15 sujets de 1 à 15 (sur un total de 16)
  • Auteur
    Messages
  • Lenkorneur
    Participant
    Nombre d'articles : 8

    Bonjour,

    Depuis quelques jours, mon anti-virus Avast, émet une alerte toute les 2 minutes : « cheval de Troie bloqué », plus particulièrement lors de l’ouverture d’un onglet internet de Mozilla.

    Il s’agit du virus : js:Downloader-ZY [Trj] . Merci de m’aider à m’en débarrasser, j’ai déjà usé de toutes mes sommaires compétences pour en arriver à bout mais sans succès.

    Je trouve mon PC bien ralenti depuis l’infection. J’ai tenté de m’en débarasser via cccleaner, malwarebytes ( version 2.0.1.1004)

    Merci d’avance pour votre aide. Je transmets ci-dessous les rapports, comme demandé dans les instructions.

    Rapport Adwcleaner

    # AdwCleaner v3.211 – Rapport créé le 31/05/2014 à 10:48:08
    # Mis à jour le 26/05/2014 par Xplode
    # Système d’exploitation : Windows 7 Home Premium Service Pack 1 (32 bits)
    # Nom d’utilisateur : geant – GEANT-PC
    # Exécuté depuis : C:UsersgeantDesktopadwcleaner_3.211.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKCUSoftwareAppDataLowSoftware

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v11.0.9600.17041

    -\ Mozilla Firefox v29.0.1 (fr)

    [ Fichier : C:UsersgeantAppDataRoamingMozillaFirefoxProfiless5wc9dn.defaultprefs.js ]

    -\ Google Chrome v35.0.1916.114

    [ Fichier : C:UsersgeantAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [29532 octets] – [27/05/2014 21:13:39]
    AdwCleaner[R1].txt – [26365 octets] – [27/05/2014 21:16:13]
    AdwCleaner[R2].txt – [1297 octets] – [31/05/2014 10:46:46]
    AdwCleaner[S0].txt – [3804 octets] – [27/05/2014 21:15:19]
    AdwCleaner[S1].txt – [25749 octets] – [27/05/2014 21:16:55]
    AdwCleaner[S2].txt – [1159 octets] – [31/05/2014 10:48:08]

    ########## EOF – C:AdwCleanerAdwCleaner[S2].txt – [1219 octets] ##########

    Rapport Malwarebytes

    < ?xml version="1.0" encoding="UTF-8"?>

    Lenkorneur
    Participant
    Nombre d'articles : 8

    Rapport ZHPdiag

    Spoiler for ig781hx4

    ~ Rapport de ZHPDiag v2014.5.30.78 – Nicolas Coolman (30/05/2014)
    ~ Lancé par geant (31/05/2014 15:39:32)
    ~ Adresse du Site Web http://nicolascoolman.fr” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version : Version à jour.
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Activate by user

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17107
    MFIE: Mozilla Firefox 29.0.1 (Defaut)
    GCIE: Google Chrome v35.0.1916.114

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows Operating System – Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 2BT4J
    Windows License : OK
    ~ Windows Remaining Initializations Number : 4
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    avast! Free Antivirus v9.0.2018
    Malwarebytes Anti-Malware version 2.0.1.1004
    Ad-Aware Antivirus v10.5.1.4369
    McAfee Security Scan Plus v3.8.141.11
    Spyware Terminator 2012 v3.0.0.80
    Windows Defender W7 (Deactivate)

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 13 Plugin
    Adobe Reader XI
    Java 7 Update 17

    —\ Informations sur le système
    ~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
    ~ Operating System: 32 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3004 MB (31% free)
    System Restore: Activé (Enable)
    System drive C: has 5 GB (3%) free of 141 GB

    —\ Mode de connexion au système
    ~ Computer Name: GEANT-PC
    ~ User Name: geant
    ~ All Users Names: postgres, HomeGroupUser$, geant, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersgeantAppDataRoamingZHP
    ~ %AppData% : C:UsersgeantAppDataRoaming
    ~ %Desktop% : C:UsersgeantDesktop
    ~ %Favorites% : C:UsersgeantFavorites
    ~ %LocalAppData% : C:UsersgeantAppDataLocal
    ~ %StartMenu% : C:UsersgeantAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 5 Go of 141 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 121 Go of 141 Go)
    E: CD-ROM drive (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdateAuto UpdateResultsInstall] LastSuccessTime : Out Of Date
    ~ Security Center: 38 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 09:30:54.) — C:WindowsExplorer.exe [2616320]
    [MD5.B5C5DCAD3899512020D135600129D665] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 05:14:45.) — C:WindowsSystem32Wininit.exe [96256]
    [MD5.E4E829EE073E046B0EB19B5FECB19B8C] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.06/03/2014 – 09:41:49.) — C:WindowsSystem32wininet.dll [1789440]
    [MD5.998507B046BA314CE8245364C686FA67] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.04/03/2014 – 13:17:02.) — C:WindowsSystem32Winlogon.exe [304128]
    [MD5.E3AE23569749DE12D45BA3B489A036AE] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 16:21:24.) — C:WindowsSystem32sppcomapi.dll [193536]
    [MD5.F81BB7E487EDCEAB630A7EE66CF23913] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.14/09/2013 – 04:48:58.) — C:Windowssystem32DriversAFD.sys [338944]
    [MD5.338C86357871C167A96AB976519BF59E] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 05:26:15.) — C:Windowssystem32Driversatapi.sys [21584]
    [MD5.77EA11B065E0A8AB902D78145CA51E10] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 03:11:15.) — C:Windowssystem32DriversCdfs.sys [70656]
    [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 12:38:10.) — C:Windowssystem32DriversCdrom.sys [108544]
    [MD5.F024449C97EC1E464AAFFDA18593DB88] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 12:42:32.) — C:Windowssystem32DriversDfsC.sys [78336]
    [MD5.9036377B8A6C15DC2EEC53E489D159B5] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 13:59:29.) — C:Windowssystem32DriversHDAudBus.sys [108544]
    [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 03:11:24.) — C:Windowssystem32Driversi8042prt.sys [80896]
    [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 03:54:29.) — C:Windowssystem32DriversIpNat.sys [101888]
    [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 06:17:22.) — C:Windowssystem32DriversMRxSmb.sys [123904]
    [MD5.280122DDCF04B378EDD1AD54D71C1E54] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 12:39:44.) — C:Windowssystem32DriversnetBT.sys [187904]
    [MD5.C8DFF8D07755A66C7A4A738930F0FEAC] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 06:18:22.) — C:Windowssystem32Driversntfs.sys [1212352]
    [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 03:45:35.) — C:Windowssystem32DriversParport.sys [79360]
    [MD5.D9F91EAFEC2815365CBE6D167E4E332A] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 03:54:34.) — C:Windowssystem32DriversRasl2tp.sys [78848]
    [MD5.3E21C083B8A01CB70BA1F09303010FCE] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 03:53:41.) — C:Windowssystem32Driverssmb.sys [71168]
    [MD5.B459575348C20E8121D6039DA063C704] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 12:39:17.) — C:Windowssystem32Driverstdx.sys [74752]
    [MD5.F497F67932C6FA693D7DE2780631CFE7] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 16:30:16.) — C:Windowssystem32Driversvolsnap.sys [245632]
    ~ Generic Processes: Scanned in 00mn 01s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/2929
    ~ Mes musiques (My Musics) : 1/45
    ~ Mes Videos (My Videos) : 1/11
    ~ Mes Favoris (My Favorites) : 1/31
    ~ Mes Documents (My Documents) : 1/2729
    ~ Mon Bureau (My Desktop) : 23/11301
    ~ Menu demarrer (Programs) : 1/64
    ~ Hidden Files: Scanned in 01mn 12s

