[Résolu] Analyse de rapport OTL, please help!

[Purpano]

Bonjour,

Depuis quelques mois déjà, mon ordinateur est anormalement lent, et les choses se sont sérieusement empirées très récemment…
J’ai fait une analyse complète classique avec Avast, un coup d’Adwcleaner et de Ccleaner. Son état s'est amélioré mais je trouve qu’il rame toujours un peu. Il faut préciser que je n’avais pas fait de nettoyage depuis presque 1 an… (Je sais, quel aberration !).
Inutile donc de préciser que je ne maîtrise pas l’analyse de rapport OTL…
Quelqu’un pourrait-il m’aider s’il-vous-plaît (lien OTL ci-dessous) ?

http://pjjoint.malekal.com/files.php?id ... 3b11q13s13

[SkyTech]

Yop,

Tu as des restes de Norton :

Vas dans ajout/suppression de programmes du panneau de configuration.
Dans la liste, cherche tout ce qui peut porter le mot suivant et lance la désinstallation :
CC_ccProxyMSI
CC_ccStart
ccCommon
LiveReg (Symantec Corporation)
LiveUpdate (Symantec Corporation)
Tout ce qui porte le mot Symantec
Tout ce qui porte le mot Norton

Utilise le removals tools de Symantec.

---

Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous et clic Correction, un rapport apparraitra suite à l’operation que tu conserveras sur clé usb par exemple afin d’en coller le resultat:

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}: "URL" = http://search.jzip.com/web?src=ieb&syst ... earchTerms}
IE - HKU\S-1-5-21-3901852795-4180113457-267475402-1002\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2504091
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-3901852795-4180113457-267475402-1002\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
O33 - MountPoints2\{140a4604-4c56-11df-b5fd-00140b4c50bf}\Shell - "" = AutoRun
O33 - MountPoints2\{140a4604-4c56-11df-b5fd-00140b4c50bf}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{3c0e599f-893a-11dd-a51e-0015afe955da}\Shell\AutoRun\command - "" = 3g08.bat
O33 - MountPoints2\{3c0e599f-893a-11dd-a51e-0015afe955da}\Shell\explore\Command - "" = 3g08.bat
O33 - MountPoints2\{3c0e599f-893a-11dd-a51e-0015afe955da}\Shell\open\Command - "" = 3g08.bat
O33 - MountPoints2\{4f3b7c55-40da-11e1-be1f-0015afe955da}\Shell - "" = AutoRun
O33 - MountPoints2\{4f3b7c55-40da-11e1-be1f-0015afe955da}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{4f9f24ea-67d6-11df-b4f5-00140b4c50bf}\Shell\AutoRun\command - "" = F:\U3ROM/flyhigh.exe
O33 - MountPoints2\{4f9f24ea-67d6-11df-b4f5-00140b4c50bf}\Shell\Explore\Command - "" = F:\U3ROM/flyhigh.exe
O33 - MountPoints2\{4f9f24ea-67d6-11df-b4f5-00140b4c50bf}\Shell\opeN\commanD - "" = F:\U3ROM/flyhigh.exe
O33 - MountPoints2\{6457225b-02bb-11df-adfe-c227440b232e}\Shell\AutoRun\command - "" = opdux.exe
O33 - MountPoints2\{6457225b-02bb-11df-adfe-c227440b232e}\Shell\open\Command - "" = opdux.exe
O33 - MountPoints2\{76772a52-d40a-11de-8fe8-0015afe955da}\Shell\AutoRun\command - "" = 8.exe
O33 - MountPoints2\{76772a52-d40a-11de-8fe8-0015afe955da}\Shell\open\Command - "" = 8.exe
O33 - MountPoints2\{88df76dc-04da-11df-ad6e-8a4ea895a514}\Shell\AutoRun\command - "" = opdux.exe
O33 - MountPoints2\{88df76dc-04da-11df-ad6e-8a4ea895a514}\Shell\open\Command - "" = opdux.exe
O33 - MountPoints2\{be11c57b-215f-11e0-95ed-0015afe955da}\Shell - "" = AutoRun
O33 - MountPoints2\{be11c57b-215f-11e0-95ed-0015afe955da}\Shell\AutoRun\command - "" = E:\unlock.exe autoplay=true
O33 - MountPoints2\{d1b04be8-60df-11e0-b1da-00140b4c50bf}\Shell - "" = AutoRun
O33 - MountPoints2\{d1b04be8-60df-11e0-b1da-00140b4c50bf}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\autorun.exe -- [2002/02/12 12:23:58 | 000,397,312 | R--- | M] ()
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\autorun.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2012/09/25 18:30:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Extension de garantie.job
[2012/09/25 16:31:12 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3901852795-4180113457-267475402-1002UA.job
[2012/09/16 22:31:05 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3901852795-4180113457-267475402-1002Core.job
[2008/09/28 14:13:23 | 000,000,000 | ---D | M] -- C:\Users\pbell\AppData\Roaming\Symantec
@Alternate Data Stream - 76 bytes -> C:\Users\pbell\Documents\Mes fichiers reçus:Roxio EMC Stream
SRV - [2012/08/16 13:44:18 | 000,362,104 | ---- | M] () [Auto | Running] -- C:\Windows\System32\dmwu.exe -- (WebOptimizer)
SRV - [2007/02/15 20:05:32 | 002,975,352 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE -- (LiveUpdate)
:commands
[purity]
[emptytemp]
[emptyflash]

