[Résolu] SVP, nettoyage....

powo · par **powo** » 14 déc. 2013 14:09

Bonjour, j'aurai besoin de faire un bon nettoyage de ce pc, car il rame, et envoie des pubs, ainsi que des vidéos intempestives par IE....

Ma config : Petit portable Packard bell 10.1''
Processor : Intel Atom N450
Intel graphics Media Accelerator 3150
Ram : 1GB
HDD : 250GB
OS : Windows 7 Starter

Et un rapport préléminaire de HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:02:25, on 14/12/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\vVX1000.exe
C:\Program Files\Iminent\Iminent.exe
C:\Program Files\Iminent\Iminent.Messengers.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Users\thalia\AppData\Roaming\cacaoweb\cacaoweb.exe
C:\Program Files\Video Web Camera\VideoWebCamera.exe
C:\Program Files\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... 5f4722g358
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/?appid=bf97eb ... d3406cb180
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.asp ... 5f4722g358
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.asp ... 5f4722g358
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} - C:\Program Files\Softonic_France\tbSoft.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\oberontb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [OMEA] "C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files\Iminent\Iminent.Messengers.exe /startup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [upt4pcfr4.exe] C:\Users\thalia\AppData\Local\tuto4pc_fr_4\upt4pcfr4.exe -runonce
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\thalia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [cacaoweb] "C:\Users\thalia\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: VideoWebCamera.exe.lnk = C:\Program Files\Video Web Camera\VideoWebCamera.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\Program Files\GamesBar\oberontb.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe

--
End of file - 10343 bytes

MERCI ...

SkyTech · par **SkyTech** » 14 déc. 2013 19:40

Bonsoir,

Tu dois connaître la cause de ces pubs depuis que tu es sur le fofo ?

Des logiciels additionnels sont proposés (barre d'outils, adwares) via l'installation de logiciel par éditeurs.
L'éditeur touche de l'argent à chaque installation réussie de ces additionnels tiers (un genre de sponsoring).
Seulement certains éditeurs, abusent, pour gagner plus d'argent, ils redistribuent des logiciels libres développés par des bénévoles en y ajoutant ces logiciels additionnels.
Des pubs trompeuses peuvent aussi être utilisés pour faire installer ces logiciels.

Outre le fait que les procédés sont discutables, l'accumulation de ces programmes additionnels non essentiels concourent à ralentir considérablement l'ordinateur (peux aussi faire planter les navigateurs WEB).
Certains font aussi du tracking anonymes (récupérations des thématiques de sites visités).

Tu as la même chose avec les barres d'outils :
Les barres d'outils sont là pour t'affilier à un service (moteur de recherche de Yahoo! ou Google), ça rajoute des fonctionnalités mais en général les navigateurs les ont par défaut.
De plus, elles enregistrent les sites que tu visites pour les transmettre (tracking) à faire de la publicité ciblée, c'est pas super niveau protection de la vie privée.
Plusieurs toolbars ralentissent le PC et peuvent faire planter les navigateurs WEB.
Au final, il est pas conseillé d'en utiliser.

Lire :
Les PUPs/LPIs : https://www.malekal.com/adwares-pup-protection/

Téléchargez AdwCleaner( d'Xplode ) sur votre bureau.
Lancez le, cliquez sur [Scanner], patiente, puis sur [Nettoyer] puis patientez le temps de la suppression.
Un redédmarrage sera demandé, accepté.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Poste le rapport.

PS : Si le rapport est trop long pour être poster sur un message, tu peux utiliser un hébergeur : http://pjjoint.malekal.com/index.php?lang=fr

powo · par **powo** » 15 déc. 2013 09:53

Merci pour ta réponse, oui je sais bien, mais je ne suis pas trop alaise avec Windows 7

Voici le rapport :

# AdwCleaner v3.015 - Rapport créé le 15/12/2013 à 09:34:29
# Mis à jour le 10/12/2013 par Xplode
# Système d'exploitation : Windows 7 Starter Service Pack 1 (32 bits)
# Nom d'utilisateur : thalia - THALIA-PC
# Exécuté depuis : C:\Users\thalia\Downloads\adwcleaner.exe
# Option : Nettoyer

***** [ Services ] *****

[#] Service Supprimé : Software_update
[#] Service Supprimé : Software_update_m
Service Supprimé : WajamUpdaterV3
Service Supprimé : Wpm