    —\ Processus lancés
    [MD5.091A0924AC02AE0A04F3D03BCCDE2712] – (.SEC – Samsung Recovery Solution 4.) — C:Program FilesSamsungSamsung Recovery Solution 4WCScheduler.exe [2246144] [PID.480]
    [MD5.E3735DC796E5183D63F35921B058934C] – (.Samsung Electronics Co., Ltd. – EasySpeedUpManager.) — C:Program FilesSAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe [716800] [PID.524]
    [MD5.A46796CCF032D35720347262998D1F90] – (.Samsung Electronics Co., Ltd. – Easy Display Manager.) — C:Program FilesSamsungEasy Display Managerdmhkcore.exe [835072] [PID.572]
    [MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] – (.SAMSUNG Electronics – SSCKbdHk.) — C:Program FilesSamsungSamsung Support CenterSSCKbdHk.exe [91136] [PID.464]
    [MD5.64F562F206E5474B9E01F8CD944770A6] – (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARtHDVCpl.exe [8092192] [PID.2356]
    [MD5.3EE8375B1063CF4A0C4353123F4129C5] – (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe [1578280] [PID.2508]
    [MD5.54FA8528EDA1B6B34615F4EA3FCB35E6] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program FilesCyberLinkPower2GoCLMLSvc.exe [103720] [PID.2608]
    [MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe [91432] [PID.2784]
    [MD5.3CD5BBDA19A1AB4EBA359E0A14FDF0F0] – (.Intel Corporation – hkcmd Module.) — C:WindowsSystem32hkcmd.exe [171032] [PID.2920]
    [MD5.3142195521FEE436088EE8A5748DE1B1] – (.Intel Corporation – persistence Module.) — C:WindowsSystem32igfxpers.exe [170520] [PID.2956]
    [MD5.21293443961A4E2597453EE7A9347F22] – (.Hewlett-Packard – hpwuSchd Application.) — C:Program FilesHPHP Software UpdatehpwuSchd2.exe [54840] [PID.3032]
    [MD5.6268184AD0719C031F0BA73A055522C5] – (.Crawler.com – Spyware Terminator 2012 Realtime Shield.) — C:Program FilesSpyware TerminatorSpywareTerminatorShield.exe [2777736] [PID.3172]
    [MD5.E6A2593AD58D205535F5BA0AEB231DC1] – (.Crawler.com – Spyware Terminator 2012 Update Support.) — C:Program FilesSpyware TerminatorSpywareTerminatorUpdate.exe [3684488] [PID.3280]
    [MD5.12916E0642E92561C98B18A2A2D01B14] – (.Sun Microsystems, Inc. – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe [252848] [PID.3320]
    [MD5.E3AECB28EBE04FFD535745912839D72D] – (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe [152392] [PID.3340]
    [MD5.92BC91BEB19BE1F03DB9664AD47120B2] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAlwil SoftwareAvast5avastui.exe [3888648] [PID.3428]
    [MD5.E2641D15A8A0F50F3FD2A3A90129BC04] – (.Lavasoft Limited – Ad-Aware Antivirus.) — C:Program FilesAd-Aware AntivirusAdAware.exe [18814816] [PID.3444]
    [MD5.9D4A0ECBF734E2EECDD5B473A2D705FE] – (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe [20922016] [PID.3664]
    [MD5.B54921381A950C8215FB363B485C432B] – (.Hewlett-Packard Co. – HP Digital Imaging Monitor.) — C:Program FilesHPDigital Imagingbinhpqtra08.exe [270336] [PID.3676]
    [MD5.43E2CFC37953501EA40D852AE585E7C0] – (.McAfee, Inc. – McAfee Security Scanner Scheduler.) — C:Program FilesMcAfee Security Scan3.8.141SSScheduler.exe [277920] [PID.3708]
    [MD5.41AD6110110A2E89957F831DCBFAF892] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes Anti-Malwarembam.exe [6963512] [PID.3752]
    [MD5.44682DB0172AB54490C163235288023B] – (.Crawler.com – Spyware Terminator 2012 Realtime Shield Ser.) — C:Program FilesSpyware Terminatorst_rsser.exe [587912] [PID.3072]
    [MD5.F2F3617C63B87AA2DE139DC9E37420B5] – (.Intel Corporation – igfxext Module.) — C:windowssystem32igfxext.exe [179224] [PID.4140]
    [MD5.B9AA850CDA55097EB13E03698C8F5828] – (.Intel Corporation – igfxsrvc Module.) — C:windowssystem32igfxsrvc.exe [266776] [PID.2868]
    [MD5.428F4A9D4CB5816030F88F3DD7595675] – (.Synaptics Incorporated – Synaptics Pointing Device Helper.) — C:Program FilesSynapticsSynTPSynTPHelper.exe [103720] [PID.4196]
    [MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] – (.Hewlett-Packard Co. – HP CUE Status Root.) — C:Program FilesHPDigital ImagingbinhpqSTE08.exe [168960] [PID.5188]
    [MD5.8A9FACCB684500829F7D0BCC67B386CC] – (.Hewlett-Packard Co. – HP CUE Alert Popup Window Objects.) — C:Program FilesHPDigital Imagingbinhpqbam08.exe [559104] [PID.5720]
    [MD5.883008A9B5BFF94A153D99DBA54CB5C1] – (.Hewlett-Packard – GPCore COM object.) — C:Program FilesHPDigital Imagingbinhpqgpc01.exe [362496] [PID.4400]
    [MD5.2E0B0A051FFAA86E358465BB0880D453] – (.Microsoft Corporation – Windows Update.) — C:windowssystem32wuauclt.exe [53784] [PID.4716]
    [MD5.5DFE72B9F1FF669070FC032090B7B982] – (.Sun Microsystems, Inc. – Java(TM) Update Checker.) — C:Program FilesCommon FilesJavaJava Updatejucheck.exe [507312] [PID.2644]
    [MD5.0DA891CB0703D912CEAFA072F54D002B] – (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe [275568] [PID.2972]
    [MD5.28B02EA673489A4EFBB20A9B302D523C] – (.Mozilla Corporation – Plugin Container for Firefox.) — C:Program FilesMozilla Firefoxplugin-container.exe [18544] [PID.3956]
    [MD5.038053B5DB6B0DCFB32B7682334B7625] – (.Adobe Systems, Inc. – Adobe Flash Player 13.0 r0.) — C:windowssystem32MacromedFlashFlashPlayerPlugin_13_0_0_214.exe [1863856] [PID.5868]
    [MD5.4ADB31B7C88BBBBB6203968E6C2CBDA1] – (.Microsoft Corporation – Microsoft Office Word.) — C:Program FilesMicrosoft OfficeOFFICE11WINWORD.exe [12317848] [PID.5388]
    [MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8020480] [PID.5396]
    ~ Processes Running: Scanned in 00mn 11s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersgeantAppDataLocalGoogleChromeUser DataDefaultPreferences

