FORUM D’ENTRAIDE INFORMATIQUE (FEI)
Site d’assistance et de sécurité informatique

Aide à la désinfection (pages publicitaires, moteur de recherche remplacé, redirections, virus...).
Règles du forum : Entraide concernant la désinfection et la sécurité informatique : en cas de publicités intempestives, pop-up, redirections, logiciels indésirables, ralentissements suspects, virus, etc.
Une désinfection complète vous sera assurée : désinfection, sécurisation, puis prévention.
Seuls les helpers (personnes qualifiées et formées à la désinfection) ainsi que le staff sont autorisés à apporter leur aide dans cette section.
Merci également de prendre connaissance de la charte générale du forum.
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par sebsola
#57949
Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-26-08-2013-13-22-49.txt
Run by Nathalie et J.Pierre at 26/08/2013 13:22:48
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit (Build 7600)

Corbeille vidée

========== Clé(s) du Registre ==========
ABSENT Key: HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\Old_Current
ABSENT Key: HKCU\Software\Conduit
ABSENT Key: HKCU\Software\Softonic
ABSENT Key: HKCU\Software\YahooPartnerToolbar
ABSENT Key: HKLM\Software\Wow6432Node\Conduit
ABSENT SearchScopes :{47EB066B-45CF-4AC3-960D-63F53BD30C7C}
ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

========== Elément(s) de donnée du Registre ==========
SUPPRIME Explorer Association Data Application: http://go.microsoft.com/fwlink/?LinkId=57426Ext=%s

========== Dossier(s) ==========
Aucun dossiers CLSID Local utilisateur vide

========== Fichier(s) ==========
SUPPRIME File: c:\windows\prefetch\ntosboot-b00dfaad.pf
ABSENT File: c:\windows\prefetch\clmsserverpdvd13.exe-cf778253.pf
ABSENT File: c:\windows\prefetch\scrnsave.scr-225a7d32.pf
ABSENT File: c:\windows\prefetch\update.exe-be1c11c1.pf
ABSENT File: c:\windows\prefetch\aggluad_p_s-1-5-21-404093173-590369060-2860530058-1000.db
ABSENT File: c:\windows\prefetch\aggluad_s-1-5-21-404093173-590369060-2860530058-1000.db
ABSENT File: c:\users\user\appdata\local\temp\cvr5b97.tmp.cvr
ABSENT File: c:\users\user\appdata\local\temp\cvree07.tmp.cvr
ABSENT File: c:\users\user\appdata\local\temp\cvr38a.tmp.cvr
ABSENT File: c:\users\user\appdata\local\temp\cvra2f4.tmp.cvr
ABSENT File: c:\users\user\appdata\local\temp\cvr1d23.tmp.cvr
ABSENT File: c:\users\user\appdata\local\temp\wmplog00.sqm
ABSENT File: c:\users\user\appdata\local\temp\{05fe2d90-c31b-45dc-b3b4-d7ec0489f247}\string1036.txt
ABSENT File: c:\users\user\appdata\local\temp\{05fe2d90-c31b-45dc-b3b4-d7ec0489f247}\setup.inx
ABSENT File: c:\users\user\appdata\local\temp\{05fe2d90-c31b-45dc-b3b4-d7ec0489f247}\setup.exe
ABSENT File: c:\users\user\appdata\local\temp\{05fe2d90-c31b-45dc-b3b4-d7ec0489f247}\isbew64.exe
ABSENT File: c:\users\user\appdata\local\temp\{05fe2d90-c31b-45dc-b3b4-d7ec0489f247}\isrt.dll
ABSENT File: c:\users\user\appdata\local\temp\{05fe2d90-c31b-45dc-b3b4-d7ec0489f247}\_isres.dll
ABSENT File: c:\users\user\appdata\local\temp\ispr56a8.rra
ABSENT File: c:\users\user\appdata\local\temp\{05fe2d90-c31b-45dc-b3b4-d7ec0489f247}\skrset.xml
ABSENT File: c:\users\user\appdata\local\temp\{922d893f-334e-4395-bf34-b2d39c9867bc}\isbew64.exe
ABSENT File: c:\users\user\appdata\local\temp\7fe27b54-0e22-42e6-82e2-fff46b43afd4.json
ABSENT File: c:\users\user\appdata\local\temp\54a2e293-c6ba-4276-9a94-b04fa98d564a.json
ABSENT File: c:\users\user\appdata\local\temp\9d5976d8-0823-469b-b6c7-a2e18efb17a1.json
ABSENT File: c:\users\user\appdata\local\temp\53071032-8b5f-4a27-9f4a-b724079f8c41.json
ABSENT File: c:\users\user\appdata\local\temp\763f19be-7628-4eea-bfa2-8f0bb500fa46.json
ABSENT File: c:\users\user\appdata\local\temp\ef118043-a4a3-49c9-88df-e06cdd66bbc7.json
ABSENT File: c:\users\user\appdata\local\temp\cvr3820.tmp.cvr
ABSENT File: c:\users\user\appdata\local\temp\crx_75daf8cb7768\crl-set
ABSENT File: c:\users\user\appdata\local\temp\crx_75daf8cb7768\manifest.fingerprint
ABSENT File: c:\users\user\appdata\local\temp\crx_75daf8cb7768\manifest.json
ABSENT File: c:\users\user\appdata\local\temp\1d6acfe8-863a-4c75-b96c-d1f6e262d500.json
ABSENT File: c:\users\user\appdata\local\temp\17e36ec3-87d6-4b03-afbb-e4e3e3d6d074.json
ABSENT File: c:\users\user\appdata\local\temp\d9450dcf-1fbc-49c0-85b9-f88058ae0058.json
ABSENT File: c:\users\user\appdata\local\temp\redboxlog.txt
ABSENT Folder/File: c:\users\olivier fournier\appdata\local\temp\checkupdate.exe
ABSENT Folder/File: c:\users\user\appdata\local\temp\gcapi_dll.dll
ABSENT Folder/File: c:\users\user\appdata\local\temp\gtapi_signed.dll
SUPPRIME Temporaires Windows
SUPPRIME Flash Cookies
Avatar du membre
par sebsola
#57951
Voila ! ############################## | UsbFix V 7.132 | [Recherche]

