Se connecter / S'enregistrer
Votre question

Problème démarrage windows 7 Rundll

Tags :
  • Conduit
  • PC
  • Dll
  • Demarrage
  • Windows 7
  • Sécurité
Dernière réponse : dans Sécurité et virus
27 Mai 2017 17:41:11

Bonjour,

Au démarrage de mon pc le message suivant s'affiche :
"Problème lors du démarrage de C:\Users\Linda\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll
Le module spécifié est introuvable"

J'ai installé Farbar Recovery scan tool (x64) et effectué mon analyse.

Voici les liens: https://up.security-x.fr/file.php?h=R0d0c9ab6a241eb8d5b...
et https://up.security-x.fr/file.php?h=Rfd76b0c54a98a51ad9...

Pourriez-vous m'aider à résoudre le problème s'il vous plaît?

Merci beaucoup.

Linda.

Autres pages sur : probleme demarrage windows rundll

a c 303 8 Sécurité
a b $ Windows 7
28 Mai 2017 13:02:28

Bonjour,

Vu les infections, je dirais que le PC est infecté depuis 2014 (minimum). Il était temps de s'en occuper ;) 

Citation :
Trend Micro Titanium Internet Security
Avast Antivirus

--> Il ne faut garder qu'un seul antivirus. Pour supprimer Trend Micro (en anglais par contre) :
https://esupport.trendmicro.com/en-us/home/pages/techni...

Citation :
McAfee Security Scan Plus

--> Pas utile, à désinstaller.

Ensuite, pour commencer à désinfecter :


1/

  • Télécharge et lance AdwCleaner (de ToolsLib / Malwarebytes), choisis l'option "Scanner".

  • Une fois le scan terminé, choisis l'option Nettoyer.

  • Redémarre le PC comme demandé, héberge le rapport sur pjjoint.malekal.com puis copie-colle le lien donné par le site dans ta réponse. Le rapport est enregistré dans C:\AdwCleaner sous le nom d'AdwCleaner[C?].



  • 2/

    • Fais un scan avec Malwarebytes' Anti-Malware, supprime tout ce qu'il trouve et poste le rapport.

  • Malwarebytes' Anti-Malware - Tutoriel


    3/

    Pour voir ce qu'il reste à supprimer / modifier, je voudrais un nouveau rapport d'analyse FRST (et Addition) s'il te plaît.
    m
    0
    l
    29 Mai 2017 13:35:31

    Bonjour,

    Merci de votre réponse et de votre aide!

    J'ai téléchargé adw cleaner, effectué un Scan et lancé le nettoyage hier aprèm. Mais le nettoyage reste bloqué et n'avance plus..

    Linda.

    m
    0
    l
    Contenus similaires
    a c 303 8 Sécurité
    a b $ Windows 7
    29 Mai 2017 14:36:39

    Ok, tu as le rapport de scan ?

    Passe à Malwarebytes' Anti-Malware.
    m
    0
    l
    29 Mai 2017 17:43:35

    Apres téléchargement du logiciel Malwarebytes, l'analyse, la mise en quarantaine et le redémarrage de l'ordi , je ne peux plus rien faire : aucun des logiciels ne s'ouvre, Mozilla non plus et mes documents non plus avec ce message qui s'affiche : l'appel de procédure distante a échoué et ne s'est pas effectué (Explorer.exe)..
    m
    0
    l
    2 Juin 2017 13:47:41

    Destrio5 a dit :
    Arf...

    Même en redémarrant le PC ?

    Essaie de relancer explorer.exe :
    https://answers.microsoft.com/fr-fr/windows/forum/windo...

    Ou une restauration du système :
    http://forums.cnetfrance.fr/topic/116680-restaurer-wind...


    Bonjour,

    Voici les rapports :
    Adwcleaner (toujours impossible de supprimer les éléments) : http://pjjoint.malekal.com/files.php?id=20170602_c5l11s...