    —\ Liste des dossiers d'extension Google Chrome
    ~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersgeantAppDataRoamingMozillaFirefoxProfiless5wc9dn.defaultprefs.js
    M3 – MFPP: Plugins – [geant] — C:UsersgeantAppDataRoamingMozillaFirefoxProfiless5wc9dn.defaultsearchpluginsbing-avast.xml
    M3 – MFPP: Plugins – [geant] — C:UsersgeantAppDataRoamingMozillaFirefoxProfiless5wc9dn.defaultsearchpluginsdefault-search.xml =>Hijacker.Browsers
    M3 – MFPP: Plugins – [geant] — C:UsersgeantAppDataRoamingMozillaFirefoxProfiless5wc9dn.defaultsearchpluginsyahoo-avast.xml
    M2 – MFEP: prefs.js [geant – 0s5wc9dn.default{87934c42-161d-45bc-8cef-ef18abe2a30c}] [] Ad-Aware Security Add-on v3.3 (..)
    ~ Firefox Browser: 39 Legitimates Filtered in 00mn 02s

    —\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
    R3 – URLSearchHook: SiteFinder – {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} . (…) (No version) — (.not file.) =>Adware.ShoppingReport
    R3 – URLSearchHook: Microsoft Url Search Hook – {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (…) (No version) — (.not file.)
    ~ IE Browser: 11 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 01s
    ~ Nombre de lignes (Lines number): 21

