[Résolu] Mon PC pédale dans la semoule…

[laulau34]

Bonjour,

 

je possède un HP pavillion depuis 2 ans, il était niquel, nettoyé régulièrement... jusqu'à il y a qques jours.

Il rame dès que j'actualise une page internet ou ouvre un fichier par exemple, plus rien de répond dans les 5 minutes...

J'ai fait une analyse Ccleaner (réparation fichiers registre et nettoyage des fichiers), mis en quarantaine les fichiers identifiés par anti-Malware, défragmenté mon disque dur. Rien n'y fait.

J'ai essayé de restaurer au dernier point de restauration. Lors du démarrage après rebootage, il m'est dit que la restauration a échoué et surprise... tous les points de restauration ont été supprimés.

 

Que faire? J'ai atteint mes limites en informatiques, je m'en remets à votre expérience aguérie!

 

Voici le rapport HJT:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:17:01, on 05/08/2012

Platform: Unknown Windows (WinNT 6.01.3505 SP1)

MSIE: Internet Explorer v9.00 (9.00.8112.16447)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe

C:\Program Files\SuperCopier2\SuperCopier2.exe

C:\Users\Lauriane\AppData\Local\Akamai\netsession_win.exe

C:\Windows\System32\StikyNot.exe

C:\Users\Lauriane\AppData\Local\Akamai\netsession_win.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFmsgr.exe

C:\Windows\system32\taskmgr.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Lauriane\Desktop\Nettoyage\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll

O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [searchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

O4 - HKCU\..\Run: [superCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Lauriane\AppData\Local\Akamai\netsession_win.exe"

O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: NewShortcut1.lnk = ?

O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_1f4e5527ca660a3d\aestsrv.exe

O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\Windows\system32\hasplms.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe

O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe

O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe

O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE

O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_1f4e5527ca660a3d\STacSV.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

 

--

End of file - 9787 bytes

 

Merci énormément pour votre aide!

Lauriane

 

-édit- Bonjour Lauriane, et bienvenue sur Zébulon !

Je transfère ton sujet dans la section Analyses/Éradication.

En effet, tu as au moins à nettoyer la ToolBar Babylon, plutôt néfaste…

Modifié le 9 août 2012 par laulau34

[pear]

Bonjour,

 

1)Télécharger AdwCleaner

Sous Vista et Windows 7-> Exécuter en tant qu'administrateur

 

Cliquez sur Recherche et postez le rapport généré C:\AdwCleaner[R1].txt

 

2)Nettoyage

Relancez AdwCleaner avec droits administrateur

Cliquez sur Suppression et postez le rapport C:\AdwCleaner[s1].txt

 

3)

Téléchargez MBAM

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

Cliquer ici

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Exécuter avec droits d'administrateur.

Sous Vista , désactiver l'Uac

 

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation de connecter MBAM, acceptez.

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

.L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Et un fichier Mbam.log apparaitra

 

 

4)Nettoyage

Relancez Mbam(Malewares'Bytes)

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

 

 

 

 

Hijackthis ne vaut plus guère!

 

Lancez cet outil de diagnostic:

Zhpdiag 1.31

 

Double-cliquer sur ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

 

Sous XP, double clic sur l'icône ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

 

 

Cliquez sur le bouton en haut, à droite et choisissez Tous

Pour éviter un blocage, décochez 045 et 061

 

Clic sur la Loupe en haut, à gauche pour lancer le scan

Postez le rapport ZhpDiag.txt qui apparait sur le bureau

 

Comment poster les rapports

Cliquez sur ce bouton en haut, à droite

Appuyez sur Parcourir et chercher le rapport ,

Cliquer sur Envoyer

>> dans la page suivante -->

Cliquer Pjjoint Uploader ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

[laulau34]

Merci énormément Pear!

 

Je vais poster les rapports au fur et à mesure

 

Voici les rapports AdwCleaner des étapes 1 et 2:

 

1)

 

# AdwCleaner v1.800 - Logfile created 08/05/2012 at 16:55:56

# Updated 01/08/2012 by Xplode

# Operating system : Windows 7 Enterprise Service Pack 1 (32 bits)

# User : Lauriane - LAURIANE-PC

# Running from : C:\Users\Lauriane\Downloads\adwcleaner.exe

# Option [search]

 

 

***** [services] *****

 

Found : Application Updater

 

***** [Files / Folders] *****

 

Folder Found : C:\Users\Lauriane\AppData\LocalLow\pdfforge

Folder Found : C:\Users\Lauriane\AppData\LocalLow\Search Settings

Folder Found : C:\Users\Administrator\AppData\LocalLow\Search Settings

Folder Found : C:\Users\Lauriane\AppData\Roaming\Babylon

Folder Found : C:\Users\Lauriane\AppData\Roaming\cacaoweb

Folder Found : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\ConduitCommon

Folder Found : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\CT2089011

Folder Found : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\extensions\{09a07b02-f491-4b6b-bfc9-684a624f4f3b}

Folder Found : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\extensions\[email protected]

Folder Found : C:\ProgramData\Babylon

Folder Found : C:\Program Files\Application Updater

Folder Found : C:\Program Files\Mozilla Firefox\Extensions\[email protected]

Folder Found : C:\Program Files\pdfforge Toolbar

Folder Found : C:\Program Files\Common Files\spigot

File Found : C:\Users\Lauriane\Desktop\cacaoweb.exe

File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

 

***** [Registry] *****

 

Key Found : HKCU\Software\AppDataLow\Software\pdfforge

Key Found : HKCU\Software\AppDataLow\Software\Search Settings

Key Found : HKCU\Software\cacaoweb

Key Found : HKCU\Software\pdfforge

Key Found : HKCU\Software\Search Settings

Key Found : HKCU\Software\Softonic

Key Found : HKLM\SOFTWARE\Application Updater

Key Found : HKLM\SOFTWARE\Babylon

Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Found : HKLM\SOFTWARE\DT Soft