* redemarre le pc sous windows et poste le rapport ici

[Purpano]

Merci pour le coup de main SkyTech!

J'ai suivi tes instructions: je n'ai pas trouvé de résidus de programme de Norton mais j'ai quand même appliqué le "Norton removal toll" (il y a avait plusieurs choix d'outil mais il me semble avoir pris le bon), puis j'ai utilisé aussi le "removal Tool" de Kaspersky puisque je l'avais il y a encore peu.

Tu trouveras le rapport de correction OLT ci-dessous.
Encore merci!

"
All processes killed
========== OTL ==========
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys not found.
Service MBAMSwissArmy stopped successfully!
Service MBAMSwissArmy deleted successfully!
File C:\Windows\system32\drivers\mbamswissarmy.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\system32\drivers\blbdrive.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}\ not found.
Registry key HKEY_USERS\S-1-5-21-3901852795-4180113457-267475402-1002\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5\ deleted successfully.
c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{381FFDE8-2394-4f90-B10D-FC6124A40F8C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{381FFDE8-2394-4f90-B10D-FC6124A40F8C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3901852795-4180113457-267475402-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\toolbar_eula_launcher not found.
C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{140a4604-4c56-11df-b5fd-00140b4c50bf}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{140a4604-4c56-11df-b5fd-00140b4c50bf}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{140a4604-4c56-11df-b5fd-00140b4c50bf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{140a4604-4c56-11df-b5fd-00140b4c50bf}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c0e599f-893a-11dd-a51e-0015afe955da}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c0e599f-893a-11dd-a51e-0015afe955da}\ not found.
File 3g08.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c0e599f-893a-11dd-a51e-0015afe955da}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c0e599f-893a-11dd-a51e-0015afe955da}\ not found.
File 3g08.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3c0e599f-893a-11dd-a51e-0015afe955da}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3c0e599f-893a-11dd-a51e-0015afe955da}\ not found.
File 3g08.bat not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f3b7c55-40da-11e1-be1f-0015afe955da}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f3b7c55-40da-11e1-be1f-0015afe955da}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f3b7c55-40da-11e1-be1f-0015afe955da}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f3b7c55-40da-11e1-be1f-0015afe955da}\ not found.
File E:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f9f24ea-67d6-11df-b4f5-00140b4c50bf}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f9f24ea-67d6-11df-b4f5-00140b4c50bf}\ not found.
File F:\U3ROM/flyhigh.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f9f24ea-67d6-11df-b4f5-00140b4c50bf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f9f24ea-67d6-11df-b4f5-00140b4c50bf}\ not found.
File F:\U3ROM/flyhigh.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f9f24ea-67d6-11df-b4f5-00140b4c50bf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4f9f24ea-67d6-11df-b4f5-00140b4c50bf}\ not found.
File F:\U3ROM/flyhigh.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6457225b-02bb-11df-adfe-c227440b232e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6457225b-02bb-11df-adfe-c227440b232e}\ not found.
File opdux.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6457225b-02bb-11df-adfe-c227440b232e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6457225b-02bb-11df-adfe-c227440b232e}\ not found.