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: SiteFinder – [HKLM]{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} . (…) — C:Program FilesSiteFinderSiteFinder.dll =>Adware.ShoppingReport
    O3 – ToolbarWebBrowser: (no name) – [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [geant]: Softonic.lnk . (…) — C:UsersgeantAppDataLocalSoftonicSoftonic.exe (.not file.) =>Toolbar.Conduit
    ~ Global Startup: 1 Legitimates Filtered in 00mn 15s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARtHDVCpl.exe =>.Realtek Semiconductor Corp
    O4 – HKLM..Run: [SynTPEnh] . (.Synaptics Incorporated – Synaptics TouchPad Enhancements.) — C:Program FilesSynapticsSynTPSynTPEnh.exe
    O4 – HKLM..Run: [UpdateLBPShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program FilesCyberLinkLabelPrintMUITransferMUIStartMenu.exe
    O4 – HKLM..Run: [CLMLServer] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program FilesCyberLinkPower2GoCLMLSvc.exe
    O4 – HKLM..Run: [UpdateP2GoShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program FilesCyberLinkPower2GoMUITransferMUIStartMenu.exe
    O4 – HKLM..Run: [UpdatePDRShortCut] . (.CyberLink Corp. – StartMen Application.) — C:Program FilesCyberLinkPowerDirectorMUITransferMUIStartMenu.exe
    O4 – HKLM..Run: [RemoteControl8] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program FilesCyberLinkPowerDVD8PDVD8Serv.exe
    O4 – HKLM..Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. – PowerDVD Language Application.) — C:Program FilesCyberLinkPowerDVD8LanguageLanguage.exe
    O4 – HKLM..Run: [UpdatePPShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program FilesCyberLinkPowerProducerMUITransferMUIStartMenu.exe
    O4 – HKLM..Run: [UpdatePSTShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program FilesCyberLinkDVD SuiteMUITransferMUIStartMenu.exe
    O4 – HKLM..Run: [APLangApp] . (.DoctorSoft – AnyPC Language Application.) — C:Program FilesAnyPC ClientAPLangApp.exe
    O4 – HKLM..Run: [UCam_Menu] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program FilesCyberLinkYouCamMUITransferMUIStartMenu.exe
    O4 – HKLM..Run: [Wireless PC Lock 2005] C:Program FilesWIRELE~1SqrtyKey.exe (.not file.)
    O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:windowssystem32igfxtray.exe
    O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:windowssystem32hkcmd.exe
    O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:windowssystem32igfxpers.exe
    O4 – HKLM..Run: [hpqSRMon] . (.Hewlett-Packard – HpqSRmon.) — C:Program FilesHPDigital ImagingbinhpqSRMon.exe
    O4 – HKLM..Run: [HP Software Update] . (.Hewlett-Packard – hpwuSchd Application.) — C:Program FilesHPHP Software UpdateHPWuSchd2.exe =>.Hewlett-Packard Co
    O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
    O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Run: [SpywareTerminatorShield] . (.Crawler.com – Spyware Terminator 2012 Realtime Shield.) — C:Program FilesSpyware TerminatorSpywareTerminatorShield.exe
    O4 – HKLM..Run: [SpywareTerminatorUpdater] . (.Crawler.com – Spyware Terminator 2012 Update Support.) — C:Program FilesSpyware TerminatorSpywareTerminatorUpdate.exe
    O4 – HKLM..Run: [Ad-Aware Antivirus] Clé orpheline
    O4 – HKLM..Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. – Java(TM) Update Scheduler.) — C:Program FilesCommon FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
    O4 – HKLM..Run: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe
    O4 – HKLM..Run: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAlwil SoftwareAvast5AvastUI.exe
    O4 – HKCU..Run: [msnmsgr] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program FilesWindows LiveMessengermsnmsgr.exe
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUS.DEFAULT..RunOnce: [SPReview] . (.Microsoft Corporation – SP Reviewer.) — C:windowsSystem32SPReviewSPReview.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-18..RunOnce: [SPReview] . (.Microsoft Corporation – SP Reviewer.) — C:windowsSystem32SPReviewSPReview.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-1871111397-3539990770-1974983793-1000..Run: [msnmsgr] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program FilesWindows LiveMessengermsnmsgr.exe
    O4 – HKUSS-1-5-21-1871111397-3539990770-1974983793-1000..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program FilesSkypePhoneSkype.exe =>.Skype Technologies S.A.
    ~ Application: Scanned in 00mn 02s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 – {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation – Windows Live Messenger Companion core resources.) — C:Program FilesWindows LiveCompanioncompanionres.dll
    O9 – Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation – Windows Live Writer Blog This Extension.) — C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
    O9 – Extra button: PartyPoker.fr – {725EC34E-943C-4df6-B0B2-FBDE7F242276} — C:ProgramsPartyFrancePartyPokerFrimagesppicon.ico (.not file.)
    O9 – Extra button: PokerStars.be – {878AC5FC-BE78-4bae-896C-7F75B790A71E} — C:Program FilesPokerStars.BEmain.ico (.not file.)
    O9 – Extra button: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (…) — C:Program FilesSkypeToolbarsInternet Explorericon.ico
    O9 – Extra button: PokerStars.fr – {90EAE591-7E7E-434a-8E28-ECFD00071806} . (.PokerStars – PokerStars Update.) — C:Program FilesPokerStars.FRPokerStarsUpdate.exe
    O9 – Extra button: Recherche – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOFFICE11REFBARH.ICO
    O9 – Extra button: Site Finder – {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} . (…) — C:Program FilesSiteFinderhotbtn.ico =>Adware.ShoppingReport
    O9 – Extra button: Afficher ou masquer l'HP Smart Web Printing – {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. – HP Smart Web Printing add-on for Internet Explorer.) — C:Program FilesHPDigital ImagingSmart Web Printinghpswp_BHO.dll
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{7614B14B-5F57-49DD-BDD2-1BE162F3248F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpip..{95DE52F9-5E06-47C9-BE22-4B7FE2603F77}: DhcpNameServer = 192.168.13.7 192.168.13.6
    O17 – HKLMSystemCCSServicesTcpip..{95DE52F9-5E06-47C9-BE22-4B7FE2603F77}: DhcpDomain = stleunt.local
    O17 – HKLMSystemCS1ServicesTcpip..{7614B14B-5F57-49DD-BDD2-1BE162F3248F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{95DE52F9-5E06-47C9-BE22-4B7FE2603F77}: DhcpNameServer = 192.168.13.7 192.168.13.6
    O17 – HKLMSystemCS1ServicesTcpip..{95DE52F9-5E06-47C9-BE22-4B7FE2603F77}: DhcpDomain = stleunt.local
    O17 – HKLMSystemCS2ServicesTcpip..{7614B14B-5F57-49DD-BDD2-1BE162F3248F}: DhcpNameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{95DE52F9-5E06-47C9-BE22-4B7FE2603F77}: DhcpNameServer = 192.168.13.7 192.168.13.6
    O17 – HKLMSystemCS2ServicesTcpip..{95DE52F9-5E06-47C9-BE22-4B7FE2603F77}: DhcpDomain = stleunt.local
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation – Windows Live Album Download Protocol Handle.) — C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
    O18 – Filter: text/xml – {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE11MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
    O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
    ~ Winlogon: Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [{D61CFA38-13BC-4209-B9C5-43A3CA504F11}] (…) — C:UsersgeantDesktopSetup.exe (.not file.) [0]
    O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1054]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1058]
    ~ Scheduled Task: 20 Legitimates Filtered in 00mn 10s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: (sp_rsdrv2) . (…) – C:windowssystem32driverssp_rsdrv2.sys
    ~ Drivers: 75 Legitimates Filtered in 00mn 01s