Key Found : HKLM\SOFTWARE\pdfforge

Key Found : HKLM\SOFTWARE\Search Settings

Key Found : HKLM\SOFTWARE\Wise Solutions

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchSettings]

 

***** [Registre - GUID] *****

 

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16421

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v14.0.1 (fr)

 

Profile name : default

File : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\prefs.js

 

Found : user_pref("CT2089011..clientLogIsEnabled", false);

Found : user_pref("CT2089011..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Found : user_pref("CT2089011..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Found : user_pref("CT2089011.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Found : user_pref("CT2089011.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Found : user_pref("CT2089011.AppTrackingLastCheckTime", "Thu Feb 16 2012 10:13:15 GMT+0100");

Found : user_pref("CT2089011.CT2089011", "CT2089011");

Found : user_pref("CT2089011.CurrentServerDate", "5-8-2012");

Found : user_pref("CT2089011.DSInstall", false);

Found : user_pref("CT2089011.DialogsAlignMode", "LTR");

Found : user_pref("CT2089011.DialogsGetterLastCheckTime", "Sun Aug 05 2012 09:47:51 GMT+0200");

Found : user_pref("CT2089011.DownloadReferralCookieData", "");

Found : user_pref("CT2089011.FirstServerDate", "19-2-2012");

Found : user_pref("CT2089011.FirstTime", true);

Found : user_pref("CT2089011.FirstTimeFF3", true);

Found : user_pref("CT2089011.FixPageNotFoundErrors", false);

Found : user_pref("CT2089011.GroupingServerCheckInterval", 1440);

Found : user_pref("CT2089011.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Found : user_pref("CT2089011.HPInstall", false);

Found : user_pref("CT2089011.HasUserGlobalKeys", true);

Found : user_pref("CT2089011.HomePageProtectorEnabled", false);

Found : user_pref("CT2089011.HomepageBeforeUnload", "hxxp://fr.giveawayoftheday.com/");

Found : user_pref("CT2089011.Initialize", true);

Found : user_pref("CT2089011.InitializeCommonPrefs", true);

Found : user_pref("CT2089011.InstallationAndCookieDataSentCount", 3);

Found : user_pref("CT2089011.InstallationType", "Unknown");

Found : user_pref("CT2089011.InstalledDate", "Thu Feb 16 2012 10:13:16 GMT+0100");

Found : user_pref("CT2089011.IsAlertDBUpdated", true);

Found : user_pref("CT2089011.IsGrouping", false);

Found : user_pref("CT2089011.IsInitSetupIni", true);

Found : user_pref("CT2089011.IsMulticommunity", false);

Found : user_pref("CT2089011.IsOpenThankYouPage", true);

Found : user_pref("CT2089011.IsOpenUninstallPage", true);

Found : user_pref("CT2089011.IsProtectorsInit", true);

Found : user_pref("CT2089011.LanguagePackLastCheckTime", "Sun Aug 05 2012 09:48:01 GMT+0200");

Found : user_pref("CT2089011.LanguagePackReloadIntervalMM", 1440);

Found : user_pref("CT2089011.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Found : user_pref("CT2089011.LastLogin_3.10.0.1", "Mon Feb 27 2012 17:08:40 GMT+0100");

Found : user_pref("CT2089011.LastLogin_3.12.2.3", "Wed May 23 2012 05:37:17 GMT+0200");

Found : user_pref("CT2089011.LastLogin_3.13.0.6", "Tue Jul 17 2012 20:48:56 GMT+0200");

Found : user_pref("CT2089011.LastLogin_3.14.1.0", "Sun Aug 05 2012 09:47:39 GMT+0200");

Found : user_pref("CT2089011.LatestVersion", "3.14.1.0");

Found : user_pref("CT2089011.Locale", "fr");

Found : user_pref("CT2089011.MCDetectTooltipHeight", "83");

Found : user_pref("CT2089011.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Found : user_pref("CT2089011.MCDetectTooltipWidth", "295");

Found : user_pref("CT2089011.MyStuffEnabledAtInstallation", false);

Found : user_pref("CT2089011.OriginalFirstVersion", "3.10.0.1");

Found : user_pref("CT2089011.SearchCaption", "Reverso Customized Web Search");

Found : user_pref("CT2089011.SearchEngineBeforeUnload", "Google");

Found : user_pref("CT2089011.SearchFromAddressBarIsInit", true);

Found : user_pref("CT2089011.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT208[...]

Found : user_pref("CT2089011.SearchInNewTabEnabled", true);

Found : user_pref("CT2089011.SearchInNewTabIntervalMM", 1440);

Found : user_pref("CT2089011.SearchInNewTabLastCheckTime", "Sun Aug 05 2012 09:47:38 GMT+0200");

Found : user_pref("CT2089011.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Found : user_pref("CT2089011.SearchProtectorEnabled", false);

Found : user_pref("CT2089011.SearchProtectorToolbarDisabled", false);

Found : user_pref("CT2089011.SendProtectorDataViaLogin", true);

Found : user_pref("CT2089011.ServiceMapLastCheckTime", "Sun Aug 05 2012 09:47:38 GMT+0200");

Found : user_pref("CT2089011.SettingsLastCheckTime", "Sun Aug 05 2012 09:47:38 GMT+0200");

Found : user_pref("CT2089011.SettingsLastUpdate", "1342346570");

Found : user_pref("CT2089011.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2089011&SearchSource=13");

Found : user_pref("CT2089011.ThirdPartyComponentsInterval", 504);

Found : user_pref("CT2089011.ThirdPartyComponentsLastCheck", "Thu Feb 16 2012 10:12:56 GMT+0100");