***** [ Fichiers / Dossiers ] *****

Dossier Supprimé : C:\Kreapixel
Dossier Supprimé : C:\ProgramData\Babylon
Dossier Supprimé : C:\ProgramData\boost_interprocess
Dossier Supprimé : C:\ProgramData\BoxUpdChk
Dossier Supprimé : C:\ProgramData\GamesBar
Dossier Supprimé : C:\ProgramData\Iminent
Dossier Supprimé : C:\ProgramData\Partner
Dossier Supprimé : C:\ProgramData\Trymedia
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Dossier Supprimé : C:\Program Files\Boxore
Dossier Supprimé : C:\Program Files\Conduit
Dossier Supprimé : C:\Program Files\ConduitEngine
Dossier Supprimé : C:\Program Files\GamesBar
Dossier Supprimé : C:\Program Files\Iminent
Dossier Supprimé : C:\Program Files\MyPC Backup
Dossier Supprimé : C:\Program Files\PricePeep
Dossier Supprimé : C:\Program Files\registry mechanic
Dossier Supprimé : C:\Program Files\Softonic_France
Dossier Supprimé : C:\Program Files\Wajam
Dossier Supprimé : C:\Program Files\Webplayer setup
Dossier Supprimé : C:\Users\thalia\AppData\Local\lollipop
Dossier Supprimé : C:\Users\thalia\AppData\Local\PackageAware
Dossier Supprimé : C:\Users\thalia\AppData\Local\Wajam
Dossier Supprimé : C:\Users\thalia\AppData\LocalLow\BabylonToolbar
Dossier Supprimé : C:\Users\thalia\AppData\LocalLow\Conduit
Dossier Supprimé : C:\Users\thalia\AppData\LocalLow\ConduitEngine
Dossier Supprimé : C:\Users\thalia\AppData\LocalLow\PriceGong
Dossier Supprimé : C:\Users\thalia\AppData\LocalLow\Softonic_France
Dossier Supprimé : C:\Users\thalia\AppData\LocalLow\Toolbar4
Dossier Supprimé : C:\Users\thalia\AppData\Roaming\BabSolution
Dossier Supprimé : C:\Users\thalia\AppData\Roaming\Babylon
Dossier Supprimé : C:\Users\thalia\AppData\Roaming\cacaoweb
Dossier Supprimé : C:\Users\thalia\AppData\Roaming\Iminent
Dossier Supprimé : C:\Users\thalia\AppData\Roaming\registry mechanic
Dossier Supprimé : C:\Users\thalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Dossier Supprimé : C:\Users\thalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Dossier Supprimé : C:\Users\thalia\Documents\optimizer pro
Dossier Supprimé : C:\Program Files\Software
Dossier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Dossier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Dossier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa
Fichier Supprimé : C:\Users\Public\Desktop\eBay.lnk
Fichier Supprimé : C:\Users\thalia\AppData\Roaming\BabMaint.exe
Fichier Supprimé : C:\Users\thalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lollipop.lnk
Fichier Supprimé : C:\Users\thalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WebPlayerV2.lnk
Fichier Supprimé : C:\Users\thalia\Desktop\cacaoweb.exe
Fichier Supprimé : C:\Users\thalia\Desktop\WebPlayerV2.lnk
Fichier Supprimé : C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\SearchTheWeb.xml
Fichier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Fichier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Fichier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
Fichier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Fichier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Fichier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
Fichier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
Fichier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage
Fichier Supprimé : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage-journal
Fichier Supprimé : C:\Windows\System32\Tasks\BoxSoftwareUpdate
Fichier Supprimé : C:\Windows\System32\Tasks\LaunchApp
Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore
Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA

***** [ Raccourcis ] *****

Raccourci Désinfecté : C:\Users\thalia\Desktop\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\thalia\Desktop\²²²²²²²²²²²²²²²²²²²².lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Contact.lnk
Raccourci Désinfecté : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Raccourci Désinfecté : C:\Users\thalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Raccourci Désinfecté : C:\Users\thalia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Raccourci Désinfecté : C:\Users\thalia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Raccourci Désinfecté : C:\Users\thalia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Raccourci Désinfecté : C:\Users\thalia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\²²²²²²²²²²²²²²²²²²²².lnk
Raccourci Désinfecté : C:\Users\thalia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk
Raccourci Désinfecté : C:\Users\thalia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk

***** [ Registre ] *****

Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Valeur Supprimée : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5575C7E4-F10B-4807-B80D-7E3D463ADB6C}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5575C7E4-F10B-4807-B80D-7E3D463ADB6C}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2C643B7-BF92-43C8-AFC9-4DF0D42B7595}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2C643B7-BF92-43C8-AFC9-4DF0D42B7595}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A5D8D07A-C8B6-4C23-B6EB-BD4406663AE6}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5D8D07A-C8B6-4C23-B6EB-BD4406663AE6}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CDD53A9A-B3D2-4B72-A033-22F8C9CA3498}
[#] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDD53A9A-B3D2-4B72-A033-22F8C9CA3498}
Clé Supprimée : HKCU\Software\Classes\Applications\lollipop.exe
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [cacaoweb]
Valeur Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [lollipop]
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Clé Supprimée : HKLM\SOFTWARE\Classes\Conduit.Engine
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Clé Supprimée : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Clé Supprimée : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Clé Supprimée : HKLM\SOFTWARE\Classes\oberontb.band
Clé Supprimée : HKLM\SOFTWARE\Classes\oberontb.band.1
Clé Supprimée : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO
Clé Supprimée : HKLM\SOFTWARE\Classes\oberontb.GamesBarBHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Clé Supprimée : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Clé Supprimée : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
Clé Supprimée : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Clé Supprimée : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Clé Supprimée : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Clé Supprimée : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Boxore Client]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Tutorials]
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=3
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@tools.Software.com/Software Update;version=9
Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Clé Supprimée : HKCU\Software\5f08a8ce23ae844
Clé Supprimée : HKLM\SOFTWARE\5f08a8ce23ae844
Clé Supprimée : HKLM\SOFTWARE\Classes\Toolbar.CT2542115
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_windows-live-messenger[1]_RASAPI32
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_windows-live-messenger[1]_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AF7024F8-7E6A-4E02-AAC3-4AD948C02D33}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{AD76633E-E50D-4844-9E7F-4DFBC7C18467}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF7024F8-7E6A-4E02-AAC3-4AD948C02D33}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1A93C934-025B-4C3A-B38E-9654A7003239}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35D595DD-A90A-4585-A114-0B096A352806}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2528E03F-76CD-4E1E-8C47-A7F65F04B09F}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6F282B65-56BF-4BD1-A8B2-A4449A05863D}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}]
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Donnée Restaurée : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Clé Supprimée : HKCU\Software\Boxore
Clé Supprimée : HKCU\Software\BrowserMngr
Clé Supprimée : HKCU\Software\cacaoweb
Clé Supprimée : HKCU\Software\DataMngr
Clé Supprimée : HKCU\Software\gamesbar
Clé Supprimée : HKCU\Software\Iminent
Clé Supprimée : HKCU\Software\lollipop
Clé Supprimée : HKCU\Software\Microsoft\Babylon
Clé Supprimée : HKCU\Software\Softonic
Clé Supprimée : HKCU\Software\Tutorials
Clé Supprimée : HKCU\Software\TutoTag
Clé Supprimée : HKCU\Software\Wajam
Clé Supprimée : HKCU\Software\YahooPartnerToolbar
Clé Supprimée : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKCU\Software\AppDataLow\Toolbar
Clé Supprimée : HKCU\Software\AppDataLow\Software\Conduit
Clé Supprimée : HKCU\Software\AppDataLow\Software\conduitEngine
Clé Supprimée : HKCU\Software\AppDataLow\Software\PriceGong
Clé Supprimée : HKCU\Software\AppDataLow\Software\Softonic_France
Clé Supprimée : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Clé Supprimée : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Clé Supprimée : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Clé Supprimée : HKLM\Software\Babylon
Clé Supprimée : HKLM\Software\Boxore
Clé Supprimée : HKLM\Software\BrowserMngr
Clé Supprimée : HKLM\Software\Conduit
Clé Supprimée : HKLM\Software\conduitEngine
Clé Supprimée : HKLM\Software\DataMngr
Clé Supprimée : HKLM\Software\gamesbar
Clé Supprimée : HKLM\Software\GamesBarSetup
Clé Supprimée : HKLM\Software\Iminent
Clé Supprimée : HKLM\Software\nationzoomSoftware
Clé Supprimée : HKLM\Software\Softonic_France
Clé Supprimée : HKLM\Software\Trymedia Systems
Clé Supprimée : HKLM\Software\Tuto4PC
Clé Supprimée : HKLM\Software\Uniblue
Clé Supprimée : HKLM\Software\Wajam
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A6E71E28-43CB-423E-B415-B7C00D77902E}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F21ABA47-CE22-4B3D-8F47-8BF08C21C094}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gamesbar
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_France Toolbar
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\DF42B2AC01EE9B240B94AA0862E8E712
Clé Supprimée : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Clé Supprimée : HKLM\Software\Classes\Installer\Features\DF42B2AC01EE9B240B94AA0862E8E712
Clé Supprimée : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Clé Supprimée : HKLM\Software\Classes\Installer\Products\DF42B2AC01EE9B240B94AA0862E8E712
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A