    Malwaebytes: http://pjjoint.malekal.com/files.php?id=20170602_k14n9f...

    FRST: http://pjjoint.malekal.com/files.php?id=FRST_20170602_p...
    et addition : http://pjjoint.malekal.com/files.php?id=20170602_s10v8c...
    m
    0
    l
    a c 303 8 Sécurité
    a b $ Windows 7
    2 Juin 2017 21:48:38

    • Ouvre le Bloc-notes (Démarrer => Tous les programmes => Accessoires => Bloc-notes).
    • Copie-colle le texte encadré ci-dessous dans le Bloc-notes :

      start
      CreateRestorePoint:
      CloseProcesses:
      HKU\S-1-5-21-1100032144-3875236446-106254434-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Program Files\SUPERAntiSpyware
      HKU\S-1-5-21-1100032144-3875236446-106254434-1000\...\Run: [UpdateMyDrivers] => C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
      C:\Program Files (x86)\SmartTweak Software
      HKU\S-1-5-21-1100032144-3875236446-106254434-1002\...\Run: [UpdateMyDrivers] => C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-04-05]
      ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
      C:\Program Files\McAfee Security Scan
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
      HKU\S-1-5-21-1100032144-3875236446-106254434-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
      SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
      SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
      SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
      SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
      SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
      SearchScopes: HKU\S-1-5-21-1100032144-3875236446-106254434-1000 -> DefaultScope {D5B489FF-8600-45B9-A0D4-6898AC3ACD79} URL =
      SearchScopes: HKU\S-1-5-21-1100032144-3875236446-106254434-1002 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
      SearchScopes: HKU\S-1-5-21-1100032144-3875236446-106254434-1002 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
      BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-20] (Trend Micro Inc.)
      C:\Program Files\Trend Micro
      BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
      BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      C:\Program Files (x86)\Microsoft\BingBar
      BHO-x32: Pas de nom -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> Pas de fichier
      BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll => Pas de fichier
      BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
      BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
      Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
      Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-20] (Trend Micro Inc.)
      StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1398956769&from=tugs&uid=HitachiXHTS547575A9E384_J2540054JW1J0EJW1J0EX
      FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension
      FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension [2012-04-13] [non signé]
      FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [Pas de fichier]
      CHR HomePage: Default -> hxxps://fr.yahoo.com?fr=hp-avast&type=avastbcl
      CHR StartupUrls: Default -> "hxxps://fr.yahoo.com?fr=hp-avast&type=avastbcl"
      CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx <non trouvé(e)>
      StartMenuInternet: Google Chrome.TQOBZ74AI2LMTIRMNTTFFHWAEI - C:\Users\Linda\AppData\Local\Google\Chrome\Application\old_chrome.exe hxxp://istart.webssearches.com/?type=sc&ts=1398956769&from=tugs&uid=HitachiXHTS547575A9E384_J2540054JW1J0EJW1J0EX
      S4 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]
      S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
      C:\Program Files\TrueKey
      S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe" [X]
      R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
      C:\Windows\System32\DRIVERS\tmactmon.sys
      R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
      C:\Windows\System32\DRIVERS\tmcomm.sys
      R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
      C:\Windows\System32\DRIVERS\tmevtmgr.sys
      R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