Found : user_pref("CT2089011.ThirdPartyComponentsLastUpdate", "1255344667");

Found : user_pref("CT2089011.ToolbarShrinkedFromSetup", false);

Found : user_pref("CT2089011.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2089011");

Found : user_pref("CT2089011.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Found : user_pref("CT2089011.UserID", "UN39094635667197997");

Found : user_pref("CT2089011.alertChannelId", "514603");

Found : user_pref("CT2089011.backendstorage.langfrom", "656E676C697368");

Found : user_pref("CT2089011.backendstorage.langto", "6672656E6368");

Found : user_pref("CT2089011.backendstorage.lcidfrom", "31303333");

Found : user_pref("CT2089011.backendstorage.lcidto", "31303336");

Found : user_pref("CT2089011.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Found : user_pref("CT2089011.globalFirstTimeInfoLastCheckTime", "Mon Feb 27 2012 09:56:17 GMT+0100");

Found : user_pref("CT2089011.homepageProtectorEnableByLogin", true);

Found : user_pref("CT2089011.initDone", true);

Found : user_pref("CT2089011.isAppTrackingManagerOn", true);

Found : user_pref("CT2089011.myStuffEnabled", true);

Found : user_pref("CT2089011.myStuffPublihserMinWidth", 400);

Found : user_pref("CT2089011.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Found : user_pref("CT2089011.myStuffServiceIntervalMM", 1440);

Found : user_pref("CT2089011.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Found : user_pref("CT2089011.navigateToUrlOnSearch", false);

Found : user_pref("CT2089011.oldAppsList", "128732202352775689,128732202460275976,111,129459714955644730,129[...]

Found : user_pref("CT2089011.revertSettingsEnabled", true);

Found : user_pref("CT2089011.searchProtectorDialogDelayInSec", 10);

Found : user_pref("CT2089011.searchProtectorEnableByLogin", true);

Found : user_pref("CT2089011.testingCtid", "");

Found : user_pref("CT2089011.toolbarAppMetaDataLastCheckTime", "Sun Aug 05 2012 09:47:39 GMT+0200");

Found : user_pref("CT2089011.toolbarContextMenuLastCheckTime", "Thu Feb 16 2012 10:12:59 GMT+0100");

Found : user_pref("CT2089011.usagesFlag", 2);

Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2089011/CT2089011[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/514603/510473/FR", "\"0\"")[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2089011", [...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2089011",[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]

Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"9f9[...]

Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Lauriane\\AppData\\Roaming\\Mozilla[...]

Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1");

Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.fr/search?ie=UTF-8&oe=[...]

Found : user_pref("CommunityToolbar.ToolbarsList", "CT2089011");

Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2089011");

Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2089011");

Found : user_pref("CommunityToolbar.globalUserId", "59d97b46-b037-4791-b9db-dc803407fb74");

Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Feb 27 2012 09:56:1[...]

Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);

Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Feb 16 2012 10:13:14 GMT+010[...]

Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Found : user_pref("CommunityToolbar.notifications.locale", "en");

Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Feb 27 2012 09:56:15 GMT+0100");

Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Found : user_pref("CommunityToolbar.notifications.userId", "2260aafb-7648-442b-ac6a-6be7ad4eb58f");

Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://fr.giveawayoftheday.com/");

Found : user_pref("CommunityToolbar.originalSearchEngine", "Google");

Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

Found : user_pref("extensions.BabylonToolbar_i.babExt", "");

Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111020&tt=060612_6_");

Found : user_pref("extensions.BabylonToolbar_i.hardId", "64ebc67f0000000000000027139cfef7");

Found : user_pref("extensions.BabylonToolbar_i.id", "64ebc67f0000000000000027139cfef7");

Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15516");

Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1719:24:31");

Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

Found : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);

 

*************************

 

AdwCleaner[R1].txt - [16710 octets] - [05/08/2012 16:55:56]

 

 

 

 

2)

 

# AdwCleaner v1.800 - Logfile created 08/05/2012 at 16:56:48

# Updated 01/08/2012 by Xplode

# Operating system : Windows 7 Enterprise Service Pack 1 (32 bits)

# User : Lauriane - LAURIANE-PC

# Running from : C:\Users\Lauriane\Downloads\adwcleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

Stopped & Deleted : Application Updater

 

***** [Files / Folders] *****

 

Folder Deleted : C:\Users\Lauriane\AppData\LocalLow\pdfforge

Folder Deleted : C:\Users\Lauriane\AppData\LocalLow\Search Settings

Folder Deleted : C:\Users\Administrator\AppData\LocalLow\Search Settings

Folder Deleted : C:\Users\Lauriane\AppData\Roaming\Babylon

Folder Deleted : C:\Users\Lauriane\AppData\Roaming\cacaoweb

Folder Deleted : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\ConduitCommon

Folder Deleted : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\CT2089011

Folder Deleted : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\extensions\{09a07b02-f491-4b6b-bfc9-684a624f4f3b}

Folder Deleted : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\extensions\[email protected]

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\Program Files\Application Updater

Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\[email protected]

Folder Deleted : C:\Program Files\pdfforge Toolbar

Folder Deleted : C:\Program Files\Common Files\spigot

File Deleted : C:\Users\Lauriane\Desktop\cacaoweb.exe

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

 

***** [Registry] *****

 

Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge

Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings

Key Deleted : HKCU\Software\cacaoweb

Key Deleted : HKCU\Software\pdfforge

Key Deleted : HKCU\Software\Search Settings

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\SOFTWARE\Application Updater

Key Deleted : HKLM\SOFTWARE\Babylon

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\DT Soft

Key Deleted : HKLM\SOFTWARE\pdfforge

Key Deleted : HKLM\SOFTWARE\Search Settings

Key Deleted : HKLM\SOFTWARE\Wise Solutions

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchSettings]

 

***** [Registre - GUID] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16421

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v14.0.1 (fr)

 

Profile name : default

File : C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\prefs.js

 

C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\user.js ... Deleted !

