Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
  • Avatar du membre
#25280
re

refais moi 1 zhpdiag pour contrôle et poste le rapport s'il te plaît
  • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
  • Installe le logiciel.
  • Lance ZHPDiag, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
  • Clique sur Configurer
  • Clique sur l'icône représentant une loupe avec un + ( Lancer le diagnostic »)

    Note : Ne pas fermer le programme même si il est indiqué qu'il ne répond plus.

    Image
  • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à  été créé.
  • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
:merci2:
#25315
~ Report of ZHPDiag v2014.1.1.2 - Nicolas Coolman (1/1/2014)
~ Launched by HP (1/1/2014 1:20:21 PM)
~ Web site address : http://nicolascoolman.webs.com" onclick="window.open(this.href);return false;
~ Free support forums for disinfection : http://nicolascoolman.webs.com/apps/links/" onclick="window.open(this.href);return false;
~ Translated by
~ Version State :
~ White List : Activate by program
~ Elevation of privilege : OK
~ User Account Control : Activate by user


---\\ Internet browsers
MSIE: Internet Explorer v10.0.9200.16721
GCIE: Google Chrome v31.0.1650.63 (Defaut)

---\\ Windows product information
~ Langage: Anglais
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software
Microsoft Security Client v4.3.0219.0
Windows Defender W7

---\\ System optimization software

---\\ Sharing software PeerToPeer

---\\ Surveillance software
Adobe Flash Player 11 ActiveX
Adobe Reader X
Java 7 Update 45

---\\ Information on the system
~ Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2927.4 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 92 GB (62%) free of 146 GB

---\\ Connection to the system mode
~ Computer Name: HP-PC-FARAH
~ User Name: HP
~ All Users Names: HP, HomeGroupUser$, Guest, Ghiwa Only, Administrator,
~ Unselected Option: None
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\HP.HP-PC\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\HP.HP-PC\AppData\Roaming\
~ %Desktop% : C:\Users\HP.HP-PC\Desktop\
~ %Favorites% : C:\Users\HP.HP-PC\Favorites\
~ %LocalAppData% : C:\Users\HP.HP-PC\AppData\Local\
~ %StartMenu% : C:\Users\HP.HP-PC\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 92 Go of 146 Go)
D: Hard drive, Flash drive, Thumb drive (Free 151 Go of 152 Go)
E: CD-ROM drive (Not Inserted)
Z: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ State of the Windows Security Center
~ Security Center: 46 Legitimates Filtered in 00mn AMs



---\\ Search Generic System Files
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.2/25/2011 - 7:30:54 AM.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) (.7/14/2009 - 3:14:45 AM.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4FEB264B47360B7296AEA4E052F88D8] - (.Microsoft Corporation - Internet Extensions for Win32.) (.10/31/2013 - 5:36:14 PM.) -- C:\Windows\System32\wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Windows Logon Application.) (.11/20/2010 - 2:17:54 PM.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) (.11/20/2010 - 2:21:24 PM.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.9/14/2013 - 2:48:58 AM.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 3:26:15 AM.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/14/2009 - 1:11:15 AM.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/20/2010 - 10:38:10 AM.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.11/20/2010 - 10:42:32 AM.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/20/2010 - 11:59:29 AM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) (.7/14/2009 - 1:11:24 AM.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.7/14/2009 - 1:54:29 AM.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/27/2011 - 4:17:22 AM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.11/20/2010 - 10:39:44 AM.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - NT File System Driver.) (.4/12/2013 - 3:45:29 PM.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) (.7/14/2009 - 1:45:35 AM.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.7/14/2009 - 1:54:34 AM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.11/20/2010 - 12:24:46 PM.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.7/14/2009 - 1:53:41 AM.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.11/20/2010 - 10:39:17 AM.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.11/20/2010 - 2:30:16 PM.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn AMs



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/31
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/58
~ Mes Favoris (My Favorites) : 1/210
~ Mes Documents (My Documents) : 5/6802
~ Mon Bureau (My Desktop) : 8/15
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 01mn AMs



---\\ Process running
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.516]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.5548]
[MD5.376A9B411BF8B77D5BF84B24D0C7DACD] - (.Google Inc. - Google Chrome.) -- C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\Application\chrome.exe [863184] [PID.2144]
[MD5.DDBE89226D55D694F1B7B3DD0C324640] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [233048] [PID.3024]
[MD5.0FBD76E8BA11D87010309DB7AC199FF0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8310272] [PID.304]
~ Processes Running: Scanned in 00mn AMs



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (...) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (.not file.)
~ Firefox Browser: 18 Legitimates Filtered in 00mn AMs