      C:\Windows\System32\DRIVERS\tmtdi.sys
      C:\Program Files (x86)\GUM6420.tmp
      C:\Program Files (x86)\GUM3C16.tmp
      C:\Program Files (x86)\GUT32A4.tmp
      C:\Program Files (x86)\GUM3294.tmp
      C:\Program Files (x86)\GUT7B24.tmp
      C:\Program Files (x86)\GUM7B23.tmp
      C:\Program Files (x86)\GUTC675.tmp
      C:\Program Files (x86)\GUMC674.tmp
      C:\Program Files (x86)\GUM10B5.tmp
      C:\Program Files (x86)\GUTA4E8.tmp
      C:\Program Files (x86)\GUMA4E7.tmp
      C:\Program Files (x86)\GUT10B6.tmp
      C:\Program Files (x86)\GUT2CD5.tmp
      C:\Program Files (x86)\GUT3C17.tmp
      C:\Program Files (x86)\GUT56E6.tmp
      C:\Program Files (x86)\GUT6421.tmp
      C:\Program Files (x86)\GUT6EDF.tmp
      C:\Program Files (x86)\GUT861C.tmp
      C:\Program Files (x86)\GUT8833.tmp
      C:\Program Files (x86)\GUTA4E7.tmp
      C:\Program Files (x86)\GUTA63E.tmp
      C:\Program Files (x86)\GUTAB16.tmp
      C:\Program Files (x86)\GUTB117.tmp
      C:\Program Files (x86)\GUTBBC.tmp
      C:\Program Files (x86)\GUTD49.tmp
      C:\Users\Linda\AppData\Roaming\sb171.dat
      C:\Users\Linda\AppData\Roaming\sb459.dat
      C:\Users\Linda\AppData\Roaming\sb558.dat
      C:\Users\Linda\AppData\Roaming\sb635.dat
      C:\Users\Linda\AppData\Roaming\sb856.dat
      C:\Users\Linda\AppData\Roaming\Setup4911.exe
      C:\Users\Linda\AppData\Roaming\Setup78323.exe
      C:\Users\Linda\AppData\Roaming\Setup80828.exe
      C:\Users\Linda\AppData\Roaming\Setup80834.exe
      C:\Users\Linda\AppData\Roaming\Setup80836.exe
      C:\Users\Linda\AppData\Local\{602AEA0B-C96F-4F7C-8CFA-1E8B3F92348F}
      Task: {1E62007F-BA72-46AB-AAD0-9B6AE6F4110C} - System32\Tasks\Activeris AntiMalware_startup => C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe <==== ATTENTION
      C:\Program Files (x86)\Activeris AntiMalware
      Task: {8AFC5D26-21D1-43FF-9D16-346498149368} - System32\Tasks\DriverTuner Startup => C:\Program Files (x86)\DriverTuner\DriverTuner.exe
      C:\Program Files (x86)\DriverTuner
      AlternateDataStreams: C:\ProgramData\Temp:FCA8C9CD [116]
      MSCONFIG\Services: Amsp => 2
      MSCONFIG\Services: BBUpdate => 3
      MSCONFIG\Services: McComponentHostService => 3
      MSCONFIG\Services: OfferBox update service => 2
      MSCONFIG\Services: Update Fortunitas => 2
      MSCONFIG\Services: Util Fortunitas => 2
      MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
      MSCONFIG\startupfolder: C:^Users^Linda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
      MSCONFIG\startupreg: FixMyRegistry => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as
      MSCONFIG\startupreg: offerbox => C:\Program Files (x86)\OfferBox\OfferBox.exe
      MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
      MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
      MSCONFIG\startupreg: Trend Micro Client Framework => "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
      MSCONFIG\startupreg: Trend Micro Titanium => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL ""
      FirewallRules: [{65954F3B-458C-480C-B32C-FAADC7686E14}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
      FirewallRules: [{3169D0CE-3A9B-4DD8-AF9E-AAACA23118FD}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
      FirewallRules: [{EE177096-D3C8-4DF4-89A5-9A638937BC19}] => (Allow) C:\Users\Linda\AppData\Local\Temp\OfferID9000\bundlesweetimsetup.exe
      FirewallRules: [{E689FBC6-BCD5-424B-A8E8-3F50715E8389}] => (Allow) C:\Users\Linda\AppData\Local\Temp\OfferID9000\bundlesweetimsetup.exe
      Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ghhhzzzz" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ghhhzzzz" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly" /f
      Reg: reg delete "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}" /f
      Hosts:
      EmptyTemp:
      end

    • Enregistre le fichier sur ton Bureau (au même endroit que FRST) sous le nom fixlist.txt
    • Lance FRST (Sous Windows Vista/7/8/10, clic droit sur FRST > Exécuter en tant qu'administrateur).
    • Clique sur Corriger. Patiente le temps de la correction.

