Désinfection clé usb 2014-05-02T16:34:35+00:00
  • Auteur
    Messages
  • Anonyme
    Post count: 1400

    :hello: carole06

    [norephelpe:2s8jbnzl][/norephelpe:2s8jbnzl]

  • Anonyme
    Post count: 1400

    :hello: gloctor,

    tu dois créer ton propre topic dans le forum virus/sécurité et attendre qu’un helpeur te prenne en charge ;)

    le lien du forum virus/sécurité >> forum-virus-securite.html

    :merci2:

  • gloctor
    Participant
    Post count: 3

    j’ai un fichier raccourci autorun.inf dans ma clé usb
    merci
    ############################## | UsbFix V 7.167 | [Recherche]

    Utilisateur: pc (Administrateur) # PCPORTABLE
    Mis à jour le 13/03/2014 par El Desaparecido – Team SosVirus
    Lancé à 13:44:01 | 17/05/2014

    Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
    Support : forum-virus-securite.html
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Acer (BA50-MV )
    CPU: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
    RAM -> [Total : 1977 Mo| Free : 606 Mo]
    Bios: Phoenix
    Boot: Normal boot

    OS: Microsoft Windows 7 Professionnel (6.1.7600 32-Bit)
    WB: Windows Internet Explorer : 9.0.8112.16421
    WB: Google Chrome : 34.0.1847.137
    WB: Mozilla Firefox : 29.0.1

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: avast! Antivirus [Enabled | Updated]
    AV: AVG Internet Security 2012 [(!) Disabled | Updated]
    AS: AVG Internet Security 2012 [(!) Disabled | Updated]
    AS: Windows Defender [Enabled | (!) Outdated]
    AS: avast! Antivirus [Enabled | Updated]
    FW: AVG Internet Security 2012 [(!) Disabled]
    FW: Windows FireWall [Enabled]

    C: (%systemdrive%) -> Disque fixe # 135 Go (18 Go libre(s) – 13%) [] # NTFS
    D: -> Disque fixe # 98 Go (66 Go libre(s) – 67%) [] # NTFS
    E: -> CD-ROM
    F: -> CD-ROM
    G: -> CD-ROM
    I: -> Disque amovible # 7 Go (360 Mo libre(s) – 5%) [RAMDAHAN] # FAT32

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 416 |ParentID: 392)
    C:Windowssystem32wininit.exe (ID: 468 |ParentID: 392)
    C:Windowssystem32csrss.exe (ID: 480 |ParentID: 460)
    C:Windowssystem32services.exe (ID: 528 |ParentID: 468)
    C:Windowssystem32lsass.exe (ID: 544 |ParentID: 468)
    C:Windowssystem32lsm.exe (ID: 552 |ParentID: 468)
    C:Windowssystem32winlogon.exe (ID: 684 |ParentID: 460)
    C:Windowssystem32svchost.exe (ID: 696 |ParentID: 528)
    C:Windowssystem32svchost.exe (ID: 816 |ParentID: 528)
    C:WindowsSystem32svchost.exe (ID: 872 |ParentID: 528)
    C:WindowsSystem32svchost.exe (ID: 956 |ParentID: 528)
    C:Windowssystem32svchost.exe (ID: 996 |ParentID: 528)
    C:Windowssystem32svchost.exe (ID: 1184 |ParentID: 528)
    C:Windowssystem32svchost.exe (ID: 1324 |ParentID: 528)
    D:Programe Fileavast5AvastSvc.exe (ID: 1404 |ParentID: 528)
    C:Windowssystem32Dwm.exe (ID: 1592 |ParentID: 956)
    C:WindowsExplorer.EXE (ID: 1604 |ParentID: 1580)
    C:WindowsSystem32spoolsv.exe (ID: 1776 |ParentID: 528)
    C:Windowssystem32svchost.exe (ID: 1924 |ParentID: 528)
    C:Program FilesAVGAVG2012avgtray.exe (ID: 340 |ParentID: 1604)
    C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe (ID: 360 |ParentID: 1604)
    C:Windowssystem32taskhost.exe (ID: 1312 |ParentID: 528)
    C:WindowsSystem32igfxtray.exe (ID: 1336 |ParentID: 1604)
    C:Program FilesCommon FilesAdobeARM1.0armsvc.exe (ID: 1544 |ParentID: 528)
    C:WindowsSystem32hkcmd.exe (ID: 1612 |ParentID: 1604)
    C:Windowssystem32igfxsrvc.exe (ID: 1432 |ParentID: 696)
    C:WindowsSystem32igfxpers.exe (ID: 1640 |ParentID: 1604)
    C:Program FilesAVG SafeGuard toolbarvprot.exe (ID: 1264 |ParentID: 1604)
    C:Program FilesAVGAVG2012avgfws.exe (ID: 1260 |ParentID: 528)
    D:Programe FileGreenshotGreenshot.exe (ID: 336 |ParentID: 1604)
    C:Program FilesAVGAVG2012avgwdsvc.exe (ID: 2200 |ParentID: 528)
    C:Program FilesMusic ToolbarDatamngrDatamngrCoordinator.exe (ID: 2256 |ParentID: 528)
    C:Program FilesMusic ToolbarDatamngrDatamngrCoordinator.exe (ID: 2336 |ParentID: 2256)
    C:Program FilesCommon FilesJavaJava Updatejusched.exe (ID: 2528 |ParentID: 1604)
    D:Programe Fileavast5AvastUI.exe (ID: 2540 |ParentID: 1604)
    C:WindowsTEMPnsvE9E2.tmpnsFA18.tmp (ID: 2584 |ParentID: 2380)
    C:Windowssystem32conhost.exe (ID: 2592 |ParentID: 416)
    C:Windowssystem32cmd.exe (ID: 2616 |ParentID: 2584)
    C:Program FilesGoogleUpdate1.3.24.7GoogleCrashHandler.exe (ID: 2976 |ParentID: 2396)
    C:WindowsSystem32wscript.exe (ID: 3040 |ParentID: 1604)
    C:Program FilesSuperCopier2SuperCopier2.exe (ID: 3124 |ParentID: 1604)
    C:UserspcAppDataRoaminguTorrentuTorrent.exe (ID: 3188 |ParentID: 1604)
    C:Program FilesAVGAVG2012avgnsx.exe (ID: 3228 |ParentID: 2200)
    C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater18.1.5ToolbarUpdater.exe (ID: 3384 |ParentID: 528)
    D:Programe FileaboreAdobe Bridge CS5Bridge.exe (ID: 3420 |ParentID: 1604)
    C:Program FilesCommon FilesAVG Secure SearchvToolbarUpdater18.1.5loggingserver.exe (ID: 3564 |ParentID: 3384)
    C:Windowssystem32conhost.exe (ID: 3572 |ParentID: 416)
    C:Windowssystem32SearchIndexer.exe (ID: 3808 |ParentID: 528)
    C:Windowssystem32svchost.exe (ID: 4056 |ParentID: 528)
    C:Windowssystem32svchost.exe (ID: 2680 |ParentID: 528)
    C:Windowssystem32wbemwmiprvse.exe (ID: 4000 |ParentID: 696)
    C:Windowssystem32sppsvc.exe (ID: 1148 |ParentID: 528)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2244 |ParentID: 1604)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 332 |ParentID: 2244)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 2984 |ParentID: 2244)
    C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe (ID: 4088 |ParentID: 3420)
    C:WindowsSystem32svchost.exe (ID: 1200 |ParentID: 528)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 3532 |ParentID: 528)
    C:Windowssystem32AUDIODG.EXE (ID: 4700 |ParentID: 872)
    D:Programe FileMatlabbinwin32MATLAB.exe (ID: 4784 |ParentID: 2344)
    C:Program FilesGoogleChromeApplicationchrome.exe (ID: 4160 |ParentID: 2244)
    C:Program FilesMicrosoft OfficeOffice12WINWORD.EXE (ID: 1424 |ParentID: 5380)
    C:Windowssystem32taskhost.exe (ID: 5856 |ParentID: 528)
    C:Windowssystem32WUDFHost.exe (ID: 5216 |ParentID: 956)
    C:Windowssystem32SearchProtocolHost.exe (ID: 1224 |ParentID: 3808)
    C:Windowssystem32SearchFilterHost.exe (ID: 4296 |ParentID: 3808)

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [64bit] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    F2 – [64bit] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    F3 – HKCU..Windows : [Load]
    04 – HKCU..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKCU..Run : [uTorrent] “C:UserspcAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
    04 – HKCU..Run : [Akamai NetSession Interface] “C:UserspcAppDataLocalAkamainetsession_win.exe”
    04 – HKCU..Run : [DAEMON Tools Lite] “D:Programe FileDAEMON Tools LiteDTLite.exe” -autorun
    04 – HKCU..Run : [Facebook Update] “C:UserspcAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKCU..Run : [iLivid] “C:UserspcAppDataLocaliLividiLivid.exe” -autorun
    04 – HKCU..Run : [AdobeBridge] “D:Programe FileaboreAdobe Bridge CS5Bridge.exe” -stealth
    04 – HKCU..Run : [MicrosoftUpdate] wscript.exe //B “C:UserspcAppDataRoamingMicrosoftUpdate.vbe”
    04 – HKLM..Run : [AVG_TRAY] “C:Program FilesAVGAVG2012avgtray.exe”
    04 – HKLM..Run : [Adobe ARM] “C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – HKLM..Run : [vProt] “C:Program FilesAVG SafeGuard toolbarvprot.exe”
    04 – HKLM..Run : [Greenshot] D:Programe FileGreenshotGreenshot.exe
    04 – HKLM..Run : [SunJavaUpdateSched] “C:Program FilesCommon FilesJavaJava Updatejusched.exe”
    04 – HKLM..Run : [AvastUI.exe] “D:Programe Fileavast5AvastUI.exe” /nogui
    04 – HKLM..Run : [mobilegeni daemon] C:Program FilesMobogenieDaemonProcess.exe
    04 – HKLM..Run : [AdobeAAMUpdater-1.0] “C:Program FilesCommon FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”
    04 – HKLM..Run : [SwitchBoard] C:Program FilesCommon FilesAdobeSwitchBoardSwitchBoard.exe
    04 – HKLM..Run : [AdobeCS5ServiceManager] “C:Program FilesCommon FilesAdobeCS5ServiceManagerCS5ServiceManager.exe” -launchedbylogin
    04 – HKLM..Run : [MicrosoftUpdate] wscript.exe //B “C:UserspcAppDataRoamingMicrosoftUpdate.vbe”
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [SuperCopier2.exe] C:Program FilesSuperCopier2SuperCopier2.exe
    04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [uTorrent] “C:UserspcAppDataRoaminguTorrentuTorrent.exe” /MINIMIZED
    04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [Akamai NetSession Interface] “C:UserspcAppDataLocalAkamainetsession_win.exe”
    04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [DAEMON Tools Lite] “D:Programe FileDAEMON Tools LiteDTLite.exe” -autorun
    04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [Facebook Update] “C:UserspcAppDataLocalFacebookUpdateFacebookUpdate.exe” /c /nocrashserver
    04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [iLivid] “C:UserspcAppDataLocaliLividiLivid.exe” -autorun
    04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [AdobeBridge] “D:Programe FileaboreAdobe Bridge CS5Bridge.exe” -stealth
    04 – HKUS-1-5-21-789054474-124583851-1451796764-1000..Run : [MicrosoftUpdate] wscript.exe //B “C:UserspcAppDataRoamingMicrosoftUpdate.vbe”
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    Présent! C:UserspcAppDataRoamingMicrosoftUpdate.vbe
    Présent! I:MicrosoftUpdate.vbe
    Présent! I:Autorun.inf.lnk

    ################## | Registre |

    Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsbrowsersafeguard.exe
    Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsdeltatb.exe
    Présent! HKLMSoftwareMicrosoftWindows NTCurrentVersionImage File Execution Optionsstinst64.exe
    Présent! HKUS-1-5-21-789054474-124583851-1451796764-1000SoftwareMicrosoftWindowsCurrentVersionRun|MicrosoftUpdate
    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionRun|MicrosoftUpdate
    Présent! HKCUSoftwareMicrosoftWindowsCurrentVersionRun|MicrosoftUpdate

    ################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

  • Anonyme
    Post count: 1400

    :hello: carole06,

    Est-ce que je peux réactiver l’anti-virus Avast

    oui, bien sur

    Comment je peux protéger ma clé d’autres infections à l’avenir

    ta clé est protégée, elle a été “vaccinée” par usbfix (que du bonheur) :content:

    il reste 2-3 manipulations et se sera terminé ;)

    fait ceci et poste le rapport s’il te plaît

    • Télécharge SFTGC (de Pierre13) sur ton Bureau et pas ailleurs !.
    • Lance SFTGC, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clique sur GO

      Note : A la fin un rapport va s’ouvrir

    • Une fois le scan terminé rends toi sur le bureau, le fichier SFTGC.txt à été créé.
    • Héberge le rapport SFTGC.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    :merci2:

  • carole06
    Participant
    Post count: 12

    Bonjour Billmaxime,

    Les pare-feux étaient bien activés. Mon ordinateur semble bien se comporter.
    Est-ce que je peux réactiver l’anti-virus Avast (qui m’a prévenu au départ que ma clé usb était infectée) ?
    Comment je peux protéger ma clé d’autres infections à l’avenir ? Parce que je l’utilise dans un cyber café.
    Je te remercie pour tes réponses.

