Contenu de babar91

Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

j'ai tout viré ~ ZHPCleaner v2015.9.20.353 by Nicolas Coolman (2015/09/20) ~ Run by Jean-Pierre (Administrator) (21/09/2015 19:52:52) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scanner ~ Report : C:\Users\Jean-Pierre\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Jean-Pierre\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1 Pro, 64-bit (Build 9600) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (23) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Base de Registres ( Clés, Valeurs, Données ). (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Bilan de la réparation ~ Aucune réparation effectuée. ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 90132 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 0 ~ End of search in 8 minutes =================== ZHPCleaner-[R]-18092015-13_16_43.txt ZHPCleaner--18092015-09_17_04.txt ZHPCleaner--18092015-13_12_26.txt ZHPCleaner--21092015-20_01_06.txt un truc quand je fais un clic droit sur le bureau explorer plante et je ne peu pas utiliser internet explorer il plante juste aprés l'ouverture

le 21 septembre 2015
11 réponses

Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

he voila # AdwCleaner v5.008 - Rapport créé le 18/09/2015 à 18:21:02 # Mis à jour le 18/09/2015 par Xplode # Base de données : 2015-09-17.3 [serveur] # Système d'exploitation : Windows 8.1 Pro (x64) # Nom d'utilisateur : Jean-Pierre - BLACKY # Exécuté depuis : C:\Users\Jean-Pierre\Desktop\adwcleaner_5.008.exe # Option : Nettoyer # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Dossiers ] ***** [-] Dossier Supprimé : C:\Program Files (x86)\Company Name [-] Dossier Supprimé : C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} [-] Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Company Name [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ibr20r16.default-1401723926474\Extensions\ascsurfingprotection@iobit.com [!] Dossier Non Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ibr20r16.default-1401723926474\Extensions\ascsurfingprotection@iobit.com [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\Extensions\ascsurfingprotection@iobit.com [!] Dossier Non Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\Extensions\ascsurfingprotection@iobit.com ***** [ Fichiers ] ***** [-] Fichier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\user.js ***** [ Raccourcis ] ***** ***** [ Tâches planifiées ] ***** [-] Tâche Supprimée : dsmonitor [-] Tâche Supprimée : GoforFilesUpdate [-] Tâche Supprimée : MySearchDial ***** [ Registre ] ***** [-] Clé Supprimée : HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\bobrowser.exe [-] Clé Supprimée : HKCU\Software\Microsoft\IntelliType Pro\AppSpecific\vosteran.exe [-] Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} [-] Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FED6A736-129B-49C7-857E-25FC91E87DB3}] [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Clé Supprimée : HKU\.DEFAULT\Software\Boxore [-] Clé Supprimée : HKCU\Software\Headlight [-] Clé Supprimée : HKCU\Software\Myfree Codec [-] Clé Supprimée : HKCU\Software\SecuredDownload [-] Clé Supprimée : HKCU\Software\WTools [-] Clé Supprimée : HKLM\SOFTWARE\Myfree Codec [-] Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec [!] Clé Non Supprimée : [x64] HKCU\Software\Headlight [!] Clé Non Supprimée : [x64] HKCU\Software\Myfree Codec [!] Clé Non Supprimée : [x64] HKCU\Software\SecuredDownload [!] Clé Non Supprimée : [x64] HKCU\Software\WTools [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EDF0464A38B673448DE688FB6EED214 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0 ***** [ Navigateurs ] ***** [-] [C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\prefs.js] [Preference] Supprimée : user_pref("extensions.dashlane.safesearchcapable", false); ************************* :: Paramètres Winsock réinitialisés ************************* C:\AdwCleaner[R2].txt - [19615 octets] - [19/08/2013 06:36:50] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [6849 octets] ########## Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 18/09/2015 Heure de l'analyse: 21:13 Fichier journal: mam 2015-09-18.txt Administrateur: Oui Version: 2.1.8.1057 Base de données de programmes malveillants: v2015.09.18.08 Base de données de rootkits: v2015.08.16.01 Licence: Essai Protection contre les programmes malveillants: Activé Protection contre les sites Web malveillants: Activé Autoprotection: Désactivé Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: Jean-Pierre Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 473801 Temps écoulé: 47 min, 38 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Activé Heuristique: Activé PUP: Avertir PUM: Activé Processus: 0 (Aucun élément malveillant détecté) Modules: 0 (Aucun élément malveillant détecté) Clés du registre: 2 PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnceCB908BABCE06467D8A83A9FC2C61E4FF, , [6af687aa4e3d1620c8b95854798b25db], PUP.Optional.Wajam, HKU\S-1-5-21-3302536689-2769176284-1198973107-1000\SOFTWARE\WOW6432NODE\Wajam, , [fd6357da2b600c2a04ce824048bcda26], Valeurs du registre: 0 (Aucun élément malveillant détecté) Données du registre: 0 (Aucun élément malveillant détecté) Dossiers: 0 (Aucun élément malveillant détecté) Fichiers: 3 PUP.Optional.Wajam, C:\Users\Jean-Pierre\AppData\Roaming\ZHP\Quarantine\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancer.exe, , [dd83d75af49765d1d0557d4346bb2cd4], PUP.Optional.Wajam, C:\Users\Jean-Pierre\AppData\Roaming\ZHP\Quarantine\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe, , [86dab67b3754e84e56cd15abf90860a0], PUP.Optional.RelevantKnowledge, C:\WINDOWS\System32\rlls64.dll, , [a1bfcb66b3d82016f46d5d2851b4837d], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)