 

Deleted : user_pref("CT2089011..clientLogIsEnabled", false);

Deleted : user_pref("CT2089011..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]

Deleted : user_pref("CT2089011..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]

Deleted : user_pref("CT2089011.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

Deleted : user_pref("CT2089011.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Deleted : user_pref("CT2089011.AppTrackingLastCheckTime", "Thu Feb 16 2012 10:13:15 GMT+0100");

Deleted : user_pref("CT2089011.CT2089011", "CT2089011");

Deleted : user_pref("CT2089011.CurrentServerDate", "5-8-2012");

Deleted : user_pref("CT2089011.DSInstall", false);

Deleted : user_pref("CT2089011.DialogsAlignMode", "LTR");

Deleted : user_pref("CT2089011.DialogsGetterLastCheckTime", "Sun Aug 05 2012 09:47:51 GMT+0200");

Deleted : user_pref("CT2089011.DownloadReferralCookieData", "");

Deleted : user_pref("CT2089011.FirstServerDate", "19-2-2012");

Deleted : user_pref("CT2089011.FirstTime", true);

Deleted : user_pref("CT2089011.FirstTimeFF3", true);

Deleted : user_pref("CT2089011.FixPageNotFoundErrors", false);

Deleted : user_pref("CT2089011.GroupingServerCheckInterval", 1440);

Deleted : user_pref("CT2089011.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Deleted : user_pref("CT2089011.HPInstall", false);

Deleted : user_pref("CT2089011.HasUserGlobalKeys", true);

Deleted : user_pref("CT2089011.HomePageProtectorEnabled", false);

Deleted : user_pref("CT2089011.HomepageBeforeUnload", "hxxp://fr.giveawayoftheday.com/");

Deleted : user_pref("CT2089011.Initialize", true);

Deleted : user_pref("CT2089011.InitializeCommonPrefs", true);

Deleted : user_pref("CT2089011.InstallationAndCookieDataSentCount", 3);

Deleted : user_pref("CT2089011.InstallationType", "Unknown");

Deleted : user_pref("CT2089011.InstalledDate", "Thu Feb 16 2012 10:13:16 GMT+0100");

Deleted : user_pref("CT2089011.IsAlertDBUpdated", true);

Deleted : user_pref("CT2089011.IsGrouping", false);

Deleted : user_pref("CT2089011.IsInitSetupIni", true);

Deleted : user_pref("CT2089011.IsMulticommunity", false);

Deleted : user_pref("CT2089011.IsOpenThankYouPage", true);

Deleted : user_pref("CT2089011.IsOpenUninstallPage", true);

Deleted : user_pref("CT2089011.IsProtectorsInit", true);

Deleted : user_pref("CT2089011.LanguagePackLastCheckTime", "Sun Aug 05 2012 09:48:01 GMT+0200");

Deleted : user_pref("CT2089011.LanguagePackReloadIntervalMM", 1440);

Deleted : user_pref("CT2089011.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Deleted : user_pref("CT2089011.LastLogin_3.10.0.1", "Mon Feb 27 2012 17:08:40 GMT+0100");

Deleted : user_pref("CT2089011.LastLogin_3.12.2.3", "Wed May 23 2012 05:37:17 GMT+0200");

Deleted : user_pref("CT2089011.LastLogin_3.13.0.6", "Tue Jul 17 2012 20:48:56 GMT+0200");

Deleted : user_pref("CT2089011.LastLogin_3.14.1.0", "Sun Aug 05 2012 09:47:39 GMT+0200");

Deleted : user_pref("CT2089011.LatestVersion", "3.14.1.0");

Deleted : user_pref("CT2089011.Locale", "fr");

Deleted : user_pref("CT2089011.MCDetectTooltipHeight", "83");

Deleted : user_pref("CT2089011.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Deleted : user_pref("CT2089011.MCDetectTooltipWidth", "295");

Deleted : user_pref("CT2089011.MyStuffEnabledAtInstallation", false);

Deleted : user_pref("CT2089011.OriginalFirstVersion", "3.10.0.1");

Deleted : user_pref("CT2089011.SearchCaption", "Reverso Customized Web Search");

Deleted : user_pref("CT2089011.SearchEngineBeforeUnload", "Google");

Deleted : user_pref("CT2089011.SearchFromAddressBarIsInit", true);

Deleted : user_pref("CT2089011.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT208[...]

Deleted : user_pref("CT2089011.SearchInNewTabEnabled", true);

Deleted : user_pref("CT2089011.SearchInNewTabIntervalMM", 1440);

Deleted : user_pref("CT2089011.SearchInNewTabLastCheckTime", "Sun Aug 05 2012 09:47:38 GMT+0200");

Deleted : user_pref("CT2089011.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Deleted : user_pref("CT2089011.SearchProtectorEnabled", false);

Deleted : user_pref("CT2089011.SearchProtectorToolbarDisabled", false);

Deleted : user_pref("CT2089011.SendProtectorDataViaLogin", true);

Deleted : user_pref("CT2089011.ServiceMapLastCheckTime", "Sun Aug 05 2012 09:47:38 GMT+0200");

Deleted : user_pref("CT2089011.SettingsLastCheckTime", "Sun Aug 05 2012 09:47:38 GMT+0200");

Deleted : user_pref("CT2089011.SettingsLastUpdate", "1342346570");

Deleted : user_pref("CT2089011.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2089011&SearchSource=13");

Deleted : user_pref("CT2089011.ThirdPartyComponentsInterval", 504);

Deleted : user_pref("CT2089011.ThirdPartyComponentsLastCheck", "Thu Feb 16 2012 10:12:56 GMT+0100");