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 10 Legitimates Filtered in 00mn AMs



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn AMs



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn AMs



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn AMs
~ Nombre de lignes (Lines number): 23



---\\ Browser Helper Objects (O2)
O2 - BHO: (no name) - {13E3AF0A-2C78-40B7-B226-C8BF07FD2BE3} Orphan key
~ BHO: 18 Legitimates Filtered in 00mn AMs



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Bing Client Extensions.) -- C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll =>Toolbar.Bing
~ Toolbar: Scanned in 00mn AMs



---\\ Other User Links (O4)
O4 - GS\QuickLaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Guest]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\QuickLaunch [Ghiwa Only]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Ghiwa Only]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Ghiwa Only]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Ghiwa Only]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo [Ghiwa Only]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\QuickLaunch [Administrator]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
~ Global Startup: 77 Legitimates Filtered in 06mn AMs



---\\ Auto loading programs from Registry and folders (O4)
O4 - GS\Startup [Guest]: OneNote 2007 Screen Clipper and Launcher.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe
O4 - GS\Startup [Ghiwa Only]: Dropbox.lnk . (...) -- C:\Users\HP.HP-PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (.not file.) =>.Dropbox
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files\Windows Live\Family Safety\fsui.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\HP.HP-PC\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2129644216-3567736304-2734656630-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\HP.HP-PC\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn AMs



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn AMs



---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} ((no name)) - http://office.microsoft.com/sites/produ ... wsdc32.cab" onclick="window.open(this.href);return false;
~ Objets ActiveX: Scanned in 00mn AMs



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{75DBB413-D249-44F6-9D3B-5AD33A385406}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{75DBB413-D249-44F6-9D3B-5AD33A385406}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{75DBB413-D249-44F6-9D3B-5AD33A385406}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn AMs



---\\ Extra protocols (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn AMs



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn AMs



---\\ Software installed (O42)
O42 - Logiciel: Effective Measure 2.0.20 - (.Effective Measure.) [HKLM] -- {0376BC0E-477C-4B6E-A6D6-0852927D4FDA}
~ Logic: 16 Legitimates Filtered in 00mn AMs



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Pando Networks]
[HKLM\Software\Pando Networks]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
~ Key Software: 146 Legitimates Filtered in 00mn AMs



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 2/11/2013 - 9:11:07 PM - [0.947] ----D C:\Program Files\Effective Measure
O43 - CFD: 1/21/2012 - 9:00:38 PM - [0] ----D C:\Program Files\Pando Networks
O43 - CFD: 6/14/2012 - 6:41:14 PM - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 9/3/2013 - 8:15:25 AM - [11.080] ----D C:\ProgramData\Promote Installer
O43 - CFD: 2/11/2013 - 9:11:06 PM - [0.451] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 9/7/2013 - 6:32:53 PM - [23.539] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 9/7/2013 - 5:32:39 PM - [27.184] ----D C:\Users\HP.HP-PC\AppData\Roaming\OpenCandy =>Adware.OpenCandy
~ 1399 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1581 Legitimates Filtered in 19mn AMs



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.4160541948FEC66B01F0C9649F2FAA66] - 1/1/2014 - 11:05:45 AM ----- . (...) -- C:\UsbFix [Scan 1] HP-PC-FARAH.txt [1235]
O44 - LFC:[MD5.B84B35624503F999FCD3FE9195C3F729] - 1/1/2014 - 11:08:30 AM ----- . (...) -- C:\UsbFix [Scan 2] HP-PC-FARAH.txt [8759]
O44 - LFC:[MD5.3B700C5DF4A853D02B1D876337D70142] - 1/1/2014 - 11:14:13 AM ----- . (...) -- C:\UsbFix [Clean 1] HP-PC-FARAH.txt [9787]
O44 - LFC:[MD5.BB8157C0EFC37A3F7206ABFAB5E244C9] - 1/1/2014 - 11:19:25 AM ----- . (...) -- C:\UsbFix [Scan 3] HP-PC-FARAH.txt [6359]
O44 - LFC:[MD5.7A4D5DBA9471719CFFD2A187D9FB19A2] - 1/1/2014 - 11:20:21 AM ----- . (...) -- C:\UsbFix [Clean 2] HP-PC-FARAH.txt [10778]
O44 - LFC:[MD5.4B6363B043A0EDEF1D90BFC825C71F01] - 1/1/2014 - 12:23:45 PM ----- . (...) -- C:\UsbFix [Scan 4] HP-PC-FARAH.txt [5175]
O44 - LFC:[MD5.3554F3DC1B15E13D77B37E92201E52C6] - 1/1/2014 - 12:33:16 PM ----- . (...) -- C:\UsbFix [Clean 3] HP-PC-FARAH.txt [9416]
O44 - LFC:[MD5.378046BEEF1486C18D9587997A4DF6CE] - 1/1/2014 - 12:43:56 PM ----- . (...) -- C:\UsbFix [Scan 5] HP-PC-FARAH.txt [5179]
O44 - LFC:[MD5.4933068EEBE81004825901E9F7A1E5DB] - 1/1/2014 - 12:48:08 PM ---A- . (...) -- C:\UsbFix [Clean 4] HP-PC-FARAH.txt [8980]
~ Files: 17 Legitimates Filtered in 03mn AMs