      Note : si l'outil a besoin d'un redémarrage, accepte pour qu'il termine son travail.

    • Une fois la correction terminée, un rapport Fixlog.txt remplacera le fichier fixlist.
    • Héberge le rapport sur pjjoint.malekal.com et copie-colle le lien fourni dans ta prochaine réponse.
    m
    0
    l
    3 Juin 2017 00:17:58

    Destrio5 a dit :
    • Ouvre le Bloc-notes (Démarrer => Tous les programmes => Accessoires => Bloc-notes).
    • Copie-colle le texte encadré ci-dessous dans le Bloc-notes :

      start
      CreateRestorePoint:
      CloseProcesses:
      HKU\S-1-5-21-1100032144-3875236446-106254434-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Program Files\SUPERAntiSpyware
      HKU\S-1-5-21-1100032144-3875236446-106254434-1000\...\Run: [UpdateMyDrivers] => C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
      C:\Program Files (x86)\SmartTweak Software
      HKU\S-1-5-21-1100032144-3875236446-106254434-1002\...\Run: [UpdateMyDrivers] => C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
      Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-04-05]
      ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
      C:\Program Files\McAfee Security Scan
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
      HKU\S-1-5-21-1100032144-3875236446-106254434-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
      SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
      SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
      SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
      SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
      SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
      SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
      SearchScopes: HKU\S-1-5-21-1100032144-3875236446-106254434-1000 -> DefaultScope {D5B489FF-8600-45B9-A0D4-6898AC3ACD79} URL =
      SearchScopes: HKU\S-1-5-21-1100032144-3875236446-106254434-1002 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
      SearchScopes: HKU\S-1-5-21-1100032144-3875236446-106254434-1002 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
      BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-20] (Trend Micro Inc.)
      C:\Program Files\Trend Micro
      BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
      BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      C:\Program Files (x86)\Microsoft\BingBar
      BHO-x32: Pas de nom -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> Pas de fichier
      BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll => Pas de fichier
      BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
      BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
      Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-03-25] (Trend Micro Inc.)
      Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-03-25] (Trend Micro Inc.)
      Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll [2010-07-20] (Trend Micro Inc.)
      StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1398956769&from=tugs&uid=HitachiXHTS547575A9E384_J2540054JW1J0EJW1J0EX
      FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension
      FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension [2012-04-13] [non signé]
      FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [Pas de fichier]
      CHR HomePage: Default -> hxxps://fr.yahoo.com?fr=hp-avast&type=avastbcl
      CHR StartupUrls: Default -> "hxxps://fr.yahoo.com?fr=hp-avast&type=avastbcl"
      CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx <non trouvé(e)>
      StartMenuInternet: Google Chrome.TQOBZ74AI2LMTIRMNTTFFHWAEI - C:\Users\Linda\AppData\Local\Google\Chrome\Application\old_chrome.exe hxxp://istart.webssearches.com/?type=sc&ts=1398956769&from=tugs&uid=HitachiXHTS547575A9E384_J2540054JW1J0EJW1J0EX
      S4 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]
      S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
      C:\Program Files\TrueKey
      S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe" [X]
      R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
      C:\Windows\System32\DRIVERS\tmactmon.sys
      R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