le 18 septembre 2015
11 réponses

Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

voili voila http://www.cjoint.com/

le 18 septembre 2015
11 réponses

Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

Bon 1) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.2 (09.14.2015:1) OS: Windows 8.1 Pro x64 Ran by Jean-Pierre on 18/09/2015 at 18:08:22,86 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (Jean-Pierre) Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_Jean-Pierre Successfully deleted: [Task] C:\WINDOWS\Tasks\Uninstaller_SkipUac_Jean-Pierre.job ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\TuneUp Shredder Shell Extension Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} ~~~ Files ~~~ Folders Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster Successfully deleted: [Folder] C:\ProgramData\productdata Successfully deleted: [Folder] C:\Users\Jean-Pierre\Appdata\Local\pdfforge Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\iobit\driver booster Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\new version available Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\pdfforge Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\productdata Successfully deleted: [Folder] C:\Users\Jean-Pierre\AppData\Roaming\wtools ~~~ Chrome [C:\Users\Jean-Pierre\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Jean-Pierre\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\Jean-Pierre\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Jean-Pierre\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 18/09/2015 at 18:14:16,03 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2) # AdwCleaner v5.008 - Rapport créé le 18/09/2015 à 18:21:02 # Mis à jour le 18/09/2015 par Xplode # Base de données : 2015-09-17.3 [serveur] # Système d'exploitation : Windows 8.1 Pro (x64) # Nom d'utilisateur : Jean-Pierre - BLACKY # Exécuté depuis : C:\Users\Jean-Pierre\Desktop\adwcleaner_5.008.exe # Option : Nettoyer # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Dossiers ] ***** [-] Dossier Supprimé : C:\Program Files (x86)\Company Name [-] Dossier Supprimé : C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} [-] Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Company Name [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ibr20r16.default-1401723926474\Extensions\ascsurfingprotection@iobit.com [!] Dossier Non Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\ibr20r16.default-1401723926474\Extensions\ascsurfingprotection@iobit.com [-] Dossier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\Extensions\ascsurfingprotection@iobit.com [!] Dossier Non Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\Extensions\ascsurfingprotection@iobit.com ***** [ Fichiers ] ***** [-] Fichier Supprimé : C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\user.js ***** [ Raccourcis ] ***** ***** [ Tâches planifiées ] ***** [-] Tâche Supprimée : dsmonitor [-] Tâche Supprimée : GoforFilesUpdate [-] Tâche Supprimée : MySearchDial ***** [ Registre ] ***** [-] Clé Supprimée : HKLM\SOFTWARE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\bobrowser.exe [-] Clé Supprimée : HKCU\Software\Microsoft\IntelliType Pro\AppSpecific\vosteran.exe [-] Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} [-] Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] [-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FED6A736-129B-49C7-857E-25FC91E87DB3}] [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} [-] Clé Supprimée : HKU\.DEFAULT\Software\Boxore [-] Clé Supprimée : HKCU\Software\Headlight [-] Clé Supprimée : HKCU\Software\Myfree Codec [-] Clé Supprimée : HKCU\Software\SecuredDownload [-] Clé Supprimée : HKCU\Software\WTools [-] Clé Supprimée : HKLM\SOFTWARE\Myfree Codec [-] Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec [!] Clé Non Supprimée : [x64] HKCU\Software\Headlight [!] Clé Non Supprimée : [x64] HKCU\Software\Myfree Codec [!] Clé Non Supprimée : [x64] HKCU\Software\SecuredDownload [!] Clé Non Supprimée : [x64] HKCU\Software\WTools [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EDF0464A38B673448DE688FB6EED214 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632 [-] Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0 ***** [ Navigateurs ] ***** [-] [C:\Users\Jean-Pierre\AppData\Roaming\Mozilla\Firefox\Profiles\mww12rdn.default-1434730301658\prefs.js] [Preference] Supprimée : user_pref("extensions.dashlane.safesearchcapable", false); ************************* :: Paramètres Winsock réinitialisés ************************* C:\AdwCleaner[R2].txt - [19615 octets] - [19/08/2013 06:36:50] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [6849 octets] ########## Allors C koi tous ces trucs ? merci