Utilisateur: Nathalie et J.Pierre (Administrateur) # NATHALIEETJPIER
Mis à jour le 24/08/2013 par El Desaparecido
Lancé à 13:31:29 | 26/08/2013

Site Web: http://sosvirus.net/
Upload Malware: http://sosvirus.net/viewtopic.php?f=6t=489
Contact: eldesaparecido@sosvirus.net

PC: ASUSTeK Computer Inc. (F3Sa ) (X86-based PC)
CPU: Intel(R) Core(TM)2 Duo CPU T9300 @ 2.50GHz (2501)
RAM - [Total : 3071 | Free : 1684]
BIOS: Default System BIOS
BOOT: Normal boot

OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 32-Bit) #
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) - Disque fixe # 116 Go (141 Mo libre(s) - 0%) [] # NTFS
D:\ - Disque fixe # 109 Go (42 Go libre(s) - 39%) [DOCUMENTS] # NTFS
E:\ - CD-ROM
F:\ - CD-ROM
G:\ - CD-ROM

################## | Processus Actif |

C:\Windows\system32\csrss.exe (548)
C:\Windows\system32\wininit.exe (620)
C:\Windows\system32\csrss.exe (628)
C:\Windows\system32\services.exe (676)
C:\Windows\system32\lsass.exe (692)
C:\Windows\system32\lsm.exe (700)
C:\Windows\system32\winlogon.exe (724)
C:\Windows\system32\svchost.exe (852)
C:\Windows\system32\svchost.exe (944)
C:\Windows\system32\atiesrxx.exe (992)
C:\Windows\System32\svchost.exe (1072)
C:\Windows\System32\svchost.exe (1108)
C:\Windows\system32\svchost.exe (1136)
C:\Windows\system32\svchost.exe (1312)
C:\Windows\system32\atieclxx.exe (1356)
C:\Windows\system32\svchost.exe (1472)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1600)
C:\Windows\System32\spoolsv.exe (1708)
C:\Windows\system32\svchost.exe (1832)
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (1984)
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2008)
C:\Program Files\Bonjour\mDNSResponder.exe (264)
C:\Windows\system32\FsUsbExService.Exe (564)
C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (388)
C:\Windows\system32\taskhost.exe (1536)
C:\Windows\system32\Dwm.exe (1968)
C:\Windows\Explorer.EXE (384)
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (2560)
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (2664)
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (2684)
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (2768)
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (2796)
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (2812)
C:\Windows\system32\PnkBstrA.exe (2880)
C:\Windows\system32\svchost.exe (3048)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (3216)
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (3540)
C:\Windows\system32\svchost.exe (1788)
C:\Windows\system32\svchost.exe (3304)
C:\Windows\System32\rundll32.exe (2964)
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (2764)
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (1212)
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (2892)
C:\Windows\system32\SearchIndexer.exe (2940)
C:\Program Files\Microsoft IntelliPoint\ipoint.exe (3620)
C:\Program Files\Windows Media Player\wmpnetwk.exe (3400)
C:\Windows\system32\SearchProtocolHost.exe (2420)
C:\Program Files\Mouse Driver\MouseDriver.exe (3224)
C:\Windows\System32\svchost.exe (2556)
C:\Program Files\Common Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (3464)
C:\Program Files\iTunes\iTunesHelper.exe (2568)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (3484)
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (2352)
C:\Program Files\iPod\bin\iPodService.exe (152)
C:\Program Files\Common Files\Java\Java Update\jusched.exe (4356)
C:\Program Files\RocketDock\RocketDock.exe (4684)
C:\Program Files\Pando Networks\Media Booster\PMB.exe (5336)
C:\Program Files\Samsung\Kies\Kies.exe (5784)
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (4144)
C:\Program Files\Garmin\Express Tray\ExpressTray.exe (4464)
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (4752)
C:\Windows\system32\DllHost.exe (6076)
C:\Windows\System32\svchost.exe (4180)
C:\Program Files\Mozilla Firefox\firefox.exe (2780)
C:\Program Files\Mozilla Firefox\plugin-container.exe (3796)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe (4708)
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe (4968)
C:\Windows\system32\taskhost.exe (6136)
C:\Windows\system32\SearchFilterHost.exe (5432)
C:\Windows\system32\wbem\wmiprvse.exe (5792)
C:\UsbFix\Go.exe (4896)