File opdux.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76772a52-d40a-11de-8fe8-0015afe955da}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76772a52-d40a-11de-8fe8-0015afe955da}\ not found.
File 8.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76772a52-d40a-11de-8fe8-0015afe955da}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76772a52-d40a-11de-8fe8-0015afe955da}\ not found.
File 8.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88df76dc-04da-11df-ad6e-8a4ea895a514}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88df76dc-04da-11df-ad6e-8a4ea895a514}\ not found.
File opdux.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{88df76dc-04da-11df-ad6e-8a4ea895a514}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88df76dc-04da-11df-ad6e-8a4ea895a514}\ not found.
File opdux.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be11c57b-215f-11e0-95ed-0015afe955da}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be11c57b-215f-11e0-95ed-0015afe955da}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be11c57b-215f-11e0-95ed-0015afe955da}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{be11c57b-215f-11e0-95ed-0015afe955da}\ not found.
File E:\unlock.exe autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1b04be8-60df-11e0-b1da-00140b4c50bf}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d1b04be8-60df-11e0-b1da-00140b4c50bf}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d1b04be8-60df-11e0-b1da-00140b4c50bf}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d1b04be8-60df-11e0-b1da-00140b4c50bf}\ not found.
File F:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ not found.
File move failed. D:\autorun.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File E:\autorun.exe not found.
C:\Windows\DUMP4ab5.tmp deleted successfully.
C:\Windows\Tasks\Extension de garantie.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3901852795-4180113457-267475402-1002UA.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3901852795-4180113457-267475402-1002Core.job moved successfully.
Folder C:\Users\pbell\AppData\Roaming\Symantec\ not found.
ADS C:\Users\pbell\Documents\Mes fichiers reçus:Roxio EMC Stream deleted successfully.
Service WebOptimizer stopped successfully!
Service WebOptimizer deleted successfully!
C:\Windows\System32\dmwu.exe moved successfully.
Error: No service named LiveUpdate was found to stop!
Service\Driver key LiveUpdate not found.
File C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: pbell
->Temp folder emptied: 45309473 bytes
->Temporary Internet Files folder emptied: 9033996 bytes
->Java cache emptied: 5495225 bytes
->FireFox cache emptied: 70570318 bytes
->Apple Safari cache emptied: 1860608 bytes
->Flash cache emptied: 1920555 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 524304 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 129,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: pbell
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.68.0 log created on 09262012_175424

Files\Folders moved on Reboot...
File\Folder D:\autorun.exe not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\TMP000000224BA839A83022C789 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
"

[SkyTech]

Relance OTL et clic sur purge outil.

Puis :

Télécharge HiJackThis de Merijn sur ton bureau.

• Procède à son installation.
• Une fois l'installation achevée, lance le via son icône sur le bureau ou bien via Démarrer>Tout les Programmes>HijackThis>Hijackthis
• Clique sur "Do a system scan and save a logfile".
• Le rapport s'affiche dans le bloc-note à présent.
• Copie colle son contenu dans ton prochain message sur le forum.