le 18 septembre 2015
11 réponses

Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

voila C fé ensuite ? merci ! ~ ZHPCleaner v2015.9.18.349 by Nicolas Coolman (2015/09/18) ~ Run by Jean-Pierre (Administrator) (18/09/2015 13:15:10) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Nettoyer ~ Report : C:\Users\Jean-Pierre\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Jean-Pierre\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1 Pro, 64-bit (Build 9600) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (3) SUPPRIMÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [bad : <-loopback>] =>Hijacker.Proxy SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [bad : Port=60994 <-Loopback>] =>Hijacker.Proxy SUPPRIMÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [bad : Port=60994 <-Loopback>] =>Hijacker.Proxy ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (23) ---\\ Tâche planifiée. (6) SUPPRIMÉ tâche: [Driver Detective-RTMRules] [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ tâche: [Driver Detective-RTMScan] [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ tâche: [Driver Detective-RTMUpdater] [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ tâche: [Go for FilesUpdate] [C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (Not File) ] =>PUP.Optional.YourFileDownloader SUPPRIMÉ tâche: [LaunchSignup] [C:\Program Files (x86)\JustCloud\Signup Wizard.exe (Not File) ] =>PUP.Optional.JustCloud SUPPRIMÉ tâche: [Run_Bobby_Browser] [C:\Users\Jean-Pierre\AppData\Local\BoBrowser\Application\bobrowser.exe (Not File) ] =>PUP.Optional.BoBrowser ---\\ Explorateur ( Dossiers, Fichiers ). (61) DEPLACÉ fichier: C:\Users\Public\Desktop\Driver Detective.lnk [bad : P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\inst.exe =>PUP.Optional.Pirrit DEPLACÉ fichier: C:\END =>PUP.Optional.Conduit DEPLACÉ fichier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{34EE8DB6-3208-4B08-A9E3-7A2AEF0DAF40}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\ContinueToSave\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma DEPLACÉ fichier^: C:\ProgramData\InstallMate\ContinueToSave\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.boostrap.log =>PUP.Optional.BubbleDock DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.installation.log =>PUP.Optional.BubbleDock DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Selection Tools.installation.log =>PUP.Optional.Nosibay DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\WindApp.boostrap.log =>PUP.Optional.Nosibay DEPLACÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\WindApp.installation.log =>PUP.Optional.Nosibay DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\0S1P1R2Y1C1P1Q0D1F2W1G1I1F1T1Q =>Adware.InstallCore DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z =>Adware.InstallCore DEPLACÉ dossier: C:\Program Files (x86)\WaInterEnhance =>PUP.Optional.Multiplug DEPLACÉ dossier: C:\ProgramData\InstallMate =>PUP.Optional.Tarma DEPLACÉ dossier: C:\ProgramData\Uniblue =>PUP.Optional.Uniblue DEPLACÉ dossier: C:\ProgramData\PC Drivers HeadQuarters =>PUP.Optional.Generic DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue =>PUP.Optional.Uniblue DEPLACÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance =>PUP.Optional.Multiplug DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\Nosibay =>PUP.Optional.SPointer DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\Store =>PUP.Optional.Nosibay DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\Boxore =>PUP.Optional.Boxore DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\PC_Drivers_Headquarters =>PUP.Optional.Generic DEPLACÉ dossier: C:\Program Files (x86)\Software =>PUP.Optional.Boxore DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\Software =>PUP.Optional.Boxore DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{097AD88A-A02F-4B0A-8991-D1FB250201F6} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{1E070CD6-E4F2-4CDF-B2B8-211EABC24D20} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{3153BE78-6268-4AC7-B064-4B53B78DDC64} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{3E9E40B1-E6CE-4FFF-AFC5-F289E09DD627} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{51372429-A171-468B-80CA-31854B951280} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{655C164D-3DF2-424E-9BB4-108EDA543019} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{6D39A831-A65B-4604-AF5B-F915DA8868C7} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{6EB25C1E-D6D0-495C-875D-6FF3E307FFEA} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{76CC15D2-277A-4B75-881C-1B5C3877DCE8} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{8517B58B-60A6-4B4B-904D-71EA8A944FBA} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{8601A165-2C5B-4097-A59F-463D2A4BD6DE} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{904A4EDD-C290-4DCE-A41C-58080F8EBCA7} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{9BB91A86-2643-471B-9EC6-344F558320DD} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{B2316779-B6D1-4581-A74F-C6E71C4B3DB4} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{B56C94F4-FEA1-4B07-BBD3-C46BC03A0C44} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{BA9DFD06-0563-40C9-AAD1-90194CF001BA} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{D61C712E-5C83-4115-AB9E-29CF5E18F53C} =>Empty DEPLACÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{D81FC177-C4DB-4B79-8D74-62FE47D4600D} =>Empty ---\\ Base de Registres ( Clés, Valeurs, Données ). (59) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN149032[...]] [entrusted Customized Web Search] (PUP.Optional.Conduit) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3327155&octid=EB_ORIGINAL_CTID&ISID=MDF0FDE04-A938-48CC[...]] [Trovi search] (PUP.Optional.Trovigo) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D3F8269A-35D1-4B9A-933E-9FBC6C62352D} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Vosteran] (PUP.Optional.Vosteran) SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Vosteran] (PUP.Optional.Vosteran) SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{1840BB45-BFFE-E008-B403-066558FB0B70} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) SUPPRIMÉ clé*: HKCU\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [] =>PUP.Optional.Vosteran SUPPRIMÉ clé*: [X64] HKLM\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [] =>PUP.Optional.Vosteran SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN14903294502408712] =>PUP.Optional.Conduit SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3327155&octid=EB_ORIGINAL_CTID&ISID=MDF0FDE04-A938-48CC-8023-7B8BA84EAFA1&SearchSource=58&CUI=&UM=8&UP=SP63C77537-C65F-42BE-BCA3-E5B1D0BEDE67&q={searchTerms}&SSPV=] =>PUP.Optional.Trovigo SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D3F8269A-35D1-4B9A-933E-9FBC6C62352D} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu2Z1P1I1P1H1B1Q&cr=197052872&ir=] =>PUP.Optional.MySearchDial SUPPRIMÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0StCtDzyyDtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtDyDyD0Azy0B0FtGzyyCyCyCtG0E0FyE0EtGyE0DtB0FtGtA0E0B0Dzy0AtD0DyB0BtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtB0EtBtC0FyEtAtGzz0B0FyBtGyEtB0F0CtGzz0AyE0CtGyE0Dzz0B0F0FyD0D0D0B0E0B2Q&cr=1460749499&ir=] =>PUP.Optional.Vosteran SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu2Z1P1I1P1H1B1Q&cr=197052872&ir=] =>PUP.Optional.MySearchDial SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0StCtDzyyDtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtDyDyD0Azy0B0FtGzyyCyCyCtG0E0FyE0EtGyE0DtB0FtGtA0E0B0Dzy0AtD0DyB0BtByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtB0EtBtC0FyEtAtGzz0B0FyBtGyEtB0F0CtGzz0AyE0CtGyE0Dzz0B0F0FyD0D0D0B0E0B2Q&cr=1460749499&ir=] =>PUP.Optional.Vosteran SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{1840BB45-BFFE-E008-B403-066558FB0B70} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0CyCyBzytN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu2Z1P1I1P1H1B1Q&cr=197052872&ir=] =>PUP.Optional.MySearchDial SUPPRIMÉ clé*: HKCU\Software\WajIEnhance [] =>PUP.Optional.Wajam SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\ccnfd_1_10_0_4 [C:\WINDOWS\System32\drivers\ccnfd_1_10_0_4.sys (Not File)] =>PUP.Optional.ClickCaption SUPPRIMÉ clé*: HKLM\SYSTEM\CurrentControlSet\Services\wpnfd_1_10_0_6 [C:\WINDOWS\System32\drivers\wpnfd_1_10_0_6.sys (Not File)] =>PUP.Optional.Shopperz SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Boxore [] =>PUP.Optional.Boxore SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Conduit [] =>PUP.Optional.Conduit SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\InstallCore [] =>Adware.InstallCore SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Nosibay [] =>PUP.Optional.SPointer SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\nuevos-programas.com [] =>PUP.Optional.Generic SUPPRIMÉ clé*: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\WaInterEnhance [] =>PUP.Optional.Multiplug SUPPRIMÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\WajIEnhance [] =>PUP.Optional.Multiplug SUPPRIMÉ clé: HKCU\Software\Boxore [] =>PUP.Optional.Boxore SUPPRIMÉ clé: HKCU\Software\Conduit [] =>PUP.Optional.Conduit SUPPRIMÉ clé: HKCU\Software\InstallCore [] =>Adware.InstallCore SUPPRIMÉ clé: HKCU\Software\Nosibay [] =>PUP.Optional.SPointer SUPPRIMÉ clé: HKCU\Software\nuevos-programas.com [] =>PUP.Optional.Generic SUPPRIMÉ clé: HKCU\Software\WaInterEnhance [] =>PUP.Optional.Multiplug SUPPRIMÉ clé*: HKCU\Software\AppDataLow\Software\DynConIE [] =>PUP.Optional.DynConIE SUPPRIMÉ clé*: HKCU\Software\ProductSetup [] =>Adware.InstallCore SUPPRIMÉ clé*: HKCU\Software\Store [] =>PUP.Optional.Generic SUPPRIMÉ clé*: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [iOutlookSecurityManager] =>PUP.Optional.WhiteSmoke SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL [] =>PUP.Optional.BearShare SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Products\1EDF0464A38B673448DE688FB6EED214 [Driver Detective] =>PUP.Optional.DriverDetective SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Driver Detective [] =>PUP.Optional.DriverDetective SUPPRIMÉ clé*: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] =>PUP.Optional.WpManager SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave [betterSoft] =>PUP.Optional.Multiplug SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe [] =>PUP.Optional.Boxore SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00888B8A5D16B5A4D9F9DF44E3F268A9 [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\fr\Agent.ExceptionLogging.resources.dll] =>PUP.Optional.Generic SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Boxore [] =>PUP.Optional.Boxore SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Clara [] =>PUP.Optional.SupTab SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\ClickCaption_1.10.0.4 [] =>PUP.Optional.Generic SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\vi-viewSoftware [] =>PUP.Optional.MyhomeViview SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\WaInterEnhance [] =>PUP.Optional.Multiplug SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\WordProser_1.10.0.6 [] =>PUP.Optional.WordProser SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [iOutlookSecurityManager] =>PUP.Optional.WhiteSmoke SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\WMHelper.DLL [] =>PUP.Optional.BearShare SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec SUPPRIMÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 [] =>PUP.Optional.BProtector SUPPRIMÉ clé*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASMANCS [] =>PUP.Optional.BProtector SUPPRIMÉ clé*: [X64] HKLM\Software\Classes\Installer\Features\1EDF0464A38B673448DE688FB6EED214 [Acresso Software Inc.] =>PUP.Optional.DriverDetective ---\\ Bilan de la réparation ~ Réparation réalisée avec succès. ~ Ce navigateur est absent (Opera Software) ~ Le système a été redémarré. ---\\ Statistiques ~ Items scannés : 756 ~ Items trouvés : 0 ~ Items annulés : 0 ~ Items réparés : 129 ~ End of clean in 1 minutes =================== ZHPCleaner-[R]-18092015-13_16_43.txt ZHPCleaner--18092015-09_17_04.txt ZHPCleaner--18092015-13_12_26.txt