################## | El Desaparecido Section |

HKLM\SOFTWARE | Run : [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe
HKLM\SOFTWARE | Run : [CanalPlayerHelper] - C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
HKLM\SOFTWARE | Run : [SSBkgdUpdate] - "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
HKLM\SOFTWARE | Run : [OpwareSE4] - "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
HKLM\SOFTWARE | Run : [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
HKLM\SOFTWARE | Run : [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
HKLM\SOFTWARE | Run : [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
HKLM\SOFTWARE | Run : [VirtualCloneDrive] - "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKLM\SOFTWARE | Run : [IntelliPoint] - "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
HKLM\SOFTWARE | Run : [SANSUNMouse ] - C:\PROGRA~1\MOUSED~1\mousedriver.exe
HKLM\SOFTWARE | Run : [APSDaemon] - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\SOFTWARE | Run : [TrayServer] - C:\Program Files\MAGIX\Films_sur_DVD_7\TrayServer.exe
HKLM\SOFTWARE | Run : [USB2Check] - RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
HKLM\SOFTWARE | Run : [USBToolTip] - C:\PROGRA~1\COMMON~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
HKLM\SOFTWARE | Run : [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE | Run : [iTunesHelper] - "C:\Program Files\iTunes\iTunesHelper.exe"
HKLM\SOFTWARE | Run : [Adobe ARM] - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\SOFTWARE | Run : [avast] - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\SOFTWARE | Run : [LogMeIn Hamachi Ui] - "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\SOFTWARE | Run : [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
HKLM\SOFTWARE | Run : [SunJavaUpdateSched] - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKLM\SOFTWARE | RunOnce : [] -
HKU\S-1-5-19\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\SOFTWARE | Run : [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [RocketDock] - "C:\Program Files\RocketDock\RocketDock.exe"
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [Raptr] - C:\PROGRA~1\Raptr\raptrstub.exe --startup
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [MobileDocuments] - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [Xvid] - C:\Program Files\Xvid\CheckUpdate.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [Google Update] - "C:\Users\Nathalie et J.Pierre\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [DAEMON Tools Lite] - "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | Run : [GarminExpressTrayApp] - "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-18\SOFTWARE | Run : [Welcome Center] - C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
HKU\S-1-5-18\SOFTWARE | Run : [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-19\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\SOFTWARE | RunOnce : [mctadmin] - C:\Windows\System32\mctadmin.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\SOFTWARE | RunOnce : [Application Restart #0] - C:\Users\Nathalie et J.Pierre\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://ads.sucomspot.com/cgi-bin/advert ... jA5RuzS%3D

################## | Éléments infectieux |


################## | Registre |

Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\{101ccda5-04ca-11e2-bfa9-001e8c99f3c4}
Shell\AutoRun\Command = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL H:\demarrer.html

HKCU\.\.\.\.\Explorer\MountPoints2\{4c17df7b-8386-11e0-8a95-001e8c99f3c4}
Shell\AutoRun\Command = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\demarrer.html

HKCU\.\.\.\.\Explorer\MountPoints2\{d6081346-8d9a-11e0-b95e-001e8c99f3c4}
Shell\AutoRun\Command = H:\LaunchU3.exe -a



################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné!

################## | E.O.F | http://sosvirus.net |
Avatar du membre
par sebsola
#58155
Re, le logiciel bug quand je le met en mode suppression et il monte a 14% et la le programme ne répond plus et je suis obliger d'éteindre mon ordi de force...    
Avatar du membre
par sebsola
#58169
Re, voila !!!
############################## | UsbFix V 7.130 | [Suppression]

Utilisateur: Nathalie et J.Pierre (Administrateur) # NATHALIEETJPIER
Mis à jour le 08/06/2013 par El Desaparecido g3n-h@ckm@n
Lancé à 17:39:20 | 27/08/2013

Site Web: http://sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload-malware-pour-analyse/
Contact: contact@sosvirus.net

CPU: Intel(R) Core(TM)2 Duo CPU T9300 @ 2.50GHz
PC:
PC: ASUSTeK Computer Inc.

Memory RAM = Total (MB) : 3145 | Free (MB) : 2102
Bios: American Megatrends Inc. F3Sa 301

Boot : Normal


System : Windows Se7en Titan (32 bits) Ultimate
TotalValidations : 9
WB: Internet Explorer : 9.0.8112.16476
WB: Mozilla Firefox : 23.0.1.4974
WU: Windows Update Service [Auto(2)] = Stopped
AS: Windows Defender [Auto(2)] = Stopped
FW: Windows FireWall Service [Auto(2)] = Running

############### | Drives

c:\ - Fixed # 119 GO ( Free : 0 Go) [] # NTFS
d:\ - Fixed # 111 GO ( Free : 43 Go) [DOCUMENTS] # NTFS

################## | El Desaparecido Section |

HKLM\software | Run|[JMB36X IDE Setup] : C:\Windows\RaidTool\xInsIDE.exe
HKLM\software | Run|[CanalPlayerHelper] : C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
HKLM\software | Run|[SSBkgdUpdate] : "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
HKLM\software | Run|[OpwareSE4] : "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
HKLM\software | Run|[CanonSolutionMenu] : C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
HKLM\software | Run|[CanonMyPrinter] : C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
HKLM\software | Run|[AppleSyncNotifier] : C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
HKLM\software | Run|[VirtualCloneDrive] : "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
HKLM\software | Run|[IntelliPoint] : "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
HKLM\software | Run|[SANSUNMouse ] : C:\PROGRA~1\MOUSED~1\mousedriver.exe
HKLM\software | Run|[APSDaemon] : "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\software | Run|[TrayServer] : C:\Program Files\MAGIX\Films_sur_DVD_7\TrayServer.exe
HKLM\software | Run|[USB2Check] : RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
HKLM\software | Run|[USBToolTip] : C:\PROGRA~1\COMMON~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
HKLM\software | Run|[QuickTime Task] : "C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM\software | Run|[iTunesHelper] : "C:\Program Files\iTunes\iTunesHelper.exe"
HKLM\software | Run|[Adobe ARM] : "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM\software | Run|[avast] : "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
HKLM\software | Run|[LogMeIn Hamachi Ui] : "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
HKLM\software | Run|[KiesTrayAgent] : C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
HKLM\software | Run|[SunJavaUpdateSched] : "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKU\S-1-5-19\software | Run|[Sidebar] : %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\software | Run|[Sidebar] : %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[RocketDock] : "C:\Program Files\RocketDock\RocketDock.exe"
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[Raptr] : C:\PROGRA~1\Raptr\raptrstub.exe --startup
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[MobileDocuments] : C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[Xvid] : C:\Program Files\Xvid\CheckUpdate.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[Google Update] : "C:\Users\Nathalie et J.Pierre\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[Pando Media Booster] : C:\Program Files\Pando Networks\Media Booster\PMB.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[DAEMON Tools Lite] : "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[KiesPreload] : C:\Program Files\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[KiesAirMessage] : C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[] : C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | Run|[GarminExpressTrayApp] : "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-18\software | Run|[Welcome Center] : C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
HKU\S-1-5-18\software | Run|[Sidebar] : C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-19\software | RunOnce|[mctadmin] : C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\software | RunOnce|[mctadmin] : C:\Windows\System32\mctadmin.exe
HKU\S-1-5-21-1588436310-4293117931-2997942664-1000\software | RunOnce|[Application Restart #0] : C:\Users\Nathalie et J.Pierre\AppData\Local\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://ads.sucomspot.com/cgi-bin/advert ... jA5RuzS%3D