---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn AMs



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn AMs



---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 7/14/2009 - 3:20:28 AM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 7/14/2009 - 12:54:14 AM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 7/14/2009 - 3:19:04 AM ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 7/13/2009 - 11:40:41 PM ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 7/13/2009 - 11:40:44 PM ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 7/13/2009 - 11:40:40 PM ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 7/13/2009 - 11:40:43 PM ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 7/13/2009 - 11:40:43 PM ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 7/13/2009 - 11:40:23 PM ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 7/13/2009 - 11:40:31 PM ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 7/13/2009 - 11:40:35 PM ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 7/13/2009 - 11:40:39 PM ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 7/13/2009 - 11:40:27 PM ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 7/13/2009 - 11:40:11 PM ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 7/13/2009 - 11:40:15 PM ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 7/13/2009 - 11:40:17 PM ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 7/13/2009 - 11:40:19 PM ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 7/13/2009 - 11:40:13 PM ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 18 Legitimates Filtered in 03mn AMs



---\\ Last modified or created user files (O61)
O61 - LFC: 1/1/2014 - 1:21:37 PM ---A- . (...) -- C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [267948]
O61 - LFC: 1/1/2014 - 1:21:47 PM ---A- . (...) -- C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Local State [53816]
O61 - LFC: 1/1/2014 - 1:23:19 PM ---A- . (...) -- C:\Users\HP.HP-PC\AppData\Roaming\ZHP\Log.txt [20923] =>.Nicolas Coolman
O61 - LFC: 1/1/2014 - 1:23:19 PM ---A- . (...) -- C:\Users\HP.HP-PC\AppData\Roaming\ZHP\TestsZHPDiag.txt [2872] =>.Nicolas Coolman
O61 - LFC: 1/1/2014 - 1:23:19 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\Music&pics\quotes\Be Mindful.docx [11408]
O61 - LFC: 1/1/2014 - 1:23:19 PM -SHA- . (...) -- C:\Users\HP.HP-PC\Documents\Music&pics\quotes\Thumbs.db [199168]
O61 - LFC: 1/1/2014 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\S.S\25-Amazing-Facts-About-Food.pdf [2101866]
O61 - LFC: 1/1/2014 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\S.S\25-Amazing-and-Weird-Facts-About-Food.pdf [1515738]
O61 - LFC: 1/1/2014 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\S.S\AloeVeraMiracle.pdf [563836]
O61 - LFC: 1/1/2014 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\S.S\AmazonHerbCompany.pdf [1356978]
O61 - LFC: 1/1/2014 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\S.S\NaturalAppetiteSuppressants.pdf [1445941]
O61 - LFC: 1/1/2014 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\U.F\Strategic Management\PEPSICO's Project.docx [97548]
O61 - LFC: 1/1/2014 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\U.F\Strategic Management\Strategic Management.docx [101360]
O61 - LFC: 1/1/2014 - 1:23:20 PM --HA- . (...) -- C:\Users\HP.HP-PC\Documents\U.F\Strategic Management\~$PSICO's Project.docx [162]
O61 - LFC: 1/1/2014 - 1:23:20 PM --HA- . (...) -- C:\Users\HP.HP-PC\Documents\U.F\Strategic Management\~$psi Co.docx [162]
O61 - LFC: 1/1/2014 - 1:23:20 PM --HA- . (...) -- C:\Users\HP.HP-PC\Documents\U.F\Strategic Management\~$rategic Management.docx [162]
O61 - LFC: 1/1/2014 - 1:23:22 PM ---A- . (...) -- C:\Users\HP.HP-PC\Downloads\adwcleaner.exe [1233962]
O61 - LFC: 1/1/2014 - 1:23:22 PM RSHA- . (...) -- C:\Users\HP.HP-PC\ntuser.pol [632]
O61 - LFC: 12/29/2013 - 1:23:19 PM -SHA- . (...) -- C:\Users\HP.HP-PC\Documents\Music&pics\Brithney Spears\Thumbs.db [132608]
O61 - LFC: 12/29/2013 - 1:23:19 PM -SHA- . (...) -- C:\Users\HP.HP-PC\Documents\Music&pics\Miley Cyrus\Thumbs.db [141824]
O61 - LFC: 12/29/2013 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\Music&pics\random pics and files\Backgrounds\My very very special best gift - i'll never ever forget her!my bff!\Diary.docx [4288000]
O61 - LFC: 12/29/2013 - 1:23:20 PM -SHA- . (...) -- C:\Users\HP.HP-PC\Documents\Music&pics\random pics and files\Thumbs.db [1276416]
O61 - LFC: 12/29/2013 - 1:23:22 PM ---A- . (.40032730.) -- C:\Users\HP.HP-PC\Downloads\Open innovation at pepsico - Ian Noble.pps [1662464]
O61 - LFC: 12/30/2013 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\U.F\Strategic Management\Pepsi.pdf [620036]
O61 - LFC: 12/30/2013 - 1:23:22 PM ---A- . (...) -- C:\Users\HP.HP-PC\Downloads\PepsiCo_Quick_Facts.pdf [108562]
O61 - LFC: 12/31/2013 - 1:23:07 PM ---A- . (...) -- C:\Users\HP.HP-PC\AppData\Roaming\Microsoft\Templates\Document Themes\Theme Colors\Custom 43.xml [743]
O61 - LFC: 12/31/2013 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\U.F\Cultural Studies\United Kingdom's culture.docx [15443]
O61 - LFC: 12/31/2013 - 1:23:20 PM ---A- . (...) -- C:\Users\HP.HP-PC\Documents\U.F\Strategic Management\Pepsi Co.docx [16928]
~ 30 Fichiers temporaires (Temporary files)
~ Files: 224 Legitimates Filtered in 56mn AMs



