lenovice2828

un grand merci en effet depuis votre grand nettoyage,le pc est tres fluides,j essaye d analyser le fichier joint pour comprendre comment avez vous fait pour faire une analyse si rapide et tellement efficase.

bonsoir voici le rapport par contre il n y a pas eu de nettoye mais de fix je pense que c est la meme chose sinon est ce vous qui avez trouver les failles ou un logiciel car le retour a ete tres rapide Rapport de ZHPFix 1.12.3381 par Nicolas Coolman, Update du 08/02/2011 Fichier d'export Registre : Run by Lilibeth at 3/10/2012 17:33:54 Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com ========== Registry Key ========== DELETED Key: HKCU\Software\Zugo NOT FOUND Key: HKLM\Software\Iminent DELETED Key: HKLM\Software\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B} DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B} DELETED Key: HKLM\Software\WOW6432Node\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} DELETED Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E} DELETED Key: HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} DELETED Key: HKLM\Software\WOW6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1} DELETED Key: HKLM\Software\WOW6432Node\Iminent DELETED Key**: StartupReg: SweetIM DELETED Key: HKCU\Software\AppDataLow\Software\BitTorrentBar DELETED Key: HKCU\Software\SweetIM NOT FOUND Key: HKLM\Software\SweetIM DELETED Key*: SearchScopes :{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} NOT FOUND SearchScopes :{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} DELETED Key: HKLM\Software\WOW6432Node\SweetIM DELETED Key: HKLM\Software\Classes\Toolbar.CT2790392 ========== Registry Value ========== DELETED [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} DELETED {6B73167F-9688-40D5-88F2-8B6967FB47E6} DELETED {690D14A4-E825-4703-B816-DBDA49B4EB19} DELETED {71B556D1-115C-46FA-B861-1D92BF128484} DELETED {C8A7F044-66BC-4A96-9D9A-29358F99CB48} No Value in Standard Profile Register Key FirewallRaz : No Value in Domain Profile Register Key FirewallRaz : DELETED FirewallRaz (None) : {129B0407-2E25-4556-B9A0-A7603F682F15} DELETED FirewallRaz (Private) : TCP Query User{A3C3B1C2-70FF-45A3-8C0E-B6FDFBFD836C}C:\program files (x86)\bittorrent\bittorrent.exe DELETED FirewallRaz (Private) : UDP Query User{3D6E50F6-A257-4686-86E2-835F489F7986}C:\program files (x86)\bittorrent\bittorrent.exe DELETED FirewallRaz (Private) : {54D8AFC8-0B43-4834-9D38-B5DB9D138E78} DELETED FirewallRaz (Private) : {C8B6951A-3176-4E03-BBAE-C99FE1119C75} DELETED FirewallRaz (Public) : TCP Query User{CCFDDC90-6AA2-41A2-A220-A9476A4BDB76}C:\users\lilibeth\appdata\local\akamai\netsession_win.exe DELETED FirewallRaz (Public) : UDP Query User{82CF6B6D-1990-40A0-9222-5A349D24EC86}C:\users\lilibeth\appdata\local\akamai\netsession_win.exe DELETED FirewallRaz (Public) : TCP Query User{2C636517-6461-4646-B51B-9D2633864993}C:\program files (x86)\bittorrent\bittorrent.exe DELETED FirewallRaz (Public) : UDP Query User{56105AE5-56BB-40BF-87CD-D87B8BAC4054}C:\program files (x86)\bittorrent\bittorrent.exe ========== Registry Data Items ========== REMOVED R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant REMOVED R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page REMOVED R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL ========== Browser Profiles ========== DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.admin", false); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.aflt", "orgnl"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.bbDpng", 10); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.cntry", "FR"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.dfltSrch", false); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.excTlbr", false); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.firstRun", false); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.hdrMd5", "D0E0FF449FD166995093CBA98BE69123"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.hmpg", false); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.id", "3a73199fd4484056bd6571c39a0967b2"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.instlDay", "15194"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.lastActv", "15"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.lastDP", 10); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.lastVrsn", "1.4.23.10"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.lastVrsnTs", ""); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "10.0"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.newTab", true); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.newTabUrl", "http://search.babylon.com/?babsrc=NT_FFUP"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.noFFXTlbr", false); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.propectorlck", 69949752); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.ptch_0717", true); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.sid", "3a73199fd4484056bd6571c39a0967b2"); DELETED Mozilla Pref: user_pref("extensions.BabylonToolbar.smplGrp", "free"); DELETED Mozilla Pref: user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true); DELETED Mozilla Pref: user_pref("keyword.URL", "http://search.sweetim.com/search.asp?src=2&q="); DELETED Mozilla Pref: user_pref("CT2790392..clientLogIsEnabled", true); DELETED Mozilla Pref: user_pref("CT2790392..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); DELETED Mozilla Pref: user_pref("CT2790392..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); DELETED Mozilla Pref: user_pref("CT2790392.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); DELETED Mozilla Pref: user_pref("CT2790392.AppTrackingLastCheckTime", "Fri Jul 01 2011 20:55:16 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.CTID", "CT2790392"); DELETED Mozilla Pref: user_pref("CT2790392.CurrentServerDate", "3-7-2011"); DELETED Mozilla Pref: user_pref("CT2790392.DialogsAlignMode", "LTR"); DELETED Mozilla Pref: user_pref("CT2790392.DialogsGetterLastCheckTime", "Wed May 04 2011 14:02:41 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.DownloadReferralCookieData", ""); DELETED Mozilla Pref: user_pref("CT2790392.EMailNotifierPollDate", "Sun Jul 03 2011 09:31:46 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedLastCount129313977501788460", 498); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313974171006416", "Sun Jul 03 2011 08:52:37 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313975698350231", "Sun Jul 03 2011 08:52:37 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313976370850190", "Sun Jul 03 2011 08:52:38 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313976648818968", "Sun Jul 03 2011 08:52:38 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313977444757117", "Sun Jul 03 2011 08:52:38 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313980389131455", "Sun Jul 03 2011 08:52:38 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313980655381977", "Sun Jul 03 2011 08:52:38 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313980886163259", "Sun Jul 03 2011 08:52:38 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313981234756535", "Sun Jul 03 2011 08:52:38 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313983226631720", "Sun Jul 03 2011 08:52:38 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedPollDate129313983607725691", "Sun Jul 03 2011 08:52:39 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.FeedTTL129313974171006416", 10); DELETED Mozilla Pref: user_pref("CT2790392.FeedTTL129313977444757117", 15); DELETED Mozilla Pref: user_pref("CT2790392.FeedTTL129313980655381977", 5); DELETED Mozilla Pref: user_pref("CT2790392.FeedTTL129313981234756535", 5); DELETED Mozilla Pref: user_pref("CT2790392.FirstServerDate", "4-5-2011"); DELETED Mozilla Pref: user_pref("CT2790392.FirstTime", true); DELETED Mozilla Pref: user_pref("CT2790392.FirstTimeFF3", true); DELETED Mozilla Pref: user_pref("CT2790392.FixPageNotFoundErrors", false); DELETED Mozilla Pref: user_pref("CT2790392.GroupingServerCheckInterval", 1440); DELETED Mozilla Pref: user_pref("CT2790392.GroupingServiceUrl", "http://grouping.services.conduit.com/"); DELETED Mozilla Pref: user_pref("CT2790392.HasUserGlobalKeys", true); DELETED Mozilla Pref: user_pref("CT2790392.Initialize", true); DELETED Mozilla Pref: user_pref("CT2790392.InitializeCommonPrefs", true); DELETED Mozilla Pref: user_pref("CT2790392.InstallationAndCookieDataSentCount", 3); DELETED Mozilla Pref: user_pref("CT2790392.InstallationType", "UnknownIntegration"); DELETED Mozilla Pref: user_pref("CT2790392.InstalledDate", "Wed May 04 2011 14:02:39 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.IsGrouping", false); DELETED Mozilla Pref: user_pref("CT2790392.IsMulticommunity", false); DELETED Mozilla Pref: user_pref("CT2790392.IsOpenThankYouPage", true); DELETED Mozilla Pref: user_pref("CT2790392.IsOpenUninstallPage", false); DELETED Mozilla Pref: user_pref("CT2790392.LanguagePackLastCheckTime", "Sat Jul 02 2011 13:54:47 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440); DELETED Mozilla Pref: user_pref("CT2790392.