le 18 septembre 2015
11 réponses

Des trucs bizarres

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

C karément une colonie de truc et merci pour ZHPDiag ~ ZHPCleaner v2015.9.18.349 by Nicolas Coolman (2015/09/18) ~ Run by Jean-Pierre (Administrator) (18/09/2015 09:05:41) ~ Site : http://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Pas de fichier réseau ~ Type : Scanner ~ Report : C:\Users\Jean-Pierre\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Jean-Pierre\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 8.1 Pro, 64-bit (Build 9600) ---\\ Service. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Navigateur internet. (5) TROUVÉ Chrome Secure Preferences: "http://fr.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adsrch_15_27&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0EtD0C0ByE0E0A0AtA0AtDtCyCzzyByEtN0D0Tzu0StCtBzztCtN1L2XzutAtFtCtDtFtCtDtFtCtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyCyDyC0A0C0DzyyEtGtA0D0E0BtGyDyB0EzytGyDyC0CyBtGyEzytCtByDyEtB0AtAzyyD0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtB0EtBtC0FyEtAtGzz0B0FyBtGyEtB0F0CtGzz0AyE0CtGyE0Dzz0B0F0FyD0D0D0B0E0B2QtN0A0LzutB%26cr%3D233983243%26a%3Dwncy_adsrch_15_27%26os%3DWindows 8.1 Pro" =>PUP.Optional.Browser TROUVÉ Chrome Secure Preferences: "http://www.trovi.com/?gd=&ctid=CT3327155&octid=EB_ORIGINAL_CTID&ISID=MDF0FDE04-A938-48CC-8023-7B8BA84EAFA1&SearchSource=55&CUI=&UM=8&UP=SP63C77537-C65F-42BE-BCA3-E5B1D0BEDE67&SSPV=" =>PUP.Optional.Trovigo TROUVÉ donnée: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [bad : <-loopback>] =>Hijacker.Proxy TROUVÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [bad : Port=60994 <-Loopback>] =>Hijacker.Proxy TROUVÉ donnée: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [bad : Port=60994 <-Loopback>] =>Hijacker.Proxy ---\\ Fichier hôte. (1) ~ Le fichier hôte est légitime. (23) ---\\ Tâche planifiée. (0) ~ Aucun élément malicieux ou superflu trouvé. ---\\ Explorateur ( Dossiers, Fichiers ). (88) TROUVÉ fichier: C:\Users\Public\Desktop\Driver Detective.lnk [bad : P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\inst.exe =>PUP.Optional.Pirrit TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\0S1P1R2Y1C1P1Q0D1F2W1G1I1F1T1Q =>Adware.InstallCore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\1H1Q1V0B1L1G1N1V0M1P1Q1L1T0D1P1E2Z =>Adware.InstallCore TROUVÉ fichier: P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe [PC Drivers Headquarters - Driver Detective] =>PUP.Optional.DriverDetective TROUVÉ fichier: C:\Users\Public\Desktop\Driver Detective.lnk =>PUP.Optional.DriverDetective TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\inst.exe =>Adware.GenericTask TROUVÉ fichier: C:\END =>PUP.Optional.Conduit TROUVÉ fichier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{34EE8DB6-3208-4B08-A9E3-7A2AEF0DAF40}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C}\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C}\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\ContinueToSave\Setup.exe [Tarma Software Research Pty Ltd - InstallMate® Setup] =>PUP.Optional.Tarma TROUVÉ fichier: C:\ProgramData\InstallMate\ContinueToSave\TsuDll.dll [Tarma Software Research Pty Ltd - InstallMate® Setup Library] =>PUP.Optional.Tarma TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.boostrap.log =>PUP.Optional.BubbleDock TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Bubble Dock.installation.log =>PUP.Optional.BubbleDock TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\Selection Tools.installation.log =>PUP.Optional.Nosibay TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\WindApp.boostrap.log =>PUP.Optional.Nosibay TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Roaming\WindApp.installation.log =>PUP.Optional.Nosibay TROUVÉ fichier: C:\Program Files (x86)\WaInterEnhance\uninstall.exe =>PUP.Optional.Multiplug TROUVÉ dossier: C:\Program Files (x86)\WaInterEnhance\Logos =>PUP.Optional.Multiplug TROUVÉ dossier: C:\Program Files (x86)\WaInterEnhance\WaInterEnhance Internet Enhancer =>PUP.Optional.Multiplug TROUVÉ dossier: C:\Program Files (x86)\WaInterEnhance =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\InstallMate\ContinueToSave =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{04FADC8A-56E0-4FCC-AD27-1EC2DF19FE7C} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{34EE8DB6-3208-4B08-A9E3-7A2AEF0DAF40} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{50D9D07F-B7A9-470D-A5E6-FF8B8B3AF289} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{5841400F-3212-4328-A1C3-7A3083A262F9} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{69D38838-D637-4C93-AE78-9E15B230AACE} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{9A8D3006-F808-408A-A261-B02A416E12F0} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{A2327700-C888-44B3-A658-80AA79D155F6} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{AC156068-170F-434D-A1A6-5F2D77F6429E} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{BEE45621-7A9B-4A9F-A874-32B9650774D7} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate\{FA7EAD19-4E56-41DC-A337-0674219D8FEF} =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\InstallMate =>PUP.Optional.Tarma TROUVÉ dossier: C:\ProgramData\Uniblue =>PUP.Optional.Uniblue TROUVÉ dossier: C:\ProgramData\PC Drivers HeadQuarters\Driver Detective =>PUP.Optional.Generic TROUVÉ dossier: C:\ProgramData\PC Drivers HeadQuarters =>PUP.Optional.Generic TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Settings.lnk =>PUP.Optional.Multiplug TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\SignIn with Facebook.lnk =>PUP.Optional.Multiplug TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\SignIn with Twitter.lnk =>PUP.Optional.Multiplug TROUVÉ fichier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Wajam Website.lnk =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Explore Social Search =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Explore Social Shopping =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance\Uninstall Wajam =>PUP.Optional.Multiplug TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue =>PUP.Optional.Uniblue TROUVÉ dossier: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance =>PUP.Optional.Multiplug TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\Nosibay =>PUP.Optional.SPointer TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Roaming\Store =>PUP.Optional.Nosibay TROUVÉ fichier: C:\Users\Jean-Pierre\AppData\Local\Boxore\state =>PUP.Optional.Boxore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\PC_Drivers_Headquarters\DriversHQ.DriverDetective_Url_uenscafeta3ej1h3okzwr43igkmes2ca =>PUP.Optional.Generic TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\Boxore =>PUP.Optional.Boxore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\PC_Drivers_Headquarters =>PUP.Optional.Generic TROUVÉ dossier: C:\Program Files (x86)\Software =>PUP.Optional.Boxore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\Software =>PUP.Optional.Boxore TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{097AD88A-A02F-4B0A-8991-D1FB250201F6} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{1E070CD6-E4F2-4CDF-B2B8-211EABC24D20} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{3153BE78-6268-4AC7-B064-4B53B78DDC64} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{3E9E40B1-E6CE-4FFF-AFC5-F289E09DD627} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{51372429-A171-468B-80CA-31854B951280} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{655C164D-3DF2-424E-9BB4-108EDA543019} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{6D39A831-A65B-4604-AF5B-F915DA8868C7} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{6EB25C1E-D6D0-495C-875D-6FF3E307FFEA} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{76CC15D2-277A-4B75-881C-1B5C3877DCE8} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{8517B58B-60A6-4B4B-904D-71EA8A944FBA} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{8601A165-2C5B-4097-A59F-463D2A4BD6DE} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{904A4EDD-C290-4DCE-A41C-58080F8EBCA7} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{9BB91A86-2643-471B-9EC6-344F558320DD} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{B2316779-B6D1-4581-A74F-C6E71C4B3DB4} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{B56C94F4-FEA1-4B07-BBD3-C46BC03A0C44} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{BA9DFD06-0563-40C9-AAD1-90194CF001BA} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{D61C712E-5C83-4115-AB9E-29CF5E18F53C} =>Empty TROUVÉ dossier: C:\Users\Jean-Pierre\AppData\Local\{D81FC177-C4DB-4B79-8D74-62FE47D4600D} =>Empty ---\\ Base de Registres ( Clés, Valeurs, Données ). (55) TROUVÉ clé: HKCU\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [] =>PUP.Optional.Vosteran TROUVÉ clé: [X64] HKLM\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [] =>PUP.Optional.Vosteran TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN149032[...]] [entrusted Customized Web Search] (PUP.Optional.Conduit) TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} [http://www.trovi.com/Results.aspx?gd=&ctid=CT3327155&octid=EB_ORIGINAL_CTID&ISID=MDF0FDE04-A938-48CC[...]] [Trovi search] (PUP.Optional.Trovigo) TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D3F8269A-35D1-4B9A-933E-9FBC6C62352D} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) TROUVÉ clé: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Vosteran] (PUP.Optional.Vosteran) TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{290DEA20-9E04-F78E-F18D-5641ADA55C0C} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} [http://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tele_15_01_ff&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Vosteran] (PUP.Optional.Vosteran) TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{1840BB45-BFFE-E008-B403-066558FB0B70} [http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=telemsd&cd=2XzuyEtN2Y1L1Qzu0EtD0C0By[...]] [Mysearchdial] (PUP.Optional.MySearchDial) TROUVÉ clé: HKCU\Software\WajIEnhance [] =>PUP.Optional.Wajam TROUVÉ clé: HKCU\Software\InstallCore\1I1T1Q1S [] =>Heuristic.InstallCore TROUVÉ clé: HKCU\Software\InstallCore\Uninstall [] =>Heuristic.InstallCore TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\ccnfd_1_10_0_4 [C:\WINDOWS\System32\drivers\ccnfd_1_10_0_4.sys (Not File)] =>PUP.Optional.ClickCaption TROUVÉ clé: HKLM\SYSTEM\CurrentControlSet\Services\wpnfd_1_10_0_6 [C:\WINDOWS\System32\drivers\wpnfd_1_10_0_6.sys (Not File)] =>PUP.Optional.Shopperz TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Boxore [] =>PUP.Optional.Boxore TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Conduit [] =>PUP.Optional.Conduit TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\InstallCore [] =>Adware.InstallCore TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\Nosibay [] =>PUP.Optional.SPointer TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\nuevos-programas.com [] =>PUP.Optional.Generic TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\WaInterEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: HKEY_USERS\S-1-5-21-3302536689-2769176284-1198973107-1000\Software\WajIEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: HKCU\Software\Boxore [] =>PUP.Optional.Boxore TROUVÉ clé: HKCU\Software\Conduit [] =>PUP.Optional.Conduit TROUVÉ clé: HKCU\Software\InstallCore [] =>Adware.InstallCore TROUVÉ clé: HKCU\Software\Nosibay [] =>PUP.Optional.SPointer TROUVÉ clé: HKCU\Software\nuevos-programas.com [] =>PUP.Optional.Generic TROUVÉ clé: HKCU\Software\WaInterEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: HKCU\Software\WajIEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: HKCU\Software\AppDataLow\Software\DynConIE [] =>PUP.Optional.DynConIE TROUVÉ clé: HKCU\Software\ProductSetup [] =>Adware.InstallCore TROUVÉ clé: HKCU\Software\Store [] =>PUP.Optional.Generic TROUVÉ clé: HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update [] =>PUM.Security.Hijack TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [iOutlookSecurityManager] =>PUP.Optional.WhiteSmoke TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL [] =>PUP.Optional.BearShare TROUVÉ clé: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec TROUVÉ clé: [X64] HKLM\Software\Classes\Installer\Products\1EDF0464A38B673448DE688FB6EED214 [Driver Detective] =>PUP.Optional.DriverDetective TROUVÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Driver Detective [] =>PUP.Optional.DriverDetective TROUVÉ clé: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] =>PUP.Optional.WpManager TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave [betterSoft] =>PUP.Optional.Multiplug TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe [] =>PUP.Optional.Boxore TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective TROUVÉ clé: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00888B8A5D16B5A4D9F9DF44E3F268A9 [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\fr\Agent.ExceptionLogging.resources.dll] =>PUP.Optional.Generic TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Boxore [] =>PUP.Optional.Boxore TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Clara [] =>PUP.Optional.SupTab TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\ClickCaption_1.10.0.4 [] =>PUP.Optional.Generic TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\vi-viewSoftware [] =>PUP.Optional.MyhomeViview TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\WaInterEnhance [] =>PUP.Optional.Multiplug TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\WordProser_1.10.0.6 [] =>PUP.Optional.WordProser TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [iOutlookSecurityManager] =>PUP.Optional.WhiteSmoke TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\WMHelper.DLL [] =>PUP.Optional.BearShare TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman] =>Trojan.Camec TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\DriversHQ.DriverDetective.Client.exe [P:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe] =>PUP.Optional.DriverDetective TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 [] =>PUP.Optional.BProtector TROUVÉ clé: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASMANCS [] =>PUP.Optional.BProtector TROUVÉ clé: [X64] HKLM\Software\Classes\Installer\Features\1EDF0464A38B673448DE688FB6EED214 [Driver Detective] =>PUP.Optional.DriverDetective ---\\ Bilan de la réparation ~ Aucune réparation effectuée. ~ Ce navigateur est absent (Opera Software) ---\\ Statistiques ~ Items scannés : 90723 ~ Items trouvés : 157 ~ Items annulés : 0 ~ Items réparés : 0 ~ End of search in 11 minutes =================== ZHPCleaner--18092015-09_17_04.txt