***** [ Navigateurs ] *****

-\\ Internet Explorer v10.0.9200.16750

Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Paramètre Restauré : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v26.0 (fr)

[ Fichier : C:\Users\thalia\AppData\Roaming\Mozilla\Firefox\Profiles\tjp5foso.default\prefs.js ]

-\\ Google Chrome v31.0.1650.63

[ Fichier : C:\Users\thalia\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [42667 octets] - [15/12/2013 09:32:08]
AdwCleaner[S0].txt - [38959 octets] - [15/12/2013 09:34:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39020 octets] ##########

SkyTech · par **SkyTech** » 15 déc. 2013 10:28

OK

Relance AdwCleaner et prends Désinstaller.

Pour voir :

* Télécharge >> OTL <<sur ton bureau.

* Fait un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\*.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup http://www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs

* Cliques sur l'icône "Analyse" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un ou deux rapports vont s'ouvrir "OTL.Txt" et ( ou ) "Extras.Txt"( dans certains cas).
* Copie et colle le ou les rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

PS : Si le rapport est trop long pour être poster sur un message, tu peux utiliser un hébergeur : http://pjjoint.malekal.com/index.php?lang=fr

powo · par **powo** » 15 déc. 2013 13:05

Voilà !

http://pjjoint.malekal.com/files.php?id ... 2q8t1315j7

http://pjjoint.malekal.com/files.php?id ... f12f14h5m6

SkyTech · par **SkyTech** » 15 déc. 2013 15:45

Tu peux désinstaller via Programmes & fonctionnalités du Panneau de configuration si non utilisé :

Google Toolbar for Internet Explorer
Avira SearchFree Toolbar
Complément Messenger
eBay Worldwide
Packard Bell Updater
Packard Bell Social Networks
Packard Bell XSync
Barre d'outils MSN
Packard Bell InfoCentre
Packard Bell Registration
Packard Bell ScreenSaver
Welcome Center
Packard Bell Games
Windows Live

---

Relance OTL.
o sous Personnalisation, copie_colle le contenu du cadre ci dessous (TOUT SELECTIONNER avant) et clic Correction, un rapport apparraitra suite à l’operation que tu conserveras sur clé usb par exemple afin d’en coller le resultat:

Code : Tout sélectionner

:OTL
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\oberontb.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
[2013/12/11 23:36:38 | 000,000,000 | ---D | C] -- C:\Users\thalia\AppData\Local\avgchrome
[2013/12/11 22:03:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2013/12/11 22:03:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[13 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2013/12/15 11:46:03 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3150210021-3922256453-1934560110-1000UA.job
[2013/12/15 11:43:55 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/12/15 09:40:24 | 000,001,054 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[30 C:\Users\thalia\AppData\Local\Temp\*.tmp files -> C:\Users\thalia\AppData\Local\Temp\*.tmp -> ]
@Alternate Data Stream - 215 bytes -> C:\ProgramData\Temp:FC2E567F
@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:2F141B68
@Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:99A72E3A
@Alternate Data Stream - 197 bytes -> C:\ProgramData\Temp:A1D3FEF0
@Alternate Data Stream - 195 bytes -> C:\ProgramData\Temp:B902F888
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:F9EDCFB0
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1
:commands
[purity]
[emptytemp]
[emptyflash]

* redemarre le pc sous windows et poste le rapport ici

powo · par **powo** » 15 déc. 2013 17:57

Voilà le rapport ....