##### | Scan zones sensibles |

C:\Users\Nathalie et J.Pierre\fraps64.dll
C:\Users\Nathalie et J.Pierre\fraps32.dll
C:\Users\Nathalie et J.Pierre\frapslcd.dll
C:\Users\Nathalie et J.Pierre\fraps.exe
C:\Users\Nathalie et J.Pierre\ntuser.ini
C:\Users\Nathalie et J.Pierre\Goya.ini

################## | Processus Stoppés |

(992) -- atiesrxx.exe
(1448) -- atieclxx.exe
(1700) -- spoolsv.exe
(1900) -- explorer.exe
(2024) -- armsvc.exe
(108) -- AppleMobileDeviceService.exe
(552) -- taskhost.exe
(540) -- mDNSResponder.exe
(2056) -- taskeng.exe
(2196) -- taskeng.exe
(2276) -- FsUsbExService.Exe
(2340) -- runonce.exe
(2364) -- Garmin.Cartography.MapUpdate.CoreService.exe
(2680) -- hamachi-2.exe
(2764) -- mbamscheduler.exe
(2776) -- hamachi-2-ui.exe
(2876) -- mdm.exe
(2924) -- mbamgui.exe
(2940) -- PnkBstrA.exe
(2964) -- Updater.exe
(3032) -- WLIDSVC.EXE
(3816) -- WLIDSVCM.EXE

################## | Éléments infectieux |


(!) Fichiers temporaires supprimés.

################## | Réparations registre |

Réparé ! HKLM\Software\Microsoft\Internet Explorer\Main|[Default_search_url] : http://go.microsoft.com/fwlink/?LinkId=54896 - http://www.microsoft.com/isapi/redir.dl ... r=iesearch
Réparé ! HKLM\Software\Microsoft\Internet Explorer\Main|[Default_page_url] : http://go.microsoft.com/fwlink/?LinkId=69157 - http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
Réparé ! HKLM\Software\Microsoft\Internet Explorer\Main|[Search bar] : - http://search.msn.com/spbasic.htm
Réparé ! HKLM\Software\Microsoft\Internet Explorer\Main|[Start page] : http://www.google.com - http://fr.msn.com/
Réparé ! HKCU\Software\Microsoft\Internet Explorer\Main|[Default_search_url] : http://www.google.com/ie - http://www.microsoft.com/isapi/redir.dl ... r=iesearch
Réparé ! HKCU\Software\Microsoft\Internet Explorer\Main|[Default_page_url] : http://fr.msn.com/?ocid=OIE9HP - http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
Réparé ! HKCU\Software\Microsoft\Internet Explorer\Main|[Search bar] : http://www.google.com/ie - http://go.microsoft.com/fwlink/?linkid=54896
Réparé ! HKCU\Software\Microsoft\Internet Explorer\Main|[Search page] : http://www.google.com - http://go.microsoft.com/fwlink/?LinkId=54896
Réparé ! HKCU\Software\Microsoft\Internet Explorer\Main|[Start page] : http://www.google.com - http://fr.msn.com/
Réparé ! HKCU\Software\Microsoft\Internet Explorer\Main|[Window Title] : Internet Explorer, optimized for Bing and MSN - Windows Internet Explorer
Réparé ! HKCU\Software\Microsoft\Internet Explorer\SearchURL|[] : http://www.google.com/search?q=%s -
Réparé ! HKCU\Software\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}|[] : - Live Search
Réparé ! HKCU\Software\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}|[DisplayName] : - @ieframe.dll,-12512
Réparé ! HKCU\Software\Microsoft\Internet Explorer\SearchScopes\${searchCLSID}|[URL] : - http://search.live.com/results.aspx?q={ ... rer:source?}

################## | Registre |

Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr
Avatar du membre
par 2011N2
#58173
Re,

Ah bah même là il est incomplet.

Fais moi un nouveau ZHPDiag stp.
Pense à héberger le rapport.

Gabriel.
Avatar du membre
par sebsola
#58177
Re, voila le lien ! http://cjoint.com/?CHBsmpNs0Sx ] http://cjoint.com/?CHBsmpNs0Sx [/url]Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-27-08-2013-18-22-49.txt
Run by Nathalie et J.Pierre at 27/08/2013 18:22:49
High Elevated Privileges : OK
Windows 7 Ultimate Edition, 32-bit (Build 7600)

Corbeille vidée

========== Logiciel(s) ==========
SUPPRIME SweetIM for Messenger 3.6
ABSENT Uninstall Process: c:\program files\regensoft\downloader app\uninstaller.exe
SUPPRIME Ask Toolbar
SUPPRIME Google Toolbar for Internet Explorer