Deleted : user_pref("CT2089011.ThirdPartyComponentsLastUpdate", "1255344667");

Deleted : user_pref("CT2089011.ToolbarShrinkedFromSetup", false);

Deleted : user_pref("CT2089011.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2089011");

Deleted : user_pref("CT2089011.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]

Deleted : user_pref("CT2089011.UserID", "UN39094635667197997");

Deleted : user_pref("CT2089011.alertChannelId", "514603");

Deleted : user_pref("CT2089011.backendstorage.langfrom", "656E676C697368");

Deleted : user_pref("CT2089011.backendstorage.langto", "6672656E6368");

Deleted : user_pref("CT2089011.backendstorage.lcidfrom", "31303333");

Deleted : user_pref("CT2089011.backendstorage.lcidto", "31303336");

Deleted : user_pref("CT2089011.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Deleted : user_pref("CT2089011.globalFirstTimeInfoLastCheckTime", "Mon Feb 27 2012 09:56:17 GMT+0100");

Deleted : user_pref("CT2089011.homepageProtectorEnableByLogin", true);

Deleted : user_pref("CT2089011.initDone", true);

Deleted : user_pref("CT2089011.isAppTrackingManagerOn", true);

Deleted : user_pref("CT2089011.myStuffEnabled", true);

Deleted : user_pref("CT2089011.myStuffPublihserMinWidth", 400);

Deleted : user_pref("CT2089011.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Deleted : user_pref("CT2089011.myStuffServiceIntervalMM", 1440);

Deleted : user_pref("CT2089011.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Deleted : user_pref("CT2089011.navigateToUrlOnSearch", false);

Deleted : user_pref("CT2089011.oldAppsList", "128732202352775689,128732202460275976,111,129459714955644730,129[...]

Deleted : user_pref("CT2089011.revertSettingsEnabled", true);

Deleted : user_pref("CT2089011.searchProtectorDialogDelayInSec", 10);

Deleted : user_pref("CT2089011.searchProtectorEnableByLogin", true);

Deleted : user_pref("CT2089011.testingCtid", "");

Deleted : user_pref("CT2089011.toolbarAppMetaDataLastCheckTime", "Sun Aug 05 2012 09:47:39 GMT+0200");

Deleted : user_pref("CT2089011.toolbarContextMenuLastCheckTime", "Thu Feb 16 2012 10:12:59 GMT+0100");

Deleted : user_pref("CT2089011.usagesFlag", 2);

Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2089011/CT2089011[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/514603/510473/FR", "\"0\"")[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2089011", [...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2089011",[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE",[...]

Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=fr", "\"9f9[...]

Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Lauriane\\AppData\\Roaming\\Mozilla[...]

Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1");

Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.fr/search?ie=UTF-8&oe=[...]

Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2089011");

Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2089011");

Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2089011");

Deleted : user_pref("CommunityToolbar.globalUserId", "59d97b46-b037-4791-b9db-dc803407fb74");

Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Feb 27 2012 09:56:1[...]

Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);

Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Feb 16 2012 10:13:14 GMT+010[...]

Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");

Deleted : user_pref("CommunityToolbar.notifications.locale", "en");

Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Feb 27 2012 09:56:15 GMT+0100");

Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");

Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);

Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

Deleted : user_pref("CommunityToolbar.notifications.userId", "2260aafb-7648-442b-ac6a-6be7ad4eb58f");

Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://fr.giveawayoftheday.com/");

Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");

Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");

Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111020&tt=060612_6_");

Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "64ebc67f0000000000000027139cfef7");

Deleted : user_pref("extensions.BabylonToolbar_i.id", "64ebc67f0000000000000027139cfef7");

Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15516");

Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1719:24:31");

Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

Deleted : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);

 

*************************

 

AdwCleaner[R1].txt - [16841 octets] - [05/08/2012 16:55:56]

AdwCleaner[s1].txt - [17284 octets] - [05/08/2012 16:56:48]

 

########## EOF - C:\AdwCleaner[s1].txt - [17413 octets] ##########

 

 

 

########## EOF - C:\AdwCleaner[R1].txt - [16839 octets] ##########

[Dylav]

Bonjour Lauriane,

 

Attention aux rapports trop volumineux qui, copiés/collés directement dans un message, feront planter l'affichage de ton sujet. En particulier, il est indispensable de faire héberger le rapport de ZHPDiag, qui est vraiment très gros.

 

Zébulon n'héberge pas de documents. Ainsi, les documents que tu désires joindre à ton message doivent être confiés à un hébergeur.

 

Si ce n'est déjà fait, tu enregistres ton document sur ton disque dur.

Ensuite, tu te rends sur le site d'un hébergeur, comme par exemple

 

 

Tu cliques sur le bouton « Parcourir » pour localiser ton document, puis sur .

Enfin, tu récupères l'adresse de ton document,

 

 

que tu copies/colles dans ton message sur le forum.

 

Nota : le bouton « Copier le lien » ne fonctionne pas sous Firefox, il faut le capturer manuellement par clic droit / copier l'adresse du lien.

[laulau34]

Ok Dylav, j'y songerai pour le rapport ZHPDiag, merci.

 

@Pear, j'ai effectué une analyse avec Malwarebytes sur tous mes disques après mises à jour. Il n'a rien détecté de suspect (j'avais déjà fait une analyse il y a deux semaines, il avait trouvé quelques fichiers douteux que j'ai mis en quarantaine mais l'ordi se portait encore comme une fleur à ce moment là).

 

Je ne parviens pas à télécharger ZHPdiag, c'est peut-être dû à ma connexion - tout petit débit, j'essaierai demain depuis une autre.

Modifié le 5 août 2012 par laulau34

[laulau34]

Et pour finir, voilà le rapport issu de ZHPdiag:

 

Mon lien

[pear]

Vous devez trouver sur le bureau ou ,sinon, dans le dossier où vous avez installé Zhpdiag ces 3 icônes .