  • Anonyme
    Post count: 1400

    :hello: carole06,

    ok, vérifie si ton pare feu est activé

    pour y accéder, clique sur démarrer>panneau de configuration>pare feu

    dans la page du pare feu, dans la colonne de gauche, clique sur “activer où désactiver le pare feu windows”

    regarde l’image >> clique ici
    =====================================================================================
    dit moi comment va le pc et si tu as encore des soucis

    :merci2:

  • carole06
    Participant
    Post count: 12

    J’ai oublié de connecter la clé usb, donc voici le nouveau rapport d’adwcleaner :

    # AdwCleaner v3.207 – Rapport créé le 09/05/2014 à 16:22:54
    # Mis à jour le 05/05/2014 par Xplode
    # Système d’exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d’utilisateur : Louisa – LOUISA-PC
    # Exécuté depuis : C:UsersLouisaAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5886PI55Sadwcleaner (1).exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17041

    -\ Google Chrome v34.0.1847.131

    *************************

    AdwCleaner[R0].txt – [32331 octets] – [07/01/2014 11:57:57]
    AdwCleaner[R1].txt – [1685 octets] – [09/05/2014 11:26:39]
    AdwCleaner[R2].txt – [1026 octets] – [09/05/2014 16:22:01]
    AdwCleaner[S0].txt – [29813 octets] – [07/01/2014 11:59:36]
    AdwCleaner[S1].txt – [1759 octets] – [09/05/2014 11:27:38]
    AdwCleaner[S2].txt – [949 octets] – [09/05/2014 16:22:54]

    ########## EOF – C:AdwCleanerAdwCleaner[S2].txt – [1008 octets] ##########

    Merci à toi !

  • carole06
    Participant
    Post count: 12

    Bonjour Billmaxime,

    Voici le raport d’Adwcleaner :

    # AdwCleaner v3.207 – Rapport créé le 09/05/2014 à 11:27:38
    # Mis à jour le 05/05/2014 par Xplode
    # Système d’exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d’utilisateur : Louisa – LOUISA-PC
    # Exécuté depuis : C:UsersLouisaAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5886PI55Sadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    [#] Service Supprimé : vToolbarUpdater17.3.0

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:UsersLouisaAppDataLocalAVG SafeGuard toolbar
    Dossier Supprimé : C:UsersLouisaAppDataLocalemaze
    Dossier Supprimé : C:UsersLouisaAppDataLocalTempmt_ffx
    Dossier Supprimé : C:UsersLouisaAppDataLocalGoogleChromeUser DataDefaultExtensionscekcjpgehmohobmdiikfnopibipmgnml
    Dossier Supprimé : C:UsersLouisaAppDataLocalGoogleChromeUser DataDefaultExtensionsdlnembnfbcpjnepmfjmngjenhhajpdfd
    Dossier Supprimé : C:UsersLouisaAppDataLocalGoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp
    Dossier Supprimé : C:UsersLouisaAppDataLocalGoogleChromeUser DataDefaultExtensionsndkhncnongaclekkbelchmeafffimifj
    Fichier Supprimé : C:UsersLouisadaemonprocess.txt

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17041

    -\ Google Chrome v34.0.1847.131

    *************************

    AdwCleaner[R0].txt – [32331 octets] – [07/01/2014 11:57:57]
    AdwCleaner[R1].txt – [1685 octets] – [09/05/2014 11:26:39]
    AdwCleaner[S0].txt – [29813 octets] – [07/01/2014 11:59:36]
    AdwCleaner[S1].txt – [1619 octets] – [09/05/2014 11:27:38]

    ########## EOF – C:AdwCleanerAdwCleaner[S1].txt – [1679 octets] ##########

  • Anonyme
    Post count: 1400

    re

    ok, fait ceci et poste le rapport s’il te plaît

    • Télécharge Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista,sinon double-clique pour XP
      1. Choisis l’option Scanner
      2. Choisis l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Accepte les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

    :merci2:

  • carole06
    Participant
    Post count: 12

    Je pense que c’est plutôt ce lien-là :

    https://antimalware.top/www/?a=d&i=gvjwoDdDKN” onclick=”window.open(this.href);return false;

    Merci à toi.

  • carole06
    Participant
    Post count: 12

    Voici le lien sosupload :

    C:UsersLouisaDesktopZHPDiag.txt

  • Anonyme
    Post count: 1400

    :hello:

    heberge le avec sosupload et copie le lien dans ta prochaine réponse

    https://antimalware.top/” onclick=”window.open(this.href);return false;

    :merci2:

  • carole06
    Participant
    Post count: 12

    Voici le rapport ZHPDiag (1ère partie) :

    ~ Rapport de ZHPDiag v2014.5.7.56 – Nicolas Coolman (07/05/2014)
    ~ Lancé par Louisa (07/05/2014 10:54:27)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Désactivée par l’utilisateur
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17105
    GCIE: Google Chrome v34.0.1847.131 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 3Q6C9
    Windows License : OK
    ~ Windows Remaining Initializations Number : 2
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Windows Defender W7

    —\ Logiciels d’optimisation du système
    CCleaner v3.14

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 13 Plugin
    Adobe Reader XI

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3893 MB (55% free)
    System Restore: Activé (Enable)
    System drive C: has 303 GB (67%) free of 451 GB

    —\ Mode de connexion au système
    ~ Computer Name: LOUISA-PC
    ~ User Name: Louisa
    ~ All Users Names: Louisa, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersLouisaAppDataRoamingZHP
    ~ %AppData% : C:UsersLouisaAppDataRoaming
    ~ %Desktop% : C:UsersLouisaDesktop
    ~ %Favorites% : C:UsersLouisaFavorites
    ~ %LocalAppData% : C:UsersLouisaAppDataLocal
    ~ %StartMenu% : C:UsersLouisaAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 303 Go of 451 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go)
    E: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
    F: CD-ROM drive (Not Inserted)
    Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiSpywareOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] AntiVirusOverride: OK
    [HKLMSOFTWAREMicrosoftSecurity CenterSvc] FirewallOverride: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenNOHIDDEN] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL] CheckedValue: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAssociations] Application: OK
    [HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Shell: OK
    [HKLMSYSTEMCurrentControlSetServicesCOMSysApp] Type: OK
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : OK
    ~ Security Center: 41 Scanned in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 07:19:30.) — C:WindowsExplorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.F220BA78AB542C70211D73AE4729B2CD] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.06/03/2014 – 07:22:40.) — C:WindowsSystem32wininet.dll [2260480]
    [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 14:25:30.) — C:WindowsSystem32Winlogon.exe [390656]
    [MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 14:27:26.) — C:WindowsSystem32sppcomapi.dll [232448]
    [MD5.79059559E89D06E8B80CE2944BE20228] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/09/2013 – 02:09:10.) — C:Windowssystem32DriversAFD.sys [497152]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 10:19:21.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 10:26:32.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 11:43:43.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 10:23:20.) — C:Windowssystem32DriversnetBT.sys [261632]
    [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 03:37:55.) — C:Windowssystem32Driversntfs.sys [1684928]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.20/11/2010 – 11:52:35.) — C:Windowssystem32DriversRasl2tp.sys [129536]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 10:21:56.) — C:Windowssystem32Driverstdx.sys [119296]
    [MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 14:34:02.) — C:Windowssystem32Driversvolsnap.sys [295808]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/1046
    ~ Mes musiques (My Musics) : 1/54
    ~ Mes Favoris (My Favorites) : 1/119
    ~ Mes Documents (My Documents) : 2/5960
    ~ Mon Bureau (My Desktop) : 1/1720
    ~ Menu demarrer (Programs) : 1/25
    ~ Hidden Files: Scanned in 00mn 04s

    —\ Processus lancés
    [MD5.D1930CA970D4250D891F432419E3D6C9] – (.Intel Corporation – Event Monitor User Notification Tool.) — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe [186904] [PID.2616]
    [MD5.C06F76EC21B1CD5D8EB8A95243371A67] – (.Hewlett-Packard Company – Pas de description.) — C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe [2363392] [PID.3344]
    [MD5.5516C26A6AF8EB4E2CAB48EC98A74398] – (.Hewlett-Packard – hpwuSchd Application.) — C:Program Files (x86)HpHP Software Updatehpwuschd2.exe [54576] [PID.3516]
    [MD5.C1DB9BDF885C2F1ADC15264FBEA2788F] – (.Pas de propriétaire – HOSTS Anti-PUPs/Adwares.) — C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe [302961] [PID.3548]
    [MD5.47D1F0444CE33A0CA42409A88896CD8D] – (.Hewlett-Packard – HP Advisor.) — C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe [1590840] [PID.4084]
    [MD5.0667ED9F8E905E1F73DB60ACCEDCBCA7] – (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet ExplorerIEXPLORE.exe [811728] [PID.3888]
    [MD5.E6DA875D24C3774E045499F6BFA76F30] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [7873024] [PID.6076]
    [MD5.B362181ED3771DC03B4141927C80F801] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [65432] [PID.1532]
    [MD5.CA793DCC1D5F619021EF1D37CC7A831E] – (.EasyBits Software AS – Shared EasyBits services for Windows.) — C:WindowsSysWOW64ezSharedSvcHost.exe [514232] [PID.1684]
    [MD5.47269F0DE1E5089C6F23BC1EC48CFC31] – (.Hewlett-Packard Company – LightScribe Service.) — C:Program Files (x86)Common FilesLightScribeLSSrvc.exe [73728] [PID.1800]
    [MD5.DBC1136A62BD4DECC3632DF650284C2E] – (.Intel Corporation – Local Manageability Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe [268824] [PID.1836]
    [MD5.39B1D0A636A400304565D4521FAD6D77] – (.Microsoft Corporation – Microsoft Application Virtualization Virtua.) — C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe [207528] [PID.1520]
    [MD5.660BF3255A1EB18ED803FD2FBA6AE400] – (.Intel Corporation – RAID Monitor.) — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe [354840] [PID.2116]
    [MD5.77C5A741A7452812F278EF2C18478862] – (.Microsoft Corporation – Microsoft Application Virtualization Client.) — C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe [523944] [PID.2168]
    [MD5.FD557A50A65E44041CD2FCEF4BEB04DB] – (.Microsoft Corporation – Microsoft Office Client Virtualization Serv.) — C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.exe [822504] [PID.2520]
    [MD5.7466809E6DA561D60C2F1CE8EDE3C73F] – (.Intel Corporation – User Notification Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe [2320920] [PID.5056]
    [MD5.EF3EA06057132138B4E5895A61601DBE] – (.Hewlett-Packard Company – hpqwmiex Module.) — C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe [230968] [PID.1480]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    P2 – FPN: [HKLM] [@adobe.com/FlashPlayer] – (…) — C:Windowssystem32MacromedFlashNPSWF64_13_0_0_206.dll
    P2 – FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] – (. Microsoft Corporation – 5.1.30214.0.) — c:Program FilesMicrosoft Silverlight5.1.30214.0npctrl.dll
    ~ Firefox Browser: 2 Scanned in 00mn 00s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R0 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.fr” onclick=”window.open(this.href);return false;
    R0 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Start Page = http://www.google.com” onclick=”window.open(this.href);return false;
    R0 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Start Page = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Search Page = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R1 – HKLMSOFTWAREMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearch,Default_Search_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKCUSOFTWAREMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Search Page = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.google.com” onclick=”window.open(this.href);return false;
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Extensions Off Page = about:noadd-ons
    R1 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerMain,Security Risk Page = about:securityrisk
    R3 – URLSearchHook: Microsoft Url Search Hook [64Bits] – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation – Navigateur Internet.) (11.00.9600.17041 (winblue_gdr.140305-1710)) — C:WindowsSysWOW64ieframe.dll
    R4 – HKLMSOFTWAREMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
    R4 – HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerPhishingFilter,EnabledV8 = 1
    ~ IE Browser: 23 Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    —\ Browser Helper Objects de navigateur (O2)
    O2 – BHO: Programme d’aide de l’Assistant de connexion Windows Live ID [64Bits] – {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. – Microsoft® Windows Live ID Login Helper.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
    O2 – BHO: Google Toolbar Helper [64Bits] – {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. – Google Toolbar.) — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
    O2 – BHO: Bing Bar Helper [64Bits] – {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (…) — “C:Program Files (x86)MicrosoftBingBarBingExt.dll” (.not file.) =>Toolbar.Bing
    O2 – BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] – {DBC80044-A445-435b-BC74-9C25C1C588A9} . (…) — C:Program Files (x86)Javajre6binjp2ssv.dll (.not file.)
    ~ BHO: 7 Scanned in 00mn 00s

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: Google Toolbar – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll =>Toolbar.Google
    ~ Toolbar: Scanned in 00mn 00s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
    O4 – HKLM..Run: [IAAnotif] . (.Intel Corporation – Event Monitor User Notification Tool.) — C:Program Files (x86)IntelIntel Matrix Storage Manageriaanotif.exe
    O4 – HKLM..Run: [RTHDVCPL] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARtkNGUI64.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [RtkOSD] . (.Realtek Semiconductor Corp. – Realtek OSD for Volume/Mute.) — C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:Windowssystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:Windowssystem32hkcmd.exe
    O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:Windowssystem32igfxpers.exe
    O4 – HKLM..Run: [HPWirelessAssistant] . (…) — C:Program FilesHewlett-PackardHP Wireless AssistantDelayedAppStarter.exe
    O4 – HKCU..Run: [HPAdvisorDock] . (.Pas de propriétaire – HP Advisor Dock.) — C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
    O4 – HKCU..Run: [LightScribe Control Panel] . (.Hewlett-Packard Company – Pas de description.) — C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe
    O4 – HKCU..Run: [msnmsgr] C:Program Files (x86)Windows LiveMessengermsnmsgr.exe (.not file.)
    O4 – HKLM..Wow6432NodeRun: [StartCCC] . (.Advanced Micro Devices, Inc. – Catalyst® Control Center Launcher.) — C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe =>.Advanced Micro Devices, Inc
    O4 – HKLM..Wow6432NodeRun: [Easybits Recovery] . (.EasyBits Software AS – Pas de description.) — C:Program Files (x86)EasyBits For KidsezRecover.exe =>.EasyBits Software AS
    O4 – HKLM..Wow6432NodeRun: [HP Software Update] . (.Hewlett-Packard – hpwuSchd Application.) — C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [HOSTS Anti-Adware_PUPs] . (.Pas de propriétaire – HOSTS Anti-PUPs/Adwares.) — C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-2438885668-180924057-1699815265-1000..Run: [HPAdvisorDock] . (.Pas de propriétaire – HP Advisor Dock.) — C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
    O4 – HKUSS-1-5-21-2438885668-180924057-1699815265-1000..Run: [LightScribe Control Panel] . (.Hewlett-Packard Company – Pas de description.) — C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe
    O4 – HKUSS-1-5-21-2438885668-180924057-1699815265-1000..Run: [msnmsgr] C:Program Files (x86)Windows LiveMessengermsnmsgr.exe (.not file.)
    ~ Application: Scanned in 00mn 00s