========== Processus mémoire ==========
SUPPRIME Memory Process: C:\Users\Nathalie et J.Pierre\Desktop\ssk_claro.exe
SUPPRIME Memory Process: C:\Users\Nathalie et J.Pierre\Downloads\SweetImSetup.exe
SUPPRIME Memory Process: C:\Windows\Installer\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}\ARPPRODUCTICON.exe
SUPPRIME Memory Process: C:\Users\Nathalie et J.Pierre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage
SUPPRIME Memory Process: C:\Users\Nathalie et J.Pierre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage-journal

========== Clé(s) du Registre ==========
SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Downloader App]
SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}]
ABSENT Key: HKCU\Software\Blabbers
SUPPRIME Key: HKLM\Software\360Safe
SUPPRIME Key: HKLM\Software\Trymedia Systems
SUPPRIME CLSID MPSK: {101ccda5-04ca-11e2-bfa9-001e8c99f3c4}
SUPPRIME CLSID MPSK: {4c17df7b-8386-11e0-8a95-001e8c99f3c4}
SUPPRIME Key*: SearchScopes :{33524C00-63FB-43DB-A6BF-0A4E14B24649}
ABSENT SearchScopes :{33524C00-63FB-43DB-A6BF-0A4E14B24649}
ABSENT Key: \Software\Classes\Installer\Products\\B2BBB5D0440F3C6478B7A6B61E0ED891
SUPPRIME Key: \Software\Classes\Installer\Products\\F092B960893592640A90584BCB4B1B9B
SUPPRIME Key: \Software\Classes\Installer\Features\F092B960893592640A90584BCB4B1B9B
SUPPRIME Key: \Software\Classes\Installer\Products\\FA20CB7A821113A4CB8FA1E38E303D3B
SUPPRIME Key: \Software\Classes\Installer\Features\FA20CB7A821113A4CB8FA1E38E303D3B
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0D5BBB2B-F044-46C3-877B-6A6BE1E08D19}
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Downloader App
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\430E8DB44F0E90547A3564A7E858C48D
ABSENT Key: HKLM\Software\Classes\Installer\Features\B2BBB5D0440F3C6478B7A6B61E0ED891
ABSENT Key: HKLM\Software\Classes\Installer\Products\B2BBB5D0440F3C6478B7A6B61E0ED891
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2BBB5D0440F3C6478B7A6B61E0ED891
ABSENT Key: HKLM\Software\Classes\Installer\Features\F092B960893592640A90584BCB4B1B9B
ABSENT Key: HKLM\Software\Classes\Installer\Products\F092B960893592640A90584BCB4B1B9B
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F092B960893592640A90584BCB4B1B9B
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
ABSENT Key: HKLM\Software\Classes\Installer\Features\FA20CB7A821113A4CB8FA1E38E303D3B
ABSENT Key: HKLM\Software\Classes\Installer\Products\FA20CB7A821113A4CB8FA1E38E303D3B
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{938958E8-355C-49FF-92B0-53C1B87ACEA9}
ABSENT Key: HKLM\Software\360Safe
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
SUPPRIME Key*: HKCU\Software\Blabbers
ABSENT Key: HKLM\Software\Trymedia Systems
SUPPRIME Key: CLSID BHO: {19C8E43B-07B3-49CB-BFFC-6777B593E6F8}
SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{19C8E43B-07B3-49CB-BFFC-6777B593E6F8}]
ABSENT Key: CLSID BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7}
SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{95080B13-AA71-4EE8-B951-7E98221E1ED5}]
SUPPRIME Key: HKCU\Software\4shared Toolbar
ABSENT Key: \Software\Classes\Installer\Products\\D23364647365A600677A7A857BC03000
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4646332D-5637-006A-76A7-A758B70C0300}
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}
ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
ABSENT Key: HKCU\Software\4shared Toolbar
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95525BD9-6136-4A26-8263-9CEE295D442D}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95525BD9-6136-4A26-8263-9CEE295D442D}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{95525BD9-6136-4A26-8263-9CEE295D442D}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95080B13-AA71-4EE8-B951-7E98221E1ED5}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95080B13-AA71-4EE8-B951-7E98221E1ED5}
ABSENT Key: HKLM\Software\Classes\CLSID\{95080B13-AA71-4EE8-B951-7E98221E1ED5}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
SUPPRIME Key: HKLM\Software\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
SUPPRIME Driver Key: SBRE