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - http://www.usbfix.net" onclick="window.open(this.href);return false; - http://www.sosvirus.net" onclick="window.open(this.href);return false;.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn AMs



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML.27CIR76SNAFEPRP6MJCM4OZZKQ>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn AMs



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome.27CIR76SNAFEPRP6MJCM4OZZKQ> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn AMs



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com" onclick="window.open(this.href);return false;
~ Keys: Scanned in 00mn AMs



---\\ Crack & Keygen Files (CKF) (O82)
C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
C:\Users\HP.HP-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
~ Files: Scanned in 13mn AMs



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.08D968B8AF7F1C7AB85F18395443F398] [SPRF][9/23/2011] (...) -- C:\Users\HP.HP-PC\AppData\Local\cache.dat [75160]
[MD5.EEB0C2E6A06469E282E4ACC27520B3B2] [SPRF][9/23/2011] (.axon_t - Windows Activator Dialogs (32bit).) -- C:\Users\HP.HP-PC\AppData\Local\dialog.exe [97232]
[MD5.DFF527F81B01586897A958D8F594A049] [SPRF][9/23/2011] (...) -- C:\Users\HP.HP-PC\AppData\Local\install_cert2.1.exe [124416]
[MD5.5DA8745D0F87CA5D92A161CE4A884174] [SPRF][9/23/2011] (...) -- C:\Users\HP.HP-PC\AppData\Local\make_bootloader2.1.exe [273920]
[MD5.7E72D81119EC1932AFAF2BAFC30F06F6] [SPRF][9/23/2011] (...) -- C:\Users\HP.HP-PC\AppData\Local\Win2008.exe [3018240]
[MD5.063959A86166A58E7CDAB12DAF52672C] [SPRF][9/23/2011] (...) -- C:\Users\HP.HP-PC\AppData\Local\Win7.exe [5061632]
[MD5.AEE02B9D3D9DFE2DFEC230ACE3804BA8] [SPRF][11/9/2010] (.Ask - Wrapper Application.) -- C:\Users\HP.HP-PC\AppData\Local\Temp\askToolbarInstaller.exe [3056008]
[MD5.BFCA9009D2B6D0545235B91F7E60F898] [SPRF][5/23/2013] (...) -- C:\Users\HP.HP-PC\AppData\Local\Temp\defaultCache.reg [29248]
~ Files: 20 Legitimates Filtered in 00mn AMs



---\\ Product Upgrade Codes (PUC) (O90)
O90 - PUC: "617DD6FF01B79624F991FF0BA74CDC59" . (.Bing Bar.) -- C:\Windows\Installer\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 79 Legitimates Filtered in 00mn AMs