    —\ Invisibilité de l’icône d’options IE dans le panneau de Configuration (O5)
    O5 – control.ini: [HKLM..Control Panel] inetcpl.cpl=no
    ~ IE Control Panel: 1 Scanned in 00mn 00s

    —\ Winsock hijacker (Layered Service Provider) (O10)
    O10 – WLSP:00000000001Winsock LSP File . (.Microsoft Corporation – Network Location Awareness 2.) — C:Windowssystem32NLAapi.dll
    O10 – WLSP:00000000002Winsock LSP File . (.Microsoft Corporation – Fournisseur Shim d’affectation de noms de messagerie.) — C:Windowssystem32napinsp.dll
    O10 – WLSP:00000000003Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000004Winsock LSP File . (.Microsoft Corporation – Fournisseur d’espace de noms PNRP.) — C:Windowssystem32pnrpnsp.dll
    O10 – WLSP:00000000005Winsock LSP File . (.Microsoft Corporation – Windows Sockets Helper DLL.) — C:Windowssystem32wshbth.dll
    O10 – WLSP:00000000006Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
    O10 – WLSP:00000000007Winsock LSP File . (.Microsoft Corp. – Microsoft® Windows Live ID Namespace Provider.) — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.dll =>.Microsoft Corporation
    O10 – WLSP:00000000008Winsock LSP File . (.Microsoft Corporation – Fournisseur de service Sockets 2.0 de Microsoft Windows.) — C:Windowssystem32mswsock.dll =>.Microsoft Corporation
    O10 – WLSP:00000000009Winsock LSP File . (.Microsoft Corporation – LDAP RnR Provider DLL.) — C:Windowssystem32winrnr.dll
    ~ Winsock: 9 Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{EB4C9F56-B9EF-4011-BF1F-68659DBF6895}: DhcpNameServer = 192.168.1.254
    O17 – HKLMSystemCCSServicesTcpip..{EB4C9F56-B9EF-4011-BF1F-68659DBF6895}: DhcpDomain = darty
    O17 – HKLMSystemCS1ServicesTcpip..{EB4C9F56-B9EF-4011-BF1F-68659DBF6895}: DhcpNameServer = 192.168.1.254
    O17 – HKLMSystemCS1ServicesTcpip..{EB4C9F56-B9EF-4011-BF1F-68659DBF6895}: DhcpDomain = darty
    O17 – HKLMSystemCS2ServicesTcpip..{EB4C9F56-B9EF-4011-BF1F-68659DBF6895}: DhcpNameServer = 192.168.1.254
    O17 – HKLMSystemCS2ServicesTcpip..{EB4C9F56-B9EF-4011-BF1F-68659DBF6895}: DhcpDomain = darty
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.254
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: application/x-msdownload [64Bits] – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
    O21 – SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – CLSID or File not found.
    ~ SSODL: 1 Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    O23 – Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation – Andrea filters APO access service (64-bit).) – C:Program FilesRealtekAudioHDAAERTSr64.exe
    O23 – Service: (AMD External Events Utility) . (.AMD – AMD External Events Service Module.) – C:WindowsSystem32atiesrxx.exe
    O23 – Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. – Programme d’installation de Google.) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe =>.Google Inc
    O23 – Service: HOSTS Anti-PUPs (HOSTS Anti-PUPs) . (…) – C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware.exe
    O23 – Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard – HP Health Check Service.) – C:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe
    O23 – Service: HP Wireless Assistant Service (HP Wireless Assistant Service) . (.Hewlett-Packard – HPPA_Service.) – C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Service.exe
    O23 – Service: HPWMISVC (HPWMISVC) . (…) – C:Program FilesHewlett-PackardHP Quick LaunchHPWMISVC.exe
    O23 – Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation – RAID Monitor.) – C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
    O23 – Service: JumpStart Push-Button Service (jswpbapi) . (.Atheros Communications, Inc. – JumpStart PushButton Service.) – C:Program Files (x86)Jumpstartjswpbapi.exe
    O23 – Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company – LightScribe Service.) – C:Program Files (x86)Common FilesLightScribeLSSrvc.exe
    O23 – Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation – Local Manageability Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    O23 – Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation – User Notification Service.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    O23 – Service: (vToolbarUpdater17.3.0) . (…) – C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater17.3.0ToolbarUpdater.exe (.not file.) =>Toolbar.AVGSearch
    ~ Services: 13 Scanned in 00mn 07s

    —\ Enumération Active Desktop & MHTML Editor (O24)
    O24 – Default MHTML Editor: Last – .(…) – (.not file.)
    ~ Desktop Component: 4 Scanned in 00mn 00s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk *) – File not found
    ~ BEX: 1 Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.7C7E868E1D8096ED08D80FF7712BB9D8] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) — C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [257712]
    [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [136176]
    [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [136176]
    [MD5.AA019CF0EFDABE014D5CA97E5BFB392F] [APT] [RecoveryCDWin7] (…) — C:Program Files (x86)Hewlett-PackardHP SetupRemEngine.exe [38456]
    [MD5.AA019CF0EFDABE014D5CA97E5BFB392F] [APT] [Registration] (…) — C:Program Files (x86)Hewlett-PackardHP SetupRemEngine.exe [38456]
    [MD5.00000000000000000000000000000000] [APT] [{BE8782AD-3518-40AE-8E31-4839539064CE}] (…) — C:Boarding_Pass.exe (.not file.) [0]
    [MD5.8BCB4C6756E5B11FB12F669BA70788D9] [APT] [{DC23E378-9FCE-436C-A6B4-5B130B9008AC}] (.DartyBox.) — C:Program Files (x86)DartyBox_v3BewanFlash_liteChoixConnexion.exe [1610573]
    [MD5.C9B9F84A4C00B71D21F81C3A9A411908] [APT] [PC Health Analysis] (.Hewlett-Packard.) — C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSF.exe [1397000]
    [MD5.C9B9F84A4C00B71D21F81C3A9A411908] [APT] [PC Tuneup] (.Hewlett-Packard.) — C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSF.exe [1397000]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsTasksAdobe Flash Player Updater.job [1002]
    O39 – APT: Adobe Flash Player Updater – (.Adobe Systems Incorporated.) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineCore.job [1064]
    O39 – APT: GoogleUpdateTaskMachineCore – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1064]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsTasksGoogleUpdateTaskMachineUA.job [1068]
    O39 – APT: GoogleUpdateTaskMachineUA – (.Google Inc..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1068]
    ~ Scheduled Task: 13 Scanned in 00mn 04s

    —\ Composants installés (ActiveSetup Installed Components) (O40)
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows Media Player 12.0 [64Bits] – {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation – Windows Media Player Extension.) — C:WindowsSysWOW64wmpdxm.dll =>.Microsoft Corporation
    O40 – ASIC: Themes Setup [64Bits] – {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation – API Windows Theme.) — C:WindowsSystem32themeui.dll
    O40 – ASIC: Internet Explorer [64Bits] – {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
    O40 – ASIC: Microsoft Windows [64Bits] – {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation – Windows Mail.) — C:Program Files (x86)Windows MailWinMail.exe =>.Microsoft Corporation
    O40 – ASIC: Browsing Enhancements [64Bits] – {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation – Extension Shell dossier FTP Microsoft Internet Explorer..) — C:WindowsSystem32msieftp.dll
    O40 – ASIC: Microsoft Windows Media Player [64Bits] – {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation – Ressources du Lecteur Windows Media.) — C:WindowsSystem32wmploc.dll =>.Microsoft Corporation
    O40 – ASIC: Windows Desktop Update [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation – DLL commune du shell Windows.) — C:WindowsSystem32shell32.dll
    O40 – ASIC: Web Platform Customizations [64Bits] – {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation – Utilitaire d’initialisation d’Internet Explorer par utilisateur.) — C:WindowsSystem32ie4uinit.exe
    O40 – ASIC: (no name) [64Bits] – {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation – Microsoft .NET IE SECURITY REGISTRATION.) — C:Windowssystem32mscories.dll
    ~ Active Setup: 10 Scanned in 00mn 00s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: C:WindowsSystem32driversafd.sys (AFD) . (.Microsoft Corporation – Ancillary Function Driver for WinSock.) – C:Windowssystem32driversafd.sys
    O41 – Driver: (avgtp) . (.AVG Technologies – Pas de description.) – C:Windowssystem32driversavgtpx64.sys
    O41 – Driver: (blbdrive) . (.Microsoft Corporation – BLB Drive Driver.) – C:Windowssystem32DRIVERSblbdrive.sys
    O41 – Driver: (cdrom) . (.Microsoft Corporation – SCSI CD-ROM Driver.) – C:Windowssystem32driverscdrom.sys
    O41 – Driver: C:WindowsSystem32driversdfsc.sys (DfsC) . (.Microsoft Corporation – DFS Namespace Client Driver.) – C:WindowsSystem32Driversdfsc.sys
    O41 – Driver: C:WindowsSystem32driversdiscache.sys (discache) . (.Microsoft Corporation – System Indexer/Cache Driver.) – C:WindowsSystem32driversdiscache.sys
    O41 – Driver: (JSWPSLWF) . (.Atheros Communications, Inc. – Atheros Security NDIS 6.0 Filter Driver.) – C:WindowsSystem32DRIVERSjswpslwfx.sys
    O41 – Driver: (mssmbios) . (.Microsoft Corporation – System Management BIOS Driver.) – C:Windowssystem32driversmssmbios.sys
    O41 – Driver: (NetBIOS) . (.Microsoft Corporation – NetBIOS interface driver.) – C:WindowsSystem32DRIVERSnetbios.sys
    O41 – Driver: C:WindowsSystem32driversnetbt.sys (NetBT) . (.Microsoft Corporation – MBT Transport driver.) – C:WindowsSystem32DRIVERSnetbt.sys
    O41 – Driver: C:WindowsSystem32driversnsiproxy.sys (nsiproxy) . (.Microsoft Corporation – NSI Proxy.) – C:WindowsSystem32driversnsiproxy.sys
    O41 – Driver: C:WindowsSystem32driverspacer.sys (Psched) . (.Microsoft Corporation – Planificateur de paquets QoS.) – C:WindowsSystem32DRIVERSpacer.sys
    O41 – Driver: C:WindowsSystem32wkssvc.dll (rdbss) . (.Microsoft Corporation – Pilote du sous-système de mise en mémoire t.) – C:WindowsSystem32DRIVERSrdbss.sys
    O41 – Driver: C:WindowsSystem32DRIVERSRDPCDD.sys (RDPCDD) . (.Microsoft Corporation – RDP Miniport.) – C:WindowsSystem32DRIVERSRDPCDD.sys
    O41 – Driver: C:WindowsSystem32driversRDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation – RDP Encoder Miniport.) – C:WindowsSystem32driversrdpencdd.sys
    O41 – Driver: C:WindowsSystem32driversRdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation – RDP Reflector Driver Miniport.) – C:WindowsSystem32driversrdprefmp.sys
    O41 – Driver: C:WindowsSystem32tcpipcfg.dll (tdx) . (.Microsoft Corporation – TDI Translation Driver.) – C:WindowsSystem32DRIVERStdx.sys
    O41 – Driver: (TermDD) . (.Microsoft Corporation – Remote Desktop Server Driver.) – C:Windowssystem32driverstermdd.sys
    O41 – Driver: (VgaSave) . (.Microsoft Corporation – VGA/Super VGA Video Driver.) – C:Windowssystem32driversvga.sys
    O41 – Driver: (vwififlt) . (.Microsoft Corporation – Virtual WiFi Filter Driver.) – C:WindowsSystem32DRIVERSvwififlt.sys
    O41 – Driver: C:WindowsSystem32rascfg.dll (Wanarpv6) . (.Microsoft Corporation – MS Remote Access and Routing ARP Driver.) – C:WindowsSystem32DRIVERSwanarp.sys
    O41 – Driver: (WfpLwf) . (.Microsoft Corporation – WFP NDIS 6.20 Lightweight Filter Driver.) – C:WindowsSystem32DRIVERSwfplwf.sys
    ~ Drivers: 66 Scanned in 00mn 00s