========== Valeur(s) du Registre ==========
SUPPRIME {6C07D37E-079A-4E8D-832B-23EB03D6DE4B}
SUPPRIME {37F93053-A634-4306-AAC5-533708FC9D1E}
SUPPRIME {428F2F02-E70E-4561-8C8B-2035C4162BFC}
SUPPRIME {53D0BCB6-7310-4D94-924A-FE8A3048CC6D}
SUPPRIME {C2C2855D-3100-44B9-9C96-25C7C9F66014}
SUPPRIME {CEBAA7CA-A9BB-4CB9-8544-2AD6FD5CA14A}
SUPPRIME {76FCD2D3-91E4-4844-B32C-C7DBCABFB865}
SUPPRIME {2C4D972E-A85A-4097-A49B-09CA55EC85C5}
SUPPRIME {F405BD5C-C719-4984-920A-8A2395442025}
SUPPRIME {0D1F07E6-A0DC-4589-8D5D-7DC49A5C0175}
SUPPRIME Toolbar: {95080B13-AA71-4EE8-B951-7E98221E1ED5}
ABSENT Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F}
ABSENT [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}
SUPPRIME {6639B1D5-0B69-44D4-AC04-4ED537FE88C9}
SUPPRIME {D6FE5832-8C52-4F1C-A15A-3CABA80CB597}
SUPPRIME {EAA77729-91CC-441E-B766-8D0EFEF97CD5}
SUPPRIME {D6AE8DD4-AE67-439F-8920-B49FA125EC81}
SUPPRIME {A8326CCF-0987-477B-B8EB-5ABCB1CA056F}
SUPPRIME {71FCD47F-C01C-47D3-8715-590157824261}
SUPPRIME TCP Query User{6332726A-2314-4E2A-9F99-5BF7B17A2EA1}G:\a.w.a.x\hawx.exe
SUPPRIME UDP Query User{F9C232C9-D2AA-44C0-81C9-04AB5891CFDD}G:\a.w.a.x\hawx.exe
SUPPRIME TCP Query User{38FF9EAC-B954-4FC7-8E43-49EFBD52C2E8}H:\a.w.a.x\hawx.exe
SUPPRIME UDP Query User{ABD6300F-3E81-48B3-8B24-A00F6DBB43B3}H:\a.w.a.x\hawx.exe
SUPPRIME TCP Query User{5425C982-A5DC-4C5D-B44B-4CA857C0A64A}H:\a.w.a.x\hawx_dx10.exe
SUPPRIME UDP Query User{881D3BCB-6FC3-4439-B54E-32B9A3EC46B1}H:\a.w.a.x\hawx_dx10.exe
SUPPRIME TCP Query User{C4A37692-0775-42AB-8516-7B0985B1386C}G:\a.w.a.x\hawx_dx10.exe
SUPPRIME UDP Query User{B30DBE12-3907-493B-9B63-8BC496CF20F4}G:\a.w.a.x\hawx_dx10.exe
SUPPRIME {02EDC995-EB44-4C2B-B728-2891B31588EE}
SUPPRIME TCP Query User{B31FB366-436F-488D-A5AF-E7E3C44BB83C}H:\call of duty 4 - modern warfare\iw3mp.exe
SUPPRIME UDP Query User{696C08C6-9500-4451-9C8F-3D1E4A38735A}H:\call of duty 4 - modern warfare\iw3mp.exe
SUPPRIME TCP Query User{BEA29C69-B62B-4D15-AE0E-49DA2A751BCC}I:\dossier sauvegarde ordi seb\savegarde\activision\call of duty 4 - modern warfare\iw3mp.exe
SUPPRIME UDP Query User{D62FBAC7-88AA-43A6-B68C-8801AE58DD70}I:\dossier sauvegarde ordi seb\savegarde\activision\call of duty 4 - modern warfare\iw3mp.exe
SUPPRIME {6AB771C7-432F-40DB-9DBC-40CE5A90743E}
SUPPRIME {12C13609-D3AE-4913-A3F5-61C0BD4CADB4}

========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\Nathalie et J.Pierre\AppData\Local\Google\Chrome\User Data\Default\Preferences
SUPPRIME Chrome Site: http://search.babylon.com