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@oberon-media.com/ONCAdapter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CB0D163C-E9F4-4236-9496-0597E24B23A5}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
C:\Users\thalia\AppData\Local\avgchrome folder moved successfully.
C:\Windows\System32\Extensions folder moved successfully.
C:\Windows\System32\searchplugins folder moved successfully.
C:\Windows\System32\sho1F73.tmp deleted successfully.
C:\Windows\System32\sho654A.tmp deleted successfully.
C:\Windows\System32\sho680B.tmp deleted successfully.
C:\Windows\System32\sho684C.tmp deleted successfully.
C:\Windows\System32\sho7C13.tmp deleted successfully.
C:\Windows\System32\sho89A9.tmp deleted successfully.
C:\Windows\System32\sho9963.tmp deleted successfully.
C:\Windows\System32\shoB22A.tmp deleted successfully.
C:\Windows\System32\shoB68.tmp deleted successfully.
C:\Windows\System32\shoC4D5.tmp deleted successfully.
C:\Windows\System32\shoE582.tmp deleted successfully.
C:\Windows\System32\shoF547.tmp deleted successfully.
C:\Windows\System32\shoF615.tmp deleted successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3150210021-3922256453-1934560110-1000UA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Users\thalia\AppData\Local\Temp\33DB.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\win32\fr folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\win32\fi folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\win32\ff folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\win32\fa folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\win32\eu folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\win32 folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\webapprt\omni.ja deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\webapprt\webapprt.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\webapprt folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\uninstall\helper.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\uninstall folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\dictionaries\fr.aff deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\dictionaries\fr.dic deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\dictionaries folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\defaults\pref\channel-prefs.js deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\defaults\pref folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\defaults folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\searchplugins\amazon-france.xml deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\searchplugins\bing.xml deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\searchplugins\cnrtl-tlfi-fr.xml deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\searchplugins\eBay-france.xml deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\searchplugins\google.xml deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\searchplugins\wikipedia-fr.xml deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\searchplugins\yahoo-france.xml deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\searchplugins folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\icon.png deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\extensions folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\components\browsercomps.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\components\components.manifest deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\components folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\blocklist.xml deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\chrome.manifest deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\crashreporter-override.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser\omni.ja deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\browser folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\AccessibleMarshal.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\application.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\breakpadinjector.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\crashreporter.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\crashreporter.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\D3DCompiler_43.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\dependentlibs.list deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\firefox.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\freebl3.chk deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\freebl3.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\gkmedias.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\libEGL.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\libGLESv2.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\maintenanceservice.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\maintenanceservice_installer.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\mozalloc.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\mozglue.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\mozjs.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\msvcp100.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\msvcr100.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\nss3.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\nssckbi.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\nssdbm3.chk deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\nssdbm3.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\omni.ja deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\platform.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\plugin-container.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\plugin-hang-ui.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\precomplete deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\removed-files deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\softokn3.chk deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\softokn3.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\update-settings.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\updater.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\updater.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\webapp-uninstaller.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\webapprt-stub.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core\xul.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\core folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp\setup.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\7zS139B.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\917.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\AA34.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\BIT24B5.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\CFG5ACE.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\gch19A8.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\gch770.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\gchCD7C.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\gchEA02.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\gchFD23.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\is-ARGRH.tmp\_isetup\_shfoldr.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\is-ARGRH.tmp\_isetup folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\is-ARGRH.tmp\innocallback.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\is-ARGRH.tmp\itdownload.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\is-ARGRH.tmp\itd_fr.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\is-ARGRH.tmp\VirtualMachineDetect.exe deleted successfully.
C:\Users\thalia\AppData\Local\Temp\is-ARGRH.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\is-HOQNN.tmp\OptProCrash.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\is-HOQNN.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\mfi1978.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\mfi75F.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\mfiCC53.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\mfiE9F1.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\mfiFC58.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\ApplicationID.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\CityHash.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\components.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\InstallOptions.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\ioSpecial.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\modern-header.bmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\modern-wizard.bmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\nsExec.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\options.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\ServicesHelper.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\ShellLink.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\shortcuts.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\summary.ini deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\System.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\UAC.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp\UserInfo.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsa6FA0.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsp4150.tmp\AppAssocReg.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsp4150.tmp\ApplicationID.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsp4150.tmp\InvokeShellVerb.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsp4150.tmp\ShellLink.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsp4150.tmp\System.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsp4150.tmp\UAC.dll deleted successfully.
C:\Users\thalia\AppData\Local\Temp\nsp4150.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\TCDA32.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\TCDAB0.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\TCDAFF.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\TCDB6E.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\TCDDD1.tmp\CleanGradient.thmx deleted successfully.
C:\Users\thalia\AppData\Local\Temp\TCDDD1.tmp folder deleted successfully.
C:\Users\thalia\AppData\Local\Temp\~DF072C8AF27696D5EA.TMP deleted successfully.
C:\Users\thalia\AppData\Local\Temp\~DF18A3F2372E8A20CE.TMP deleted successfully.
C:\Users\thalia\AppData\Local\Temp\~DFD0DE9E3B8E348459.TMP deleted successfully.
C:\Users\thalia\AppData\Local\Temp\~DFD989BCB4BCD1CD63.TMP deleted successfully.
C:\Users\thalia\AppData\Local\Temp\~DFEE9C491C30DF6403.TMP deleted successfully.
C:\Users\thalia\AppData\Local\Temp\~nsu.tmp\sql.tmp deleted successfully.
C:\Users\thalia\AppData\Local\Temp\~nsu.tmp folder deleted successfully.
ADS C:\ProgramData\Temp:FC2E567F deleted successfully.
ADS C:\ProgramData\Temp:2F141B68 deleted successfully.
ADS C:\ProgramData\Temp:99A72E3A deleted successfully.
ADS C:\ProgramData\Temp:A1D3FEF0 deleted successfully.
ADS C:\ProgramData\Temp:B902F888 deleted successfully.
ADS C:\ProgramData\Temp:F9EDCFB0 deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Public