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); DELETED Mozilla Pref: user_pref("CT2790392.LastLogin_3.3.3.2", "Sun Jul 03 2011 08:52:36 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.LatestVersion", "3.3.3.2"); DELETED Mozilla Pref: user_pref("CT2790392.Locale", "en"); DELETED Mozilla Pref: user_pref("CT2790392.MCDetectTooltipHeight", "83"); DELETED Mozilla Pref: user_pref("CT2790392.MCDetectTooltipShow", false); DELETED Mozilla Pref: user_pref("CT2790392.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); DELETED Mozilla Pref: user_pref("CT2790392.MCDetectTooltipWidth", "295"); DELETED Mozilla Pref: user_pref("CT2790392.SearchFromAddressBarIsInit", true); DELETED Mozilla Pref: user_pref("CT2790392.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&q="); DELETED Mozilla Pref: user_pref("CT2790392.SearchInNewTabEnabled", true); DELETED Mozilla Pref: user_pref("CT2790392.SearchInNewTabIntervalMM", 1440); DELETED Mozilla Pref: user_pref("CT2790392.SearchInNewTabLastCheckTime", "Sat Jul 02 2011 13:54:46 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); DELETED Mozilla Pref: user_pref("CT2790392.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests? DELETED Mozilla Pref: user_pref("CT2790392.SettingsLastCheckTime", "Sun Jul 03 2011 08:52:35 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.SettingsLastUpdate", "1308223335"); DELETED Mozilla Pref: user_pref("CT2790392.ThirdPartyComponentsInterval", 504); DELETED Mozilla Pref: user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Fri Jun 17 2011 12:40:39 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1246786978"); DELETED Mozilla Pref: user_pref("CT2790392.TrusteLinkUrl", "http://trust.conduit.com/CT2790392"); DELETED Mozilla Pref: user_pref("CT2790392.UserID", "UN35519887751997425"); DELETED Mozilla Pref: user_pref("CT2790392.ValidationData_Search", 0); DELETED Mozilla Pref: user_pref("CT2790392.ValidationData_Toolbar", 2); DELETED Mozilla Pref: user_pref("CT2790392.WeatherNetwork", ""); DELETED Mozilla Pref: user_pref("CT2790392.WeatherPollDate", "Sun Jul 03 2011 09:22:44 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.WeatherUnit", "C"); DELETED Mozilla Pref: user_pref("CT2790392.alertChannelId", "1182482"); DELETED Mozilla Pref: user_pref("CT2790392.backendstorage.url_history", DELETED Mozilla Pref: user_pref("CT2790392.backendstorage.url_history_time", "31333039363738343235363531"); DELETED Mozilla Pref: user_pref("CT2790392.components.1000034", false); DELETED Mozilla Pref: user_pref("CT2790392.components.1000234", false); DELETED Mozilla Pref: user_pref("CT2790392.components.129298377186544355", false); DELETED Mozilla Pref: user_pref("CT2790392.components.129309565073350181", false); DELETED Mozilla Pref: user_pref("CT2790392.components.129309577647413174", false); DELETED Mozilla Pref: user_pref("CT2790392.components.129309578575850709", false); DELETED Mozilla Pref: user_pref("CT2790392.components.129313977501788460", false); DELETED Mozilla Pref: user_pref("CT2790392.components.129428949113825740", false); DELETED Mozilla Pref: user_pref("CT2790392.components.129526968991422666", false); DELETED Mozilla Pref: user_pref("CT2790392.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\[...] DELETED Mozilla Pref: user_pref("CT2790392.isAppTrackingManagerOn", true); DELETED Mozilla Pref: user_pref("CT2790392.myStuffEnabled", true); DELETED Mozilla Pref: user_pref("CT2790392.myStuffPublihserMinWidth", 400); DELETED Mozilla Pref: user_pref("CT2790392.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29 DELETED Mozilla Pref: user_pref("CT2790392.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx? DELETED Mozilla Pref: user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Sat Jul 02 2011 13:54:48 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Wed May 04 2011 14:02:40 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CT2790392.usagesFlag", 2); DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1182482/1178159/FR", "\"0\""); DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/FR", "\"0\""); DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", "\"0\""); DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"8028f138140cc1:0\""); DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\""); DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392", "\"634434930587600000\""); DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000"); DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"634432176643630000\""); DELETED