========== Dossier(s) ==========
Aucun dossiers CLSID Local utilisateur vide

========== Fichier(s) ==========
SUPPRIME File***: c:\users\nathalie et j.pierre\desktop\ssk_claro.exe
SUPPRIME File: C:\Windows\Installer\1606d9.msi
SUPPRIME File*: c:\windows\installer\1606d9.msi
ABSENT Folder/File: c:\windows\installer\19e9d7f.msi
SUPPRIME File: C:\Windows\Installer\5ebbe5.msi
SUPPRIME File*: c:\windows\installer\5ebbe5.msi
SUPPRIME File: C:\Windows\Installer\6e4fc.msi
SUPPRIME File: c:\users\nathalie et j.pierre\downloads\sweetimsetup.exe
ABSENT Folder/File: c:\windows\installer\{0d5bbb2b-f044-46c3-877b-6a6be1e08d19}\arpproducticon.exe
SUPPRIME File: C:\Windows\Installer\{069B290F-5398-4629-A009-85B4BCB4B1B9}\Claro.ico
SUPPRIME File: c:\windows\installer\{a7bc02af-1128-4a31-bcf8-1a3ee803d3b3}\arpproducticon.exe
ABSENT Folder/File: c:\windows\installer\1606d9.msi
ABSENT Folder/File: c:\windows\installer\5ebbe5.msi
ABSENT Folder/File: c:\windows\installer\6e4fc.msi
SUPPRIME File: c:\users\nathalie et j.pierre\appdata\roaming\mozilla\firefox\profiles\farzp2hy.default\searchplugins\wiseconvert-15-customized-web-search.xml
SUPPRIME File: c:\program files\common files\fluxdvd\download manager\xebdlhelper.dll
ABSENT File: c:\program files\google\google toolbar\googletoolbar_32.dll
ABSENT File: c:\program files\4shared toolbar\4sharedbar.dll
ABSENT File: c:\users\nathalie et j.pierre\appdata\local\google\chrome\user data\default\local storage\http_www.delta-search.com
ABSENT Folder/File: c:\windows\installer\259ae.msi
ABSENT Folder/File: c:\windows\installer\65b688a.msi
ABSENT Folder/File: c:\users\nathalie et j.pierre\appdata\roaming\mozilla\firefox\profiles\farzp2hy.default\toolbar_ff3-v7@apn.ask.com
ABSENT Folder/File: c:\users\nathalie et j.pierre\appdata\roaming\mozilla\firefox\profiles\farzp2hy.default\{3112ca9c-de6d-4884-a869-9855de68056c}
ABSENT Folder/File: c:\users\nathalie et j.pierre\appdata\roaming\mozilla\firefox\profiles\farzp2hy.default\searchplugins\wiseconvert-15-customized-web-search.xml
ABSENT Folder/File: c:\program files\google\google toolbar\googletoolbar_32.dll
SUPPRIME File***: c:\users\nathalie et j.pierre\appdata\local\google\chrome\user data\default\local storage\http_www.delta-search.com_0.localstorage
SUPPRIME File***: c:\users\nathalie et j.pierre\appdata\local\google\chrome\user data\default\local storage\http_www.delta-search.com_0.localstorage-journal
ABSENT Folder/File: c:\windows\installer\{4646332d-5637-006a-76a7-a758b70c0300}\toolbaricon.exe
SUPPRIME File: c:\users\nathalie et j.pierre\desktop\continuer l'installation samsung kies.lnk
ABSENT File: c:\users\nathalie et j.pierre\appdata\local\temp\icreinstall_kiessetup.exe
SUPPRIME File: c:\users\nathalie et j.pierre\desktop\continuer l'installation switch audio converter.lnk
ABSENT File: c:\users\nathalie et j.pierre\appdata\local\temp\icreinstall_switchsetup.exe
SUPPRIME File: c:\users\nathalie et j.pierre\desktop\dvc100 - raccourci.lnk
SUPPRIME File: c:\windows\prefetch\wget.dat-9bbb64c9.pf
SUPPRIME File: c:\windows\prefetch\jrt.exe-1a3ed2ea.pf
SUPPRIME File: c:\windows\prefetch\sort.exe-99a4f778.pf
SUPPRIME File: c:\windows\prefetch\fc.exe-6d8db995.pf
SUPPRIME File: c:\windows\prefetch\cut.dat-85bd06b2.pf
SUPPRIME File: c:\windows\prefetch\find.exe-e2237f6d.pf
SUPPRIME File: c:\windows\prefetch\shortcut.dat-c01bdb4a.pf
SUPPRIME File: c:\windows\prefetch\nircmd.dat-78e8acdf.pf
SUPPRIME File: c:\windows\prefetch\sed.dat-09333de2.pf
SUPPRIME File: c:\windows\prefetch\devicedisplayobjectprovider.e-17410b90.pf
SUPPRIME File: c:\windows\prefetch\aggluad_p_s-1-5-21-1588436310-4293117931-2997942664-1000.db
SUPPRIME File: c:\windows\prefetch\aggluad_s-1-5-21-1588436310-4293117931-2997942664-1000.db
SUPPRIME File: c:\windows\prefetch\kiestrayagent.exe-d725014b.pf
SUPPRIME File: c:\windows\prefetch\rocketpdf.exe-e5edf7aa.pf
SUPPRIME File: c:\windows\prefetch\cnmse93.exe-70378d07.pf
SUPPRIME File: c:\windows\prefetch\avast.setup-b1d66586.pf
SUPPRIME File: c:\windows\prefetch\ssbkgdupdate.exe-872aa1f4.pf
SUPPRIME File: c:\windows\prefetch\cnslmain.exe-edf91778.pf
SUPPRIME File: c:\windows\prefetch\xinside.exe-e3bb7fe0.pf
SUPPRIME File: c:\windows\prefetch\opwarese4.exe-a2de995d.pf
SUPPRIME File: c:\windows\prefetch\vcddaemon.exe-6d09211f.pf
SUPPRIME File: c:\windows\prefetch\mousedriver.exe-9546b910.pf
SUPPRIME File: c:\windows\prefetch\ituneshelper.exe-fcf4252e.pf
SUPPRIME File: c:\users\nathalie et j.pierre\appdata\local\temp\~dfdfd3675fc89f6302.tmp
SUPPRIME File: c:\users\nathalie et j.pierre\appdata\local\temp\~df389ab17167244a1c.tmp
SUPPRIME File: c:\users\nathalie et j.pierre\appdata\local\temp\vbe\msforms.exd
SUPPRIME File: c:\users\nathalie et j.pierre\appdata\local\temp\kiesliveupdatetemp\pluginhost.xml
SUPPRIME Reboot c:\users\nathalie et j.pierre\appdata\local\temp\~nsu.tmp\au_.exe
SUPPRIME File: c:\users\nathalie et j.pierre\appdata\local\temp\~df562c2894fd937564.tmp
SUPPRIME File: c:\users\nathalie et j.pierre\appdata\local\temp\~df9d2d24fd1d5552d0.tmp
SUPPRIME File: c:\users\nathalie et j.pierre\appdata\local\temp\~df54c87301fe6fe9bc.tmp
SUPPRIME Temporaires Windows
SUPPRIME Flash Cookies