    —\ Logiciels installés (O42)
    O42 – Logiciel: ATI Catalyst Install Manager – (.ATI Technologies, Inc..) [HKLM][64Bits] — {C9083B9D-9092-FF22-DDCC-9776E69BE816}
    O42 – Logiciel: Acrobat.com – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {287ECFA4-719A-2143-A09B-D6A12DE54E40}
    O42 – Logiciel: ActiveCheck component for HP Active Support Library – (.Hewlett-Packard.) [HKLM][64Bits] — {254C37AA-6B72-4300-84F6-98A82419187E}
    O42 – Logiciel: Adobe Flash Player 13 ActiveX – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player ActiveX
    O42 – Logiciel: Adobe Flash Player 13 Plugin – (.Adobe Systems Incorporated.) [HKLM][64Bits] — Adobe Flash Player Plugin
    O42 – Logiciel: Adobe Reader XI (11.0.06) – Français – (.Adobe Systems Incorporated.) [HKLM][64Bits] — {AC76BA86-7AD7-1036-7B44-AB0000000001}
    O42 – Logiciel: Adobe Shockwave Player – (.Adobe Systems, Inc..) [HKLM][64Bits] — {D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}
    O42 – Logiciel: Agatha Christie – Death on the Nile – (.WildTangent.) [HKLM][64Bits] — WT083492
    O42 – Logiciel: Bejeweled 2 Deluxe – (.WildTangent.) [HKLM][64Bits] — WT082192
    O42 – Logiciel: Bing Bar – (.Microsoft Corporation.) [HKLM][64Bits] — {5B96BF29-1CC0-42FB-AB2C-1E12E3226E7A} =>Toolbar.Bing
    O42 – Logiciel: Blasterball 3 – (.WildTangent.) [HKLM][64Bits] — WT082124
    O42 – Logiciel: Broadcom 802.11 Wireless LAN Adapter – (.Broadcom Corporation.) [HKLM][64Bits] — Broadcom 802.11 Wireless LAN Adapter
    O42 – Logiciel: Bus Driver – (.WildTangent.) [HKLM][64Bits] — WT082439
    O42 – Logiciel: CCleaner – (.Piriform.) [HKLM][64Bits] — CCleaner
    O42 – Logiciel: Catalyst Control Center – Branding – (.ATI.) [HKLM][64Bits] — {C1A0D5F7-02F3-4D95-872A-0E56CF968DC6}
    O42 – Logiciel: Chuzzle Deluxe – (.WildTangent.) [HKLM][64Bits] — WT082200
    O42 – Logiciel: CyberLink DVD Suite – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
    O42 – Logiciel: CyberLink DVD Suite – (.CyberLink Corp..) [HKLM][64Bits] — {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
    O42 – Logiciel: CyberLink PowerDVD 9 – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}
    O42 – Logiciel: CyberLink PowerDVD 9 – (.CyberLink Corp..) [HKLM][64Bits] — {A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}
    O42 – Logiciel: CyberLink YouCam – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
    O42 – Logiciel: CyberLink YouCam – (.CyberLink Corp..) [HKLM][64Bits] — {01FB4998-33C4-4431-85ED-079E3EEFE75D}
    O42 – Logiciel: D3DX10 – (.Microsoft.) [HKLM][64Bits] — {E09C4DB7-630C-4F06-A631-8EA7239923AF}
    O42 – Logiciel: Diner Dash 2 Restaurant Rescue – (.WildTangent.) [HKLM][64Bits] — WT082396
    O42 – Logiciel: Dream Chronicles – (.WildTangent.) [HKLM][64Bits] — WT083521
    O42 – Logiciel: ESU for Microsoft Windows 7 – (.Hewlett-Packard.) [HKLM][64Bits] — {3877C901-7B90-4727-A639-B6ED2DD59D43}
    O42 – Logiciel: FATE – (.WildTangent.) [HKLM][64Bits] — WT082141
    O42 – Logiciel: FoxTab Media Player – (…) [HKCU][64Bits] — FoxTab Media Player
    O42 – Logiciel: Gem Shop – (.WildTangent.) [HKLM][64Bits] — WT083529
    O42 – Logiciel: Google Chrome – (.Google Inc..) [HKLM][64Bits] — Google Chrome
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM][64Bits] — {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google
    O42 – Logiciel: Google Toolbar for Internet Explorer – (.Google Inc..) [HKLM][64Bits] — {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google
    O42 – Logiciel: Google Update Helper – (.Google Inc..) [HKLM][64Bits] — {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    O42 – Logiciel: Google Earth – (.Google.) [HKLM][64Bits] — {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
    O42 – Logiciel: HP Advisor – (.Hewlett-Packard.) [HKLM][64Bits] — {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
    O42 – Logiciel: HP Customer Experience Enhancements – (.Hewlett-Packard.) [HKLM][64Bits] — {07FA4960-B038-49EB-891B-9F95930AA544}
    O42 – Logiciel: HP Game Console – (.WildTangent.) [HKLM][64Bits] — My HP Game Console
    O42 – Logiciel: HP Games – (.WildTangent.) [HKLM][64Bits] — WildTangent hp Master Uninstall
    O42 – Logiciel: HP Quick Launch – (.Hewlett-Packard.) [HKLM][64Bits] — {10F539B1-31AF-43BF-9F0C-0EB66E918922}
    O42 – Logiciel: HP Setup – (.Hewlett-Packard.) [HKLM][64Bits] — {E2831862-F131-4327-B9CC-FA30F587EB6C}
    O42 – Logiciel: HP Software Framework – (.Hewlett-Packard Company.) [HKLM][64Bits] — {8E8C3F77-1AA5-4E8B-AAEA-4ED3D6A0FB36}
    O42 – Logiciel: HP Support Assistant – (.Hewlett-Packard.) [HKLM][64Bits] — {B60DCA15-56A3-4D2D-8747-22CF7D7B588B} =>.Hewlett-Packard Co
    O42 – Logiciel: HP Update – (.Hewlett-Packard.) [HKLM][64Bits] — {D46D081B-F60E-467E-A7C4-117B70D76731}
    O42 – Logiciel: HP User Guides 0211 – (.Hewlett-Packard.) [HKLM][64Bits] — {F37935A0-AFC8-47F9-8B7D-D09E88FCA0B8}
    O42 – Logiciel: HP Wireless Assistant – (.Hewlett-Packard.) [HKLM][64Bits] — {2A15333E-FF9C-4563-8E6B-55C8696B48C3}
    O42 – Logiciel: HPAsset component for HP Active Support Library – (.Hewlett-Packard.) [HKLM][64Bits] — {669D4A35-146B-4314-89F1-1AC3D7B88367}
    O42 – Logiciel: Insaniquarium Deluxe – (.WildTangent.) [HKLM][64Bits] — WT082222
    O42 – Logiciel: Intel(R) Management Engine Components – (.Intel Corporation.) [HKLM][64Bits] — {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
    O42 – Logiciel: Intel(R) Turbo Boost Technology Driver – (.Intel Corporation.) [HKLM][64Bits] — {D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}
    O42 – Logiciel: Intel® Matrix Storage Manager – (.Intel Corporation.) [HKLM][64Bits] — {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
    O42 – Logiciel: Jewel Quest II – (.WildTangent.) [HKLM][64Bits] — WT083514
    O42 – Logiciel: Jewel Quest Solitaire – (.WildTangent.) [HKLM][64Bits] — WT083510
    O42 – Logiciel: Jumpstart Installation Program – (.Atheros.) [HKLM][64Bits] — {B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}
    O42 – Logiciel: Junk Mail filter update – (.Microsoft Corporation.) [HKLM][64Bits] — {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
    O42 – Logiciel: Kit DartyBox ADSL v3.2 – (…) [HKLM][64Bits] — Kit DartyBox ADSL v3.2_is1
    O42 – Logiciel: LabelPrint – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
    O42 – Logiciel: LabelPrint – (.CyberLink Corp..) [HKLM][64Bits] — {C59C179C-668D-49A9-B6EA-0121CCFC1243}
    O42 – Logiciel: LightScribe System Software – (.LightScribe.) [HKLM][64Bits] — {6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}
    O42 – Logiciel: MSVCRT – (.Microsoft.) [HKLM][64Bits] — {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
    O42 – Logiciel: MSVCRT_amd64 – (.Microsoft.) [HKLM][64Bits] — {D0B44725-3666-492D-BEF6-587A14BD9BD9}
    O42 – Logiciel: Magic Desktop – (.EasyBits Software AS.) [HKLM][64Bits] — EasyBits Magic Desktop =>.EasyBits Software AS
    O42 – Logiciel: Mahjongg Artifacts – (.WildTangent.) [HKLM][64Bits] — WT082409
    O42 – Logiciel: Microsoft Silverlight – (.Microsoft Corporation.) [HKLM][64Bits] — {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    O42 – Logiciel: Mystery P.I. – The Vegas Heist – (.WildTangent.) [HKLM][64Bits] — WT082414
    O42 – Logiciel: Penguins! – (.WildTangent.) [HKLM][64Bits] — WT082168
    O42 – Logiciel: PhotoNow! – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}
    O42 – Logiciel: PhotoNow! – (.CyberLink Corp..) [HKLM][64Bits] — {D36DD326-7280-11D8-97C8-000129760CBE}
    O42 – Logiciel: Picasa 3 – (.Google, Inc..) [HKLM][64Bits] — Picasa 3
    O42 – Logiciel: Polar Bowler – (.WildTangent.) [HKLM][64Bits] — WT082172
    O42 – Logiciel: Power2Go – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
    O42 – Logiciel: Power2Go – (.CyberLink Corp..) [HKLM][64Bits] — {40BF1E83-20EB-11D8-97C5-0009C5020658}
    O42 – Logiciel: PowerDirector – (.CyberLink Corp..) [HKLM][64Bits] — InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
    O42 – Logiciel: PowerDirector – (.CyberLink Corp..) [HKLM][64Bits] — {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
    O42 – Logiciel: Realtek Ethernet Controller Driver For Windows 7 – (.Realtek.) [HKLM][64Bits] — {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
    O42 – Logiciel: Realtek High Definition Audio Driver – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
    O42 – Logiciel: Realtek USB 2.0 Card Reader – (.Realtek Semiconductor Corp..) [HKLM][64Bits] — {96AE7E41-E34E-47D0-AC07-1091A8127911}
    O42 – Logiciel: Recovery Manager – (.CyberLink Corp..) [HKLM][64Bits] — {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
    O42 – Logiciel: Slingo Deluxe – (.WildTangent.) [HKLM][64Bits] — WT082427
    O42 – Logiciel: Synaptics Pointing Device Driver – (.Synaptics Incorporated.) [HKLM][64Bits] — SynTPDeinstKey
    O42 – Logiciel: VALCOMPTA4 – (.Androsoft EURL.) [HKLM][64Bits] — VALCOMPTA_4
    O42 – Logiciel: VLC media player 2.0.8 – (.VideoLAN.) [HKLM][64Bits] — VLC media player =>.VideoLAN
    O42 – Logiciel: Virtual Villagers – The Secret City – (.WildTangent.) [HKLM][64Bits] — WT082241
    O42 – Logiciel: Wedding Dash – (.WildTangent.) [HKLM][64Bits] — WT082422
    O42 – Logiciel: Zuma Deluxe – (.WildTangent.) [HKLM][64Bits] — WT082246
    ~ Logic: 70 Scanned in 00mn 00s

  • Anonyme
    Post count: 1400

    re

    ok, fait ceci et poste le message s’il te plaît

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Clic sur Complet

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    :merci2:

  • carole06
    Participant
    Post count: 12

    voici le rapport :

    RogueKiller V8.8.15 _x64_ [Mar 27 2014] par Adlice Software
    mail : http://www.adlice.com/contact/” onclick=”window.open(this.href);return false;
    Remontees : http://forum.adlice.com” onclick=”window.open(this.href);return false;
    Site Web : http://www.surlatoile.org/RogueKiller/” onclick=”window.open(this.href);return false;
    Blog : http://www.adlice.com” onclick=”window.open(this.href);return false;

    Systeme d’exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Demarrage : Mode normal
    Utilisateur : Louisa [Droits d’admin]
    Mode : Recherche — Date : 05/06/2014 20:46:24
    | ARK || FAK || MBR |

    ¤¤¤ Processus malicieux : 0 ¤¤¤

    ¤¤¤ Entrees de registre : 2 ¤¤¤
    [HJ DESK][PUM] HKLM[…]NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> TROUVÉ
    [HJ DESK][PUM] HKLM[…]NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> TROUVÉ

    ¤¤¤ Tâches planifiées : 1 ¤¤¤
    [V2][SUSP PATH] Registration : “C:Program Files (x86)Hewlett-PackardHP SetupRemEngine.exe” – Registration ShowMessageTask2D [7][-] -> TROUVÉ