Mozilla Pref: user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"634432176643630000\""); DELETED Mozilla Pref: user_pref("CommunityToolbar.EngineOwner", "CT2790392"); DELETED Mozilla Pref: user_pref("CommunityToolbar.EngineOwnerGuid", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"); DELETED Mozilla Pref: user_pref("CommunityToolbar.EngineOwnerToolbarId", "bittorrentbar"); DELETED Mozilla Pref: user_pref("CommunityToolbar.IsEngineShown", true); DELETED Mozilla Pref: user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); DELETED Mozilla Pref: user_pref("CommunityToolbar.OriginalEngineOwner", "CT2790392"); DELETED Mozilla Pref: user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"); DELETED Mozilla Pref: user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bittorrentbar"); DELETED Mozilla Pref: user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2790392"); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed May 04 2011 14:02:41 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jul 29 2011 13:06:21 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com"); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.locale", "en"); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Jul 30 2011 18:28:19 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com"); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.showTrayIcon", false); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); DELETED Mozilla Pref: user_pref("CommunityToolbar.alert.userId", "faf127e4-2e6c-4a3a-926d-78fc5e8a578f"); DELETED Mozilla Pref: user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Jul 02 2011 13:54:46 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("CommunityToolbar.globalUserId", "0cdbcee1-e1c4-489d-bfae-9a6489064bf3"); DELETED Mozilla Pref: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); DELETED Mozilla Pref: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); DELETED Mozilla Pref: user_pref("ConduitEngine.AppTrackingLastCheckTime", "Fri Jul 29 2011 18:17:46 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("ConduitEngine.CTID", "ConduitEngine"); DELETED Mozilla Pref: user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Fri Jul 29 2011 22:50:29 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("ConduitEngine.FirstServerDate", "05/04/2011 15"); DELETED Mozilla Pref: user_pref("ConduitEngine.FirstTime", true); DELETED Mozilla Pref: user_pref("ConduitEngine.FirstTimeFF3", true); DELETED Mozilla Pref: user_pref("ConduitEngine.FixPageNotFoundErrors", false); DELETED Mozilla Pref: user_pref("ConduitEngine.HasUserGlobalKeys", true); DELETED Mozilla Pref: user_pref("ConduitEngine.HideEngineAfterRestart", true); DELETED Mozilla Pref: user_pref("ConduitEngine.Initialize", true); DELETED Mozilla Pref: user_pref("ConduitEngine.InitializeCommonPrefs", true); DELETED Mozilla Pref: user_pref("ConduitEngine.InstallationType", "UnknownIntegration"); DELETED Mozilla Pref: user_pref("ConduitEngine.InstalledDate", "Wed May 04 2011 14:02:38 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("ConduitEngine.IsMulticommunity", false); DELETED Mozilla Pref: user_pref("ConduitEngine.IsOpenThankYouPage", false); DELETED Mozilla Pref: user_pref("ConduitEngine.IsOpenUninstallPage", false); DELETED Mozilla Pref: user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Jul 30 2011 18:28:21 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Jul 30 2011 18:28:21 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("ConduitEngine.PublisherContainerWidth", 0); DELETED Mozilla Pref: user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); DELETED Mozilla Pref: user_pref("ConduitEngine.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CTXXXX&q="); DELETED Mozilla Pref: user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Jul 30 2011 18:28:21 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("ConduitEngine.UserID", "UN95937220363090364"); DELETED Mozilla Pref: user_pref("ConduitEngine.engineLocale", "en-US"); DELETED Mozilla Pref: user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Jul 30 2011 18:28:21 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Jul 30 2011 18:28:21 GMT+0200 (Romance Daylight Time)"); DELETED Mozilla Pref: user_pref("ConduitEngine.initDone", true); DELETED Mozilla Pref: user_pref("ConduitEngine.isAppTrackingManagerOn", true); DELETED Mozilla Pref: user_pref("ConduitEngine.usagesFlag", 