    —\ Logiciels installés (O42)
    O42 – Logiciel: Ask Shopping Toolbar – (.APN, LLC.) [HKLM] — {4F524A00-6A76-A76A-76A7-A758B70C0A06} =>Adware.Bandoo
    O42 – Logiciel: Free CD to MP3 Converter – (…) [HKLM] — Free CD to MP3 Converter
    O42 – Logiciel: PokerStars.fr – (.PokerStars.fr.) [HKLM] — PokerStars.fr
    O42 – Logiciel: SiteFinder – (.SiteFinder.) [HKLM] — SiteFinder =>Adware.ShoppingReport
    ~ Logic: 24 Legitimates Filtered in 00mn 01s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwarePMU]
    [HKCUSoftwarePartyFrance]
    [HKLMSoftwareKeyMark]
    ~ Key Software: 309 Legitimates Filtered in 00mn 01s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 05/09/2013 – 05:04:12 – [0] —-D C:Program FilesBarrierePoker.fr
    O43 – CFD: 06/12/2010 – 14:37:54 – [] —-D C:Program FilesCD to MP3 Freeware
    O43 – CFD: 22/03/2013 – 10:05:00 – [0] —-D C:Program FilesPokerStars.BE
    O43 – CFD: 19/05/2014 – 21:51:22 – [] —-D C:Program FilesPokerStars.FR
    O43 – CFD: 22/03/2013 – 10:05:46 – [] —-D C:Program FilesPokerTracker 3
    O43 – CFD: 29/05/2014 – 13:03:52 – [] —-D C:Program FilesSiteFinder =>Adware.ShoppingReport
    O43 – CFD: 04/05/2014 – 22:34:05 – [0] —-D C:Program FilesSiteLookup
    O43 – CFD: 31/05/2014 – 11:16:57 – [] —-D C:ProgramDataAd-Aware Browsing Protection
    O43 – CFD: 03/04/2011 – 18:44:18 – [] —-D C:ProgramDataaDl31001kFaEl31001
    O43 – CFD: 11/11/2011 – 15:12:45 – [] —-D C:ProgramDataboost_interprocess
    O43 – CFD: 11/11/2011 – 15:15:02 – [] —-D C:ProgramData{08E30618-5D06-461B-BBD3-4ADFB0810824}
    O43 – CFD: 19/11/2010 – 03:59:22 – [] —-D C:UsersgeantAppDataRoamingfr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
    O43 – CFD: 16/08/2013 – 22:05:21 – [] —-D C:UsersgeantAppDataRoamingwam
    O43 – CFD: 28/01/2012 – 22:07:32 – [] —-D C:UsersgeantAppDataRoamingwam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
    O43 – CFD: 22/03/2013 – 10:04:55 – [0] —-D C:UsersgeantAppDataLocalPokerStars.BE
    O43 – CFD: 20/05/2014 – 00:43:44 – [] —-D C:UsersgeantAppDataLocalPokerStars.FR
    O43 – CFD: 06/12/2010 – 14:22:34 – [0] —-D C:UsersgeantAppDataRoamingMicrosoftWindowsStart MenuProgramsCD to MP3 Freeware
    O43 – CFD: 25/08/2011 – 10:49:42 – [] —-D C:UsersgeantAppDataRoamingMicrosoftWindowsStart MenuProgramsFoxTab AVI Converter
    ~ 361 Dossier CLSID vide (CLSID Empty Folder)
    ~ Program Folder: 611 Legitimates Filtered in 00mn 13s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.0DC5AF80D059DEC792B665ED598C6567] – 27/05/2014 – 21:14:44 —A- . (.SQLite Development Team – SQLite Dynamic Link Library (No TCL).) — C:WindowsSystem32sqlite3.dll [536576]
    O44 – LFC:[MD5.4D6C6E0505A8E5A0656DCB223497D37C] – 31/05/2014 – 09:32:09 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [24184]
    ~ Files: 26 Legitimates Filtered in 00mn 34s

    —\ Clé de registre Shell MountPoints2 (MPKS) (O51)
    O51 – MPSK:{31b2e687-b17b-11e0-a300-00245428b8be}AutoRuncommand. (…) — F:AutoRun.exe (.not file.)
    O51 – MPSK:{31b2e689-b17b-11e0-a300-00245428b8be}AutoRuncommand. (…) — F:AutoRun.exe (.not file.)
    O51 – MPSK:{8ae1265e-9da3-11e0-a9d2-00245428b8be}AutoRuncommand. (…) — F:AutoRun.exe (.not file.)
    O51 – MPSK:{8ae12660-9da3-11e0-a9d2-00245428b8be}AutoRuncommand. (…) — F:AutoRun.exe (.not file.)
    O51 – MPSK:{b18add85-a6b2-11e0-9e09-00245428b8be}AutoRuncommand. (…) — F:AutoRun.exe (.not file.)
    O51 – MPSK:{b18add87-a6b2-11e0-9e09-00245428b8be}AutoRuncommand. (…) — F:AutoRun.exe (.not file.)
    O51 – MPSK:{c0212de0-34a2-11e0-b25a-00245428b8be}AutoRuncommand. (…) — F:AutoRun.exe (.not file.)
    O51 – MPSK:{c0212de4-34a2-11e0-b25a-00245428b8be}AutoRuncommand. (…) — H:AutoRun.exe (.not file.)
    ~ Keys: Scanned in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:31/05/2014 – 09:32:09 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [24184] =>.ALWIL Software
    O58 – SDL:31/05/2014 – 09:32:09 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [49944] =>.ALWIL Software
    O58 – SDL:31/05/2014 – 09:32:09 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [180632] =>.ALWIL Software
    O58 – SDL:14/07/2009 – 05:20:28 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [453712]
    O58 – SDL:22/03/2013 – 11:22:30 —A- . (.GFI Software – GFI Boot Time Operations Driver.) — C:WindowsSystem32Driversgfibto.sys [13560]
    O58 – SDL:14/07/2009 – 02:54:14 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [26624]
    O58 – SDL:15/11/2010 – 20:24:07 RSHA- . (…) — C:WindowsSystem32DriversSKeyAnsr.Sys [131]
    O58 – SDL:24/07/2004 – 22:43:16 –HA- . (…) — C:WindowsSystem32DriversSKeyTabl.Sys [614]
    O58 – SDL:21/06/2011 – 11:24:06 —A- . (…) — C:WindowsSystem32Driverssp_rsdrv2.sys [32768]
    O58 – SDL:15/11/2010 – 20:24:14 –HA- . (…) — C:WindowsSystem32DriversSqrtyKey.Sys [794]
    O58 – SDL:14/07/2009 – 05:19:04 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [21072]
    O58 – SDL:13/12/2012 – 14:50:38 —A- . (.Apple, Inc. – Apple Mobile Device USB Driver.) — C:WindowsSystem32Driversusbaapl.sys [45056]
    O58 – SDL:28/09/2009 – 13:22:00 —A- . (…) — C:WindowsSystem32Driversyk62x86.sys [315392]
    O58 – SDL:14/07/2009 – 01:40:41 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
    O58 – SDL:14/07/2009 – 01:40:44 —A- . (…) — C:WindowsSystem32country.sys [27097]
    O58 – SDL:14/07/2009 – 01:40:40 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
    O58 – SDL:14/07/2009 – 01:40:43 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
    O58 – SDL:14/07/2009 – 01:40:43 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
    O58 – SDL:14/07/2009 – 01:40:23 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
    O58 – SDL:14/07/2009 – 01:40:31 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
    O58 – SDL:14/07/2009 – 01:40:35 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
    O58 – SDL:14/07/2009 – 01:40:39 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
    O58 – SDL:14/07/2009 – 01:40:27 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
    O58 – SDL:14/07/2009 – 01:40:11 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
    O58 – SDL:14/07/2009 – 01:40:15 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
    O58 – SDL:14/07/2009 – 01:40:17 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
    O58 – SDL:14/07/2009 – 01:40:19 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
    O58 – SDL:14/07/2009 – 01:40:13 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
    ~ Drivers: 100 Legitimates Filtered in 00mn 13s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 26/05/2014 – 15:45:21 —A- . (…) — C:UsersgeantDesktopRogueKiller.exe [3972608]
    O61 – LFC: 27/05/2014 – 15:45:16 —A- . (…) — C:UsersgeantDesktopAdwCleaner-3.211.exe [1327971]
    O61 – LFC: 31/05/2014 – 15:45:16 —A- . (…) — C:UsersgeantDesktopadwcleaner_3.211.exe [1327971]
    ~ 4113 Fichiers temporaires (Temporary files)
    ~ 287 Fichiers cookies (Cookies files)
    ~ Files: 6 Legitimates Filtered in 01mn 36s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 31/05/2014 – C:Windowssystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
    ~ Legacy: 97 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {10697039-2656-4D27-A57D-275479A1189C} – (Search the web (Softonic)) – http://search.softonic.com” onclick=”window.open(this.href);return false; =>Adware.IMBooster
    O69 – SBI: SearchScopes [HKCU] {21BE518B-DC04-42F8-BAD9-576429AFA875} – (Yahoo! Search) – http://search.yahoo.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} – (Microsoft (Bing)) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} [DefaultScope] – (Yahoo! (Avast)) – http://fr.yhs4.search.yahoo.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {D173F0E1-CBF8-4A35-80A7-20A1264C37B3} – (Ask Search) – http://www.search.ask.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.964E456826B509A2020CA91AE0FEAD7D] [SPRF][21/11/2010] (…) — C:ProgramDataezsidmv.dat [56]
    [MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][17/08/2009] (…) — C:ProgramDataFullRemove.exe [131368]
    [MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][25/02/2011] (…) — C:UsersgeantAppDataRoamingwklnhst.dat [0]
    [MD5.9EC73884D7D7BFEC9EED7EAF3122A0BE] [SPRF][27/05/2014] (…) — C:UsersgeantDesktopAdwCleaner-3.211.exe [1327971]
    [MD5.9EC73884D7D7BFEC9EED7EAF3122A0BE] [SPRF][31/05/2014] (…) — C:UsersgeantDesktopadwcleaner_3.211.exe [1327971]
    [MD5.BAD9ED9FE41341BC465610D10C998650] [SPRF][16/05/2014] (…) — C:UsersgeantDesktopiphone-4g-transfer.exe [31275952]
    [MD5.0E385254736E38A5458C846346ECD20F] [SPRF][19/05/2014] (.PokerStars – PokerStars Installer.) — C:UsersgeantDesktopPokerStarsInstallFR.exe [30054952]
    [MD5.240DDA08F6EE9290747D1A04A99D1CCA] [SPRF][26/05/2014] (…) — C:UsersgeantDesktopRogueKiller.exe [3972608]
    ~ Files: 10 Legitimates Filtered in 00mn 08s