      C:\Windows\System32\DRIVERS\tmcomm.sys
      R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
      C:\Windows\System32\DRIVERS\tmevtmgr.sys
      R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
      C:\Windows\System32\DRIVERS\tmtdi.sys
      C:\Program Files (x86)\GUM6420.tmp
      C:\Program Files (x86)\GUM3C16.tmp
      C:\Program Files (x86)\GUT32A4.tmp
      C:\Program Files (x86)\GUM3294.tmp
      C:\Program Files (x86)\GUT7B24.tmp
      C:\Program Files (x86)\GUM7B23.tmp
      C:\Program Files (x86)\GUTC675.tmp
      C:\Program Files (x86)\GUMC674.tmp
      C:\Program Files (x86)\GUM10B5.tmp
      C:\Program Files (x86)\GUTA4E8.tmp
      C:\Program Files (x86)\GUMA4E7.tmp
      C:\Program Files (x86)\GUT10B6.tmp
      C:\Program Files (x86)\GUT2CD5.tmp
      C:\Program Files (x86)\GUT3C17.tmp
      C:\Program Files (x86)\GUT56E6.tmp
      C:\Program Files (x86)\GUT6421.tmp
      C:\Program Files (x86)\GUT6EDF.tmp
      C:\Program Files (x86)\GUT861C.tmp
      C:\Program Files (x86)\GUT8833.tmp
      C:\Program Files (x86)\GUTA4E7.tmp
      C:\Program Files (x86)\GUTA63E.tmp
      C:\Program Files (x86)\GUTAB16.tmp
      C:\Program Files (x86)\GUTB117.tmp
      C:\Program Files (x86)\GUTBBC.tmp
      C:\Program Files (x86)\GUTD49.tmp
      C:\Users\Linda\AppData\Roaming\sb171.dat
      C:\Users\Linda\AppData\Roaming\sb459.dat
      C:\Users\Linda\AppData\Roaming\sb558.dat
      C:\Users\Linda\AppData\Roaming\sb635.dat
      C:\Users\Linda\AppData\Roaming\sb856.dat
      C:\Users\Linda\AppData\Roaming\Setup4911.exe
      C:\Users\Linda\AppData\Roaming\Setup78323.exe
      C:\Users\Linda\AppData\Roaming\Setup80828.exe
      C:\Users\Linda\AppData\Roaming\Setup80834.exe
      C:\Users\Linda\AppData\Roaming\Setup80836.exe
      C:\Users\Linda\AppData\Local\{602AEA0B-C96F-4F7C-8CFA-1E8B3F92348F}
      Task: {1E62007F-BA72-46AB-AAD0-9B6AE6F4110C} - System32\Tasks\Activeris AntiMalware_startup => C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe <==== ATTENTION
      C:\Program Files (x86)\Activeris AntiMalware
      Task: {8AFC5D26-21D1-43FF-9D16-346498149368} - System32\Tasks\DriverTuner Startup => C:\Program Files (x86)\DriverTuner\DriverTuner.exe
      C:\Program Files (x86)\DriverTuner
      AlternateDataStreams: C:\ProgramData\Temp:FCA8C9CD [116]
      MSCONFIG\Services: Amsp => 2
      MSCONFIG\Services: BBUpdate => 3
      MSCONFIG\Services: McComponentHostService => 3
      MSCONFIG\Services: OfferBox update service => 2
      MSCONFIG\Services: Update Fortunitas => 2
      MSCONFIG\Services: Util Fortunitas => 2
      MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
      MSCONFIG\startupfolder: C:^Users^Linda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
      MSCONFIG\startupreg: FixMyRegistry => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as
      MSCONFIG\startupreg: offerbox => C:\Program Files (x86)\OfferBox\OfferBox.exe
      MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
      MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
      MSCONFIG\startupreg: Trend Micro Client Framework => "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
      MSCONFIG\startupreg: Trend Micro Titanium => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL ""
      FirewallRules: [{65954F3B-458C-480C-B32C-FAADC7686E14}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
      FirewallRules: [{3169D0CE-3A9B-4DD8-AF9E-AAACA23118FD}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
      FirewallRules: [{EE177096-D3C8-4DF4-89A5-9A638937BC19}] => (Allow) C:\Users\Linda\AppData\Local\Temp\OfferID9000\bundlesweetimsetup.exe
      FirewallRules: [{E689FBC6-BCD5-424B-A8E8-3F50715E8389}] => (Allow) C:\Users\Linda\AppData\Local\Temp\OfferID9000\bundlesweetimsetup.exe
      Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ghhhzzzz" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ghhhzzzz" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly" /f
      Reg: reg delete "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly" /f
      Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}" /f
      Hosts:
      EmptyTemp:
      end