le 18 septembre 2015
11 réponses

Des trucs bizarres

babar91 a posté un sujet dans Analyses et éradication malwares

il se passe des trucs bizar sur mon PC Windows 8.1 Pro Proc Pentium dual-core E5300 2.60 GHz 64 bits merci pour l'aide Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:50:46, on 17/09/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17840) Boot mode: Normal Running processes: C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe P:\Program Files (x86)\IObit Uninstaller\UninstallMonitor.exe P:\Program Files (x86)\Microsoft Money\System\mnyexpr.exe C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\Dashlane.exe C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\DashlanePlugin.exe C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe P:\Program Files (x86)\Unlocker\UnlockerAssistant.exe C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe P:\Program Files (x86)\Hard Drive Inspector\HDInspector.exe P:\Program Files (x86)\Cobian Backup 11\Cobian.exe P:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe P:\Program Files (x86)\Cobian Backup 11\cbInterface.exe P:\Program Files (x86)\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe P:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe P:\Program Files (x86)\Mozilla Firefox\firefox.exe P:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - P:\Program Files (x86)\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL O3 - Toolbar: Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\ie\KWIEBar.dll O4 - HKLM\..\Run: [mgeNetSystray] P:\Program Files (x86)\EATON\NetworkShutdownModule\bin\netsystray\mgeNetSystray.exe -deferred O4 - HKLM\..\Run: [MRUTray] P:\Program Files (x86)\Marvell\raid\tray\MarvellTray.exe O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [Turbo Key] "P:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe" O4 - HKLM\..\Run: [unlockerAssistant] "P:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe O4 - HKLM\..\Run: [HDInspector.exe] P:\Program Files (x86)\Hard Drive Inspector\HDInspector.exe O4 - HKLM\..\Run: [Cobian Backup 11] "P:\Program Files (x86)\Cobian Backup 11\Cobian.exe" O4 - HKLM\..\Run: [sDTray] "P:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [AvastUI.exe] "P:\Program Files (x86)\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sMSTray] C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Fitbit Connect] "P:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun O4 - HKCU\..\Run: [MoneyAgent] "P:\Program Files (x86)\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Dashlane] "C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jean-Pierre\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [DashlanePlugin] "C:\Users\Jean-Pierre\AppData\Roaming\Dashlane\DashlanePlugin.exe" ws O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto O4 - HKCU\..\Run: [Fitbit Connect] "P:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted IP range: http://127.0.0.1 O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - http://support.asus.com/select/asusTek_sys_ctrl3.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30011 (AppHostSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe O23 - Service: ATK Fast User Switch Service (ATKFUSService) - Unknown owner - C:\Windows\system32\ATKFUSService.exe (file missing) O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - P:\Program Files (x86)\AVAST Software\Avast\AvastSvc.exe O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - P:\Program Files (x86)\AVAST Software\Avast\afwServ.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - P:\Program Files (x86)\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @combase.dll,-5012 (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: devolo Network Service (DevoloNetworkService) - devolo AG - P:\Program Files (x86)\devolo\dlan\devolonetsvc.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Fitbit Connect Service (Fitbit Connect) - Fitbit, Inc. - P:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\WINDOWS\system32\msiexec.exe O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing) O23 - Service: Origin Client Service - Electronic Arts - P:\Jeux\EA GAMES\Origin\OriginClientService.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\WINDOWS\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @combase.dll,-5010 (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - P:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - P:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - P:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - P:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\WINDOWS\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @oem151.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing) O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30014 (w3logsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30003 (W3SVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wephostsvc.dll,-100 (WEPHOSTSVC) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiarpc.dll,-2 (WiaRpc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (WlanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wlidsvc.dll,-100 (wlidsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%systemroot%\system32\workfolderssvc.dll,-102 (workfolderssvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\WINDOWS\system32\SearchIndexer.exe O23 - Service: @%SystemRoot%\system32\WSService.dll,-103 (WSService) - Unknown owner - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe -- End of file - 31257 bytes

le 17 septembre 2015
11 réponses

Aie Avast

babar91 a posté un sujet dans Analyses et éradication malwares

Avast trouve un virus mais il reviens a chaque fois Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:58:49, on 27/04/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ASUS\WLAN Card Utilities\Center.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Messenger\msmsgs.exe C:\Documents and Settings\F.CHARDEAUX\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Program Files\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens F3 - REG:win.ini: load=C:\WINDOWS\svchost.exe O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\F.CHARDEAUX\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/betaactivesca...s/as2stubie.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1191069404474 O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- End of file - 5656 bytes Qui peu me dire quoi C

le 27 avril 2009
1 réponse

Bizar ( Resolu )

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

MB Clock c'est ma pendule Norton Systen Doctor d"fragmente les disques au démarage Wenshot > Change écran Mezaniv > ne marche que s'il y a une date BTTray > je l'ai stopé CleanSweep > aussi Microsoft Office > c'est la barre Office Bon voila et merci pour tout Babar

le 10 septembre 2006
9 réponses

Bizar ( Resolu )

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

Bon j'ai Vu 2 / 3 trucs que j'ai botté en touche heu j'ai oublié comment on clos le dialogue ! merci a tous

le 9 septembre 2006
9 réponses

Bizar ( Resolu )

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

Menu Démarer mbclock Norton System Doctor Webshots Mezaniv SpywareGuard BTTray CleanSweep Smart Sweep-Internet Sweep Microsoft Office

le 9 septembre 2006
9 réponses

Bizar ( Resolu )

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

j'ai trouvé c'était bien un prog qui bloquait > VSO Inspector < car - SpywareGuard et Winpooch sont installés depuis longtemps mais ça ma mis sur la piste - pour les programmes en trop c'est lequels ? merci encore

le 9 septembre 2006
9 réponses

Bizar ( Resolu )

babar91 a posté un sujet dans Analyses et éradication malwares

bonjour et merci de me dire si ya pas un truc déplésant qui traine norton ne veux plus analiser Logfile of HijackThis v1.99.1 Scan saved at 10:27:09, on 09/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe D:\Symantec\Norton Ghost\Agent\GhostTray.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe D:\Winpooch\Winpooch.exe D:\Sitecom\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\rundll32.exe D:\Winamp\winampa.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\DVDRAMSV.exe D:\Copernic Desktop Search\CopernicDesktopSearch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe D:\ewido anti-malware\ewidoctrl.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe D:\Sitecom\Logiciel Bluetooth\BTTray.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe C:\Program Files\Microsoft Office\Office10\msoffice.exe D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE D:\MB Softs\MB Clock\mbclock.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE D:\SpywareGuard\sgmain.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe D:\Webshots\webshots.scr D:\SpywareGuard\sgbhp.exe C:\WINDOWS\System32\svchost.exe D:\Wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe D:\Sitecom\LOGICI~1\BTSTAC~1.EXE C:\WINDOWS\system32\cidaemon.exe D:\Winamp\Winamp.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Messenger\msmsgs.exe D:\eMule\emule.exe D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.genealogie.com/v2/membres-mon-c...alogie-en-ligne R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\GetRight\xx2gr.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\SpywareGuard\dlprotect.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [Winpooch] D:\Winpooch\Winpooch.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [WinampAgent] D:\Winamp\winampa.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Copernic Desktop Search] "D:\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EA Downloader\Core.exe -silent O4 - Startup: mbclock.lnk = D:\MB Softs\MB Clock\mbclock.exe O4 - Startup: Mezaniv.lnk = D:\Mezaniv\MEZANIV.EXE O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Startup: SpywareGuard.lnk = D:\SpywareGuard\sgmain.exe O4 - Startup: Webshots.lnk = D:\Webshots\Launcher.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Thumbs.db O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Envoyer à &Bluetooth - D:\Sitecom\Logiciel Bluetooth\btsendto_ie_ctx.htm O8 - Extra context menu item: Ouvrir avec GetRight - D:\GetRight\GRbrowse.htm O8 - Extra context menu item: Surligner en Jaune - C:\WINDOWS\web\MarqueurFluoYellow.htm O8 - Extra context menu item: Télecharger avec GetRight - D:\GetRight\GRdownload.htm O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM95\aim.exe O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Sitecom\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Sitecom\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O15 - Trusted Zone: http://officebeta.iponet.net O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/LSSupCtl.cab O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/as...rl/SymAData.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\btxppanel.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - D:\Sitecom\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: wampmysqld - Unknown owner - D:\Wamp\mysql\bin\mysqld-nt.exe merci et @ +

le 9 septembre 2006
9 réponses

Caps lock [RESOLU]

babar91 a répondu à un(e) sujet de babar91 dans Software

je viens de changer d'utilisateur et je n'ai plus de problème avec caps lock !!! Ah Ke ça c'est remis en place aprés la manip bon merci pour tout

le 1 mai 2006
4 réponses

REGULARISATION LICENCE XP

babar91 a répondu à un(e) sujet de TESTEUR dans Software

salut Tu met le nouveau CD et tu repare > la clé correspont au CD c'est tout

le 1 mai 2006
28 réponses

Caps lock [RESOLU]

babar91 a répondu à un(e) sujet de babar91 dans Software

ça a rien donné j'ai un clavier microsoft office keyboard sur port USB et un clavier standard 101/102 touches sur PS2 chacun séparément ou les 2 ensemble c'est pareil idée suivante merci

le 29 avril 2006
4 réponses

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

merci pour tout c'est impec nickel chrome

le 29 avril 2006
36 réponses

Caps lock [RESOLU]

babar91 a posté un sujet dans Software

bonjour le problème est quand je me sers de la touche caps lock j'obtiens l'effet de la touche windows donc pour écrire en majuscule je suis forcé de tenir la touche MAJ j'ai chercher sur d'autre forum je suis apparramant pas le seul a avoir ce problème mais personne n'a de solution j'ai utilisé 2 clavier differrant mais c'est parreil

le 29 avril 2006
4 réponses

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

AH KE COUCOU Logfile of HijackThis v1.99.1 Scan saved at 17:31:04, on 29/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe D:\Symantec\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe D:\Winpooch\Winpooch.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe D:\Copernic Desktop Search\CopernicDesktopSearch.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\WINDOWS\system32\cisvc.exe C:\WINDOWS\System32\DVDRAMSV.exe D:\ewido anti-malware\ewidoctrl.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe D:\ewido anti-malware\ewidoguard.exe C:\WINDOWS\system32\RAMASST.exe D:\Change Ecran\Change Ecran.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe D:\MB Softs\MB Clock\mbclock.exe C:\WINDOWS\system32\ntvdm.exe D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE C:\Program Files\Microsoft Office\Office10\msoffice.exe C:\WINDOWS\System32\svchost.exe D:\Wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe C:\Program Files\Norton SystemWorks\Norton Utilities\Speed Disk\SDNTC.EXE D:\Hijackthis\HijackThis.exe C:\WINDOWS\system32\wuauclt.exe O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [Winpooch] D:\Winpooch\Winpooch.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Copernic Desktop Search] "D:\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Change Ecran.LNK = D:\Change Ecran\Change Ecran.exe O4 - Startup: mbclock.lnk = D:\MB Softs\MB Clock\mbclock.exe O4 - Startup: Mezaniv.lnk = D:\Mezaniv\MEZANIV.EXE O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: Thumbs.db O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - D:\ewido anti-malware\ewidoguard.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: wampmysqld - Unknown owner - D:\Wamp\mysql\bin\mysqld-nt.exe et hop pour le clavier

le 29 avril 2006
36 réponses

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

A ke je veu mon nveu bonsoir et merci pour tout le clavier ça a pas marché je continurais ma frappe en minuscules je suis d'accord pour optimiser mes arrivé un truc bizar quand j'ai ouvert l'explorateur j'avais le cadre tout noir j'ai redémarer et c'est rentré dans l'ordre bon @ plus

le 28 avril 2006
36 réponses

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

[ j'ai 2 claviers différant c'est pariel sur les 2 un USB un sur le port clavier pour cette clé que je n'ai pas elle sert a quoi > HKEY_LOCAL_MACHINE\Software\ddm < les points de restauration je l'ai deja fait bon @+

le 27 avril 2006
36 réponses

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

bonjour Logfile of HijackThis v1.99.1 Scan saved at 07:25:57, on 27/04/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Anvshell.exe C:\Program Files\ASUS\Probe\AsusProb.exe C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE D:\Symantec\Norton Ghost\Agent\GhostTray.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe D:\ASUSTek\ASUSDVD\PDVDServ.exe C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\System32\DVDRAMSV.exe D:\ewido anti-malware\ewidoctrl.exe D:\ewido anti-malware\ewidoguard.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe D:\Winpooch\Winpooch.exe C:\WINDOWS\System32\GEARSec.exe C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe D:\Copernic Desktop Search\CopernicDesktopSearch.exe C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe D:\Wamp\mysql\bin\mysqld-nt.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe C:\Program Files\Microsoft Office\Office10\msoffice.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\RAMASST.exe D:\Change Ecran\Change Ecran.exe D:\HotKeys\HotKeys.exe D:\MB Softs\MB Clock\mbclock.exe C:\WINDOWS\system32\ntvdm.exe C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\GetRight\xx2gr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: BHO pour Compagnon Web Encarta - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Onfolio Helper - {ba727652-f90e-4d82-9ce4-98766dffc375} - C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfoliox.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - D:\STARDO~1\SDIEInt.dll O3 - Toolbar: Onfolio - {1fea1109-9f65-4fdc-aec5-033f6cc60641} - mscoree.dll (file missing) O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Compagnon Web Encarta - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - D:\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\Anvshell.exe O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Probe\AsusProb.exe O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM\..\Run: [OnfolioStorage] "C:\Program Files\Microsoft Partner Pack\Onfolio Express\onfserv.exe" nosignal O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Symantec\Norton Ghost\Agent\GhostTray.exe O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [RemoteControl] D:\ASUSTek\ASUSDVD\PDVDServ.exe O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Winpooch] D:\Winpooch\Winpooch.exe O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [Copernic Desktop Search] "D:\Copernic Desktop Search\CopernicDesktopSearch.exe" /tray O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Change Ecran.LNK = D:\Change Ecran\Change Ecran.exe O4 - Startup: HotKeys.lnk = ? O4 - Startup: mbclock.lnk = D:\MB Softs\MB Clock\mbclock.exe O4 - Startup: Mezaniv.lnk = D:\Mezaniv\MEZANIV.EXE O4 - Startup: MSN Pictures Displayer.lnk = D:\MSN Pictures Displayer\MSN Pictures Displayer.exe O4 - Startup: Norton System Doctor.LNK = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\CsinsmNT.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = D:\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O4 - Global Startup: Thumbs.db O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: Capture &Image To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Capture &Page To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddLinkEntryFromDocument.html O8 - Extra context menu item: Capture &Snippet To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentSelection.html O8 - Extra context menu item: Capture &Target To Onfolio... - res://C:\Program Files\Microsoft Partner Pack\Onfolio Express\Onfolio.WindowsResources.dll/AddEntryFromDocumentElement.html O8 - Extra context menu item: Chercher avec Copernic Agent - D:\Copernic Agent\Web\SearchExt.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir avec GetRight - D:\GetRight\GRbrowse.htm O8 - Extra context menu item: Ouvrir le cadre dans une nouvelle fenêtre - file://C:\WINDOWS\web\nvcadre.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Surligner en Jaune - C:\WINDOWS\web\MarqueurFluoYellow.htm O8 - Extra context menu item: Télecharger avec GetRight - D:\GetRight\GRdownload.htm O8 - Extra context menu item: Télécharger avec Star Downloader - D:\Star Downloader\sdie.htm O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: Voir les cookies - C:\WINDOWS\web\showcookies.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: (no name) - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Capture... - {2fc2f9a4-c43e-42c0-9490-19d6be8b1726} - mscoree.dll (file missing) O9 - Extra button: Onfolio - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra 'Tools' menuitem: Onfolio Collection Explorer - {30e2a68b-20f5-419d-bbb9-dce92edc4e67} - mscoree.dll (file missing) O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan/fr...n_principal.htm (file missing) O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - D:\COPERN~1\COPERN~1.EXE O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - D:\AIM95\aim.exe O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Downloads - {FA89F458-2DF1-494a-A66D-47BF7F04E713} - C:\WINDOWS\system32\Shdocvw.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe O23 - Service: ewido security suite control - ewido networks - D:\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - D:\ewido anti-malware\ewidoguard.exe O23 - Service: Service de sécurité matérielle (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\GEARSec.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Ghost - Symantec Corporation - D:\Symantec\Norton Ghost\Agent\PQV2iSvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~4\SPEEDD~1\NOPDB.EXE O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe O23 - Service: wampmysqld - Unknown owner - D:\Wamp\mysql\bin\mysqld-nt.exe cette ligne me parrais bizare > O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) sinon je n'ai pas cette ligne que tu m'avais demandé de regarder > HKEY_LOCAL_MACHINE\Software\ddm et mon clavier es toujour pareil " caps lock > windows @ +

le 27 avril 2006
36 réponses

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

j'ai refais un scan panda Incident Statut Analyse Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Jean-Pierre\Application Data\Mozilla\Profiles\default\oq6ubwee.slt\cookies.txt[.xiti.com/] Spyware:Cookie/Tribalfusion No Désinfecté C:\Documents and Settings\Jean-Pierre\Cookies\jean-pierre@tribalfusion[1].txt Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Jean-Pierre\Cookies\jean-pierre@weborama[2].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Jean-Pierre\Cookies\jean-pierre@xiti[1].txt Virus Eventuel. No Désinfecté D:\ATF-cleaner\ATF-Cleaner.exe Virus Eventuel. No Désinfecté R:\Alcoho.rar[setup.msi][unk_0046] Virus Eventuel. No Désinfecté R:\ATF-Cleaner.exe rien de spécial par contre je ne peut pas me servir de > regsearch.exe il utilise le pross a 100% pour la clef sus dite elle est pas la

le 26 avril 2006
36 réponses

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

ya un truc quand mème j'ai refais une recherche avec jv 16 qui n'a rien trouvé allors que panda a trouvé ça diytoolbar istbar ncase sidefind bon je verrais se soir

le 26 avril 2006
36 réponses

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

babar91 a répondu à un(e) sujet de babar91 dans Analyses et éradication malwares

bonjour résultat du dernier scan ??? j'avais tout virer mais c'est revenu !!!!! ou est le loup Incident Statut Analyse Outil indésirable:application/funweb No Désinfecté hkey_local_machine\software\FunWebProducts Adware:adware/diytoolbar No Désinfecté Registre Windows Adware:adware/ist.istbar No Désinfecté Registre Windows Adware:adware/ncase No Désinfecté Registre Windows Adware:adware/ist.sidefind No Désinfecté Registre Windows Outil indésirable:application/mywebsearch No Désinfecté HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Jean-Pierre\Application Data\Mozilla\Profiles\default\oq6ubwee.slt\cookies.txt[.xiti.com/] Spyware:Cookie/Tribalfusion No Désinfecté C:\Documents and Settings\Jean-Pierre\Cookies\jean-pierre@tribalfusion[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Jean-Pierre\Cookies\jean-pierre@xiti[1].txt que se passe t'il PS m'on clavier pas de résultat

le 26 avril 2006
36 réponses

Connexion

babar91

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par babar91

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Des trucs bizarres

Aie Avast

Bizar ( Resolu )

Bizar ( Resolu )

Bizar ( Resolu )

Bizar ( Resolu )

Bizar ( Resolu )

Caps lock [RESOLU]

REGULARISATION LICENCE XP

Caps lock [RESOLU]

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

Caps lock [RESOLU]

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

Saleté de dofgnqmsld!fjdfg Spyware [résolu]

Zebulon

Outils en ligne

Naviguer