    —\ Enumère les codes produits des logiciels (PUC) (O90)
    O90 – PUC: “00A425F467A6A67A677A7A857BC0A060” . (.Ask Shopping Toolbar.) — C:windowsInstaller{4F524A00-6A76-A76A-76A7-A758B70C0A06}ToolbarIcon.exe =>Adware.Bandoo
    ~ Update Products: 1 Legitimates Filtered in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.6894D480AB94A37CF5DB77DD4D3EBC4E] [WIS][11/11/2011] (.Bandoo Media Inc. – iLivid Installation.) — C:WindowsInstaller2588c27f.msi [266240] =>Adware.Bandoo
    [MD5.FFAC3863CD29681022399B4DDA79CF0E] [WIS][11/04/2014] (.APN, LLC – Ask Shopping Toolbar.) — C:WindowsInstallerd23b526.msi [600064] =>Adware.Bandoo
    ~ WIS: 2 Legitimates Filtered in 00mn 11s

    —\ Recherche de clés de registre Tracing (O100)
    HKLMSOFTWAREMicrosoftTracingBingBar_RASAPI32 =>Toolbar.Bing
    HKLMSOFTWAREMicrosoftTracingemule_RASAPI32 =>P2P.eMule
    HKLMSOFTWAREMicrosoftTracingemule_RASMANCS =>P2P.eMule
    HKLMSOFTWAREMicrosoftTracingGoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
    HKLMSOFTWAREMicrosoftTracingGoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
    HKLMSOFTWAREMicrosoftTracingGoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
    HKLMSOFTWAREMicrosoftTracingGoogleToolbarNotifier_RASMANCS =>Toolbar.Google
    HKLMSOFTWAREMicrosoftTracingpdfforgeToolbar-stub-1_RASAPI32 =>PUP.Dealio
    HKLMSOFTWAREMicrosoftTracingpdfforgeToolbar-stub-1_RASMANCS =>PUP.Dealio
    HKLMSOFTWAREMicrosoftTracingSearchSettings_RASAPI32 =>Adware.SearchSettings
    HKLMSOFTWAREMicrosoftTracingSearchSettings_RASMANCS =>Adware.SearchSettings
    ~ BTK: 273 Legitimates Filtered in 00mn 00s

    —\ Recherche de clés de registre CLSID (O101)
    [HKCRCLSID{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}] (SiteFinder) =>Adware.ShoppingReport
    ~ BCK: 7186 Legitimates Filtered in 00mn 14s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 14/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:windowssystem32MacromedFlashFlashPlayerUpdateService.exe
    SS – | Auto 19/11/2010 135664 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 19/11/2010 135664 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
    SS – | Demand 16/01/2014 235696 | (McComponentHostService) . (.McAfee, Inc..) – C:Program FilesMcAfee Security Scan3.8.141McCHSvc.exe
    SS – | Demand 11/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
    SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program FilesSkypeUpdaterUpdater.exe
    SS – | Demand 14/07/2009 20992 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 21/02/2013 1236336 | (Ad-Aware Service) . (.Lavasoft Limited.) – C:Program FilesAd-Aware AntivirusAdAwareService.exe
    SR – | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
    SR – | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
    SR – | Auto 31/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
    SR – | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SR – | Demand 14/07/2009 20992 | C:Program FilesHPDigital Imagingbinhpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) – C:WindowsSystem32svchost.exe
    SR – | Auto 14/07/2009 20992 | C:Program FilesHPDigital Imagingbinhpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) – C:WindowsSystem32svchost.exe
    SR – | Demand 19/10/2013 553288 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
    SR – | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamscheduler.exe
    SR – | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes Anti-Malwarembamservice.exe
    SR – | Auto 14/07/2009 20992 | C:windowssystem32HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SR – | Auto 10/12/2009 65536 | (pgsql-8.3) . (.PostgreSQL Global Development Group.) – C:Program FilesPostgreSQL8.3binpg_ctl.exe
    SR – | Auto 14/07/2009 20992 | C:windowssystem32HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
    SR – | Auto 07/07/2009 247152 | (RichVideo) . (…) – C:Program FilesCyberLinkShared filesRichVideo.exe
    SR – | Auto 20/09/2012 3677000 | (SBAMSvc) . (.GFI Software.) – C:Program FilesAd-Aware AntivirusSBAMSvc.exe
    SR – | Auto 12/02/2013 587912 | (ST2012_Svc) . (.Crawler.com.) – C:Program FilesSpyware Terminatorst_rsser.exe
    SR – | Auto 14/07/2009 20992 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 18s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net” onclick=”window.open(this.href);return false;
    ~ MBR: 1 Legitimates Filtered in 00mn 02s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by geant at 31/05/2014 15:48:20
    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 04s