Cliquer sur l'icône Zhpfix

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

Copiez/Collez les lignes vertes dans le cadre ci dessous:

pour cela;

Clic gauche maintenu enfoncé, Balayer l'ensemble du texte à copier avec la souris pour le mettre en surbrillance ,de gauche à droite et de haut en bas

Ctrl+c mettre le tout en mémoire

Ctrl+v pour inscrire le texte dans le Document

Vous ne verrez rien avant d'avoir Cliqué sur le H-

 

M2 - MFEP: prefs.js [Lauriane - tqbpe6jz.default\[email protected]] [] FoxyProxy Basic v2.6.2 (.FoxyProxy, Inc..) => Infection Web (Hijacker.Proxy)

[MD5.00000000000000000000000000000000] [APT] [{1B524AE8-5DB6-4FEE-B767-BED5775DEE4B}] (...) -- C:\Program Files\ClickPotatoLite\bin\10.0.530.0\ClickPotatoLiteUninstaller.exe (.not file.) => Infection BT (Adware.ClickPotato)

O42 - Logiciel: pdfforge Toolbar v6.2 - (.Spigot, Inc..) [HKLM] -- {2511D82C-2688-41C2-ABF8-AF237795989B} => Infection BT (PUP.Dealio)

O53 - SMSR:HKLM\...\startupreg\cacaoweb [Key] . (...) -- C:\Users\Lauriane\AppData\Roaming\cacaoweb\cacaoweb.exe (.not file.) => Infection PUP (PUP.CacaoWeb)

O87 - FAEL: "TCP Query User{8F261CAF-BC32-4624-9572-D24DD42B31E3}C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) => Infection PUP (PUP.CacaoWeb)

O87 - FAEL: "UDP Query User{9AD4CCA0-C31C-4D4C-AE55-EE3D084376B8}C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) => Infection PUP (PUP.CacaoWeb)

O87 - FAEL: "TCP Query User{D3C245C4-CB2B-424D-82D9-CDF376F43227}C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) => Infection PUP (PUP.CacaoWeb)

O87 - FAEL: "UDP Query User{EFD20B93-0FCB-4A49-A67A-ECC17ABC31C0}C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) => Infection PUP (PUP.CacaoWeb)

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb] => Infection PUP (PUP.CacaoWeb)

O4 - Global Startup: C:\Users\Lauriane\Desktop\Ordinateur.lnk - Clé orpheline => Orphean Key not necessary

[MD5.00000000000000000000000000000000] [APT] [{4C21948A-CA5D-4692-98BB-0B6AD0E1343A}] (...) -- F:\DirectX\dxsetup.exe (.not file.) => Fichier absent

O43 - CFD: 06/08/2012 - 19:56:57 - [0] ----D C:\Users\Lauriane\AppData\Local\CutePDF Writer => Empty Folder not necessary

O43 - CFD: 27/03/2012 - 12:38:12 - [0] ----D C:\Users\Lauriane\AppData\Local\{57408959-C3A7-4B3D-B4B1-62CD245926BD} => Empty Folder not necessary

O43 - CFD: 05/06/2012 - 23:17:43 - [0] ----D C:\Users\Lauriane\AppData\Local\{69C4307E-EB7D-47A3-A376-EDBD06AFD228} => Empty Folder not necessary

O43 - CFD: 29/11/2011 - 13:59:32 - [0] ----D C:\Users\Lauriane\AppData\Local\{989CA2C4-6283-4A28-A438-9807FA1FBA1C} => Empty Folder not necessary

O43 - CFD: 17/08/2011 - 20:57:09 - [0] ----D C:\Users\Lauriane\AppData\Local\{CD74B2EF-4EE8-47D3-9DAD-62F0A2EB13C2} => Empty Folder not necessary

O43 - CFD: 29/06/2011 - 18:54:18 - [0] ----D C:\Users\Lauriane\AppData\Local\{CD841F4A-A91D-4346-AF8C-BDD41C6C77AC} => Empty Folder not necessary

O43 - CFD: 29/11/2011 - 13:59:42 - [0] ----D C:\Users\Lauriane\AppData\Local\{DB231C7C-DDC5-464C-912D-CE198D4A7938} => Empty Folder not necessary

O43 - CFD: 29/11/2011 - 13:22:17 - [0] ----D C:\Users\Lauriane\AppData\Local\{F696A67E-BD23-411C-BA67-192007FB997B} => Empty Folder not necessary

O43 - CFD: 27/03/2012 - 12:38:14 - [0] ----D C:\Users\Lauriane\AppData\Local\{FC86A096-6AE6-4DFB-B9D2-C5E12CDD18C0} => Empty Folder not necessary

C:\Users\Lauriane\Logiciels\TomTom\tomtom\Cartes\Activateurs\Easyusetools\Progs\keygen6.exe => Crack, KeyGen, Keymaker - Possible Malware

C:\Users\Lauriane\Logiciels\TomTom\tomtom\Cartes\Activateurs\Easyusetools\Progs\tt8_keygen2.exe => Crack, KeyGen, Keymaker - Possible Malware

C:\Users\Lauriane\Logiciels\TomTom\tomtom\Cartes\Activateurs\Easyusetools\Progs\keygen6.exe => Crack, KeyGen, Keymaker - Possible Malware

C:\Users\Lauriane\Logiciels\TomTom\tomtom\Cartes\Activateurs\Easyusetools\Progs\tt8_keygen2.exe => Crack, KeyGen, Keymaker - Possible Malware

O87 - FAEL: "TCP Query User{AA7CF819-A26B-4F61-B24A-290F57F5EDD1}C:\program files\fotobounce\fbengine.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\fotobounce\fbengine.exe (.not file.) => Fichier absent