2); ========== Repertory ========== DELETED Folder: C:\Users\Lilibeth\AppData\Local\MediaGet2 DELETED Folder: c:\users\lilibeth\appdata\locallow\babylontoolbar DELETED Folder: C:\ProgramData\Ask DELETED Folder: c:\users\lilibeth\appdata\locallow\bittorrentbar DELETED Folder: c:\users\lilibeth\appdata\roaming\mozilla\firefox\profiles\zalhux59.default\conduit DELETED Folder: c:\users\lilibeth\appdata\roaming\mozilla\firefox\profiles\zalhux59.default\conduitengine DELETED Folder: C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837} DELETED Flash Cookies: 13 DELETED Window Temporary: : 33 ========== File ========== NOT FOUND Folder/File: c:\users\lilibeth\appdata\local\mediaget2 NOT FOUND File: c:\users\lilibeth\desktop\computer - shortcut.lnk NOT FOUND File: c:\users\lilibeth\desktop\run.lnk NOT FOUND File: c:\program files (x86)\sweetim\messenger\sweetim.exe NOT FOUND File: c:\users\lilibeth\downloads\emco.network.malware.cleaner.v4.2.11.130.incl.keygen-lz0.rar NOT FOUND File: c:\users\lilibeth\downloads\emco.network.malware.cleaner.v4.2.11.130.incl.keygen-lz0\emco.network.malware.cleaner.v4.2.11.130.incl.keygen-lz0\lz0\cle.txt NOT FOUND File: c:\users\lilibeth\downloads\1.60.1.1000_2b\malwarebytes.anti-malware.1.60.0.1800.generic.readnfo_keygen-fff\cle.txt NOT FOUND Folder/File: c:\users\lilibeth\downloads\1.60.1.1000_2b\malwarebytes.anti-malware.1.60.0.1800.generic.readnfo_keygen-fff\omfgwtfbbq.exe NOT FOUND Folder/File: c:\users\lilibeth\downloads\1.60.1.1000_2b\malwarebytes.anti-malware.1.60.0.1800.generic.readnfo_keygen-fff.zip NOT FOUND Folder/File: c:\users\lilibeth\downloads\emco.network.malware.cleaner.v4.2.11.130.incl.keygen-lz0\emco.network.malware.cleaner.v4.2.11.130.incl.keygen-lz0\lz0\keygen.exe NOT FOUND Folder/File: c:\users\lilibeth\downloads\emco.network.malware.cleaner.v4.2.11.130.incl.keygen-lz0\emco.network.malware.cleaner.v4.2.11.130.incl.keygen-lz0\networkmalwarecleanersetup.exe NOT FOUND Folder/File: c:\users\lilibeth\downloads\emco.network.malware.cleaner.v4.2.11.130.incl.keygen-lz0.rar DELETED File: c:\users\lilibeth\appdata\roaming\mozilla\firefox\profiles\zalhux59.default\searchplugins\sweetim.xml NOT FOUND Folder/File: c:\users\lilibeth\appdata\roaming\mozilla\firefox\profiles\zalhux59.default\searchplugins\sweetim.xml DELETED Flash Cookies: 11 DELETED Window Temporary: : 182 ========== Task ========== DELETED Task: {731AA5F5-8A2B-4CE8-83D0-E14952124BBA} DELETED Task: {A569C115-8F5D-4987-B8FE-4122A6B0F366} DELETED Task: {CFAAF2D7-EA98-44CD-AD5E-8DC418D9DE67} ========== Other ========== NOT SUPPORTED PROCESSUS MALWARE (Rootkit, trojan, ver, spyware, adware,...) NOT SUPPORTED PROCESSUS SUPERFLU DU SYSTEME NOT SUPPORTED TOOLBAR INUTILE (Navigateur internet) NOT SUPPORTED PROCESSUS INUTILE (Au démarrage du système) ========== Summary ========== 18 : Registry Key 16 : Registry Value 3 : Registry Data Items 9 : Repertory 16 : File 184 : Browser Profiles 3 : Task 4 : Other End of clean in 00mn 18s ========== Report File ========== C:\ZHP\ZHPFix[R1].txt - 3/10/2012 17:33:54 [24667]

re bonjour tout d abord merci pour cette reactiver,le logiciel a l air tres sympa,il faut vraiment que je me mette a comprendre la base de registre.... auriez vous un conseil d ailleurs a ce sujet je vous mets le lien contenant le rapport zhdiag rapport ZHdiag

bonjour tout le monde,un grand merci a tous les participants,grace a ce site je me suis bien aqueris,j ai décidé de prochainement attaquer le dossier formation hijakis ..... voila en attendant de maitriser,je suis sur un pc qui est anormalement long,j ai installe autorun,sysexplorer,apparament rien de bizarre mais pourtant il chauffe parfois ouvre des popups. je vous glisse le rapport si vous pourriez me donnez votre avis merci je precise que j ai trouve avec antimalwarebyte plusieurs petit truc, j ai passe navilog n a rien trouve,par contre microsft security essntial indique que navilog est une variante de plusieurs trojan. merci de votre aide. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:20:20, on 3/9/2012 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\System Explorer\SystemExplorer.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Lilibeth\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HP MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Babylon Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421; R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [systemExplorerAutoStart] "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 11994 bytes