    ¤¤¤ Entrées Startup : 0 ¤¤¤

    ¤¤¤ Navigateurs web : 0 ¤¤¤

    ¤¤¤ Addons navigateur : 0 ¤¤¤

    ¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

    ¤¤¤ Driver : [NON CHARGE 0x0] ¤¤¤
    [Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:Program FilesInternet ExplorerIEShims.dll @ 0xF68B1C90)
    [Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:Windowssystem32SHLWAPI.dll @ 0xFE3EFB70)
    [Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:Program Files (x86)Internet ExplorerIEShims.dll @ 0x737F2888)
    [Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:Windowssyswow64shlwapi.DLL @ 0x758446E9)
    [Address] EAT @iexplore.exe (BeginBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2DF38)
    [Address] EAT @iexplore.exe (BeginBufferedPaint) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2B741)
    [Address] EAT @iexplore.exe (BeginPanningFeedback) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F476AF)
    [Address] EAT @iexplore.exe (BufferedPaintClear) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2BBDB)
    [Address] EAT @iexplore.exe (BufferedPaintInit) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2B8D4)
    [Address] EAT @iexplore.exe (BufferedPaintRenderAnimation) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2DE83)
    [Address] EAT @iexplore.exe (BufferedPaintSetAlpha) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CE19)
    [Address] EAT @iexplore.exe (BufferedPaintStopAllAnimations) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2E428)
    [Address] EAT @iexplore.exe (BufferedPaintUnInit) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F37525)
    [Address] EAT @iexplore.exe (CloseThemeData) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F21FA1)
    [Address] EAT @iexplore.exe (DrawThemeBackground) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2D464)
    [Address] EAT @iexplore.exe (DrawThemeBackgroundEx) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F3436D)
    [Address] EAT @iexplore.exe (DrawThemeEdge) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C01C)
    [Address] EAT @iexplore.exe (DrawThemeIcon) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4D123)
    [Address] EAT @iexplore.exe (DrawThemeParentBackground) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2E776)
    [Address] EAT @iexplore.exe (DrawThemeParentBackgroundEx) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2E5C5)
    [Address] EAT @iexplore.exe (DrawThemeText) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2DB21)
    [Address] EAT @iexplore.exe (DrawThemeTextEx) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2A70C)
    [Address] EAT @iexplore.exe (EnableThemeDialogTexture) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F3786D)
    [Address] EAT @iexplore.exe (EnableTheming) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C9FF)
    [Address] EAT @iexplore.exe (EndBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2ACE8)
    [Address] EAT @iexplore.exe (EndBufferedPaint) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2ACE8)
    [Address] EAT @iexplore.exe (EndPanningFeedback) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4762C)
    [Address] EAT @iexplore.exe (GetBufferedPaintBits) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2CF26)
    [Address] EAT @iexplore.exe (GetBufferedPaintDC) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CDCF)
    [Address] EAT @iexplore.exe (GetBufferedPaintTargetDC) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CD86)
    [Address] EAT @iexplore.exe (GetBufferedPaintTargetRect) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C893)
    [Address] EAT @iexplore.exe (GetCurrentThemeName) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F363AE)
    [Address] EAT @iexplore.exe (GetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2EBD6)
    [Address] EAT @iexplore.exe (GetThemeBackgroundContentRect) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2DA9E)
    [Address] EAT @iexplore.exe (GetThemeBackgroundExtent) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F37155)
    [Address] EAT @iexplore.exe (GetThemeBackgroundRegion) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F30190)
    [Address] EAT @iexplore.exe (GetThemeBitmap) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F24B9C)
    [Address] EAT @iexplore.exe (GetThemeBool) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F26651)
    [Address] EAT @iexplore.exe (GetThemeColor) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F227C0)
    [Address] EAT @iexplore.exe (GetThemeDocumentationProperty) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C346)
    [Address] EAT @iexplore.exe (GetThemeEnumValue) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F227C0)
    [Address] EAT @iexplore.exe (GetThemeFilename) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B997)
    [Address] EAT @iexplore.exe (GetThemeFont) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F376A2)
    [Address] EAT @iexplore.exe (GetThemeInt) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F227C0)
    [Address] EAT @iexplore.exe (GetThemeIntList) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B86E)
    [Address] EAT @iexplore.exe (GetThemeMargins) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F22F97)
    [Address] EAT @iexplore.exe (GetThemeMetric) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F355B4)
    [Address] EAT @iexplore.exe (GetThemePartSize) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2289F)
    [Address] EAT @iexplore.exe (GetThemePosition) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B80D)
    [Address] EAT @iexplore.exe (GetThemePropertyOrigin) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F30923)
    [Address] EAT @iexplore.exe (GetThemeRect) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B936)
    [Address] EAT @iexplore.exe (GetThemeStream) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B8CF)
    [Address] EAT @iexplore.exe (GetThemeString) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B7A1)
    [Address] EAT @iexplore.exe (GetThemeSysBool) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CB86)
    [Address] EAT @iexplore.exe (GetThemeSysColor) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F35530)
    [Address] EAT @iexplore.exe (GetThemeSysColorBrush) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CA32)
    [Address] EAT @iexplore.exe (GetThemeSysFont) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C3D8)
    [Address] EAT @iexplore.exe (GetThemeSysInt) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C5E7)
    [Address] EAT @iexplore.exe (GetThemeSysSize) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CC61)
    [Address] EAT @iexplore.exe (GetThemeSysString) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C553)
    [Address] EAT @iexplore.exe (GetThemeTextExtent) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F289FE)
    [Address] EAT @iexplore.exe (GetThemeTextMetrics) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F3778C)
    [Address] EAT @iexplore.exe (GetThemeTransitionDuration) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2E1A1)
    [Address] EAT @iexplore.exe (GetWindowTheme) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F3535B)
    [Address] EAT @iexplore.exe (HitTestThemeBackground) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F32DC1)
    [Address] EAT @iexplore.exe (IsAppThemed) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F37009)
    [Address] EAT @iexplore.exe (IsCompositionActive) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F265DF)
    [Address] EAT @iexplore.exe (IsThemeActive) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F36F36)
    [Address] EAT @iexplore.exe (IsThemeBackgroundPartiallyTransparent) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2281C)
    [Address] EAT @iexplore.exe (IsThemeDialogTextureEnabled) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CB3F)
    [Address] EAT @iexplore.exe (IsThemePartDefined) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F230CF)
    [Address] EAT @iexplore.exe (OpenThemeData) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F25F29)
    [Address] EAT @iexplore.exe (OpenThemeDataEx) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F306FE)
    [Address] EAT @iexplore.exe (SetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CCEC)
    [Address] EAT @iexplore.exe (SetWindowTheme) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F37AFC)
    [Address] EAT @iexplore.exe (SetWindowThemeAttribute) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F29E39)
    [Address] EAT @iexplore.exe (ThemeInitApiHook) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F24571)
    [Address] EAT @iexplore.exe (UpdatePanningFeedback) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F475ED)
    [Address] IAT @iexplore.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:Program Files (x86)Internet ExplorerIEShims.dll @ 0x737F2888)
    [Address] IAT @iexplore.exe (StrStrIW) : api-ms-win-downlevel-shlwapi-l1-1-0.dll -> HOOKED (C:Windowssyswow64shlwapi.DLL @ 0x758446E9)
    [Address] EAT @iexplore.exe (BeginBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2DF38)
    [Address] EAT @iexplore.exe (BeginBufferedPaint) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2B741)
    [Address] EAT @iexplore.exe (BeginPanningFeedback) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F476AF)
    [Address] EAT @iexplore.exe (BufferedPaintClear) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2BBDB)
    [Address] EAT @iexplore.exe (BufferedPaintInit) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2B8D4)
    [Address] EAT @iexplore.exe (BufferedPaintRenderAnimation) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2DE83)
    [Address] EAT @iexplore.exe (BufferedPaintSetAlpha) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CE19)
    [Address] EAT @iexplore.exe (BufferedPaintStopAllAnimations) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2E428)
    [Address] EAT @iexplore.exe (BufferedPaintUnInit) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F37525)
    [Address] EAT @iexplore.exe (CloseThemeData) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F21FA1)
    [Address] EAT @iexplore.exe (DrawThemeBackground) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2D464)
    [Address] EAT @iexplore.exe (DrawThemeBackgroundEx) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F3436D)
    [Address] EAT @iexplore.exe (DrawThemeEdge) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C01C)
    [Address] EAT @iexplore.exe (DrawThemeIcon) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4D123)
    [Address] EAT @iexplore.exe (DrawThemeParentBackground) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2E776)
    [Address] EAT @iexplore.exe (DrawThemeParentBackgroundEx) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2E5C5)
    [Address] EAT @iexplore.exe (DrawThemeText) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2DB21)
    [Address] EAT @iexplore.exe (DrawThemeTextEx) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2A70C)
    [Address] EAT @iexplore.exe (EnableThemeDialogTexture) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F3786D)
    [Address] EAT @iexplore.exe (EnableTheming) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C9FF)
    [Address] EAT @iexplore.exe (EndBufferedAnimation) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2ACE8)
    [Address] EAT @iexplore.exe (EndBufferedPaint) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2ACE8)
    [Address] EAT @iexplore.exe (EndPanningFeedback) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4762C)
    [Address] EAT @iexplore.exe (GetBufferedPaintBits) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2CF26)
    [Address] EAT @iexplore.exe (GetBufferedPaintDC) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CDCF)
    [Address] EAT @iexplore.exe (GetBufferedPaintTargetDC) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CD86)
    [Address] EAT @iexplore.exe (GetBufferedPaintTargetRect) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C893)
    [Address] EAT @iexplore.exe (GetCurrentThemeName) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F363AE)
    [Address] EAT @iexplore.exe (GetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2EBD6)
    [Address] EAT @iexplore.exe (GetThemeBackgroundContentRect) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2DA9E)
    [Address] EAT @iexplore.exe (GetThemeBackgroundExtent) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F37155)
    [Address] EAT @iexplore.exe (GetThemeBackgroundRegion) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F30190)
    [Address] EAT @iexplore.exe (GetThemeBitmap) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F24B9C)
    [Address] EAT @iexplore.exe (GetThemeBool) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F26651)
    [Address] EAT @iexplore.exe (GetThemeColor) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F227C0)
    [Address] EAT @iexplore.exe (GetThemeDocumentationProperty) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C346)
    [Address] EAT @iexplore.exe (GetThemeEnumValue) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F227C0)
    [Address] EAT @iexplore.exe (GetThemeFilename) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B997)
    [Address] EAT @iexplore.exe (GetThemeFont) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F376A2)
    [Address] EAT @iexplore.exe (GetThemeInt) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F227C0)
    [Address] EAT @iexplore.exe (GetThemeIntList) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B86E)
    [Address] EAT @iexplore.exe (GetThemeMargins) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F22F97)
    [Address] EAT @iexplore.exe (GetThemeMetric) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F355B4)
    [Address] EAT @iexplore.exe (GetThemePartSize) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2289F)
    [Address] EAT @iexplore.exe (GetThemePosition) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B80D)
    [Address] EAT @iexplore.exe (GetThemePropertyOrigin) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F30923)
    [Address] EAT @iexplore.exe (GetThemeRect) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B936)
    [Address] EAT @iexplore.exe (GetThemeStream) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B8CF)
    [Address] EAT @iexplore.exe (GetThemeString) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4B7A1)
    [Address] EAT @iexplore.exe (GetThemeSysBool) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CB86)
    [Address] EAT @iexplore.exe (GetThemeSysColor) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F35530)
    [Address] EAT @iexplore.exe (GetThemeSysColorBrush) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CA32)
    [Address] EAT @iexplore.exe (GetThemeSysFont) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C3D8)
    [Address] EAT @iexplore.exe (GetThemeSysInt) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C5E7)
    [Address] EAT @iexplore.exe (GetThemeSysSize) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CC61)
    [Address] EAT @iexplore.exe (GetThemeSysString) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4C553)
    [Address] EAT @iexplore.exe (GetThemeTextExtent) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F289FE)
    [Address] EAT @iexplore.exe (GetThemeTextMetrics) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F3778C)
    [Address] EAT @iexplore.exe (GetThemeTransitionDuration) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2E1A1)
    [Address] EAT @iexplore.exe (GetWindowTheme) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F3535B)
    [Address] EAT @iexplore.exe (HitTestThemeBackground) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F32DC1)
    [Address] EAT @iexplore.exe (IsAppThemed) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F37009)
    [Address] EAT @iexplore.exe (IsCompositionActive) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F265DF)
    [Address] EAT @iexplore.exe (IsThemeActive) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F36F36)
    [Address] EAT @iexplore.exe (IsThemeBackgroundPartiallyTransparent) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F2281C)
    [Address] EAT @iexplore.exe (IsThemeDialogTextureEnabled) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CB3F)
    [Address] EAT @iexplore.exe (IsThemePartDefined) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F230CF)
    [Address] EAT @iexplore.exe (OpenThemeData) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F25F29)
    [Address] EAT @iexplore.exe (OpenThemeDataEx) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F306FE)
    [Address] EAT @iexplore.exe (SetThemeAppProperties) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F4CCEC)
    [Address] EAT @iexplore.exe (SetWindowTheme) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F37AFC)
    [Address] EAT @iexplore.exe (SetWindowThemeAttribute) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F29E39)
    [Address] EAT @iexplore.exe (ThemeInitApiHook) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F24571)
    [Address] EAT @iexplore.exe (UpdatePanningFeedback) : fwpuclnt.dll -> HOOKED (C:WindowsSysWOW64uxtheme.dll @ 0x71F475ED)

    ¤¤¤ Ruches Externes: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ Fichier HOSTS: ¤¤¤
    –> %SystemRoot%System32driversetchosts

    ¤¤¤ MBR Verif: ¤¤¤

    +++++ PhysicalDrive0: (\.PHYSICALDRIVE0 @ IDE) Hitachi HTS725050A9A364 +++++
    — User —
    [MBR] 89096ade0de59352d9b9b42d48f8b817
    [BSP] e404c73aac3eb667946b67e6f973da65 : Windows Vista/7/8 MBR Code
    Partition table:
    0 – [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB
    1 – [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 462255 MB
    2 – [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 947107840 | Size: 14381 MB
    3 – [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB
    User = LL1 … OK!
    User = LL2 … OK!

    +++++ PhysicalDrive1: (\.PHYSICALDRIVE1 @ USB) General USB Flash Disk USB Device +++++
    — User —
    [MBR] d29963bd557c9b7bdb728b1ce2afabd6
    [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
    Partition table:
    0 – [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 32 | Size: 3822 MB
    User = LL1 … OK!
    Error reading LL2 MBR! ([0x32] Cette demande n?est pas prise en charge. )

    Termine : <>

  • Anonyme
    Post count: 1400

    re

    ok, les dossiers/fichiers de ta clé sont lisibles maintenant ;)

    fait ceci et poste le rapport s’il te plaît

    • Télécharge RogueKiller(de Tigzy) sur ton Bureau.
    • Lance RogueKiller, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      Note : Attends que le PreScan ait fini.