O87 - FAEL: "UDP Query User{B888AB52-004D-46C1-8A81-F41C0F56BCF1}C:\program files\fotobounce\fbengine.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\fotobounce\fbengine.exe (.not file.) => Fichier absent

O23 - Service: Hotspot Shield Routing Service (HssSrv) . (.AnchorFree Inc. - Pas de description.) - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe

O42 - Logiciel: Hotspot Shield 2.53 - (.AnchorFree.) [HKLM] -- HotspotShield => Toolbar.Conduit

O43 - CFD: 24/06/2012 - 15:21:48 - [10,188] ----D C:\Program Files\Hotspot Shield => Toolbar.Conduit

O43 - CFD: 24/06/2012 - 15:21:40 - [0,002] ----D C:\ProgramData\Hotspot Shield => Toolbar.Conduit

[HKLM\SYSTEM\CurrentControlSet\Services\HssSrv] => Toolbar.Agent

[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv] => Toolbar.Agent

[HKLM\Software\HotspotShield] => AnchorFree

C:\Program Files\Hotspot Shield => Toolbar.Conduit

C:\ProgramData\Hotspot Shield => Toolbar.Conduit

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield => Toolbar.Conduit

SR - | Auto 15/11/2011 363336 | (HssSrv) . (.AnchorFree Inc..) - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe

O43 - CFD: 17/02/2012 - 11:02:27 - [45,266] ----D C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}

SysRestore

EmptyFlash

EmptyTemp

FirewallRaz

Proxyfix

Hostfix

 

 

Cliquer sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.

Cliquer sur "Tous" puis sur "Nettoyer" .

Redémarrer pour achever le nettoyage.

Un rapport apparait:

Si le rapport n'apparait pas,cliquer sur

Copier-coller le rapport de suppression dans la prochaine réponse.

 

 

 

Ceci va vérifier si les logiciels sont à jour ou non et l'indiquer sur l'interface graphique ou sur un rapport.

Des boutons permettent alors un accès direct au lancement de la mise à jour ou au téléchargement de celle-ci selon. (Flash player, ouverture du ou des navigateurs dont l'activeX et/ou le plugin n'est pas à jour.

Télécharger Sx Checkupdate

Cliquez sur Rapports

[laulau34]

J'ai comme l'impression que mon pc est guéri, il ne rame plus à priori... Merci beaucoup pour votre rapidité et efficacité!! Merci pour votre temps et l'aide que vous oouvez apporter.

 

J'ai fait les MAJ d'après SXCU.

 

 

Voilà le rapport ZHPfix:

 

Rapport de ZHPFix 1.2.07 par Nicolas Coolman, Update du 20/07/2012

Fichier d'export Registre :

Run by Lauriane at 07/08/2012 19:35:54

Windows 7 Enterprise Edition, 32-bit Service Pack 1 (Build 7601)

Web site : ZHPFix Fix de rapport

Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com

 

========== Logiciel(s) ==========

SUPPRIME pdfforge Toolbar v6.2

ABSENT Uninstall Process: c:\program files\hotspot shield\uninstall.exe

 

========== Processus mémoire ==========

SUPPRIME Memory Process: C:\Users\Lauriane\Logiciels\TomTom\tomtom\Cartes\Activateurs\Easyusetools\Progs\keygen6.exe

SUPPRIME Memory Process: C:\Users\Lauriane\Logiciels\TomTom\tomtom\Cartes\Activateurs\Easyusetools\Progs\tt8_keygen2.exe

 

========== Clé(s) du Registre ==========

SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2511D82C-2688-41C2-ABF8-AF237795989B}]

SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield]

SUPPRIME Key*: StartupReg: cacaoweb

ABSENT Key: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb

SUPPRIME Key*: Service: HssSrv

ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\HssSrv

SUPPRIME Key*: HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv

SUPPRIME Key*: HKLM\Software\HotspotShield

ABSENT Key: Service: HssSrv

 

========== Valeur(s) du Registre ==========

ABSENT TCP Query User{8F261CAF-BC32-4624-9572-D24DD42B31E3}C:/users/lauriane/appdata/roaming/cacaoweb/cacaoweb.exe

ABSENT UDP Query User{9AD4CCA0-C31C-4D4C-AE55-EE3D084376B8}C:/users/lauriane/appdata/roaming/cacaoweb/cacaoweb.exe

ABSENT TCP Query User{D3C245C4-CB2B-424D-82D9-CDF376F43227}C:/users/lauriane/appdata/roaming/cacaoweb/cacaoweb.exe

ABSENT UDP Query User{EFD20B93-0FCB-4A49-A67A-ECC17ABC31C0}C:/users/lauriane/appdata/roaming/cacaoweb/cacaoweb.exe

ABSENT TCP Query User{AA7CF819-A26B-4F61-B24A-290F57F5EDD1}C:/program files/fotobounce/fbengine.exe

ABSENT UDP Query User{B888AB52-004D-46C1-8A81-F41C0F56BCF1}C:/program files/fotobounce/fbengine.exe

ABSENT Valeur Standard Profile: FirewallRaz :

ABSENT Valeur Domain Profile: FirewallRaz :

SUPPRIME FirewallRaz (Public) : TCP Query User{8F261CAF-BC32-4624-9572-D24DD42B31E3}C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe

SUPPRIME FirewallRaz (Public) : UDP Query User{9AD4CCA0-C31C-4D4C-AE55-EE3D084376B8}C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe

SUPPRIME FirewallRaz (Private) : {3B8FCD0B-B8BC-4C88-A2E6-4290ABC1D2B9}

SUPPRIME FirewallRaz (Private) : {22377AC7-4320-4F4C-8721-C8A7DD64ED65}

SUPPRIME FirewallRaz (Private) : {74DDC8AB-73F7-485E-A05E-B02E3DD1F7E4}

SUPPRIME FirewallRaz (Private) : {A3DCF7A3-FF11-4382-853E-F0ED5430795A}

SUPPRIME FirewallRaz (Private) : {9AF59E2E-3778-466A-8A77-E662F5E0CF42}

SUPPRIME FirewallRaz (Private) : {51836F78-BFA6-4650-92B1-558F246AEA3B}

SUPPRIME FirewallRaz (Private) : {AEA84F48-F3A5-4AB2-A05F-23C646359AC6}

SUPPRIME FirewallRaz (Private) : {1878B9EB-8277-4C23-A91E-0137A9EF030B}

SUPPRIME FirewallRaz (Private) : TCP Query User{AA7CF819-A26B-4F61-B24A-290F57F5EDD1}C:\program files\fotobounce\fbengine.exe

SUPPRIME FirewallRaz (Private) : UDP Query User{B888AB52-004D-46C1-8A81-F41C0F56BCF1}C:\program files\fotobounce\fbengine.exe

SUPPRIME FirewallRaz (Private) : TCP Query User{D3C245C4-CB2B-424D-82D9-CDF376F43227}C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe

SUPPRIME FirewallRaz (Private) : UDP Query User{EFD20B93-0FCB-4A49-A67A-ECC17ABC31C0}C:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe

ProxyFix : Configuration proxy supprimée avec succès

SUPPRIME ProxyServer Value

SUPPRIME ProxyEnable Value

SUPPRIME EnableHttp1_1 Value

SUPPRIME ProxyHttp1.1 Value

SUPPRIME ProxyOverride Value

 

========== Dossier(s) ==========

SUPPRIME Folder: C:\Users\Lauriane\AppData\Roaming\Mozilla\Firefox\Profiles\tqbpe6jz.default\extensions\[email protected]

SUPPRIME Folder: C:\Users\Lauriane\AppData\Local\CutePDF Writer

SUPPRIME Folder: C:\Users\Lauriane\AppData\Local\{57408959-C3A7-4B3D-B4B1-62CD245926BD}

SUPPRIME Folder: C:\Users\Lauriane\AppData\Local\{69C4307E-EB7D-47A3-A376-EDBD06AFD228}

SUPPRIME Folder: C:\Users\Lauriane\AppData\Local\{989CA2C4-6283-4A28-A438-9807FA1FBA1C}

SUPPRIME Folder: C:\Users\Lauriane\AppData\Local\{CD74B2EF-4EE8-47D3-9DAD-62F0A2EB13C2}

SUPPRIME Folder: C:\Users\Lauriane\AppData\Local\{CD841F4A-A91D-4346-AF8C-BDD41C6C77AC}

SUPPRIME Folder: C:\Users\Lauriane\AppData\Local\{DB231C7C-DDC5-464C-912D-CE198D4A7938}

SUPPRIME Folder: C:\Users\Lauriane\AppData\Local\{F696A67E-BD23-411C-BA67-192007FB997B}

SUPPRIME Folder: C:\Users\Lauriane\AppData\Local\{FC86A096-6AE6-4DFB-B9D2-C5E12CDD18C0}

SUPPRIME Reboot Folder**: C:\Program Files\Hotspot Shield

SUPPRIME Folder: C:\ProgramData\Hotspot Shield

SUPPRIME Folder: c:\programdata\microsoft\windows\start menu\programs\hotspot shield

SUPPRIME Folder: C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}

SUPPRIME Flash Cookies:

SUPPRIME Temporaires Windows:

 

========== Fichier(s) ==========

ABSENT File: c:\users\lauriane\appdata\roaming\cacaoweb\cacaoweb.exe

SUPPRIME File: c:\users\lauriane\desktop\ordinateur.lnk

SUPPRIME File*: c:\users\lauriane\logiciels\tomtom\tomtom\cartes\activateurs\easyusetools\progs\keygen6.exe

SUPPRIME File*: c:\users\lauriane\logiciels\tomtom\tomtom\cartes\activateurs\easyusetools\progs\tt8_keygen2.exe

SUPPRIME Reboot c:\program files\hotspot shield\hsswpr\hsssrv.exe

ABSENT Folder/File: c:\programdata\hotspot shield

ABSENT File: c:\program files\hotspot shield\hsswpr\hsssrv.exe

SUPPRIME Flash Cookies:

SUPPRIME Temporaires Windows:

 

========== Tache planifiée ==========

SUPPRIME Task: {1B524AE8-5DB6-4FEE-B767-BED5775DEE4B}

SUPPRIME Task: {4C21948A-CA5D-4692-98BB-0B6AD0E1343A}

 

========== Restauration Système ==========

Point de restauration du système créé avec succès

 

 

========== Récapitulatif ==========

2 : Processus mémoire

9 : Clé(s) du Registre

28 : Valeur(s) du Registre

16 : Dossier(s)

9 : Fichier(s)

2 : Logiciel(s)

2 : Tache planifiée

1 : Restauration Système

 

 

End of clean in 01mn 59s

 

========== Chemin de fichier rapport ==========

C:\ZHP\ZHPFix[R1].txt - 07/08/2012 19:35:54 [6181]

[Dylav]

Bonsoir laulau,

 

Si tu considères que la question est réglée, et sous couvert de pear, n'oublie pas de le signaler en taguant du mot [Résolu] le titre de ton sujet…

 

[1] En bas du premier message de ton sujet, clique sur [Modifier]

[2] En bas de l'éditeur qui s'ouvre, clique sur [Utiliser l'éditeur complet]

[3] En haut de l'éditeur complet, ajoute [Résolu] au titre de ton sujet.

[laulau34]

Bonjour Dylav,

 

J'attends voir si Pear a peut être quelque chose à rajouter suite à mes derniers rapports, puis je ne manquerai pas de mettre le post à résolu!