    —\ Scan Additionnel (O88)
    Database Version : 13026 – (30/05/2014)
    Clés trouvées (Keys found) : 6
    Valeurs trouvées (Values found) : 2
    Dossiers trouvés (Folders found) : 1
    Fichiers trouvés (Files found) : 4

    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{4F524A00-6A76-A76A-76A7-A758B70C0A06}] =>Adware.Bandoo^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallSiteFinder] =>Adware.ShoppingReport^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes5E0C8759C69912A4485AD49572CE7CA3] =>Adware.Bandoo
    [HKCUSoftwarePartyFrance] =>Casino.OnlineGames
    [HKCRVirtualStoreMACHINESoftwareCToolbar] =>Toolbar.Crawler
    [HKLMSoftwareMicrosoftTracingBingBar_RASAPI32] =>Toolbar.Bing
    [HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks]:{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} =>Adware.ShoppingReport^
    [HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} =>Adware.ShoppingReport^
    C:Program FilesSiteFinder =>Adware.ShoppingReport^
    C:WindowsInstaller2588c27f.msi =>Adware.Bandoo^
    C:WindowsInstallerd23b526.msi =>Adware.Bandoo^
    [HKCRCLSID{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}] (SiteFinder) =>Adware.ShoppingReport^
    C:UsersgeantAppDataLocalTempGoogleToolbarInstaller1.log =>PUP.Babylon
    ~ Additionnel Scan: 424797 Items scanned in 01mn 02s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.fr/hijacker-browsers” onclick=”window.open(this.href);return false; =>Hijacker.Browsers
    http://nicolascoolman.fr/adware-shoppingreport” onclick=”window.open(this.href);return false; =>Adware.ShoppingReport
    http://nicolascoolman.fr/toolbar-conduit” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
    http://nicolascoolman.fr/adware-bandoo” onclick=”window.open(this.href);return false; =>Adware.Bandoo
    http://nicolascoolman.fr/adware-imbooster” onclick=”window.open(this.href);return false; =>Adware.IMBooster
    http://nicolascoolman.fr/pup-dealio” onclick=”window.open(this.href);return false; =>PUP.Dealio
    http://nicolascoolman.fr/adware-searchsettings” onclick=”window.open(this.href);return false; =>Adware.SearchSettings
    http://nicolascoolman.fr/pup-babylon” onclick=”window.open(this.href);return false; =>PUP.Babylon
    ~ MSI: 8 link(s) detected in 00mn 00s

    ~ 1274 Legitimates filtered by white list
    End of the scan (600 lines in 09mn 51s)(0)[/spoiler:ig781hx4]

    D’avance, encore merci pour votre aide précieuse…. :merci2:

    lilidurhone
    Nombre d'articles : 0

    :welcome: sur sosvirus ;)

    C’est moi qui vais te prendre en charge ;)

    Il est urgent de faire de la place :E => System drive C: has 5 GB (3%) free of 141 GB il faut au minimum 15%

    Commences par désinstaller

    Ad-Aware Antivirus v10.5.1.4369
    McAfee Security Scan Plus v3.8.141.11
    Spyware Terminator 2012 v3.0.0.80

    Les 3 sont inefficaces puisque tu possèdes avast et Mbam(qu’on mettra à jour ;) )

    Ensuite passe Shortcut module

    • Désactive ton antivirus sinon l’outil ne pourra pas travailler convenablement.
    • Télécharge Shortcut_Module sur ton bureau.

      Note : Enregistrer votre travail avant de continuer !

    • Lance Shortcut_Module,
    • Clic sur Nettoyer

      Note : Patiente le temps du scan

    • Laisse travailler l’outil même s’il te parait bloqué
    • Si l’outil détecte un proxy que tu ne connais pas clic sur : “Supprimer le proxy
    • Héberge le rapport C:Shortcut_Module_date_heure.txt sur https://antimalware.top/” onclick=”window.open(this.href);return false; puis donne le lien obtenu
    Lenkorneur
    Participant
    Nombre d'articles : 8

    Salut Llidurohne. Merci de t’occuper de moi. Je fais minutieusement ce que tu me demande. J’ai désinstalé les prog demandés et libérér jusqu’à 13 Go sur mon DD. Je continue à faire de la place.

    Voici le lien demandé

    https://antimalware.top/www/?a=d&i=wGcRugx328” onclick=”window.open(this.href);return false;

    lilidurhone
    Nombre d'articles : 0

    :super:

    Quand tu aurais fait de la place refais un zhpdiag

    Lenkorneur
    Participant
    Nombre d'articles : 8

    16.6 Go de libre et le rapport du dernier zhpdiag :

    https://antimalware.top/www/?a=d&i=38ogI7odve” onclick=”window.open(this.href);return false;

    lilidurhone
    Nombre d'articles : 0

    :super:

    Il faudrait au moins 15% de libre ;)

    • Télécharge MalwareBytes
    • Procède à l’installation de celui çi Décocher “Activer l’essai gratuit de Malwarebytes Anti-Malware Premium”
    • Clic sur Mettre à jour (à droite, au centre)
    • Clic sur Examen (en haut)
    • Sélectionne Examen “Menaces”
    • Clic sur Examiner maintenant

    • A la fin du scan clic sur Tout mettre en quarantaine !
    • Clic sur Copier dans le Presse-papiers
    • Un rapport va s’ouvrir. Copie/Colle son contenue dans ta prochaine réponse.