    • Clique sur Scan.
    • Une fois le scan terminé rends toi sur le bureau, le rapport RKreport[X]¤S¤.txt à été créé.
    • Héberge le rapport RKreport[X]¤S¤.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    :merci2:

  • carole06
    Participant
    Post count: 12

    Voici le rapport :

    ############################## | UsbFix V 7.169 | [Suppression]

    Utilisateur: Louisa (Administrateur) # LOUISA-PC
    Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
    Lancé à 19:04:24 | 06/05/2014

    Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
    Support : forum-virus-securite.html
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (143A)
    CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
    RAM -> [Total : 3894 Mo| Free : 2680 Mo]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.17105
    WB: Google Chrome : 34.0.1847.131

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AS: Windows Defender [Enabled | Updated]
    FW: Windows FireWall [(!) Disabled]

    C: (%systemdrive%) -> Disque fixe # 451 Go (303 Go libre(s) – 67%) [] # NTFS
    D: -> Disque fixe # 14 Go (2 Go libre(s) – 14%) [RECOVERY] # NTFS
    E: -> Disque fixe # 99 Mo (91 Mo libre(s) – 92%) [HP_TOOLS] # FAT32
    F: -> CD-ROM
    G: -> Disque amovible # 4 Go (95 Mo libre(s) – 2%) [] # FAT32

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 424 |ParentID: 416)
    C:Windowssystem32wininit.exe (ID: 500 |ParentID: 416)
    C:Windowssystem32csrss.exe (ID: 516 |ParentID: 492)
    C:Windowssystem32services.exe (ID: 548 |ParentID: 500)
    C:Windowssystem32lsass.exe (ID: 568 |ParentID: 500)
    C:Windowssystem32lsm.exe (ID: 576 |ParentID: 500)
    C:Windowssystem32winlogon.exe (ID: 636 |ParentID: 492)
    C:Windowssystem32svchost.exe (ID: 732 |ParentID: 548)
    C:Windowssystem32svchost.exe (ID: 808 |ParentID: 548)
    C:Windowssystem32atiesrxx.exe (ID: 856 |ParentID: 548)
    C:WindowsSystem32svchost.exe (ID: 940 |ParentID: 548)
    C:WindowsSystem32svchost.exe (ID: 988 |ParentID: 548)
    C:Windowssystem32svchost.exe (ID: 108 |ParentID: 548)
    C:Windowssystem32svchost.exe (ID: 340 |ParentID: 548)
    C:Windowssystem32atieclxx.exe (ID: 1072 |ParentID: 856)
    C:Windowssystem32svchost.exe (ID: 1132 |ParentID: 548)
    C:Windowssystem32WLANExt.exe (ID: 1304 |ParentID: 988)
    C:Windowssystem32conhost.exe (ID: 1316 |ParentID: 424)
    C:WindowsSystem32spoolsv.exe (ID: 1464 |ParentID: 548)
    C:Windowssystem32svchost.exe (ID: 1496 |ParentID: 548)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1572 |ParentID: 548)
    C:Program FilesRealtekAudioHDAAERTSr64.exe (ID: 1604 |ParentID: 548)
    C:Program Files (x86)MicrosoftBingBarBBSvc.EXE (ID: 1632 |ParentID: 548)
    C:Program Files (x86)MicrosoftBingBarSeaPort.EXE (ID: 1660 |ParentID: 548)
    C:WindowsSysWOW64ezSharedSvcHost.exe (ID: 1724 |ParentID: 548)
    C:Program FilesHewlett-PackardHP Quick LaunchHPWMISVC.exe (ID: 1776 |ParentID: 548)
    C:Program Files (x86)Jumpstartjswpbapi.exe (ID: 1816 |ParentID: 548)
    C:Program Files (x86)Common FilesLightScribeLSSrvc.exe (ID: 1852 |ParentID: 548)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 1880 |ParentID: 548)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 1320 |ParentID: 548)
    C:Windowssystem32svchost.exe (ID: 1000 |ParentID: 548)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2052 |ParentID: 548)
    C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe (ID: 2112 |ParentID: 548)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2192 |ParentID: 548)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2284 |ParentID: 2052)
    C:Windowssystem32taskhost.exe (ID: 2504 |ParentID: 548)
    C:Windowssystem32taskeng.exe (ID: 2584 |ParentID: 340)
    C:Windowssystem32Dwm.exe (ID: 2620 |ParentID: 988)
    C:WindowsExplorer.EXE (ID: 2644 |ParentID: 2592)
    C:Windowssystem32runonce.exe (ID: 2860 |ParentID: 2644)
    C:WindowsSysWOW64runonce.exe (ID: 2888 |ParentID: 2860)
    C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID: 2916 |ParentID: 548)
    C:Windowssystem32svchost.exe (ID: 1276 |ParentID: 548)
    C:WindowsSystem32WUDFHost.exe (ID: 2812 |ParentID: 988)
    C:WindowsSystem32rundll32.exe (ID: 3020 |ParentID: 732)
    C:Windowssystem32wbemwmiprvse.exe (ID: 228 |ParentID: 732)

    ################## | Recherche générique |

    Supprimé! G:iTunesHelper.vbe
    Supprimé! G:autorun.lnk
    Supprimé! G:Etiquettes boites.lnk
    Supprimé! G:Boarding_Pass.lnk
    Supprimé! G:Etiquettes boites (2).lnk
    Supprimé! G:CartevisiteRégis.lnk
    Supprimé! G:Etiquettes boites 1.lnk
    Supprimé! G:CONTRAT DE LOCATION.lnk
    Supprimé! G:etiquettes parlophone.lnk
    Supprimé! G:Appel de fonds 2014.lnk
    Supprimé! G:Contrat de syndic bénévole.lnk
    Supprimé! G:Procès verbal AG du 08.lnk
    Supprimé! G:Data.lnk
    Supprimé! G:trz7E54.tmp

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [HPAdvisorDock] C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
    04 – HKCU..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKCU..Run : [msnmsgr] “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
    04 – HKLM..Run : [StartCCC] “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    04 – HKLM..Run : [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe
    04 – HKLM..Run : [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
    04 – HKLM..Run : []
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [HOSTS Anti-Adware_PUPs] C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe
    04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – [x64] HKLM..Run : [IAAnotif] C:Program Files (x86)IntelIntel Matrix Storage Manageriaanotif.exe
    04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARtkNGUI64.exe -s
    04 – [x64] HKLM..Run : [RtkOSD] C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe
    04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – [x64] HKLM..Run : [HPWirelessAssistant] C:Program FilesHewlett-PackardHP Wireless AssistantDelayedAppStarter.exe 120 C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Main.exe /hidden
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [HPAdvisorDock] C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
    04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [msnmsgr] “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | Listing |

    [22/08/2011 – 16:46:59 | SHD] – C:$Recycle.Bin
    [07/01/2014 – 12:00:34 | D] – C:AdwCleaner
    [23/02/2014 – 19:40:31 | N | 0 Ko] – C:AVScanner.ini
    [16/05/2010 – 23:43:34 | SHD] – C:boot
    [14/07/2009 – 03:38:58 | RASH | 375 Ko] – C:bootmgr
    [29/06/2011 – 23:35:34 | D] – C:cbde259474907931138433a6
    [14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
    [24/02/2012 – 22:43:35 | D] – C:films
    [06/05/2014 – 19:03:30 | ASH | 2990484 Ko] – C:hiberfil.sys
    [18/06/2010 – 01:53:36 | D] – C:HP
    [18/06/2010 – 02:04:25 | D] – C:Intel
    [06/05/2014 – 19:03:32 | ASH | 3987312 Ko] – C:pagefile.sys
    [18/01/2012 – 14:15:08 | D] – C:pan am saison 1
    [14/07/2009 – 05:20:08 | D] – C:PerfLogs
    [06/05/2014 – 13:30:27 | D] – C:Program Files
    [06/05/2014 – 13:29:28 | D] – C:Program Files (x86)
    [06/05/2014 – 13:27:14 | HD] – C:ProgramData
    [30/08/2010 – 14:21:22 | SHD] – C:Recovery
    [16/01/2014 – 02:42:40 | N | 594 Ko | ECFA4E7350DE3BB49AE671A9A3382A35] – C:SecurityScanner.dll
    [19/01/2012 – 16:00:43 | D] – C:series
    [28/11/2012 – 15:26:01 | D] – C:SwSetup
    [06/05/2014 – 13:29:53 | SHD] – C:System Volume Information
    [30/08/2010 – 14:21:26 | D] – C:SYSTEM.SAV
    [06/05/2014 – 14:39:30 | D] – C:UsbFix
    [06/05/2014 – 14:32:35 | N | 13 Ko | 4429718F037483C59069668DEA0D7837] – C:UsbFix [Clean 2] LOUISA-PC.txt
    [06/05/2014 – 18:34:31 | N | 4 Ko | 47FDC11B8C5C32DF0788E5CFE7D50B60] – C:UsbFix [Clean 4] LOUISA-PC.txt
    [06/05/2014 – 19:29:47 | A | 9 Ko | BF0C6352424935B638A01936E71C7278] – C:UsbFix [Clean 6] LOUISA-PC.txt
    [02/05/2014 – 18:08:21 | N | 11 Ko | 311D614CCBD1157FA8B4D27263E89C20] – C:UsbFix [Scan 1] LOUISA-PC.txt
    [13/12/2012 – 21:16:20 | N | 0 Ko] – C:user.js
    [30/08/2010 – 14:20:54 | D] – C:Users
    [05/02/2011 – 13:11:27 | D] – C:UtilisateursAF
    [25/03/2014 – 21:03:39 | D] – C:VALCOMPTA4
    [02/05/2014 – 17:42:17 | D] – C:Windows
    [30/08/2010 – 14:25:57 | SHD] – D:$RECYCLE.BIN
    [30/08/2010 – 14:25:53 | SHD] – D:boot
    [14/07/2009 – 20:39:00 | ASH | 375 Ko] – D:bootmgr
    [30/08/2010 – 14:25:53 | N | 0 Ko] – D:BT_HP.FLG
    [18/06/2010 – 12:40:33 | N | 0 Ko] – D:CSP.DAT
    [18/06/2010 – 12:47:51 | N | 14 Ko] – D:DeployRp.log
    [30/08/2010 – 14:25:53 | D] – D:hp
    [30/08/2010 – 14:25:53 | N | 0 Ko] – D:language.ini
    [30/08/2010 – 14:25:53 | SHD] – D:preload
    [30/08/2010 – 14:25:53 | SD] – D:Recovery
    [18/06/2010 – 12:47:48 | N | 0 Ko] – D:RPCONFIG.LOG
    [19/01/2012 – 15:40:40 | SHD] – D:System Volume Information
    [30/08/2010 – 14:25:54 | D] – D:system.sav
    [30/08/2010 – 14:25:58 | SHD] – E:$RECYCLE.BIN
    [18/06/2010 – 01:39:08 | D] – E:Hewlett-Packard
    [02/05/2013 – 13:44:40 | N | 14 Ko] – E:Etiquettes boites.docx
    [02/05/2013 – 13:13:42 | N | 14 Ko] – E:etiquettes parlophone.docx
    [01/02/2011 – 14:16:42 | D] – G:Data
    [01/02/2011 – 14:29:18 | D] – G:Xtras
    [03/07/2001 – 21:43:58 | N | 0 Ko] – G:autorun.inf
    [20/05/2000 – 19:44:46 | N | 2992 Ko | 15CAA04245B0D04B1A8CE42A72BF1909] – G:Boarding_Pass.exe
    [27/06/2001 – 20:04:12 | N | 15 Ko] – G:Boarding_Pass.ini
    [10/07/2012 – 20:11:20 | SHD] – G:.fseventsd
    [17/04/2012 – 16:47:50 | SH | 4 Ko] – G:._.Trashes
    [02/05/2013 – 13:49:28 | N | 152 Ko] – G:FOUND.000
    [17/04/2012 – 16:47:50 | N | 4 Ko] – G:.Trashes
    [17/04/2012 – 16:47:52 | SHD] – G:.Spotlight-V100
    [10/02/2012 – 21:35:46 | N | 3087639 Ko] – G:All_About_Lyoness_Multimedia_FR.mov
    [04/04/2014 – 15:28:06 | D] – G:FOUND.001
    [02/05/2013 – 13:44:40 | N | 14 Ko] – G:Etiquettes boites.docx
    [02/05/2013 – 13:44:40 | N | 14 Ko] – G:Etiquettes boites (2).docx
    [03/04/2014 – 16:04:04 | N | 14 Ko] – G:CartevisiteRégis.docx
    [03/05/2013 – 19:27:16 | N | 14 Ko] – G:Etiquettes boites 1.docx
    [04/04/2014 – 15:29:44 | N | 18 Ko] – G:CONTRAT DE LOCATION.docx
    [22/06/2013 – 11:52:36 | N | 14 Ko] – G:etiquettes parlophone.docx
    [15/04/2014 – 11:03:12 | N | 18 Ko] – G:Appel de fonds 2014-2ème trimestre.docx
    [07/01/2014 – 15:09:32 | N | 20 Ko] – G:Appel de fonds 2014.docx
    [08/11/2013 – 09:40:54 | N | 21 Ko] – G:Contrat de syndic bénévole.docx
    [10/11/2013 – 19:44:10 | N | 21 Ko] – G:Procès verbal AG du 08.11.2013.docx

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    G:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

  • Anonyme
    Post count: 1400

    re

    En fait, je n’ai que quelques petites connaissances en informatique. J’ai inséré la clé usb et la fenêtre “exécution automatique” s’est ouverte (option : ‘ouvrir dossier’ – ‘utiliser lecteur pour sauvegarde’ – ‘accélérer système’).
    En cliquant droit, je n’ai pas l’option dont tu me parles. Où est-ce que je dois cliquer ?

    tu cliques sur la croix rouge en haut a droite pour fermer la fenêtre, ensuite tu exécutes usbfix

    en mode suppression et tu postes le rapport s’il te plaît

    si tu as des questions…

    :merci2:

  • carole06
    Participant
    Post count: 12

    En fait, je n’ai que quelques petites connaissances en informatique. J’ai inséré la clé usb et la fenêtre “exécution automatique” s’est ouverte (option : ‘ouvrir dossier’ – ‘utiliser lecteur pour sauvegarde’ – ‘accélérer système’).
    En cliquant droit, je n’ai pas l’option dont tu me parles. Où est-ce que je dois cliquer ?