Note: Tu peut t'aider de ce tutorial si tu rencontre un problème: Guide sur HiJackThis

[Purpano]

Voilà chef:
"
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:09:43, on 26/09/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek Semiconductor Corp\Realtek Card Reader Monitor\CardReaderMonitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Users\pbell\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\pbell\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/r ... ey=IESTART
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CardReaderMonitor] C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCCtime.dll,[email protected]
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\pbell\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcc_device - Unknown owner - C:\Windows\system32\dlcccoms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: WeFi Engine Service (WefiEngSvc) - WeFi - C:\Program Files\WeFi\WefiEngSvc.exe

--
End of file - 8279 bytes
"

[SkyTech]

Relance HijackThis (clic droit dessus, Exécuter en tant qu'administrateur), coche ces lignes en rouge et clic sur Fix checked.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://format.packardbell.com/cgi-bin/r ... ey=IESTART
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CardReaderMonitor] C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe
O4 - HKLM\..\Run: [DLCCCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCCtime.dll,[email protected]
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\pbell\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

---

Utilise cette astuce : http://forum.malekal.com/executer-dans- ... tml#p64205

Et :

Menu démarrer, exécuter, tape services.msc, entrée

Dans la fenêtre qui s'ouvre cherche :

Apple Mobile Device
Service Bonjour
Skype Updater
WDDMService
WD File Management Engine
WD File Management Shadow Engine

Double clique dessus, dans type de démarrage mets manuel.

Mets celui-là en désactivé :

NVIDIA Display Driver Service

Redémarre et poste un nouveau rapport HijackThis.

[Purpano]

Je constate déjà clairement les améliorations ! C'est génial

Voilà le nouveau rapport:

"
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:49:57, on 26/09/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\pbell\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcc_device - Unknown owner - C:\Windows\system32\dlcccoms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: WeFi Engine Service (WefiEngSvc) - WeFi - C:\Program Files\WeFi\WefiEngSvc.exe

--
End of file - 4494 bytes
"

[SkyTech]

Fix cette ligne :

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE RÉSEAU')

Optimise les services Windows (voir tuto en signature)

Et désactive des fonctionnalités inutiles (tu trouveras Dans Programmes & Fonctionnalités du Panneau de configuration) :



Redémarre et poste un nouveau rapport HijackThis.

[Purpano]

Yop, merci

"
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:19, on 27/09/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\pbell\Downloads\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: dlcc_device - Unknown owner - C:\Windows\system32\dlcccoms.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: WeFi Engine Service (WefiEngSvc) - WeFi - C:\Program Files\WeFi\WefiEngSvc.exe

--
End of file - 3854 bytes
"

[SkyTech]

C'est Ok

Finir le nettoyage :

Supprime :

C:\Program Files\Trend Micro\HijackThis\backups

Tu peux désinstaller\supprimer les programmes que nous avons utilisé via Ajout\Suppression de programmes du Panneau de configuration (XP) ou via désinstaller un programme (Vista / Seven)

Passe un coup de CCleaner (décoche la toolbar à l'installation)

Règle-le d'abord comme ici :

• Clique sur le Pinceau,
• Lancer le Nettoyage.
• Patiente,
• Ensuite clique sur Registre,
• Chercher des erreurs,
• Une fois l'analyse terminer clique sur Réparer les erreurs sélectionnées,
• CCleaner va te demander si tu veux Sauvegarder ou non, à toi de voir si tu le veux ou pas,
• Clique sur Corriger toutes les erreurs sélectionnées,
• OK,
• Tu peux fermer CCleaner.

Défragmente ton DD avec MyDefrag.

Défragmente ta base de registre avec NTREGOPT (Pour Vista / Seven : Clique droit dessus, exécuter en tant qu'administrateur)

Pendant la défragmentation (assez rapide) avec NTREGOPT ne tente pas de faire quoique ce soit avec le PC, tu ne pourras pas !

Désactiver l'indexation des fichiers :

• Poste de travail ou Ordinateur,
• Clique-droit sur les disques durs,
• Propriétés,
• Décochez :
  • Sur Xp : Autoriser l'indexation de ce disque pour la recherche rapides de fichiers
  • Sur Vista : Indexer ce lecteur pour une recherche rapide
• Appliquer les modifications à C:\et à tous les sous-dossiers et fichiers, si un message d'erreur apparaît cliquer sur Ignorer. Laissez faire.

Désactive puis réactive la restauration du système

[Purpano]

Super, c'est le jour et la nuit entre ses performances actuelles et les précédentes!

Merci encore pour ton aide!

A plouch