    Ensuite mets java à jour et refais moi un zhpdiag

    Lenkorneur
    Participant
    Nombre d'articles : 8

    Salut…

    Alors, 43 Go de libérer sur le disque (30%). Malwarbytes n’a rien détecté donc il n’y a rien eu à mettre en quarantaine (est ce que cela signifie que je suis guéri docteur ??? . … Le rapport est ci-dessous. La mise a jour Java semble ne pas avoir fonctionné, je vais recommencer.

    Voici le lien pour le rapport zhpdiag : https://antimalware.top/www/?a=d&i=dKDHjnvAns” onclick=”window.open(this.href);return false;

    Merci encore…

    Rapport malwarebytes :

    Système de fichiers: NTFS
    Utilisateur: geant

    Type d’examen: Examen “Menaces”
    Résultat: Terminé
    Objets analysés: 291030
    Temps écoulé: 16 min, 29 sec

    Mémoire: Activé(e)
    Démarrage: Activé(e)
    Système de fichiers: Activé(e)
    Archives: Activé(e)
    Rootkits: Désactivé(e)
    Heuristics: Activé(e)
    PUP: Avertir
    PUM: Activé(e)

    Processus: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Clés du Registre: 0
    (No malicious items detected)

    Valeurs du Registre: 0
    (No malicious items detected)

    Données du Registre: 0
    (No malicious items detected)

    Dossiers: 0
    (No malicious items detected)

    Fichiers: 0
    (No malicious items detected)

    Secteurs physiques: 0
    (No malicious items detected)

    (end)

    lilidurhone
    Nombre d'articles : 0

    Patientes :)

    Je vais devoir me déconnecter(repas) et me reconnecterai dans la soirée

    Lenkorneur
    Participant
    Nombre d'articles : 8

    Ok, pas de problème. Merci pour le temps que tu me consacre. Sache d’ailleurs que je n’ai déjà plus les alertes avast intempestives pour le trojan qui m’embêtait..

    lilidurhone
    Nombre d'articles : 0

    Sache d’ailleurs que je n’ai déjà plus les alertes avast intempestives pour le trojan qui m’embêtait..

    :super:

    On finalise avec un script ;)

    • Copie les lignes ci dessous :
      Script ZHPFix
      [HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: Modified
      O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} -- C:Program FilesSiteFinderhotbtn.ico (.not file.) =>Adware.ShoppingReport
      [MD5.00000000000000000000000000000000] [APT] [{D61CFA38-13BC-4209-B9C5-43A3CA504F11}] (...) -- C:UsersgeantDesktopSetup.exe (.not file.) [0]
      O51 - MPSK:{31b2e687-b17b-11e0-a300-00245428b8be}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.)
      O51 - MPSK:{31b2e689-b17b-11e0-a300-00245428b8be}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.)
      O51 - MPSK:{8ae1265e-9da3-11e0-a9d2-00245428b8be}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.)
      O51 - MPSK:{8ae12660-9da3-11e0-a9d2-00245428b8be}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.)
      O51 - MPSK:{b18add85-a6b2-11e0-9e09-00245428b8be}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.)
      O51 - MPSK:{b18add87-a6b2-11e0-9e09-00245428b8be}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.)
      O51 - MPSK:{c0212de0-34a2-11e0-b25a-00245428b8be}AutoRuncommand. (...) -- F:AutoRun.exe (.not file.)
      O51 - MPSK:{c0212de4-34a2-11e0-b25a-00245428b8be}AutoRuncommand. (...) -- H:AutoRun.exe (.not file.)
      HKLMSOFTWAREMicrosoftTracingBingBar_RASAPI32 =>Toolbar.Bing
      HKLMSOFTWAREMicrosoftTracingemule_RASAPI32 =>P2P.eMule
      HKLMSOFTWAREMicrosoftTracingemule_RASMANCS =>P2P.eMule
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingGoogleToolbarNotifier_RASMANCS =>Toolbar.Google
      HKLMSOFTWAREMicrosoftTracingSearchSettings_RASAPI32 =>Adware.SearchSettings
      HKLMSOFTWAREMicrosoftTracingSearchSettings_RASMANCS =>Adware.SearchSettings
      [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes5E0C8759C69912A4485AD49572CE7CA3] =>Adware.Bandoo
      [HKCUSoftwarePartyFrance] =>Casino.OnlineGames
      [HKCRVirtualStoreMACHINESoftwareCToolbar] =>Toolbar.Crawler
      [HKLMSoftwareMicrosoftTracingBingBar_RASAPI32] =>Toolbar.Bing
      sysrestore

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Puis Clic sur “GO

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.
    Lenkorneur
    Participant
    Nombre d'articles : 8

    Bonjour Lili,

    Désolé de répondre aujourd’hui mais tu aides un réunionnais et on a deux heures de décalage avec la métropole J’ai vu ton message ce matin.

    Voici le lien demandé…

    https://antimalware.top/www/?a=d&i=OhpOqwnTeR” onclick=”window.open(this.href);return false;

    Mon PC tourne déjà beaucoup mieux…. :merci2:

    lilidurhone
    Nombre d'articles : 0

    :super:

    Refais zhpdiag

    Lenkorneur
    Participant
    Nombre d'articles : 8

    Voila…

    https://antimalware.top/www/?a=d&i=5AxLy3J7SI” onclick=”window.open(this.href);return false;

    lilidurhone
    Nombre d'articles : 0

    Il n’y a plus d’infections ;) mais un de mes collègues m’a fait remarquer quelque chose ^^

    Juste passer JRT et Usbfix en recherche

    • Télécharge Junkware Removal Tool (de thisisu) sur ton bureau.
    • Lance Junkware Removal Tool, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Appuie sur n’importe quelle touche.

    • Une fois le scan terminé rends toi sur le bureau, le fichier JRT.txt à été créé.
    • Héberge le rapport JRT.txt surSosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    • Télécharge UsbFix (de El Desaparecido) sur ton Bureau !
    • Branche toutes tes sources de données externes au PC (clé USB, disque dur externe, etc…) sans les ouvrir.
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Choisis l’option Recherche

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse
15 sujets de 1 à 15 (sur un total de 16)
  • Vous devez être connecté pour répondre à ce sujet.