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 5/10/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Auto 12/16/2013 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe
SS - | Demand 12/16/2013 247968 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe
SS - | Auto 5/13/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SS - | Demand 11/14/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Auto 8/14/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SS - | Auto 10/9/2013 3275136 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 3/1/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 2/4/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
SS - | Auto 11/4/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Demand 6/23/2013 22016 | (wampapache) . (.Apache Software Foundation.) - C:\Users\HP.HP-PC\Documents\wamp\bin\apache\apache2.4.4\bin\httpd.exe
SS - | Demand 6/23/2013 10923520 | (wampmysqld) . (...) - C:\Users\HP.HP-PC\Documents\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe
SS - | Demand 7/14/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 11/4/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 8/12/2013 22208 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 7/14/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 12mn AMs



---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net" onclick="window.open(this.href);return false;
Run by HP at 1/1/2014 1:23:56 PM

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys halmacpi.dll ataport.SYS PCIIDEX.SYS msahci.sys
C:\Windows\system32\DRIVERS\hpdskflt.sys Hewlett-Packard Company Mobile Data Protection System
1 ntkrnlpa!IofCallDriver[0x82E7DBBA] >> \Device\Harddisk0\DR0[0x865E71F8]
5 hpdskflt[0x8B619F92] >> ntkrnlpa!IofCallDriver[0x82E7DBBA] >> \Device\Ide\IdeDeviceP0T0L0-0[0x8648C908]
kernel: MBR read successfully
user & kernel MBR OK

~ MBR: 14 Legitimates Filtered in 02mn AMs



---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog" onclick="window.open(this.href);return false;
Run by HP at 1/1/2014 1:23:58 PM

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 04mn AMs



---\\ Scan Additionnel (O88)
Database Version : 13018 - (1/1/2014)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 1

[HKLM\Software\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{eec0f710-38b5-4aba-99bf-ec87564a4e13} =>Toolbar.Bing^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\Users\HP.HP-PC\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\HP.HP-PC\AppData\Local\Temp\askToolbarInstaller.exe =>PUP.Babylon
~ Additionnel Scan: 275725 Items scanned in 19mn AMs



---\\ Summary of the detections found on your workstation
~ http://nicolascoolman.webs.com/apps/blo ... lbar-tarma" onclick="window.open(this.href);return false; =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blo ... -opencandy" onclick="window.open(this.href);return false; =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blo ... oolbar-ask" onclick="window.open(this.href);return false; =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blo ... ar-babylon" onclick="window.open(this.href);return false; =>PUP.Babylon
~ MSI: 4 link(s) detected in 19mn AMs



~ 2681 Legitimates filtered by white list
End of the scan (500 lines in 57mn AMs)(4)

Voila! Ca dit quoi? :)
#25333
re

fais ceci et poste le rapport s'il te plaît
  • Télécharge MalwareBytes Anti-Malware
  • Installe le. Décoche "Activer l'essai gratuit de Malwarebytes Anti-Malware PRO"
  • Lance Malwarebytes' Anti-Malware.
  • Clic sur l'onglet "Mises à  jours" puis sur "Rechercher des mises à  jours"
  • Clic sur l'onglet "Recherche", coche "éxécuter un examen complet" puis clic sur Rechercher

    Image
  • A la fin de l'analyse, si MBAM n'a rien trouvé :
    • Clic sur OK, le rapport s'ouvre spontanément
  • Si des menaces ont été détectées :
    • Clic sur OK puis "Afficher les résultats"
    • Choisis l'option "Supprimer la sélection(clic droit et choisis dans le menu déroulant "tout cocher" avant de supprimer)"
    • Si MBAM demande le redémarrage de Windows : Clic sur "Oui"
    • Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
    • Sinon le rapport s'ouvre automatiquement après la suppression
    • Poste le rapport dans ta prochaine réponse
    Image
#71269
:hello: Stella,

Il est ou ?Bonjour Hello,
Sans réponse de ta part, je considère le problème comme résolu !,
Il est pourtant très important de suivre une désinfection jusqu'au bout. En effet, même si les symptômes qui t'on amené à demander de l'aide on disparu, ton ordinateur reste toutefois infecté. Tu dois savoir également que notre aide est bénévole, voir ton sujet abandonné sans aucune explication est pour nous un manque de respect. Merci de respecter les personnes qui donnent de leur temps afin de vous aider. Quoiqu'il en soit, nous laissons ton sujet ouvert au cas où tu décides de revenir ... @ Bientôt sur SosVirus.
Il est ou ?

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)