========== Tache planifiée ==========
SUPPRIME Task: PC Performer
SUPPRIME Task: RunAsStdUser Task
SUPPRIME Task: Ad-Aware Antivirus Scheduled Scan
SUPPRIME Task: {01AE3AE6-C3BC-457A-8E25-0E5AC55EA3B6}
SUPPRIME Task: {042DF653-978D-44AE-AF44-74BB40532AA5}
SUPPRIME Task: {20CB8837-DAAA-407E-8E91-BCA371657883}
SUPPRIME Task: {2B0A11A4-3B8A-4125-93C7-6A33DED6DE1B}
SUPPRIME Task: {358CC0A8-2C4B-4A80-8F13-6AE50C0197DC}
SUPPRIME Task: {35953DD1-08BE-4F91-B959-6CF523645A30}
SUPPRIME Task: {3F4F0F44-D57B-4FA6-85D9-8AF72F847676}
SUPPRIME Task: {42653F92-F38F-4333-98D4-AE5CC478C9D6}
SUPPRIME Task: {436310DE-A18D-4A1E-8CE1-6D20C158157D}
SUPPRIME Task: {50904246-048F-495A-B507-BFD4CE416B78}
SUPPRIME Task: {6256CBF0-9019-44C7-94D5-A8B7E67FE9F1}
SUPPRIME Task: {6A4AEC13-3461-476C-9DCC-0EF101DDB5A2}
SUPPRIME Task: {6D038380-EE46-4B16-A1B7-AF1E9C2CF1EB}
SUPPRIME Task: {6D4E56E5-487E-40F0-B435-6F3CCFA382F6}
SUPPRIME Task: {71229F2C-AEE2-428B-ACA7-0A859537B0EA}
SUPPRIME Task: {72F251D6-1EC1-44AB-A765-7C3AA2771F36}
SUPPRIME Task: {87890716-B0D8-41EC-BA9E-19D904ABCE8F}
SUPPRIME Task: {8FBFD4EB-27A1-4C1E-B17D-510C4CD4D758}
SUPPRIME Task: {9C9CB44C-ED92-4762-9013-0594722D61F4}
SUPPRIME Task: {9D474162-7EE2-4CD9-808B-49D5F9FAB560}
SUPPRIME Task: {A471D758-4E22-42E4-BAAF-5C1B7006953E}
SUPPRIME Task: {B0E99BD0-59BC-4726-A1AC-BEDB44A46ED9}
SUPPRIME Task: {B8B40159-B23F-4048-A737-11EA2C570DF1}
SUPPRIME Task: {BB012753-68C7-4820-9706-3835C05AEBEE}
SUPPRIME Task: {CC23986D-C16C-457F-A066-E20967872877}
SUPPRIME Task: {D017EB7D-71C6-4937-85BA-FAB9D1284813}
SUPPRIME Task: {D934551B-A88F-4A2A-8778-0655EDDC9B4F}
SUPPRIME Task: {DEA6C430-E726-4311-BEB5-CF1CB5E7D84B}
SUPPRIME Task: {E3CD7839-80A1-4A53-95A4-7FFF4B043D77}
SUPPRIME Task: {E67B5BD3-7CDD-4727-BB4B-4F3F77F553DB}
SUPPRIME Task: {F118EFFD-20BA-451B-819A-C3EF9E185256}
SUPPRIME Task: {F6976A51-1429-4934-9F03-BB67FA42D8A0}
SUPPRIME Task: {F9D9E3CD-8FFA-4BA4-93DB-CBA57892C75C}

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
5 : Processus mémoire
120 : Clé(s) du Registre
34 : Valeur(s) du Registre
1 : Dossier(s)
66 : Fichier(s)
4 : Logiciel(s)
2 : Préférences navigateur
36 : Tache planifiée
1 : Restauration Système


End of clean in 02mn 47s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 26/08/2013 12:22:49 [5421]
C:\ZHP\ZHPFix[R2].txt - 27/08/2013 18:22:49 [24946]
Avatar du membre
par sebsola
#58305
Re,
A la date du scan je n'ai que sa :
2013/08/27 18:29:06 +0200 NATHALIEETJPIER Nathalie et J.Pierre MESSAGE Protection stopped
2013/08/27 18:29:29 +0200 NATHALIEETJPIER Nathalie et J.Pierre MESSAGE Starting database refresh
2013/08/27 18:29:32 +0200 NATHALIEETJPIER Nathalie et J.Pierre MESSAGE Database refreshed successfully
Avatar du membre
par 2011N2
#58307
Re,

Bon, tant pis.
Il avait détecté des éléments ?

À priori il n'y avait rien de spécial à part la quarantaine de AdwCleaner et ZHPFix.

Gabriel.
Avatar du membre
par 2011N2
#58312
Re,

Oui ce n'est pas étonnant, cela devait provenir des quarantaines des logiciels que je t'ai fait passer.

Sinon plus de problème on peut finaliser ?

Gabriel.
Avatar du membre
par sebsola
#58329
Re,
Voila le rapport delfix
# DelFix v10.4 - Rapport créé le 28/08/2013 à 11:30:52
# Mis à jour le 19/07/2013 par Xplode
# Nom d'utilisateur : Nathalie et J.Pierre - NATHALIEETJPIER
# Système d'exploitation : Windows Se7en Titan (32 bits)

~ Activation de l'UAC ... OK

~ Suppression des outils de désinfection ...

Supprimé : C:\USBFix
Supprimé : C:\ZHP
Supprimé : C:\Program Files\ZHPDiag
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\UsbFix [Clean 2] NATHALIEETJPIER.txt
Supprimé : C:\Users\Public\Desktop\MBRCheck.lnk
Supprimé : C:\Users\Nathalie et J.Pierre\Downloads\AdwCleaner(1).exe
Supprimé : C:\Users\Nathalie et J.Pierre\Downloads\AdwCleaner.exe
Supprimé : C:\Users\Nathalie et J.Pierre\Downloads\JRT.exe
Supprimé : C:\Users\Nathalie et J.Pierre\Downloads\UsbFix(1).exe
Supprimé : C:\Users\Nathalie et J.Pierre\Downloads\UsbFix(2).exe
Supprimé : C:\Users\Nathalie et J.Pierre\Downloads\UsbFix.exe
Supprimé : C:\Users\Nathalie et J.Pierre\Downloads\ZHPDiag2(1).exe
Supprimé : C:\Users\Nathalie et J.Pierre\Downloads\ZHPDiag2.exe
Supprimée : HKCU\Software\USBFix
Supprimée : HKLM\SOFTWARE\AdwCleaner
Supprimée : HKLM\SOFTWARE\USBFix
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\USBFix
Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1

########## - EOF - ##########
Avatar du membre
par sebsola
#58338
Voila le rapport du check :
Results of screen317's Security Check version 0.99.73
Windows 7 x86 (UAC is enabled)
Out of date service pack!!
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Java 7 Update 25
Adobe Flash Player 11.8.800.94
Adobe Reader XI
Mozilla Firefox (23.0.1)
Google Chrome 28.0.1500.72
Google Chrome 28.0.1500.95
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Bug PC

Bonsoir Nicouille04 Oui, une restauration &agra[…]

Une partie de mon problème a ét&eacu[…]

désinstaller sophos

:bonjour: tu remets frst et addition je t'ai de[…]

Hello!

Nice to meet you, guys! Opportunities like schola[…]