  • Anonyme
    Post count: 1400

    re

    tu n’as pas branché ta clé (qui est infectée) :electriksock:

    | UsbFix V 7.169 | [Recherche]

    Utilisateur: Louisa (Administrateur) # LOUISA-PC
    Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
    Lancé à 17:51:57 | 02/05/2014
    C: (%systemdrive%) -> Disque fixe # 451 Go (300 Go libre(s) – 66%) [] # NTFS
    D: -> Disque fixe # 14 Go (2 Go libre(s) – 14%) [RECOVERY] # NTFS
    E: -> Disque fixe # 99 Mo (91 Mo libre(s) – 92%) [HP_TOOLS] # FAT32
    F: -> CD-ROM
    G: -> Disque amovible # 4 Go (95 Mo libre(s) – 2%) [] # FAT32

    | UsbFix V 7.169 | [Suppression]

    Utilisateur: Louisa (Administrateur) # LOUISA-PC
    Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
    Lancé à 14:30:38 | 06/05/2014
    C: (%systemdrive%) -> Disque fixe # 451 Go (299 Go libre(s) – 66%) [] # NTFS
    D: -> Disque fixe # 14 Go (2 Go libre(s) – 14%) [RECOVERY] # NTFS
    E: -> Disque fixe # 99 Mo (91 Mo libre(s) – 92%) [HP_TOOLS] # FAT32
    F: -> CD-ROM

    tu dois recommencer la manipularion en branchant cette clé et poster le rapport :P:

    :merci2:

  • carole06
    Participant
    Post count: 12

    Je n’ai pas eu besoin de suivre toute la démarche. En espérant que cela a fonctionné.

    Voici le rapport :

    ############################## | UsbFix V 7.169 | [Suppression]

    Utilisateur: Louisa (Administrateur) # LOUISA-PC
    Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
    Lancé à 14:30:38 | 06/05/2014

    Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
    Support : forum-virus-securite.html
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (143A)
    CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
    RAM -> [Total : 3894 Mo| Free : 1635 Mo]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.17105
    WB: Google Chrome : 34.0.1847.131

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AS: Windows Defender [Enabled | Updated]
    FW: Windows FireWall [(!) Disabled]

    C: (%systemdrive%) -> Disque fixe # 451 Go (299 Go libre(s) – 66%) [] # NTFS
    D: -> Disque fixe # 14 Go (2 Go libre(s) – 14%) [RECOVERY] # NTFS
    E: -> Disque fixe # 99 Mo (91 Mo libre(s) – 92%) [HP_TOOLS] # FAT32
    F: -> CD-ROM

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 432 |ParentID: 384)
    C:Windowssystem32wininit.exe (ID: 500 |ParentID: 384)
    C:Windowssystem32csrss.exe (ID: 524 |ParentID: 508)
    C:Windowssystem32services.exe (ID: 556 |ParentID: 500)
    C:Windowssystem32lsass.exe (ID: 580 |ParentID: 500)
    C:Windowssystem32lsm.exe (ID: 588 |ParentID: 500)
    C:Windowssystem32winlogon.exe (ID: 644 |ParentID: 508)
    C:Windowssystem32svchost.exe (ID: 748 |ParentID: 556)
    C:Windowssystem32svchost.exe (ID: 828 |ParentID: 556)
    C:Windowssystem32atiesrxx.exe (ID: 876 |ParentID: 556)
    C:WindowsSystem32svchost.exe (ID: 948 |ParentID: 556)
    C:WindowsSystem32svchost.exe (ID: 1004 |ParentID: 556)
    C:Windowssystem32svchost.exe (ID: 308 |ParentID: 556)
    C:Windowssystem32svchost.exe (ID: 384 |ParentID: 556)
    C:Windowssystem32atieclxx.exe (ID: 1124 |ParentID: 876)
    C:Windowssystem32svchost.exe (ID: 1160 |ParentID: 556)
    C:Windowssystem32WLANExt.exe (ID: 1300 |ParentID: 1004)
    C:Windowssystem32conhost.exe (ID: 1308 |ParentID: 432)
    C:WindowsSystem32spoolsv.exe (ID: 1476 |ParentID: 556)
    C:Windowssystem32svchost.exe (ID: 1516 |ParentID: 556)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1588 |ParentID: 556)
    C:Program FilesRealtekAudioHDAAERTSr64.exe (ID: 1628 |ParentID: 556)
    C:Program Files (x86)MicrosoftBingBarSeaPort.EXE (ID: 1688 |ParentID: 556)
    C:WindowsSysWOW64ezSharedSvcHost.exe (ID: 1756 |ParentID: 556)
    C:Program FilesHewlett-PackardHP Quick LaunchHPWMISVC.exe (ID: 1812 |ParentID: 556)
    C:Program Files (x86)Jumpstartjswpbapi.exe (ID: 1840 |ParentID: 556)
    C:Program Files (x86)Common FilesLightScribeLSSrvc.exe (ID: 1868 |ParentID: 556)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 1900 |ParentID: 556)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 304 |ParentID: 556)
    C:Windowssystem32svchost.exe (ID: 1924 |ParentID: 556)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2084 |ParentID: 556)
    C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe (ID: 2124 |ParentID: 556)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2176 |ParentID: 556)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2300 |ParentID: 2084)
    C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID: 2468 |ParentID: 556)
    C:Windowssystem32svchost.exe (ID: 2684 |ParentID: 556)
    C:Windowssystem32taskhost.exe (ID: 2912 |ParentID: 556)
    C:Windowssystem32Dwm.exe (ID: 2064 |ParentID: 1004)
    C:WindowsSystem32rundll32.exe (ID: 1380 |ParentID: 748)
    C:WindowsExplorer.EXE (ID: 2492 |ParentID: 3044)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 3036 |ParentID: 2492)
    C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe (ID: 2896 |ParentID: 2492)
    C:Program FilesRealtekAudioHDARtkNGUI64.exe (ID: 3000 |ParentID: 2492)
    C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe (ID: 456 |ParentID: 2492)
    C:WindowsSystem32igfxpers.exe (ID: 3120 |ParentID: 2492)
    C:Windowssystem32igfxsrvc.exe (ID: 3228 |ParentID: 748)
    C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe (ID: 3260 |ParentID: 2492)
    C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 3532 |ParentID: 3036)
    C:Program Files (x86)HpHP Software Updatehpwuschd2.exe (ID: 3580 |ParentID: 3268)
    C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe (ID: 3612 |ParentID: 3268)
    C:Windowssystem32SearchIndexer.exe (ID: 3868 |ParentID: 556)
    C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 1224 |ParentID: 3548)
    C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 3496 |ParentID: 1224)
    C:Windowssystem32svchost.exe (ID: 1072 |ParentID: 556)
    C:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe (ID: 3948 |ParentID: 556)
    C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Service.exe (ID: 1324 |ParentID: 556)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 3692 |ParentID: 556)
    C:Windowssystem32wbemwmiprvse.exe (ID: 2696 |ParentID: 748)
    C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe (ID: 4024 |ParentID: 556)
    C:Windowssystem32wbemwmiprvse.exe (ID: 2452 |ParentID: 748)
    C:WindowsSystem32svchost.exe (ID: 4176 |ParentID: 556)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4208 |ParentID: 556)
    C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Main.exe (ID: 4544 |ParentID: 3156)
    C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe (ID: 4700 |ParentID: 3180)
    C:Program Files (x86)Hewlett-PackardSharedhpCaslNotification.exe (ID: 4764 |ParentID: 4544)
    C:Windowssystem32taskhost.exe (ID: 5384 |ParentID: 556)
    C:Program FilesInternet Exploreriexplore.exe (ID: 5500 |ParentID: 2492)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 7524 |ParentID: 5500)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 7296 |ParentID: 5500)
    C:Windowssystem32MacromedFlashFlashUtil64_13_0_0_206_ActiveX.exe (ID: 5168 |ParentID: 748)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 8048 |ParentID: 5500)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 6752 |ParentID: 5500)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 9748 |ParentID: 5500)
    C:Windowssystem32SearchProtocolHost.exe (ID: 2280 |ParentID: 3868)
    C:Windowssystem32SearchFilterHost.exe (ID: 7176 |ParentID: 3868)
    C:Windowssystem32SearchProtocolHost.exe (ID: 9040 |ParentID: 3868)

    ################## | Recherche générique |

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|EnableShellExecuteHooks -> 0
    Supprimé! HKUS-1-5-21-2438885668-180924057-1699815265-1000Software….Mountpoints2G
    Supprimé! HKUS-1-5-21-2438885668-180924057-1699815265-1000Software….Mountpoints2{df77716b-b4fe-11df-9308-002682a01eb4}

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [HPAdvisorDock] C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
    04 – HKCU..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKCU..Run : [msnmsgr] “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
    04 – HKLM..Run : [StartCCC] “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    04 – HKLM..Run : [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe
    04 – HKLM..Run : [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
    04 – HKLM..Run : []
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [HOSTS Anti-Adware_PUPs] C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe
    04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – [x64] HKLM..Run : [IAAnotif] C:Program Files (x86)IntelIntel Matrix Storage Manageriaanotif.exe
    04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARtkNGUI64.exe -s
    04 – [x64] HKLM..Run : [RtkOSD] C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe
    04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – [x64] HKLM..Run : [HPWirelessAssistant] C:Program FilesHewlett-PackardHP Wireless AssistantDelayedAppStarter.exe 120 C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Main.exe /hidden
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [HPAdvisorDock] C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
    04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [msnmsgr] “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | Listing |

    [22/08/2011 – 16:46:59 | SHD] – C:$Recycle.Bin
    [07/01/2014 – 12:00:34 | D] – C:AdwCleaner
    [23/02/2014 – 19:40:31 | N | 0 Ko] – C:AVScanner.ini
    [16/05/2010 – 23:43:34 | SHD] – C:boot
    [14/07/2009 – 03:38:58 | RASH | 375 Ko] – C:bootmgr
    [29/06/2011 – 23:35:34 | D] – C:cbde259474907931138433a6
    [14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
    [24/02/2012 – 22:43:35 | D] – C:films
    [06/05/2014 – 11:00:19 | ASH | 2990484 Ko] – C:hiberfil.sys
    [18/06/2010 – 01:53:36 | D] – C:HP
    [18/06/2010 – 02:04:25 | D] – C:Intel
    [06/05/2014 – 11:00:43 | ASH | 3987312 Ko] – C:pagefile.sys
    [18/01/2012 – 14:15:08 | D] – C:pan am saison 1
    [14/07/2009 – 05:20:08 | D] – C:PerfLogs
    [06/05/2014 – 13:30:27 | D] – C:Program Files
    [06/05/2014 – 13:29:28 | D] – C:Program Files (x86)
    [06/05/2014 – 13:27:14 | HD] – C:ProgramData
    [30/08/2010 – 14:21:22 | SHD] – C:Recovery
    [16/01/2014 – 02:42:40 | N | 594 Ko | ECFA4E7350DE3BB49AE671A9A3382A35] – C:SecurityScanner.dll
    [19/01/2012 – 16:00:43 | D] – C:series
    [28/11/2012 – 15:26:01 | D] – C:SwSetup
    [06/05/2014 – 13:29:53 | SHD] – C:System Volume Information
    [30/08/2010 – 14:21:26 | D] – C:SYSTEM.SAV
    [02/05/2014 – 17:50:25 | D] – C:UsbFix
    [06/05/2014 – 14:32:35 | A | 11 Ko | 30CDFE15E9C7742742CA9AC3609CA1B2] – C:UsbFix [Clean 2] LOUISA-PC.txt
    [02/05/2014 – 18:08:21 | N | 11 Ko | 311D614CCBD1157FA8B4D27263E89C20] – C:UsbFix [Scan 1] LOUISA-PC.txt
    [13/12/2012 – 21:16:20 | N | 0 Ko] – C:user.js
    [30/08/2010 – 14:20:54 | D] – C:Users
    [05/02/2011 – 13:11:27 | D] – C:UtilisateursAF
    [25/03/2014 – 21:03:39 | D] – C:VALCOMPTA4
    [02/05/2014 – 17:42:17 | D] – C:Windows
    [30/08/2010 – 14:25:57 | SHD] – D:$RECYCLE.BIN
    [30/08/2010 – 14:25:53 | SHD] – D:boot
    [14/07/2009 – 20:39:00 | ASH | 375 Ko] – D:bootmgr
    [30/08/2010 – 14:25:53 | N | 0 Ko] – D:BT_HP.FLG
    [18/06/2010 – 12:40:33 | N | 0 Ko] – D:CSP.DAT
    [18/06/2010 – 12:47:51 | N | 14 Ko] – D:DeployRp.log
    [30/08/2010 – 14:25:53 | D] – D:hp
    [30/08/2010 – 14:25:53 | N | 0 Ko] – D:language.ini
    [30/08/2010 – 14:25:53 | SHD] – D:preload
    [30/08/2010 – 14:25:53 | SD] – D:Recovery
    [18/06/2010 – 12:47:48 | N | 0 Ko] – D:RPCONFIG.LOG
    [19/01/2012 – 15:40:40 | SHD] – D:System Volume Information
    [30/08/2010 – 14:25:54 | D] – D:system.sav
    [30/08/2010 – 14:25:58 | SHD] – E:$RECYCLE.BIN
    [18/06/2010 – 01:39:08 | D] – E:Hewlett-Packard
    [02/05/2013 – 13:44:40 | N | 14 Ko] – E:Etiquettes boites.docx
    [02/05/2013 – 13:13:42 | N | 14 Ko] – E:etiquettes parlophone.docx

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    E:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |

  • Anonyme
    Post count: 1400

    :hello: carole06,

    fait ceci et poste le rapport s’il te plaît, ensuite tu pourras récupérer les données de ta clé ;)

    • Branche toutes vos sources de données externes à votre PC (clé USB, disque dur externe, etc…) sans les ouvrir.
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Choisis l’option Suppression

      Note : L’ordinateur va redémarrer automatiquement, au redémarrage, clique sur le message transmis par UsbFix et laisse le programme travailler.