    • Enregistre le fichier sur ton Bureau (au même endroit que FRST) sous le nom fixlist.txt
    • Lance FRST (Sous Windows Vista/7/8/10, clic droit sur FRST > Exécuter en tant qu'administrateur).
    • Clique sur Corriger. Patiente le temps de la correction.

      Note : si l'outil a besoin d'un redémarrage, accepte pour qu'il termine son travail.

    • Une fois la correction terminée, un rapport Fixlog.txt remplacera le fichier fixlist.
    • Héberge le rapport sur pjjoint.malekal.com et copie-colle le lien fourni dans ta prochaine réponse.


  • Voici le rapport : http://pjjoint.malekal.com/files.php?id=20170602_n11n5f...
    m
    0
    l
    a c 303 8 Sécurité
    a b $ Windows 7
    3 Juin 2017 00:21:08

    Il y a le début de Fixlog mais pas la fin.
    m
    0
    l
    a c 303 8 Sécurité
    a b $ Windows 7
    4 Juin 2017 16:56:18

    Mmm, nouveau fixlist :

    start
    CreateRestorePoint:
    CloseProcesses:
    HKLM\ DisallowedCertificates: 1916A2AF346D399F50313C393200F14140456616 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 2A83E9020591A55FC6DDAD3FB102794C52B24E70 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 3A850044D8A195CD401A680C012CB0A3B5F8DC08 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 40AA38731BD189F9CDB5B9DC35E2136F38777AF4 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 43D9BCB568E039D073A74A71D8511F7476089CC3 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 471C949A8143DB5AD5CDF1C972864A2504FA23C9 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 61793FCBFA4F9008309BBA5FF12D2CB29CD4151A (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 6431723036FD26DEA502792FA595922493030F97 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 7D7F4414CCEF168ADF6BF40753B5BECD78375931 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 80962AE4D6C5B442894E95A13E4A699E07D694CF (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 86E817C81A5CA672FE000F36F878C19518D6F844 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 8E5BD50D6AE686D65252F843A9D4B96D197730AB (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: 9845A431D51959CAF225322B4A4FE9F223CE6D15 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: B533345D06F64516403C00DA03187D3BFEF59156 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: C060ED44CBD881BD0EF86C0BA287DDCF8167478C (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: CEA586B2CE593EC7D939898337C57814708AB2BE (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: D018B62DC518907247DF50925BB09ACF4A5CB3AD (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: F8A54E03AADC5692B850496A4C4630FFEAA29D83 (Avast Antivirus/Software) <==== ATTENTION
    HKLM\ DisallowedCertificates: FA6660A94AB45F6A88C0D7874D89A863D74DEE97 (Avast Antivirus/Software) <==== ATTENTION
    HKU\S-1-5-21-1100032144-3875236446-106254434-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\SUPERAntiSpyware
    HKU\S-1-5-21-1100032144-3875236446-106254434-1000\...\Run: [UpdateMyDrivers] => C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
    C:\Program Files (x86)\SmartTweak Software
    HKU\S-1-5-21-1100032144-3875236446-106254434-1002\...\Run: [UpdateMyDrivers] => C:\Program Files (x86)\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-04-05]
    ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.523\SSScheduler.exe (McAfee, Inc.)
    C:\Program Files\McAfee Security Scan
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    HKU\S-1-5-21-1100032144-3875236446-106254434-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://fr.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKU\S-1-5-21-1100032144-3875236446-106254434-1000 -> DefaultScope {D5B489FF-8600-45B9-A0D4-6898AC3ACD79} URL =
    SearchScopes: HKU\S-1-5-21-1100032144-3875236446-106254434-1002 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    SearchScopes: HKU\S-1-5-21-1100032144-3875236446-106254434-1002 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
    BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
    C:\Program Files (x86)\Microsoft\BingBar
    BHO-x32: Pas de nom -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> Pas de fichier
    BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
    Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1398956769&from=tugs&uid=HitachiXHTS547575A9E384_J2540054JW1J0EJW1J0EX
    FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [Pas de fichier]
