program Files (x86)\Mozilla Firefox\firefox.exe P:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - P:\Program Files (x86)\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL O3 - Toolbar: Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\ie\KWIEBar.dll O4 - HKLM\..\Run: [mgeNetSystray] P:\Program Files (x86)\EATON\NetworkShutdownModule\bin\netsystray\mgeNetSystray.exe -deferred O4 - HKLM\..\Run: [MRUTray] P:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [Turbo Key] "P:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe" O4 - HKLM\..\Run: [unlockerAssistant] "P:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe O4 - HKLM\..\Run: [HDInspector.exe] P:\Program Files (x86)\Hard Drive Inspector\HDInspector.exe O4 - HKLM\..\Run: [Cobian Backup 11] "P:\Program Files (x86)\Cobian Backup 11\Cobian.exe" O4 - HKLM\..\Run: [sDTray] "P:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [AvastUI.exe] "P:\Program Files (x86)\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sMSTray] C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Fitbit Connect] "P:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun O4 - HKCU\..\Run: [MoneyAgent] "P:\Program Files (x86)\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Dashlane] "C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jean-Pierre\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [DashlanePlugin] "C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto O4 - HKCU\..\Run: [Fitbit Connect] "P:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted IP range: http://127.0.0.1 O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing) O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - P:\Program Files (x86)\AVAST Software\Avast\AvastSvc.exe O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - P:\Program Files (x86)\AVAST Software\Avast\afwServ.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - P:\Program Files (x86)\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: devolo Network Service (DevoloNetworkService) - devolo AG - P:\Program Files (x86)\devolo\dlan\devolonetsvc.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Fitbit Connect Service (Fitbit Connect) - Fitbit, Inc. - P:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - P:\Jeux\EA GAMES\Origin\OriginClientService.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - P:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - P:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - P:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - P:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @oem151.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30014 (w3logsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe -- End of file - 31257 bytes
- le 17 septembre 2015
- 11 réponses
Aie Avast

babar91 a posté un sujet dans Analyses et éradication malwares

Avast trouve un virus mais il reviens a chaque fois Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:58:49, on 27/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ASUS\WLAN Card Utilities\Center.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\F.CHARDEAUX\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F3 - REG:win.ini: load=C:\WINDOWS\svchost.exe O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\F.CHARDEAUX\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/betaactivesca...s/as2stubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1191069404474 O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- End of file - 5656 bytes Qui peu me dire quoi C
- le 27 avril 2009
- 1 réponse
[Résolu] Infections dans mon PC

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

MB Clock c'est ma pendule Norton Systen Doctor d"fragmente les disques au démarage Wenshot > Change écran Mezaniv > ne marche que s'il y a une date BTTray > je l'ai stopé CleanSweep > aussi Microsoft Office > c'est la barre Office Bon voila et merci pour tout Babar
- le 10 septembre 2006
- 9 réponses
[Résolu] Infections dans mon PC

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

Bon j'ai Vu 2 / 3 trucs que j'ai botté en touche heu j'ai oublié comment on clos le dialogue ! merci a tous
- le 9 septembre 2006
- 9 réponses
[Résolu] Infections dans mon PC

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

Menu Démarer mbclock Norton System Doctor Webshots Mezaniv SpywareGuard BTTray CleanSweep Smart Sweep-Internet Sweep Microsoft Office
- le 9 septembre 2006
- 9 réponses
[Résolu] Infections dans mon PC

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

j'ai trouvé c'était bien un prog qui bloquait > VSO Inspector < car - SpywareGuard et Winpooch sont installés depuis longtemps mais ça ma mis sur la piste - pour les programmes en trop c'est lequels ? merci encore
- le 9 septembre 2006
- 9 réponses
[Résolu] Infections dans mon PC

babar91 a posté un sujet dans Analyses et éradication malwares

bonjour et merci de me dire si ya pas un truc déplésant qui traine norton ne veux plus analiser Logfile of HijackThis v1.99.1 Scan saved at 10:27:09, on 09/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe D:\Symantec\Norton Ghost\Agent\GhostTray.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe D:\Winpooch\Winpooch.exe D:\Sitecom\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\rundll32.exe D:\Winamp\winampa.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\DVDRAMSV.exe D:\Copernic Desktop Search\CopernicDesktopSearch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe D:\ewido anti-malware\ewidoctrl.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe D:\Sitecom\Logiciel Bluetooth\BTTray.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe C:\Program Files\Microsoft Office\Office10\msoffice.exe D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE D:\MB Softs\MB Clock\mbclock.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE D:\SpywareGuard\sgmain.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe D:\Webshots\webshots.scr D:\SpywareGuard\sgbhp.exe C:\WINDOWS\System32\svchost.exe D:\Wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe D:\Sitecom\LOGICI~1\BTSTAC~1.EXE C:\WINDOWS\system32\cidaemon.exe D:\Winamp\Winamp.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Messenger\msmsgs.exe D:\eMule\emule.exe D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.genealogie.com/v2/membres-mon-c...alogie-en-ligne R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\GetRight\xx2gr.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\SpywareGuard\dlprotect.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [Winpooch] D:\Winpooch\Winpooch.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Copernic Desktop Search] "D:\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EA Downloader\Core.exe -silent O4 - Startup: mbclock.lnk = D:\MB Softs\MB Clock\mbclock.exe O4 - Startup: Mezaniv.lnk = D:\Mezaniv\MEZANIV.EXE O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Startup: SpywareGuard.lnk = D:\SpywareGuard\sgmain.exe O4 - Startup: Webshots.lnk = D:\Webshots\Launcher.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Thumbs.db O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - D:\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Ouvrir avec GetRight - D:\GetRight\GRbrowse.htm O8 - Extra context menu item: Surligner en Jaune - C:\WINDOWS\web\MarqueurFluoYellow.htm O8 - Extra context menu item: Télecharger avec GetRight - D:\GetRight\GRdownload.htm O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM95\aim.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Sitecom\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Sitecom\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O15 - Trusted Zone: http://officebeta.iponet.net O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - D:\Sitecom\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: wampmysqld - Unknown owner - D:\Wamp\mysql\bin\mysqld-nt.exe merci et @ +
- le 9 septembre 2006
- 9 réponses
Caps lock [RESOLU]

babar91 a répondu à un(e) sujet de babar91 dans Software

je viens de changer d'utilisateur et je n'ai plus de problème avec caps lock !!! Ah Ke ça c'est remis en place aprés la manip bon merci pour tout
- le 1 mai 2006
- 4 réponses
REGULARISATION LICENCE XP

babar91 a répondu à un(e) sujet de TESTEUR dans Software

salut Tu met le nouveau CD et tu repare > la clé correspont au CD c'est tout
- le 1 mai 2006
- 28 réponses

Connexion

babar91

Compteur de contenus

Inscription

Dernière visite

Contact Methods

Autres informations

babar91's Achievements

Member (4/12)

Réputation sur la communauté

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Aie Avast

[Résolu] Infections dans mon PC

[Résolu] Infections dans mon PC

[Résolu] Infections dans mon PC

[Résolu] Infections dans mon PC

[Résolu] Infections dans mon PC

Caps lock [RESOLU]

REGULARISATION LICENCE XP

Zebulon

Outils en ligne

Naviguer