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse

    :merci2:

  • carole06
    Participant
    Post count: 12

    Bonjour Billmaxime,

    Voici le lien obtenu sur upload :
    https://antimalware.top/www/?a=d&i=chdPQj62CO” onclick=”window.open(this.href);return false;

    En parallèle, j’ai désinstallé les anciennes versions de Java et Mc Afee.
    Pour ce qui est de la clé usb, je voudrais la vider mais étant donné qu’elle est infestée et que je n’ai plus de logiciel anti virus, je crains
    de causer des problèmes si je la raccorde de nouveau à mon pc. Qu’en penses-tu ?

  • Anonyme
    Post count: 1400

    :hello: carole06,

    ATTENTION:tu devrais libérer de l’espace sur ta clé usb
    G: -> Disque amovible # 4 Go (95 Mo libre(s) – 2%) [] # FAT32
    ====================================================================================

    le rapport n’est pas complet ^^ héberge le sur sosupload et poste le lien dans ta prochaine réponse

    le lien https://antimalware.top/” onclick=”window.open(this.href);return false;

    tu peux déjà désinstaller ceci:

    C:Program FilesMcAfee Security Scan3.8.141SSScheduler.exe

    les anciennes version de java (la dernière en date étant la Version 7 Update 55

    :merci2:

  • carole06
    Participant
    Post count: 12

    Bonjour Billmaxime,

    Je te remercie pour ton aide. Voici le rapport d’Usbfix. Je vais rester rester vigilante quant à ta réponse.
    Bonne journée.

    ############################## | UsbFix V 7.169 | [Recherche]

    Utilisateur: Louisa (Administrateur) # LOUISA-PC
    Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
    Lancé à 17:51:57 | 02/05/2014

    Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
    Support : forum-virus-securite.html
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Hewlett-Packard (143A)
    CPU: Intel(R) Pentium(R) CPU P6000 @ 1.87GHz
    RAM -> [Total : 3894 Mo| Free : 1762 Mo]
    Bios: Hewlett-Packard
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.17105
    WB: Google Chrome : 34.0.1847.131

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AS: Windows Defender [Enabled | Updated]
    FW: Windows FireWall [(!) Disabled]

    C: (%systemdrive%) -> Disque fixe # 451 Go (300 Go libre(s) – 66%) [] # NTFS
    D: -> Disque fixe # 14 Go (2 Go libre(s) – 14%) [RECOVERY] # NTFS
    E: -> Disque fixe # 99 Mo (91 Mo libre(s) – 92%) [HP_TOOLS] # FAT32
    F: -> CD-ROM
    G: -> Disque amovible # 4 Go (95 Mo libre(s) – 2%) [] # FAT32

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 484 |ParentID: 440)
    C:Windowssystem32wininit.exe (ID: 560 |ParentID: 440)
    C:Windowssystem32csrss.exe (ID: 576 |ParentID: 552)
    C:Windowssystem32services.exe (ID: 608 |ParentID: 560)
    C:Windowssystem32lsass.exe (ID: 632 |ParentID: 560)
    C:Windowssystem32lsm.exe (ID: 640 |ParentID: 560)
    C:Windowssystem32winlogon.exe (ID: 672 |ParentID: 552)
    C:Windowssystem32svchost.exe (ID: 788 |ParentID: 608)
    C:Windowssystem32svchost.exe (ID: 888 |ParentID: 608)
    C:Windowssystem32atiesrxx.exe (ID: 936 |ParentID: 608)
    C:WindowsSystem32svchost.exe (ID: 1008 |ParentID: 608)
    C:WindowsSystem32svchost.exe (ID: 396 |ParentID: 608)
    C:Windowssystem32svchost.exe (ID: 556 |ParentID: 608)
    C:Windowssystem32svchost.exe (ID: 804 |ParentID: 608)
    C:Windowssystem32atieclxx.exe (ID: 1204 |ParentID: 936)
    C:Windowssystem32svchost.exe (ID: 1220 |ParentID: 608)
    C:Windowssystem32WLANExt.exe (ID: 1336 |ParentID: 396)
    C:Windowssystem32conhost.exe (ID: 1352 |ParentID: 484)
    C:WindowsSystem32spoolsv.exe (ID: 1552 |ParentID: 608)
    C:Windowssystem32svchost.exe (ID: 1580 |ParentID: 608)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1664 |ParentID: 608)
    C:Program FilesRealtekAudioHDAAERTSr64.exe (ID: 1792 |ParentID: 608)
    C:Program Files (x86)MicrosoftBingBarSeaPort.EXE (ID: 1848 |ParentID: 608)
    C:WindowsSysWOW64ezSharedSvcHost.exe (ID: 1896 |ParentID: 608)
    C:Program FilesHewlett-PackardHP Quick LaunchHPWMISVC.exe (ID: 1956 |ParentID: 608)
    C:Program Files (x86)Jumpstartjswpbapi.exe (ID: 1980 |ParentID: 608)
    C:Program Files (x86)Common FilesLightScribeLSSrvc.exe (ID: 2124 |ParentID: 608)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2148 |ParentID: 608)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID: 2404 |ParentID: 608)
    C:Windowssystem32svchost.exe (ID: 2452 |ParentID: 608)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 2520 |ParentID: 608)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 2616 |ParentID: 2520)
    C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe (ID: 2744 |ParentID: 608)
    C:Windowssystem32taskhost.exe (ID: 2776 |ParentID: 608)
    C:Windowssystem32Dwm.exe (ID: 2856 |ParentID: 396)
    C:WindowsExplorer.EXE (ID: 2916 |ParentID: 2832)
    C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID: 2820 |ParentID: 608)
    C:Program FilesSynapticsSynTPSynTPEnh.exe (ID: 2940 |ParentID: 2916)
    C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe (ID: 3020 |ParentID: 2916)
    C:Program FilesRealtekAudioHDARtkNGUI64.exe (ID: 2100 |ParentID: 2916)
    C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe (ID: 3208 |ParentID: 2916)
    C:WindowsSystem32hkcmd.exe (ID: 3312 |ParentID: 2916)
    C:Windowssystem32igfxsrvc.exe (ID: 3356 |ParentID: 788)
    C:WindowsSystem32igfxpers.exe (ID: 3412 |ParentID: 2916)
    C:Program FilesJavajre6binjusched.exe (ID: 3472 |ParentID: 2916)
    C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe (ID: 3636 |ParentID: 2916)
    C:Program FilesMcAfee Security Scan3.8.141SSScheduler.exe (ID: 3708 |ParentID: 2916)
    C:Program Files (x86)Javajre6binjusched.exe (ID: 3792 |ParentID: 3644)
    C:Program Files (x86)HpHP Software Updatehpwuschd2.exe (ID: 3800 |ParentID: 3644)
    C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID: 3808 |ParentID: 3644)
    C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe (ID: 3940 |ParentID: 3644)
    C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID: 3288 |ParentID: 608)
    C:Windowssystem32SearchIndexer.exe (ID: 368 |ParentID: 608)
    C:Windowssystem32svchost.exe (ID: 4040 |ParentID: 608)
    C:Program FilesSynapticsSynTPSynTPHelper.exe (ID: 2440 |ParentID: 2940)
    C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.exe (ID: 3632 |ParentID: 3748)
    C:Program Files (x86)Hewlett-PackardHP AdvisorHPAdvisor.exe (ID: 3372 |ParentID: 3564)
    C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.exe (ID: 3704 |ParentID: 3632)
    C:WindowsMicrosoft.NetFramework64v3.0WPFPresentationFontCache.exe (ID: 4264 |ParentID: 608)
    C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Main.exe (ID: 4604 |ParentID: 3552)
    C:Windowssystem32svchost.exe (ID: 2904 |ParentID: 608)
    C:Program Files (x86)Hewlett-PackardHP Health Checkhphc_service.exe (ID: 3820 |ParentID: 608)
    C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Service.exe (ID: 2712 |ParentID: 608)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 4356 |ParentID: 608)
    C:Windowssystem32wbemwmiprvse.exe (ID: 1156 |ParentID: 788)
    C:Program Files (x86)Hewlett-PackardSharedhpqwmiex.exe (ID: 4060 |ParentID: 608)
    C:WindowsSystem32svchost.exe (ID: 2316 |ParentID: 608)
    C:Windowssystem32wbemwmiprvse.exe (ID: 4236 |ParentID: 788)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 2160 |ParentID: 608)
    C:Program Files (x86)Hewlett-PackardSharedhpCaslNotification.exe (ID: 2852 |ParentID: 4604)
    C:Program FilesInternet Exploreriexplore.exe (ID: 4896 |ParentID: 2916)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5012 |ParentID: 4896)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 6108 |ParentID: 4896)
    C:Windowssystem32MacromedFlashFlashUtil64_13_0_0_206_ActiveX.exe (ID: 5212 |ParentID: 788)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 5936 |ParentID: 4896)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 1044 |ParentID: 4896)
    C:WindowsSysWOW64DllHost.exe (ID: 3204 |ParentID: 788)
    C:Program FilesAVAST SoftwareAvastaswRunDll.exe (ID: 1268 |ParentID: 3204)
    C:Program FilesAVAST SoftwareAvastsetupavast.setup (ID: 8132 |ParentID: 1268)
    C:Windowssystem32taskhost.exe (ID: 7156 |ParentID: 608)
    C:Program Files (x86)Internet ExplorerIEXPLORE.EXE (ID: 8044 |ParentID: 4896)
    C:Windowssystem32taskeng.exe (ID: 7832 |ParentID: 804)
    c:program fileswindows defenderMpCmdRun.exe (ID: 8288 |ParentID: 8264)
    C:Windowssystem32SearchProtocolHost.exe (ID: 8928 |ParentID: 368)
    C:WindowsSystem32WUDFHost.exe (ID: 5760 |ParentID: 396)

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] userinit.exe
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKCU..Run : [HPAdvisorDock] C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
    04 – HKCU..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKCU..Run : [msnmsgr] “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
    04 – HKLM..Run : [StartCCC] “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    04 – HKLM..Run : [Easybits Recovery] C:Program Files (x86)EasyBits For KidsezRecover.exe
    04 – HKLM..Run : [SunJavaUpdateSched] “C:Program Files (x86)Javajre6binjusched.exe”
    04 – HKLM..Run : [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe
    04 – HKLM..Run : []
    04 – HKLM..Run : [Adobe ARM] “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    04 – HKLM..Run : [HOSTS Anti-Adware_PUPs] C:Program Files (x86)Hosts_Anti_Adwares_PUPsHOSTS_Anti-Adware_main.exe
    04 – HKLM..RunOnce : []
    04 – [x64] HKLM..Run : [SynTPEnh] %ProgramFiles%SynapticsSynTPSynTPEnh.exe
    04 – [x64] HKLM..Run : [IAAnotif] C:Program Files (x86)IntelIntel Matrix Storage Manageriaanotif.exe
    04 – [x64] HKLM..Run : [RTHDVCPL] C:Program FilesRealtekAudioHDARtkNGUI64.exe -s
    04 – [x64] HKLM..Run : [RtkOSD] C:Program Files (x86)RealtekAudioOSDRtVOsd64.exe
    04 – [x64] HKLM..Run : [IgfxTray] C:Windowssystem32igfxtray.exe
    04 – [x64] HKLM..Run : [HotKeysCmds] C:Windowssystem32hkcmd.exe
    04 – [x64] HKLM..Run : [Persistence] C:Windowssystem32igfxpers.exe
    04 – [x64] HKLM..Run : [SunJavaUpdateSched] “C:Program FilesJavajre6binjusched.exe”
    04 – [x64] HKLM..Run : [HPWirelessAssistant] C:Program FilesHewlett-PackardHP Wireless AssistantDelayedAppStarter.exe 120 C:Program FilesHewlett-PackardHP Wireless AssistantHPWA_Main.exe /hidden
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [HPAdvisorDock] C:Program Files (x86)Hewlett-PackardHP AdvisorDockHPAdvisorDock.exe
    04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [LightScribe Control Panel] C:Program Files (x86)Common FilesLightScribeLightScribeControlPanel.exe -hidden
    04 – HKUS-1-5-21-2438885668-180924057-1699815265-1000..Run : [msnmsgr] “C:Program Files (x86)Windows LiveMessengermsnmsgr.exe” /background
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | Recherche générique |

    Présent! G:iTunesHelper.vbe
    Présent! G:autorun.lnk
    Présent! G:Etiquettes boites.lnk
    Présent! G:Boarding_Pass.lnk
    Présent! G:Etiquettes boites (2).lnk
    Présent! G:CartevisiteRégis.lnk
    Présent! G:Etiquettes boites 1.lnk
    Présent! G:CONTRAT DE LOCATION.lnk

  • Anonyme
    Post count: 1400

    :hello: carole06,

    [norephelpe:ij4by98o][/norephelpe:ij4by98o]

  • Anonyme
    Post count: 1400

    :hello: carole06 et :welcome: sur sosvirus

    je vais te prendre en charge et résoudre ton soucis :)

    peux-tu poster le rapport d’usbfix s’il te plaît

    :merci2:

  • carole06
    Participant
    Post count: 12

    Bonjour,
    Ma clé usb a été infectée. Je suis passée par usbfix pour son analyse et je voudrai la nettoyer. Pour cela j’aurai besoin de votre aide.
    Est-ce qu’il vous faut le rapport d’analyse qui doit être apparemment dans mon disque dur ?
    Par ailleurs, j’ai désinstallé avast, condition pour qu’ usbfix puisse analyser la clé. A quel moment est-ce que je peux réinstaller le logiciel ?Merci pour vos réponses et votre aide.

Le sujet ‘Désinfection clé usb’ est fermé à de nouvelles réponses.