User: thalia
->Temp folder emptied: 34386225 bytes
->Temporary Internet Files folder emptied: 121662473 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 37416437 bytes
->Google Chrome cache emptied: 23621238 bytes
->Flash cache emptied: 4130620 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 81290794 bytes
RecycleBin emptied: 1242292 bytes

Total Files Cleaned = 290,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: DefaultAppPool

User: Public

User: thalia
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 12152013_173206

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

SkyTech · par **SkyTech** » 16 déc. 2013 21:02

Bonsoir,

Relance OTL et clic sur Purge outil.

Poste un nouveau rapport HijackThis.

powo · par **powo** » 17 déc. 2013 18:43

Voilà ! c'est fait ..... Et je vois qu'il y a encore une Toolbar en "03" mince....

Peut être faire un "Fix checked" sur ça ??? Mais j'attends ta réponse....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:37, on 17/12/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16750)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\vVX1000.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Users\thalia\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Video Web Camera\VideoWebCamera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\thalia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: VideoWebCamera.exe.lnk = C:\Program Files\Video Web Camera\VideoWebCamera.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 6704 bytes

SkyTech · par **SkyTech** » 17 déc. 2013 21:00

Bonsoir,

powo a écrit :Et je vois qu'il y a encore une Toolbar en "03" mince....

Tu dois la trouver dans la liste des programmes sous le nom de Barre d'outils MSN, tout comme Installation Windows Live qu'il était conseillé de désinstaller, ça ne fonctionne plus.

Relance HijackThis (clic droit dessus, Exécuter en tant qu'administrateur), coche ces lignes en rouge et clic sur Fix checked.

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\thalia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: VideoWebCamera.exe.lnk = C:\Program Files\Video Web Camera\VideoWebCamera.exe
O20 - AppInit_DLLs:

---

Utilise cette astuce : http://forum.malekal.com/executer-dans- ... tml#p64205

Et :

Menu démarrer, exécuter, tape services.msc, entrée

Dans la fenêtre qui s'ouvre cherche :

Adobe Active File Monitor V8
FLEXnet Licensing Service
GamesAppService
Intel(R) Rapid Storage Technology

Double clique dessus, dans type de démarrage mets manuel.