    CHR HomePage: Default -> hxxps://fr.yahoo.com?fr=hp-avast&type=avastbcl
    CHR StartupUrls: Default -> "hxxps://fr.yahoo.com?fr=hp-avast&type=avastbcl"
    CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx <non trouvé(e)>
    StartMenuInternet: Google Chrome.TQOBZ74AI2LMTIRMNTTFFHWAEI - C:\Users\Linda\AppData\Local\Google\Chrome\Application\old_chrome.exe hxxp://istart.webssearches.com/?type=sc&ts=1398956769&from=tugs&uid=HitachiXHTS547575A9E384_J2540054JW1J0EJW1J0EX
    S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
    C:\Program Files\TrueKey
    S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.11.523\McCHSvc.exe" [X]
    C:\Program Files (x86)\GUM6420.tmp
    C:\Program Files (x86)\GUM3C16.tmp
    C:\Program Files (x86)\GUT32A4.tmp
    C:\Program Files (x86)\GUM3294.tmp
    C:\Program Files (x86)\GUT7B24.tmp
    C:\Program Files (x86)\GUM7B23.tmp
    C:\Program Files (x86)\GUTC675.tmp
    C:\Program Files (x86)\GUMC674.tmp
    C:\Program Files (x86)\GUM10B5.tmp
    C:\Program Files (x86)\GUTA4E8.tmp
    C:\Program Files (x86)\GUMA4E7.tmp
    C:\Program Files (x86)\GUT10B6.tmp
    C:\Program Files (x86)\GUT2CD5.tmp
    C:\Program Files (x86)\GUT3C17.tmp
    C:\Program Files (x86)\GUT56E6.tmp
    C:\Program Files (x86)\GUT6421.tmp
    C:\Program Files (x86)\GUT6EDF.tmp
    C:\Program Files (x86)\GUT861C.tmp
    C:\Program Files (x86)\GUT8833.tmp
    C:\Program Files (x86)\GUTA4E7.tmp
    C:\Program Files (x86)\GUTA63E.tmp
    C:\Program Files (x86)\GUTAB16.tmp
    C:\Program Files (x86)\GUTB117.tmp
    C:\Program Files (x86)\GUTBBC.tmp
    C:\Program Files (x86)\GUTD49.tmp
    C:\Users\Linda\AppData\Roaming\sb171.dat
    C:\Users\Linda\AppData\Roaming\sb459.dat
    C:\Users\Linda\AppData\Roaming\sb558.dat
    C:\Users\Linda\AppData\Roaming\sb635.dat
    C:\Users\Linda\AppData\Roaming\sb856.dat
    C:\Users\Linda\AppData\Roaming\Setup4911.exe
    C:\Users\Linda\AppData\Roaming\Setup78323.exe
    C:\Users\Linda\AppData\Roaming\Setup80828.exe
    C:\Users\Linda\AppData\Roaming\Setup80834.exe
    C:\Users\Linda\AppData\Roaming\Setup80836.exe
    C:\Users\Linda\AppData\Local\{602AEA0B-C96F-4F7C-8CFA-1E8B3F92348F}
    Task: {1E62007F-BA72-46AB-AAD0-9B6AE6F4110C} - System32\Tasks\Activeris AntiMalware_startup => C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe <==== ATTENTION
    C:\Program Files (x86)\Activeris AntiMalware
    Task: {8AFC5D26-21D1-43FF-9D16-346498149368} - System32\Tasks\DriverTuner Startup => C:\Program Files (x86)\DriverTuner\DriverTuner.exe
    C:\Program Files (x86)\DriverTuner
    AlternateDataStreams: C:\ProgramData\Temp:FCA8C9CD [116]
    MSCONFIG\Services: BBUpdate => 3
    MSCONFIG\Services: McComponentHostService => 3
    MSCONFIG\Services: OfferBox update service => 2
    MSCONFIG\Services: Update Fortunitas => 2
    MSCONFIG\Services: Util Fortunitas => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^Linda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
    MSCONFIG\startupreg: FixMyRegistry => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as
    MSCONFIG\startupreg: offerbox => C:\Program Files (x86)\OfferBox\OfferBox.exe
    MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
    MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
    FirewallRules: [{65954F3B-458C-480C-B32C-FAADC7686E14}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
    FirewallRules: [{3169D0CE-3A9B-4DD8-AF9E-AAACA23118FD}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
    FirewallRules: [{EE177096-D3C8-4DF4-89A5-9A638937BC19}] => (Allow) C:\Users\Linda\AppData\Local\Temp\OfferID9000\bundlesweetimsetup.exe
    FirewallRules: [{E689FBC6-BCD5-424B-A8E8-3F50715E8389}] => (Allow) C:\Users\Linda\AppData\Local\Temp\OfferID9000\bundlesweetimsetup.exe
    Reg: reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan" /f
    Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ghhhzzzz" /f
    Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ghhhzzzz" /f
    Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly" /f
    Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly" /f
    Reg: reg delete "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly" /f
    Reg: reg delete "HKU\S-1-5-21-1100032144-3875236446-106254434-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}" /f
    Hosts:
    EmptyTemp:
    end
    m
    0
    l
    a c 303 8 Sécurité
    a b $ Windows 7
    5 Juin 2017 00:44:24