---

/!\ Désactive ton antivirus /!\

Télécharge OTM (de OldTimer). Sauvegarde-le sur ton Bureau.
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

:services
gupdate
gupdatem
gusvc

:files
C:\Program Files\Google\Update
C:\Program Files\Google\Common\Google Updater

:commands
[purity]
[emptytemp]
[emptyflash]

Double clique sur OTM.exe afin de le lancer.
Colle (ou Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
Clique maintenant sur le bouton MoveIt! puis ferme OTM.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

Poste un nouveau rapport HijackThis.

powo · par **powo** » 18 déc. 2013 21:29

Deux fichiers restent... à la fin....

All processes killed
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Error: No service named gusvc was found to stop!
Service\Driver key gusvc not found.
Error: No service named :files was found to stop!
Service\Driver key :files not found.
Error: No service named C:\Program Files\Google\Update was found to stop!
Service\Driver key C:\Program Files\Google\Update not found.
Error: No service named C:\Program Files\Google\Common\Google Updater was found to stop!
Service\Driver key C:\Program Files\Google\Common\Google Updater not found.
Error: No service named :commands was found to stop!
Service\Driver key :commands not found.
Error: No service named [purity] was found to stop!
Service\Driver key [purity] not found.
Error: No service named [emptytemp] was found to stop!
Service\Driver key [emptytemp] not found.
Error: No service named [emptyflash] was found to stop!
Service\Driver key [emptyflash] not found.

OTM by OldTimer - Version 3.1.21.0 log created on 12182013_211203

Puis :

un fichier en ".res" (mais pas possible à lire)...

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:37, on 17/12/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16750)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\vVX1000.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Users\thalia\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Video Web Camera\VideoWebCamera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\thalia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')
O4 - Global Startup: VideoWebCamera.exe.lnk = C:\Program Files\Video Web Camera\VideoWebCamera.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 6704 bytes

powo · par **powo** » 19 déc. 2013 21:19

mais je viens d'en faire un nouveau de "HijackThis"

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:14:30, on 19/12/2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16750)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\ProgramData\Avira\AntiVir Desktop\TEMP\SELFUPDATE\updrgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Planificateur (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 3618 bytes

SkyTech · par **SkyTech** » 20 déc. 2013 16:19

Bonjour,

Supprime :

C:\_OTM

Comment se comporte le PC ?

powo · par **powo** » 21 déc. 2013 08:29

Ben, il se comporte plutôt bien... Il n'y a plus ses pub intempestives qui s'ouvrent et qui ralentisses le pc

Donc merci à toi l'ami

Ton aide à été très efficace...

SkyTech · par **SkyTech** » 21 déc. 2013 09:38

C'est Ok

Finir le nettoyage :

Supprime :

C:\Program Files\Trend Micro\HijackThis\backups

Tu peux désinstaller\supprimer les programmes que nous avons utilisé via Ajout\Suppression de programmes du Panneau de configuration (XP) ou via désinstaller un programme (Vista / Seven)

Passe un coup de CCleaner (décoche la toolbar à l'installation)

Règle-le d'abord comme ici :

Clique sur le Pinceau,
Lancer le Nettoyage.
Patiente,
Ensuite clique sur Registre,
Chercher des erreurs,
Une fois l'analyse terminer clique sur Réparer les erreurs sélectionnées,
CCleaner va te demander si tu veux Sauvegarder ou non, à toi de voir si tu le veux ou pas,
Clique sur Corriger toutes les erreurs sélectionnées,
OK,
Tu peux fermer CCleaner.

Défragmente ton DD avec MyDefrag.

Défragmente ta base de registre avec NTREGOPT (Pour Vista / Seven : Clique droit dessus, exécuter en tant qu'administrateur)

Pendant la défragmentation (assez rapide) avec NTREGOPT ne tente pas de faire quoique ce soit avec le PC, tu ne pourras pas !

Désactiver l'indexation des fichiers :

Poste de travail ou Ordinateur,
Clique-droit sur les disques durs,
Propriétés,
Décochez :
- Sur Xp : Autoriser l'indexation de ce disque pour la recherche rapides de fichiers
- Sur Vista : Indexer ce lecteur pour une recherche rapide
Appliquer les modifications à C:\et à tous les sous-dossiers et fichiers, si un message d'erreur apparaît cliquer sur Ignorer. Laissez faire.

Désactive puis réactive la restauration du système

@+

Malekal.com forum

[Résolu] SVP, nettoyage....

[Résolu] SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....

Re: SVP, nettoyage....