    La correction avec FRST ne devrait durer que quelques minutes normalement.

    Le mode "Nettoyage" d'AdwCleaner bloque en mode sans échec ?
    m
    0
    l
    5 Juin 2017 18:43:31

    Oui... cela ne fonctionne pas non plus.
    m
    0
    l
    a c 303 8 Sécurité
    a b $ Windows 7
    9 Juin 2017 22:24:52

    Citation :
    C:\Program Files\Trend Micro
    C:\Program Files\SUPERAntiSpyware
    C:\Program Files\McAfee Security Scan

    --> Dans chacun de ces dossiers (et leurs sous-dossiers), regarde si tu as un fichier "uninstall" pour lancer la désinstallation.

    Ensuite, utilise JRT et transmets-moi le rapport :
    https://forum.security-x.fr/tutoriels-317/tutoriel-junk...
    m
    0
    l
    18 Juin 2017 17:26:44

    Destrio5 a dit :
    Citation :
    C:\Program Files\Trend Micro
    C:\Program Files\SUPERAntiSpyware
    C:\Program Files\McAfee Security Scan

    --> Dans chacun de ces dossiers (et leurs sous-dossiers), regarde si tu as un fichier "uninstall" pour lancer la désinstallation.

    Ensuite, utilise JRT et transmets-moi le rapport :
    https://forum.security-x.fr/tutoriels-317/tutoriel-junk...


    Bonjour,

    Aucun de ces dossiers n'apparaissent..

    Avec JRT également cela tourne en boucle et n'aboutit à rien.
    m
    0
    l
    a c 303 8 Sécurité
    a b $ Windows 7
    19 Juin 2017 21:15:22

    En mode sans échec ?

    Je vais m'arrêter là, je ne vois pas d'où vient le blocage. Si Windows 7 ne fonctionne pas correctement, il faudra penser à faire une réinstallation propre du système.
    m
    0
    l
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS