Ports USB infectés 2014-05-09T11:25:14+00:00
  • Auteur
    Messages
  • cambouis
    Participant
    Nombre d'articles : 128

    Bonjour,

    Il y a quelques jours, j’ai eu un probléme de fenêtres intempestives et barres d’outils qui s’installes sans y etre invité !
    J’ai fait une analyse avec adw cleaner et les problémes semblent réglés !
    J’ai fait une analyse avec USB Fix et mes ports USB semblent infectés.
    Je vous joint des rapports d’analyses.J’ai copier collé….je ne sais pas si c’est la bonne façon de faire…
    Merci pour l’aide que vous m’apporterez.
    Cordialement :merci2:

    [attachment=]############################## | UsbFix V 7.169 | [Suppression]

    Utilisateur: Gérard (Administrateur) # GÉRARD-HP
    Mis à jour le 31/03/2014 par El Desaparecido – Team SosVirus
    Lancé à 22:21:06 | 08/05/2014

    Site Web : http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Changelog : http://www.usbfix.net/maj/” onclick=”window.open(this.href);return false;
    Support : forum-virus-securite.html
    Upload Malware : upload_malware.php
    Contact : http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Foxconn (2ABF)
    CPU: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
    RAM -> [Total : 4077 Mo| Free : 2886 Mo]
    Bios: AMI
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) Service Pack 1
    WB: Windows Internet Explorer : 11.0.9600.17105
    WB: Mozilla Firefox : 28.0

    SC: Security Center [Enabled]
    WU: Windows Update [Enabled]
    AV: Avira Desktop [Enabled | Updated]
    AS: Avira Desktop [Enabled | Updated]
    AS: Windows Defender [Enabled | Updated]
    FW: Windows FireWall [(!) Disabled]
    AS: Malwarebytes’ Anti-Malware : 1.75.0001

    C: (%systemdrive%) -> Disque fixe # 1557 Go (1423 Go libre(s) – 91%) [OS] # NTFS
    D: -> Disque fixe # 13 Go (2 Go libre(s) – 12%) [HP_RECOVERY] # NTFS
    E: -> CD-ROM
    F: -> Disque fixe # 100 Mo (70 Mo libre(s) – 70%) [SYSTEM] # NTFS
    H: -> Disque amovible # 4 Go (3 Go libre(s) – 90%) [KINGSTON] # FAT32
    J: -> Disque fixe # 298 Go (161 Go libre(s) – 54%) [My Passport] # FAT32

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 468 |ParentID: 460)
    C:Windowssystem32wininit.exe (ID: 540 |ParentID: 460)
    C:Windowssystem32csrss.exe (ID: 568 |ParentID: 552)
    C:Windowssystem32services.exe (ID: 604 |ParentID: 540)
    C:Windowssystem32lsass.exe (ID: 612 |ParentID: 540)
    C:Windowssystem32lsm.exe (ID: 620 |ParentID: 540)
    C:Windowssystem32winlogon.exe (ID: 688 |ParentID: 552)
    C:Windowssystem32svchost.exe (ID: 792 |ParentID: 604)
    C:Program Files (x86)HP SimplePass 2011TrueSuiteService.exe (ID: 868 |ParentID: 604)
    C:Windowssystem32svchost.exe (ID: 928 |ParentID: 604)
    C:Windowssystem32atiesrxx.exe (ID: 980 |ParentID: 604)
    C:WindowsSystem32svchost.exe (ID: 416 |ParentID: 604)
    C:WindowsSystem32svchost.exe (ID: 484 |ParentID: 604)
    C:Windowssystem32svchost.exe (ID: 716 |ParentID: 604)
    C:Windowssystem32svchost.exe (ID: 944 |ParentID: 604)
    C:Windowssystem32atieclxx.exe (ID: 1188 |ParentID: 980)
    C:Windowssystem32svchost.exe (ID: 1216 |ParentID: 604)
    C:WindowsSystem32spoolsv.exe (ID: 1388 |ParentID: 604)
    C:Program Files (x86)AviraAntiVir Desktopsched.exe (ID: 1432 |ParentID: 604)
    C:Windowssystem32svchost.exe (ID: 1456 |ParentID: 604)
    C:Program FilesSUPERAntiSpywareSASCORE64.EXE (ID: 1608 |ParentID: 604)
    C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe (ID: 1632 |ParentID: 604)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1656 |ParentID: 604)
    C:Program Files (x86)AviraAntiVir Desktopavguard.exe (ID: 1736 |ParentID: 604)
    C:Program Files (x86)Common FilesAutodata Limited SharedServiceADCDLicSvc.exe (ID: 1772 |ParentID: 604)
    C:Program FilesBonjourmDNSResponder.exe (ID: 1808 |ParentID: 604)
    C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe (ID: 1832 |ParentID: 604)
    C:Windowssystem32taskhost.exe (ID: 1900 |ParentID: 604)
    C:Windowssystem32Dwm.exe (ID: 2004 |ParentID: 484)
    C:WindowsExplorer.EXE (ID: 1508 |ParentID: 1996)
    C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe (ID: 1920 |ParentID: 604)
    C:Program Files (x86)HP SimplePass 2011TouchControl.exe (ID: 2052 |ParentID: 868)
    C:Program Files (x86)OrangeAssistance LiveboxdedicarzDedicarzService.exe (ID: 2092 |ParentID: 604)
    C:WindowsSysWOW64ezSharedSvcHost.exe (ID: 2276 |ParentID: 604)
    C:Windowssystem32svchost.exe (ID: 2488 |ParentID: 604)
    C:Program Files (x86)GarminCore Update ServiceGarmin.Cartography.MapUpdate.CoreService.exe (ID: 2520 |ParentID: 604)
    C:Program Files (x86)HP SimplePass 2011BioMonitor.exe (ID: 2552 |ParentID: 792)
    C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe (ID: 2704 |ParentID: 604)
    C:Program Files (x86)RIFT TechnologiesInstallClick Connectorinstallclick.exe (ID: 2768 |ParentID: 604)
    C:Program Files (x86)RIFT TechnologiesInstallClick Connectorinstallclick-connector.exe (ID: 2804 |ParentID: 2768)
    C:Windowssystem32conhost.exe (ID: 2812 |ParentID: 468)
    C:Program Files (x86)AviraAntiVir Desktopavgnt.exe (ID: 2900 |ParentID: 2860)
    C:Program Files (x86)IntelServicesIPTjhi_service.exe (ID: 2924 |ParentID: 604)
    C:Program Files (x86)Common FilesMicrosoft SharedVS7DEBUGMDM.EXE (ID: 2968 |ParentID: 604)
    C:Program Files (x86)PDF Completepdfsvc.exe (ID: 1652 |ParentID: 604)
    C:Windowssystem32svchost.exe (ID: 2644 |ParentID: 604)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID: 3048 |ParentID: 604)
    C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID: 3304 |ParentID: 3048)
    C:Program Files (x86)AviraAntiVir Desktopavshadow.exe (ID: 3548 |ParentID: 1736)
    C:Windowssystem32SearchIndexer.exe (ID: 3800 |ParentID: 604)
    C:Windowssystem32svchost.exe (ID: 4064 |ParentID: 604)
    C:WindowsSystem32WUDFHost.exe (ID: 1088 |ParentID: 484)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID: 4200 |ParentID: 604)
    C:Program Files (x86)Glary Utilities 4Integrator.exe (ID: 4232 |ParentID: 1792)
    C:Windowssystem32wbemunsecapp.exe (ID: 4256 |ParentID: 792)
    C:WindowsSystem32svchost.exe (ID: 4784 |ParentID: 604)
    C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe (ID: 3612 |ParentID: 604)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID: 2352 |ParentID: 604)
    C:Windowssystem32svchost.exe (ID: 3336 |ParentID: 604)
    C:WindowsSystem32svchost.exe (ID: 3868 |ParentID: 604)
    C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID: 768 |ParentID: 604)
    C:Windowssystem32svchost.exe (ID: 2072 |ParentID: 604)
    C:Windowssystem32DllHost.exe (ID: 1344 |ParentID: 792)
    C:Windowssystem32DllHost.exe (ID: 4392 |ParentID: 792)
    C:Windowssystem32SearchProtocolHost.exe (ID: 4088 |ParentID: 3800)
    C:Windowssystem32SearchFilterHost.exe (ID: 1248 |ParentID: 3800)
    C:Windowssystem32DllHost.exe (ID: 4420 |ParentID: 792)
    C:Windowssystem32DllHost.exe (ID: 5104 |ParentID: 792)
    C:Windowssystem32wbemwmiprvse.exe (ID: 812 |ParentID: 792)

    ################## | Recherche générique |

    Supprimé! C:UsersGérardAppDataRoamingsystemehepg.msj
    Supprimé! C:UsersGérardAppDataRoamingsystem
    Supprimé! C:UsersGérardAppDataLocalnszC0DE.tmp
    Supprimé! J:autorun.in_2.org

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    Réparé ! HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|EnableShellExecuteHooks -> 0

    ################## | Regedit Run |

    F2 – HKLM..Winlogon : [Shell] explorer.exe
    F2 – [x64] HKLM..Winlogon : [Shell] explorer.exe
    F2 – HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    F2 – [x64] HKLM..Winlogon : [Userinit] C:Windowssystem32userinit.exe,
    04 – HKLM..Run : [avgnt] “C:Program Files (x86)AviraAntiVir Desktopavgnt.exe” /min
    04 – HKUS-1-5-19..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-20..Run : [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    04 – HKUS-1-5-19..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe
    04 – HKUS-1-5-20..RunOnce : [mctadmin] C:WindowsSystem32mctadmin.exe

    ################## | Listing |

    [04/11/2013 – 10:55:05 | SHD] – C:$RECYCLE.BIN
    [08/05/2014 – 20:05:50 | D] – C:AdwCleaner
    [11/05/2013 – 19:11:08 | D] – C:AMD
    [21/01/2013 – 20:59:02 | AD] – C:Boot
    [22/07/2013 – 00:24:15 | D] – C:boot-sav
    [21/01/2013 – 20:59:02 | A | 375 Ko] – C:bootmgr
    [11/02/2011 – 19:00:42 | RASH | 8 Ko] – C:BOOTSECT.BAK
    [05/11/2013 – 22:38:11 | D] – C:codepost
    [26/09/2013 – 07:44:43 | N | 0 Ko] – C:DiskDefrag.log
    [14/07/2009 – 07:08:56 | SHD] – C:Documents and Settings
    [07/11/2007 – 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1028.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1031.txt
    [07/11/2007 – 08:00:40 | N | 10 Ko | 99C22D4A31F4EAD4351B71D6F4E5F6A1] – C:eula.1033.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1036.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1040.txt
    [07/11/2007 – 08:00:40 | N | 0 Ko | 9B15A3A055CC6E67EA191A1B7885649A] – C:eula.1041.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.1042.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.2052.txt
    [07/11/2007 – 08:00:40 | N | 17 Ko | 9147A93F43D8E58218EBCB15FDA888C9] – C:eula.3082.txt
    [14/03/2013 – 23:31:06 | D] – C:Filtres
    [26/11/2013 – 20:14:33 | D] – C:Games
    [07/11/2007 – 08:00:40 | N | 1 Ko] – C:globdata.ini
    [11/05/2013 – 21:45:47 | N | 1 Ko | 1E7ED02677EF7F016DC780AA14537251] – C:hcwDriverInstall.txt
    [08/05/2014 – 20:06:43 | ASH | 3131004 Ko] – C:hiberfil.sys
    [23/12/2011 – 23:02:40 | D] – C:hp
    [07/11/2007 – 08:03:18 | N | 550 Ko | 520A6D1CBCC9CF642C625FE814C93C58] – C:install.exe
    [07/11/2007 – 08:00:40 | N | 1 Ko] – C:install.ini
    [18/09/2013 – 18:12:34 | N | 68 Ko] – C:INSTALL.LOG
    [07/11/2007 – 08:03:18 | N | 75 Ko | 4151A4D07640863783F837E588235837] – C:install.res.1028.dll
    [07/11/2007 – 08:03:18 | N | 94 Ko | 3B8A82E04238655EAEF97E074FB29911] – C:install.res.1031.dll
    [07/11/2007 – 08:03:18 | N | 89 Ko | 9EDEB8B1C5C0A4CD3A3016B85108127D] – C:install.res.1033.dll
    [07/11/2007 – 08:03:18 | N | 95 Ko | 5B6FF470CFA7087690E61F87E81EF78A] – C:install.res.1036.dll
    [07/11/2007 – 08:03:18 | N | 93 Ko | 6310AB8FC9E3DBEE80592FC453A34FEE] – C:install.res.1040.dll
    [07/11/2007 – 08:03:18 | N | 80 Ko | 13ED4517152203DE4BC52ACC0255D952] – C:install.res.1041.dll
    [07/11/2007 – 08:03:18 | N | 78 Ko | 0D4FB4095EA49C1EC89B9E8DB0B936A3] – C:install.res.1042.dll
    [07/11/2007 – 08:03:18 | N | 74 Ko | D7366B34E8AFB605C39EF56E2201FE85] – C:install.res.2052.dll
    [07/11/2007 – 08:03:18 | N | 94 Ko | 41BB37A347121F3E5E88D85100638B79] – C:install.res.3082.dll
    [25/04/2014 – 09:12:24 | N | 0 Ko] – C:InstallHelper.log
    [17/04/2014 – 14:32:49 | D] – C:LGP970
    [08/05/2014 – 20:07:05 | N | 0 Ko | 76AF16459BA783AB1B7A78DB8A7C936B] – C:log2.txt
    [20/12/2012 – 19:46:51 | D] – C:LOGI-Collector
    [01/02/2014 – 15:57:45 | D] – C:net-snmp-compil-win
    [23/12/2011 – 22:22:42 | N | 0 Ko] – C:OS
    [08/05/2014 – 20:06:42 | ASH | 4174676 Ko] – C:pagefile.sys
    [01/02/2014 – 15:57:40 | D] – C:Program Files
    [08/05/2014 – 17:10:03 | D] – C:Program Files (x86)
    [07/05/2014 – 09:44:07 | HD] – C:ProgramData
    [29/04/2014 – 15:03:56 | N | 2 Ko] – C:RHDSetup.log
    [29/04/2014 – 15:03:08 | D] – C:SWSETUP
    [07/05/2014 – 09:50:21 | SHD] – C:System Volume Information
    [09/03/2012 – 20:44:27 | D] – C:SYSTEM.SAV
    [26/07/2002 – 17:02:06 | N | 150 Ko | 973567B98CDFC147DF4E60471D9DF072] – C:UNWISE.EXE
    [07/05/2014 – 12:16:18 | D] – C:UsbFix
    [08/05/2014 – 22:21:45 | A | 11 Ko | 8F2107C26AC0490BB4E2E84877D8E32C] – C:UsbFix [Clean 2] GÉRARD-HP.txt
    [07/05/2014 – 21:00:24 | N | 7 Ko | 29610543ED5886751425C6E94994D15F] – C:UsbFix [Scan 1] GÉRARD-HP.txt
    [07/05/2014 – 21:01:30 | N | 8 Ko | 0B5442A0097613C9F30F207731811DC3] – C:UsbFix [Scan 2] GÉRARD-HP.txt
    [08/05/2014 – 11:51:59 | N | 7 Ko | 7F16FBCDFF319B9887A7B555ABE23E73] – C:UsbFix [Scan 3] GÉRARD-HP.txt
    [29/12/2012 – 21:22:11 | N | 0 Ko] – C:user.js
    [30/03/2014 – 08:53:50 | D] – C:Users
    [07/11/2007 – 08:00:40 | N | 6 Ko] – C:vcredist.bmp
    [07/11/2007 – 08:09:22 | N | 1409 Ko] – C:VC_RED.cab
    [07/11/2007 – 08:12:28 | N | 228 Ko] – C:VC_RED.MSI
    [07/05/2014 – 21:27:56 | D] – C:Windows
    [03/01/2014 – 12:24:32 | D] – C:Zpc-c
    [11/09/2012 – 07:50:02 | SHD] – D:$RECYCLE.BIN
    [09/03/2012 – 20:33:23 | SHD] – D:boot
    [20/11/2010 – 08:40:07 | ASH | 375 Ko] – D:bootmgr
    [09/03/2012 – 20:33:22 | N | 0 Ko] – D:BT_HP.FLG
    [23/12/2011 – 23:27:11 | N | 0 Ko] – D:CSP.DAT
    [23/12/2011 – 23:36:12 | N | 13 Ko] – D:DeployRp.log
    [28/05/2012 – 14:40:34 | D] – D:hp
    [28/05/2012 – 14:40:34 | N | 0 Ko] – D:hpdrcu.prc
    [18/03/2012 – 11:16:57 | N | 0 Ko | 6F6D83F6697FA0885171A97B780A139E] – D:HPSF_Rep.txt
    [05/08/2012 – 11:45:50 | N | 0 Ko] – D:HP_WSD.dat
    [09/03/2012 – 20:33:12 | N | 0 Ko] – D:language.ini
    [09/03/2012 – 20:33:23 | SHD] – D:preload
    [09/03/2012 – 20:33:23 | SD] – D:Recovery
    [23/12/2011 – 23:36:11 | N | 0 Ko] – D:RPCONFIG.LOG
    [09/03/2012 – 21:12:09 | SHD] – D:System Volume Information
    [23/03/2014 – 19:28:09 | SHD] – F:$RECYCLE.BIN
    [24/12/2011 – 00:12:58 | SHD] – F:Boot
    [21/11/2010 – 05:23:51 | RASH | 375 Ko] – F:bootmgr
    [24/12/2011 – 00:12:42 | N | 0 Ko] – F:SYSTEM
    [09/03/2012 – 21:12:09 | SHD] – F:System Volume Information
    [13/04/2008 – 20:34:30 | N | 28 Ko | 3680B9069C435DD7EE9DBEC2214F8E97] – H:setupSNK.exe
    [08/05/2014 – 11:44:52 | D] – H:Demenagements
    [07/01/2012 – 12:02:28 | D] – H:SMRTNTKY
    [07/05/2014 – 09:43:12 | N | 1286 Ko | A53555B250CBEDCA6544D13648F83FFE] – H:adwcleaner.exe
    [21/01/2013 – 13:36:24 | N | 347308 Ko] – H:boot-repair-disk.iso
    [07/05/2014 – 12:04:14 | N | 2562 Ko | 4F99CAE27FFD46712E65C21444AACDFC] – H:revosetup.exe
    [10/06/2012 – 19:42:46 | N | 3453 Ko | E5BE429C1279EC5C89CCC45A53120ED3] – H:CollectionTimbres.exe
    [08/05/2014 – 11:42:22 | D] – H:Famille Gervais-Lafon
    [16/03/2014 – 19:39:36 | N | 1 Ko] – J:MediaID.bin
    [06/11/2008 – 15:49:04 | N | 0 Ko] – J:Install.ini
    [13/11/2008 – 12:30:24 | N | 312 Ko | 781237FD696F3148689BE697D5D24BC6] – J:setup.exe
    [25/11/2008 – 11:03:44 | N | 2271 Ko | 4668661CDA9B43334BE7E171833E323D] – J:WDSetup.exe
    [09/05/2010 – 21:13:30 | N | 1 Ko] – J:wdinstaller.log
    [04/09/2009 – 15:41:30 | SHD] – J:System Volume Information
    [06/09/2009 – 22:08:40 | SHD] – J:$RECYCLE.BIN
    [09/10/2009 – 19:52:04 | D] – J:Recycled
    [15/04/2012 – 13:38:46 | D] – J:GÉRARD-HP
    [02/11/2009 – 14:56:06 | N | 3738 Ko] – J:WDSync.zip
    [03/08/2009 – 09:15:58 | D] – J:Documentation Disque externe WD
    [04/10/2010 – 13:27:36 | N | 13352 Ko | B889C4574F25852E56B9224068F1D006] – J:DmailerSync_9_1_18359.exe
    [27/03/2011 – 20:20:16 | N | 0 Ko] – J:Install.log
    [18/04/2011 – 19:14:02 | D] – J:Sauvegarde HP
    [21/04/2011 – 13:47:50 | D] – J:gérard
    [04/07/2011 – 00:45:42 | D] – J:Paes caseiros

    ################## | Vaccin |

    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    H:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    J:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net/” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |
    [/attachment]

    [attachment=]~ Rapport de ZHPDiag v2014.5.8.57 – Nicolas Coolman (08/05/2014)
    ~ Lancé par Gérard (09/05/2014)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v11.0.9600.17105
    MFIE: Mozilla Firefox 28.0 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    Software Protection Service (Protection logicielle) : KO
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    Avira Free Antivirus v14.0.3.350
    Malwarebytes Anti-Malware version 1.75.0.1300
    SUPERAntiSpyware v5.6.1020
    Windows Defender W7

    —\ Logiciels d’optimisation du système
    CCleaner v4.12

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 13 Plugin
    Adobe Reader XI
    Java 7 Update 40
    Java 7 Update 55

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 4076 MB (64% free)
    System Restore: Activé (Enable)
    System drive C: has 1423 GB (91%) free of 1557 GB

    —\ Mode de connexion au système
    ~ Computer Name: GÉRARD-HP
    ~ User Name: Gérard
    ~ All Users Names: HomeGroupUser$, Gérard, Administrateur,
    ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
    Logged in as Administrator

    —\ Variables d’environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersGérardAppDataRoamingZHP
    ~ %AppData% : C:UsersGérardAppDataRoaming
    ~ %Desktop% : C:UsersGérardDesktop
    ~ %Favorites% : C:UsersGérardFavorites
    ~ %LocalAppData% : C:UsersGérardAppDataLocal
    ~ %StartMenu% : C:UsersGérardAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 1423 Go of 1557 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
    E: CD-ROM drive (Not Inserted)
    F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
    G: Floppy drive, Flash card reader, USB Key (Not Inserted)
    H: Floppy drive, Flash card reader, USB Key (Free 3 Go of 4 Go)
    I: Floppy drive, Flash card reader, USB Key (Not Inserted)
    J: Hard drive, Flash drive, Thumb drive (Free 161 Go of 298 Go)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    ~ Security Center: 44 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.23/12/2011 – 21:38:12.) — C:WindowsExplorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.F220BA78AB542C70211D73AE4729B2CD] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.06/03/2014 – 07:22:40.) — C:WindowsSystem32wininet.dll [2260480]
    [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.21/11/2010 – 04:24:29.) — C:WindowsSystem32Winlogon.exe [390656]
    [MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.21/11/2010 – 04:24:16.) — C:WindowsSystem32sppcomapi.dll [232448]
    [MD5.79059559E89D06E8B80CE2944BE20228] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/09/2013 – 02:09:10.) — C:Windowssystem32DriversAFD.sys [497152]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.23/12/2011 – 21:39:46.) — C:Windowssystem32DriversMRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.21/11/2010 – 04:23:51.) — C:Windowssystem32DriversnetBT.sys [261632]
    [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 03:37:55.) — C:Windowssystem32Driversntfs.sys [1684928]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.21/11/2010 – 04:24:33.) — C:Windowssystem32DriversRasl2tp.sys [129536]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32Driverstdx.sys [119296]
    [MD5.DF8126BD41180351A093A3AD2FC8903B] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.23/12/2011 – 21:36:30.) — C:Windowssystem32Driversvolsnap.sys [296320]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 1/17965
    ~ Mes musiques (My Musics) : 1/14
    ~ Mes Videos (My Videos) : 1/6
    ~ Mes Favoris (My Favorites) : 1/300
    ~ Mes Documents (My Documents) : 1/1237
    ~ Mon Bureau (My Desktop) : 1/4373
    ~ Menu demarrer (Programs) : 1/56
    ~ Hidden Files: Scanned in 00mn 10s

    —\ Processus lancés
    [MD5.241B07FF7F5943B9C1BF3235F49AC1E1] – (.Avira Operations GmbH & Co. KG – Antivirus System Tray Tool (Desktop).) — C:Program Files (x86)AviraAntiVir Desktopavgnt.exe [689744] [PID.2900]
    [MD5.8E556A72D54F7E3B7844AB9217F02DD7] – (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe [275568] [PID.3396]
    [MD5.510B9400068DDE13FA7368432BDF15D9] – (.Glarysoft Ltd – Glary Utilities 4.) — C:Program Files (x86)Glary Utilities 4Integrator.exe [786720] [PID.1696]
    [MD5.CCD09CA21C1946AF24834512BD9A6FCA] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [7873536] [PID.1900]
    [MD5.71CDC1D7F58D5EC49EBC2E2332AD3FAE] – (.HP – HP Service.) — C:Program Files (x86)HP SimplePass 2011TrueSuiteService.exe [264008] [PID.868]
    [MD5.4D282B9C5BB05DF92C9F3977DFB9F916] – (.Avira Operations GmbH & Co. KG – Antivirus Host Framework Service.) — C:Program Files (x86)AviraAntiVir Desktopsched.exe [440400] [PID.1432]
    [MD5.ADC420616C501B45D26C0FD3EF1E54E4] – (.ArcSoft Inc. – ArcSoft Connect Service.) — C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe [113152] [PID.1632]
    [MD5.B362181ED3771DC03B4141927C80F801] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [65432] [PID.1656]
    [MD5.65AF41A7A2C5B6693E1B4164E7632C3E] – (.Avira Operations GmbH & Co. KG – Antivirus Host Framework Service.) — C:Program Files (x86)AviraAntiVir Desktopavguard.exe [440400] [PID.1736]
    [MD5.F8D62A738C389365DDD1914D839FE33C] – (.Autodata Limited – System Level Service Utility.) — C:Program Files (x86)Common FilesAutodata Limited SharedServiceADCDLicSvc.exe [72704] [PID.1772]
    [MD5.72551A9AE5F68905DFC3CBA0D5242566] – (.Microsoft Corporation – Updates Skype Click to Call.) — C:Program Files (x86)SkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe [1390720] [PID.1832]
    [MD5.6B669A00A431FF6CDCE67458933F5F0F] – (.Microsoft Corporation – Phone Number Recognition (PNR) module.) — C:Program Files (x86)SkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe [1764992] [PID.1920]
    [MD5.6ADDB884025A0D1BCC3AD66E9FC57EFF] – (.Pas de propriétaire – DedicarzService.) — C:Program Files (x86)OrangeAssistance LiveboxdedicarzDedicarzService.exe [1970544] [PID.2092]
    [MD5.CA793DCC1D5F619021EF1D37CC7A831E] – (.EasyBits Software AS – Shared EasyBits services for Windows.) — C:WindowsSysWOW64ezSharedSvcHost.exe [514232] [PID.2276]
    [MD5.2973B4EB7BE10A0D491B2037DCAAE88F] – (.Garmin Ltd or its subsidiaries – Garmin Core Update Service.) — C:Program Files (x86)GarminCore Update ServiceGarmin.Cartography.MapUpdate.CoreService.exe [185688] [PID.2520]
    [MD5.88D586E3D6EE17D5C7B8540F72F49148] – (…) — C:Program Files (x86)RIFT TechnologiesInstallClick Connectorinstallclick.exe [149872] [PID.2768]
    [MD5.173F13CDEBF8E067629462E9D6E481CB] – (…) — C:Program Files (x86)RIFT TechnologiesInstallClick Connectorinstallclick-connector.exe [769392] [PID.2804]
    [MD5.6C85719A21B3F62C2C76280F4BD36C7B] – (.Intel Corporation – Intel IPT Host Interface Service.) — C:Program Files (x86)IntelServicesIPTjhi_service.exe [212944] [PID.2924]
    [MD5.11F714F85530A2BD134074DC30E99FCA] – (.Microsoft Corporation – Machine Debug Manager.) — C:Program Files (x86)Common FilesMicrosoft SharedVS7DEBUGMDM.exe [322120] [PID.2968]
    [MD5.075CDE4F95ED6119B4BA9162876801F8] – (.PDF Complete Inc – Dispatcher.) — C:Program Files (x86)PDF Completepdfsvc.exe [1128952] [PID.1652]
    [MD5.D75C4B4A8FE6D7FD74A7EECDBAEC729F] – (.Intel Corporation – Local Manageability Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe [326168] [PID.2352]
    [MD5.758C2CE427C343F780A205E28555C98D] – (.Intel Corporation – User Notification Service.) — C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe [2656280] [PID.768]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersGérardAppDataRoamingMozillaFirefoxProfilesmvjhbwal.defaultprefs.js
    M3 – MFPP: Plugins – [Gérard] — C:UsersGérardAppDataRoamingMozillaFirefoxProfilesmvjhbwal.defaultsearchpluginsfileconverter-15-customized-web-search.xml =>Toolbar.Conduit
    ~ Firefox Browser: 9 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Public]: eBay Turbo Lister 2.lnk . (.eBay Inc. – Turbo Lister EXE.) — C:Program Files (x86)eBayTurbo Lister2Tl.exe =>Toolbar.eBay
    O4 – GSQuickLaunch [Gérard]: eBay Turbo Lister 2.lnk . (.eBay Inc. – Turbo Lister EXE.) — C:Program Files (x86)eBayTurbo Lister2tl.exe =>Toolbar.eBay
    O4 – GSSendTo [Gérard]: Foxmail.LNK . (.Tencent Inc. – Foxmail 7.0.) — C:UsersGérardDownloadsfm70chb1_85_frFoxmail.exe =>Adware.TencentAddressBar
    ~ Global Startup: 3 Legitimates Filtered in 00mn 04s

    —\ Applications lancées au démarrage du système (O4)
    O4 – HKLM..Wow6432NodeRun: [avgnt] . (.Avira Operations GmbH & Co. KG – Antivirus System Tray Tool (Desktop).) — C:Program Files (x86)AviraAntiVir Desktopavgnt.exe
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
    O9 – Extra button: @C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPluginx64.dll,-102 [64Bits] – {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (…) — C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckResourcesIconsHP.ico
    O9 – Extra button: Skype Click to Call [64Bits] – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (…) — c:program files (x86)skypetoolbarsinternet explorer x64icon.ico
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{17608500-B9D4-4CC2-8FEF-2393A54E4ADC}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{17608500-B9D4-4CC2-8FEF-2393A54E4ADC}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{17608500-B9D4-4CC2-8FEF-2393A54E4ADC}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807553E5-5146-11D5-A672-00B0D022E945} . (…) —
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Liste des services NT non Microsoft et non désactivés (O23)
    O23 – Service: Autodata Limited License Service (Autodata Limited License Service) . (.Autodata Limited – System Level Service Utility.) – C:Program Files (x86)Common FilesAutodata Limited SharedServiceADCDLicSvc.exe
    O23 – Service: Dedicarz Service (Dedicarz Service) . (.Pas de propriétaire – DedicarzService.) – C:Program Files (x86)OrangeAssistance LiveboxdedicarzDedicarzService.exe
    ~ Services: 21 Legitimates Filtered in 00mn 03s

    —\ Enumère les données de BootExecute (BEX) (O34)
    O34 – HKLM BootExecute: (autocheck autochk * ) – File not found
    O34 – HKLM BootExecute: (BootDefrag.exe) – File not found
    ~ BEX: 2 Legitimates Filtered in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [Lyrics-Fan Update] (…) — C:Program Files (x86)Lyrics_Fanlrcsfans.exe (.not file.) [0] =>Adware.AddLyrics
    [MD5.00000000000000000000000000000000] [APT] [{0B01A91D-58C6-4946-8F32-059593F27199}] (…) — E:PATIENCETETRISTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{0BF364FC-DEBF-4650-BA77-1E2206D927CA}] (…) — E:INSTALL.exe (.not file.) [0]
    [MD5.DD283A0F29B4EF7151F242A5DE22CF77] [APT] [{10DD2DC6-A385-47A4-93CF-66D37252BD9D}] (…) — C:Program Files (x86)LogitechQuickCamWebInstallsetup.exe [94208]
    [MD5.DD283A0F29B4EF7151F242A5DE22CF77] [APT] [{1DACA9CD-CD09-4FAF-8E0D-AA218BB6678C}] (…) — C:Program Files (x86)LogitechQuickCamWebInstallsetup.exe [94208]
    [MD5.00000000000000000000000000000000] [APT] [{2607564D-0A26-461B-91FA-86B7FEE88755}] (…) — C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{2E4CC4D1-F249-4832-BE65-85083896918D}] (…) — E:INSTALL.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{35DC7D13-2D47-4C5E-B4E1-B362836A5312}] (…) — C:Program Files (x86)Common FilesLogitechQCDRVBINSETUP.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{3699D219-11CD-4CA1-AE45-0B9656F612DE}] (…) — E:SETUP.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{38FB2675-C41B-4CCF-9CD2-17CF26A0136B}] (…) — E:PATIENCEGOODSOLGOODSOL2.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{3F059D51-99DB-48B3-9A60-1FCC53B8F5B5}] (…) — E:INSTALL.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{4466A4FF-DE6A-41E5-9BB5-DC750211F45A}] (…) — E:INSTALL.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{517F8C25-046F-4B37-9893-F4C568392632}] (…) — C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{63EFE0A2-539A-4784-AEC6-3FCB1AB6B286}] (…) — E:PATIENCETETRISTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{72B0437B-AD47-467F-B88F-00CFD477B453}] (…) — E:PATIENCETETRISTETRIS.exe (.not file.) [0]
    [MD5.9313D6F9FDDD36D3833AC1E4F2CEEC40] [APT] [{787C09A2-DB19-4EC2-BA2D-331342F0A755}] (.ENIGON-Software.) — C:Program Files (x86)Raily3raily.exe [1268224]
    [MD5.00000000000000000000000000000000] [APT] [{855A9B1E-BDDD-4D2B-B45B-F982A532EA81}] (…) — E:CDSetupsetup.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{86623441-52DC-440C-824D-536DAA90727D}] (…) — C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{90D56E64-B9FC-473A-8A2A-508B0E515016}] (…) — E:PATIENCETETRISTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{98A4CFEE-D7E6-4F30-8235-AA9ECFA627E2}] (…) — C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{9989322F-3156-4EB8-8DC2-6D561562CC95}] (…) — C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{A2F32F26-1C44-4614-AC90-0082BB1D988B}] (…) — E:PATIENCETETRISTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{A40C883A-6C72-4B0C-A3FD-82A03C184BD3}] (…) — E:Backup APSetup.exe (.not file.) [0]
    [MD5.9313D6F9FDDD36D3833AC1E4F2CEEC40] [APT] [{BB0C8A9F-733B-48B4-A150-514EAB23A1E3}] (.ENIGON-Software.) — C:Program Files (x86)Raily3raily.exe [1268224]
    [MD5.DD283A0F29B4EF7151F242A5DE22CF77] [APT] [{BCA1CDC2-4615-4CF0-A59B-6E3004DF805E}] (…) — C:Program Files (x86)LogitechQuickCamWebInstallsetup.exe [94208]
    [MD5.00000000000000000000000000000000] [APT] [{C4FB7CAC-CC15-4014-8D5C-21F1E0AA3DE9}] (…) — E:INSTALL.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{C52F8AB0-184D-4407-8EDF-966228C47A73}] (…) — E:SETUP.exe (.not file.) [0]
    [MD5.9313D6F9FDDD36D3833AC1E4F2CEEC40] [APT] [{CAC1C5AA-351F-4C98-BB89-D0D224E81F96}] (.ENIGON-Software.) — C:Program Files (x86)Raily3raily.exe [1268224]
    [MD5.9313D6F9FDDD36D3833AC1E4F2CEEC40] [APT] [{CEB94883-BC73-4285-9081-1CD15AC8517D}] (.ENIGON-Software.) — C:Program Files (x86)Raily3raily.exe [1268224]
    [MD5.00000000000000000000000000000000] [APT] [{D3381D77-AB9F-475D-AC9D-83BCCE436B94}] (…) — C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{D635AB76-89EA-4015-B2A2-10F2CB399427}] (…) — E:SETUP.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{D92FDFF8-DB9F-41C9-BCFE-EB290CD4BCBB}] (…) — C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{DB099A9D-7639-4F2B-825B-3FD1CED62420}] (…) — C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{E088D063-331C-4993-9826-0706E9DE9E21}] (…) — E:SETUP.exe (.not file.) [0]
    [MD5.E478D3F0FDFEA01E2A98D504FBB8CD69] [APT] [{E568EBC9-5388-4849-BBF2-BCE3E9E83416}] (…) — C:UsersGérardDownloadsZpc-cZpc_install.exe [180430]
    [MD5.00000000000000000000000000000000] [APT] [{FEB0570E-A6F2-4492-BBC3-783154C5B549}] (…) — E:SETUP.exe (.not file.) [0]
    O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
    O39 – APT: – (..) — C:WindowsSystem32TasksGlaryInitialize 4 [334]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1064]
    O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1068]
    O39 – APT: – (..) — C:WindowsSystem32TasksHPCeeScheduleForGérard [336]
    ~ Scheduled Task: 88 Legitimates Filtered in 00mn 05s

    —\ Pilotes lancés au démarrage du système (O41)
    O41 – Driver: (archlp) . (…) – C:WindowsSyswow64driversarchlp.sys
    O41 – Driver: (FNETDEVI) . (. – .) – C:Windowssystem32driversFNETDEVI.sys (.not file.)
    ~ Drivers: 75 Legitimates Filtered in 00mn 00s

    —\ Logiciels installés (O42)
    O42 – Logiciel: CDM-Rail – (…) [HKCU][64Bits] — CDM-Rail
    O42 – Logiciel: Calcul de Résistance 1.3 – (…) [HKLM][64Bits] — Caclul de Résistance_is1
    O42 – Logiciel: Layo1 PCB V10 033 – (.Baas Electronics.) [HKLM][64Bits] — Layo1PCBV10_033
    O42 – Logiciel: Melody Assistant – (.Myriad SARL.) [HKLM][64Bits] — Melody Assistant
    O42 – Logiciel: TCI4 – (.TCI4.) [HKLM][64Bits] — {C96FA5E2-78D7-49C6-85AA-7BA9CD2D3ABF}
    ~ Logic: 21 Legitimates Filtered in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareENIGON]
    [HKCUSoftwareFichiers imprimante (*.prn)|*.prn|Tous (*.*)|*.*||]
    [HKCUSoftwareLayo1 PCB]
    [HKCUSoftwareRestart]
    [HKCUSoftwareTCI4]
    [HKCUSoftwareWBC]
    [HKCUSoftwareYves Ramon]
    [HKLMSoftwareWow6432NodeAUTODATA]
    [HKLMSoftwareWow6432NodeIncrediMail]
    [HKLMSoftwareWow6432Nodeanset]
    ~ Key Software: 373 Legitimates Filtered in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 05/11/2013 – 13:51:58 – [] —-D C:Program Files (x86)98se
    O43 – CFD: 25/02/2014 – 14:45:57 – [] —-D C:Program Files (x86)CDM-Rail
    O43 – CFD: 20/12/2012 – 19:12:27 – [] —-D C:Program Files (x86)CL Soft
    O43 – CFD: 09/07/2013 – 09:05:57 – [] —-D C:Program Files (x86)CollectionTimbres
    O43 – CFD: 16/03/2014 – 21:06:51 – [] —-D C:Program Files (x86)Layo1 PCB V10 033
    O43 – CFD: 24/01/2014 – 14:29:01 – [] —-D C:Program Files (x86)Melody Assistant
    O43 – CFD: 06/12/2012 – 00:50:12 – [] —-D C:Program Files (x86)Raily3
    O43 – CFD: 29/03/2013 – 23:24:37 – [] —-D C:Program Files (x86)TCI4
    O43 – CFD: 29/03/2013 – 23:24:37 – [] —-D C:Program Files (x86)TCIEmpreintes
    O43 – CFD: 17/12/2012 – 22:40:31 – [] —-D C:UsersGérardAppDataLocalCollection Timbres
    O43 – CFD: 18/09/2013 – 18:12:53 – [] —-D C:UsersGérardAppDataLocalVHS to DVD
    O43 – CFD: 25/02/2014 – 14:45:57 – [] —-D C:UsersGérardAppDataRoamingMicrosoftWindowsStart MenuProgramsCDM-Rail
    O43 – CFD: 16/03/2014 – 21:06:51 – [] —-D C:UsersGérardAppDataRoamingMicrosoftWindowsStart MenuProgramsLayo1 PCB V10 033
    O43 – CFD: 24/01/2014 – 14:29:02 – [] —-D C:UsersGérardAppDataRoamingMicrosoftWindowsStart MenuProgramsMelody Assistant
    O43 – CFD: 06/12/2012 – 00:50:12 – [0] —-D C:UsersGérardAppDataRoamingMicrosoftWindowsStart MenuProgramsRaily 3.0
    ~ 1581 Dossier CLSID vide (CLSID Empty Folder)
    ~ Program Folder: 1910 Legitimates Filtered in 00mn 17s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.4F7160F9A49CF3AF5AA6663245C62C48] – 06/05/2014 – 20:38:42 —A- . (…) — C:Windows_delis32.ini [552]
    O44 – LFC:[MD5.29610543ED5886751425C6E94994D15F] – 07/05/2014 – 20:00:24


    . (…) — C:UsbFix [Scan 1] GÉRARD-HP.txt [7625]
    O44 – LFC:[MD5.0B5442A0097613C9F30F207731811DC3] – 07/05/2014 – 20:01:30


    . (…) — C:UsbFix [Scan 2] GÉRARD-HP.txt [7730]
    O44 – LFC:[MD5.7F16FBCDFF319B9887A7B555ABE23E73] – 08/05/2014 – 10:51:59


    . (…) — C:UsbFix [Scan 3] GÉRARD-HP.txt [7647]
    O44 – LFC:[MD5.76AF16459BA783AB1B7A78DB8A7C936B] – 08/05/2014 – 19:07:05


    . (…) — C:log2.txt [115]
    O44 – LFC:[MD5.FC76A276925A14B7ADCFABB758334094] – 08/05/2014 – 19:14:24 –HA- . (…) — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [24608]
    O44 – LFC:[MD5.FC76A276925A14B7ADCFABB758334094] – 08/05/2014 – 19:14:24 –HA- . (…) — C:WindowsSystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [24608]
    O44 – LFC:[MD5.27A90B65DC63420A2765A2CC385303AF] – 08/05/2014 – 21:21:47 —A- . (…) — C:UsbFix [Clean 2] GÉRARD-HP.txt [15009]
    O44 – LFC:[MD5.DDA573FD75DC6EE1BE05DA5139E9498C] – 25/04/2014 – 08:12:24


    . (…) — C:InstallHelper.log [402]
    O44 – LFC:[MD5.37019DF4826610F5046B7211A2F246F9] – 29/04/2014 – 14:03:56


    . (…) — C:RHDSetup.log [2467]
    ~ Files: 33 Legitimates Filtered in 00mn 37s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 20 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    O56 – MWPE:[HKLM…policiesExplorer] – “EnableShellExecuteHooks”=0
    ~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:29/05/2012 – 15:53:30 —A- . (.Windows (R) Codename Longhorn DDK provider – hpvhd 64bit support driver.) — C:WindowsSystem32Driverscpqdfw.sys [27456]
    O58 – SDL:27/04/2010 – 18:43:50 —A- . (…) — C:WindowsSystem32Driverscqcpu.sys [24376]
    O58 – SDL:14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
    O58 – SDL:02/09/2005 – 01:40:26 —A- . (…) — C:WindowsSystem32DriversFBIKB_NT.Sys [4352]
    O58 – SDL:10/06/2009 – 21:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
    O58 – SDL:11/05/2013 – 20:44:48 —A- . (.Hauppauge, Inc. – Hauppauge, Inc. HcwHDPvr WDM Driver.) — C:WindowsSystem32Drivershcwhdpvr.sys [192072]
    O58 – SDL:23/12/2011 – 22:01:27 —A- . (…) — C:WindowsSystem32Driverspmxdrv.sys [31152]
    O58 – SDL:26/01/2011 – 10:31:28 —A- . (.Windows (R) Win 7 DDK provider – Analog Tuner Sample.) — C:WindowsSystem32DriversSmiUsbGrabber3C.sys [821888]
    O58 – SDL:14/07/2009 – 02:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
    O58 – SDL:06/02/2009 – 19:40:56 —A- . (…) — C:WindowsSysWOW64driversArcHlp.sys [161792]
    O58 – SDL:27/11/2013 – 11:35:19 —A- . (.FNet Co., Ltd. – FNETDEVI.SYS.) — C:WindowsSysWOW64driversFNETDEVI.SYS [13412]
    ~ Drivers: 73 Legitimates Filtered in 00mn 19s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.nethttp://www.sosvirus.net.) [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Liste les services legacy du registre (LALS) (O64)
    O64 – Services: CurCS – 06/02/2009 – C:WindowsSyswow64driversarchlp.sys (archlp) .(…) – LEGACY_ARCHLP
    ~ Legacy: 79 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (…) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {1580F61C-31FC-441B-BDD1-119F5A31C331} – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} – (Goo) – http://www.google.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} – (eBay) – http://rover.ebay.com” onclick=”window.open(this.href);return false; =>Toolbar.eBay
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
    [MD5.5D1121210A6A06348AA02AD98B293BA2] [WIS][25/04/2014] (.eBay Inc. – eBay Turbo Lister 2.) — C:WindowsInstaller48cfc1.msi [34372608] =>Toolbar.eBay
    ~ WIS: 1 Legitimates Filtered in 00mn 03s

    —\ Recherche de clés de registre Tracing (O100)
    HKLMSOFTWAREWow6432NodeMicrosoftTracingBetterInstaller_RASAPI32 =>Adware.MegaSearch
    HKLMSOFTWAREWow6432NodeMicrosoftTracingBetterInstaller_RASMANCS =>Adware.MegaSearch
    HKLMSOFTWAREWow6432NodeMicrosoftTracingInstall_BubbleDock_RASAPI32 =>PUP.BubbleDock
    HKLMSOFTWAREWow6432NodeMicrosoftTracingInstall_BubbleDock_RASMANCS =>PUP.BubbleDock
    ~ BTK: 359 Legitimates Filtered in 00mn 00s

    —\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 29/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Demand 31/03/2014 227904 | (GamesAppIntegrationService) . (.WildTangent.) – C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe
    SS – | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) – C:Program Files (x86)WildTangent GamesAppGamesAppService.exe
    SS – | Auto 18/03/2012 136176 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 18/03/2012 136176 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 09/05/2011 136120 | (gusvc) . (.Google.) – C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
    SS – | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) – C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe
    SS – | Demand 15/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SS – | Auto 21/01/2014 699912 | (Orange update Core Service) . (.Orange SA.) – C:Program Files (x86)OrangeOrangeUpdateServiceOUCore.exe
    SS – | Demand 18/04/2013 737616 | (ServiceLayer) . (.Nokia.) – C:Program Files (x86)PC Connectivity SolutionServiceLayer.exe
    SS – | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    SR – | Auto 07/05/2013 143088 | (!SASCORE) . (.SUPERAntiSpyware.com.) – C:Program FilesSUPERAntiSpywareSASCORE64.exe
    SR – | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) – C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe
    SR – | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SR – | Auto 29/03/2013 241152 | (AMD External Events Utility) . (.AMD.) – C:WindowsSystem32atiesrxx.exe
    SR – | Auto 13/03/2014 440400 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) – C:Program Files (x86)AviraAntiVir Desktopsched.exe
    SR – | Auto 13/03/2014 440400 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) – C:Program Files (x86)AviraAntiVir Desktopavguard.exe
    SR – | Auto 31/08/2012 72704 | (Autodata Limited License Service) . (.Autodata Limited.) – C:Program Files (x86)Common FilesAutodata Limited SharedServiceADCDLicSvc.exe
    SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
    SR – | Auto 17/10/2013 1970544 | (Dedicarz Service) . (…) – C:Program Files (x86)OrangeAssistance LiveboxdedicarzDedicarzService.exe
    SR – | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) – C:WindowsSystem32ezSharedSvcHost.exe =>.EasyBits Software AS
    SR – | Auto 09/06/2011 264008 | (FPLService) . (.HP.) – C:Program Files (x86)HP SimplePass 2011TrueSuiteService.exe
    SR – | Auto 27/03/2013 185688 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) – C:Program Files (x86)GarminCore Update ServiceGarmin.Cartography.MapUpdate.CoreService.exe
    SR – | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) – C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe =>.Hewlett-Packard Co
    SR – | Auto 11/10/2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) – C:Program FilesHewlett-PackardHP Client ServicesHPClientServices.exe
    SR – | Auto 06/06/2012 149872 | (InstallClick) . (…) – C:Program Files (x86)RIFT TechnologiesInstallClick Connectorinstallclick.exe
    SR – | Auto 24/02/2011 212944 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelServicesIPTjhi_service.exe
    SR – | Auto 01/02/2011 326168 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SR – | Auto 06/05/2011 1128952 | (pdfcDispatcher) . (.PDF Complete Inc.) – C:Program Files (x86)PDF Completepdfsvc.exe
    SR – | Auto 01/02/2011 2656280 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    SR – | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 05s

    —\ Scan Additionnel (O88)
    Database Version : 13045 – (08/05/2014)
    Clés trouvées (Keys found) : 2
    Valeurs trouvées (Values found) : 3
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 1

    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
    C:WindowsInstaller48cfc1.msi =>Toolbar.eBay^
    ~ Additionnel Scan: 372984 Items scanned in 00mn 32s

    —\ Récapitulatif des détections trouvées sur votre station
    http://nicolascoolman.byethost7.com/wordpress/toolbar-conduit/” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
    http://nicolascoolman.byethost7.com/wordpress/adware-tencentaddressbar/” onclick=”window.open(this.href);return false; =>Adware.TencentAddressBar
    http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics” onclick=”window.open(this.href);return false; =>Adware.AddLyrics
    http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch” onclick=”window.open(this.href);return false; =>Adware.MegaSearch
    http://nicolascoolman.byethost7.com/wordpress/pup-bubbledock/” onclick=”window.open(this.href);return false; =>PUP.BubbleDock
    http://nicolascoolman.byethost7.com/wordpress/pup-crossrider/” onclick=”window.open(this.href);return false; =>PUP.CrossRider
    http://nicolascoolman.byethost7.com/wordpress/adware-boxore/” onclick=”window.open(this.href);return false; =>Adware.Boxore
    ~ MSI: 7 link(s) detected in 00mn 00s

    ~ 2671 Legitimates filtered by white list
    End of the scan (490 lines in 02mn 30s)(0)[/attachment]

  • buckhulk
    Participant
    Nombre d'articles : 2391

    bonjour cambouis

    déjà,supprimer SUPERAntiSpyware v5.6.1020

    et que tu passes Shortcut_Module , JRT, et Malwarebytes , ensuite tu me referas un ZHPDiag que tu hébergeras sur cjoint ou sosUpload :

    Shortcut_Module :

    • Désactive ton antivirus sinon l’outil ne pourra pas travailler convenablement.
    • Télécharge Shortcut_Module sur ton bureau.

      Note : Enregistrer votre travail avant de continuer !

    • Lance Shortcut_Module,
    • Clic sur Nettoyer

      Note : Patiente le temps du scan

    • Laisse travailler l’outil même s’il te parait bloqué
    • Si l’outil détecte un proxy que tu ne connais pas clic sur : “Supprimer le proxy
    • Héberge le rapport C:Shortcut_Module_date_heure.txt sur https://antimalware.top/” onclick=”window.open(this.href);return false; puis donne le lien obtenu

    JRT :

    • Télécharge Junkware Removal Tool (de thisisu) sur ton bureau.
    • Lance Junkware Removal Tool, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Appuie sur n’importe quelle touche.

    • Une fois le scan terminé rends toi sur le bureau, le fichier JRT.txt à été créé.
    • Héberge le rapport JRT.txt surSosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum

    Malwarebytes :

    • Télécharge MalwareBytes
    • Procède à l’installation de celui çi Décocher “Activer l’essai gratuit de Malwarebytes Anti-Malware Premium”
    • Clic sur Mettre à jour (à droite, au centre)
    • Clic sur Examen (en haut)
    • Sélectionne Examen “Menaces”
    • Clic sur Examiner maintenant

    • A la fin du scan clic sur Tout mettre en quarantaine !
    • Clic sur Copier dans le Presse-papiers
    • Un rapport va s’ouvrir. Copie/Colle son contenue dans ta prochaine réponse.

    ZHPDiag :
    [center:row12ci3]ZHPDiag[/center:row12ci3]

    suis bien les instructions

    1) * Télécharge ZHPDiag (de Nicolas coolman) sur ton bureau !!

    >> ZHPDiag (de Nicolas coolman)

    miroir : ftp://zebulon.fr/ZHPDiag2.exe” onclick=”window.open(this.href);return false;

    Si ton système d’exploitation est Vista ou Win7/8, lance les logiciels par simple clic droit et choisis “exécuter en tant qu’administrateur”

    a) * Une fois le téléchargement achevé,
    b) * double clique (ou clic droit pour seven , vista et 8 exécuter en tant qu’administrateur) sur ZHPDiag2.exe et suis les instructions.
    c) * L’outil va créer 2 icônes de racourcis : ZHPDiag >> ZHPFix
    d) * Clique droit sur le parchemin
    e) *A l’ouverture le programme te proposes “Rechercher” , “Configurer” , Complet –

    Clique sur “Complet” le scan démarre…….le rapport s’affiche

    Si tu cliques sur Configurer :
    * Des icônes apparaissent en bas de la fenêtre.
    * Clique sur le tournevis en bas à droite et choisis “Tous” puis “OK”

    2)* Maintenant clique sur “Rechercher”.

    * Important >> Pendant l analyse de ton PC par ZHPDIag ne touche à plus rien !!!!!
    * Laisse l’outil travailler, il peut être assez long

    3) * Le rapport s’affiche sur ton Bureau une fois terminé !

    Tu peux fermer ZHPDiag

    IMPORTANT
    [les rapports étant trop long, les héberger :

    Rappel des dépôts

    1 : Sosupload>>Utilisation
    2 : cjoint>> Utilisation
    3 pjoint
    4 up2share
    5 FEC

    donc une suppression et 4 rapport dans ton prochain topic
    :merci2:

  • cambouis
    Participant
    Nombre d'articles : 128

    Bonjour et Merci, dés que je suis dispos je fait toute les manœuvres que tu ma décrits.
    A bientôt
    :merci2: :merci2: :merci2: :merci2: :merci2:

  • buckhulk
    Participant
    Nombre d'articles : 2391

    :happy:

  • cambouis
    Participant
    Nombre d'articles : 128

    Bonsoir,
    Voici les liens pour accéder aux rapports d’analyses de mon PC,
    Merci d’avance
    Cordialement

    http://cjoint.com/?0EmxvEG26iv” onclick=”window.open(this.href);return false;
    http://cjoint.com/?0EmxyFEWvld” onclick=”window.open(this.href);return false;
    http://cjoint.com/?0EmxzI52CYu” onclick=”window.open(this.href);return false;
    http://cjoint.com/?0EmxAGAdAd3” onclick=”window.open(this.href);return false;

  • buckhulk
    Participant
    Nombre d'articles : 2391

    nouveau petit correctif :

    • Séléctionne et copie le script suivant :

      Script ZHPFix
      ShortcutFix
      O4 - GSSendTo [Gérard]: Foxmail.LNK . (.Tencent Inc. - Foxmail 7.0.) -- C:UsersGérardDownloadsfm70chb1_85_frFoxmail.exe =>Adware.TencentAddressBar
      OPT:O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:Program FilesBonjourmDNSResponder.exe
      [MD5.00000000000000000000000000000000] [APT] [Lyrics-Fan Update] (...) -- C:Program Files (x86)Lyrics_Fanlrcsfans.exe (.not file.) [0] =>Adware.AddLyrics
      [MD5.00000000000000000000000000000000] [APT] [{091CEDC6-8669-4D5F-BF2E-BA11CCC047E3}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{0B01A91D-58C6-4946-8F32-059593F27199}] (...) -- E:PATIENCETETRISTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{0BF364FC-DEBF-4650-BA77-1E2206D927CA}] (...) -- E:INSTALL.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{0E54A8E8-64D0-49D9-A6C5-ADD7D6746ACB}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{1E064551-3793-4408-A7C0-DAFB6BE9456A}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{2607564D-0A26-461B-91FA-86B7FEE88755}] (...) -- C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{2E4CC4D1-F249-4832-BE65-85083896918D}] (...) -- E:INSTALL.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{2ED9C92F-8070-44A5-9307-3120F92CF3DF}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{2FDA3565-E6CA-42AD-9C9F-6E29F9D1EE4B}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{35DC7D13-2D47-4C5E-B4E1-B362836A5312}] (...) -- C:Program Files (x86)Common FilesLogitechQCDRVBINSETUP.exe (.not file.) [0] => Logitech LCD Manager
      [MD5.00000000000000000000000000000000] [APT] [{3699D219-11CD-4CA1-AE45-0B9656F612DE}] (...) -- E:SETUP.exe (.not file.) [0] => Existe aussi en malware DELF-CA.Troj
      [MD5.00000000000000000000000000000000] [APT] [{38FB2675-C41B-4CCF-9CD2-17CF26A0136B}] (...) -- E:PATIENCEGOODSOLGOODSOL2.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{3BCF1085-79AD-44F6-AD4B-29E30780AA87}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{3F059D51-99DB-48B3-9A60-1FCC53B8F5B5}] (...) -- E:INSTALL.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{4466A4FF-DE6A-41E5-9BB5-DC750211F45A}] (...) -- E:INSTALL.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{517F8C25-046F-4B37-9893-F4C568392632}] (...) -- C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{59598D4A-C94F-4546-B960-F28BB2BF6763}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{63EFE0A2-539A-4784-AEC6-3FCB1AB6B286}] (...) -- E:PATIENCETETRISTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{6BBD5D31-4A98-4E69-8A17-8421E306DCB4}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{72B0437B-AD47-467F-B88F-00CFD477B453}] (...) -- E:PATIENCETETRISTETRIS.exe (.not file.) [0] => Tetris
      [MD5.9313D6F9FDDD36D3833AC1E4F2CEEC40] [APT] [{787C09A2-DB19-4EC2-BA2D-331342F0A755}] (.ENIGON-Software.) -- C:Program Files (x86)Raily3raily.exe [1268224]
      [MD5.00000000000000000000000000000000] [APT] [{8282B23C-7B61-4A28-ACE2-5AA70F41A75A}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{855A9B1E-BDDD-4D2B-B45B-F982A532EA81}] (...) -- E:CDSetupsetup.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{86623441-52DC-440C-824D-536DAA90727D}] (...) -- C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{874D98FA-E218-4786-867E-11D01105C4EC}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{90D56E64-B9FC-473A-8A2A-508B0E515016}] (...) -- E:PATIENCETETRISTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{95CE63FE-9910-4729-94C7-D2DF8389A7C2}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{98A4CFEE-D7E6-4F30-8235-AA9ECFA627E2}] (...) -- C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{9989322F-3156-4EB8-8DC2-6D561562CC95}] (...) -- C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{9CB234C8-FCCE-4740-B7AD-7A74F1715C24}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{9EED8F0A-3ACF-4721-B9DC-54CDB32198C3}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{A2F32F26-1C44-4614-AC90-0082BB1D988B}] (...) -- E:PATIENCETETRISTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{A3B4A435-B6A0-4B22-9196-F2846248A09C}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{A3BADC9D-EE85-4291-A93D-193D43FF95D5}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{A400BE87-444E-4483-AC60-2964CA742975}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{A40C883A-6C72-4B0C-A3FD-82A03C184BD3}] (...) -- E:Backup APSetup.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{ABFADB5F-54EC-4ACE-9DEA-B39714D9888F}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{AD1E416C-A7CC-439E-B3A7-696456E7695C}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{AEA45577-0385-46BD-8697-2612DF17E6D3}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{B4D93B3A-55CB-4017-B2A4-02802DD57A35}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{B5977CEB-34EC-4D73-8C96-430338D90DA6}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{BAF49A2F-2CD6-4C4E-BBC1-D6AC64E45573}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{C4FB7CAC-CC15-4014-8D5C-21F1E0AA3DE9}] (...) -- E:INSTALL.exe (.not file.) [0]
      [MD5.00000000000000000000000000000000] [APT] [{C52F8AB0-184D-4407-8EDF-966228C47A73}] (...) -- E:SETUP.exe (.not file.) [0] => Existe aussi en malware DELF-CA.Troj
      [MD5.00000000000000000000000000000000] [APT] [{CEE9030F-D68E-4623-8623-9C5B0B605103}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{D278B4CC-9D4A-49AE-B079-C9FDB37719AF}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{D3381D77-AB9F-475D-AC9D-83BCCE436B94}] (...) -- C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{D415B580-9658-45F2-B5E1-EF56A3068483}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{D635AB76-89EA-4015-B2A2-10F2CB399427}] (...) -- E:SETUP.exe (.not file.) [0] => Existe aussi en malware DELF-CA.Troj
      [MD5.00000000000000000000000000000000] [APT] [{D7FF2ABC-71AE-4757-A019-FC63878C6427}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{D81E107E-B285-462D-8BC2-1CE53C1AD37B}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{D92FDFF8-DB9F-41C9-BCFE-EB290CD4BCBB}] (...) -- C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{D9E8C83B-5616-46AA-966C-486C87832345}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{DB099A9D-7639-4F2B-825B-3FD1CED62420}] (...) -- C:UsersGérardDesktopTetrisTETRIS.exe (.not file.) [0] => Tetris
      [MD5.00000000000000000000000000000000] [APT] [{E088D063-331C-4993-9826-0706E9DE9E21}] (...) -- E:SETUP.exe (.not file.) [0] => Existe aussi en malware DELF-CA.Troj
      [MD5.E478D3F0FDFEA01E2A98D504FBB8CD69] [APT] [{E568EBC9-5388-4849-BBF2-BCE3E9E83416}] (...) -- C:UsersGérardDownloadsZpc-cZpc_install.exe [180430]
      [MD5.00000000000000000000000000000000] [APT] [{F6BA03DF-678B-4F93-B0D9-C68C92D92F63}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{F771D031-270A-417F-A1E7-DAA91ED6C6B9}] (...) -- C:Program Files (x86)Anuman InteractiveBridge 2004 InitiationDEC1PLAY.exe (.not file.) [0] => Fichier absent
      [MD5.00000000000000000000000000000000] [APT] [{FEB0570E-A6F2-4492-BBC3-783154C5B549}] (...) -- E:SETUP.exe (.not file.) [0] => Existe aussi en malware DELF-CA.Troj
      O42 - Logiciel: Elevated Installer - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {93765DFA-8A67-41FB-9FC0-B12341CA65F3}
      O42 - Logiciel: Elevated Installer - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {93765DFA-8A67-41FB-9FC0-B12341CA65F3}
      O42 - Logiciel: Java 7 Update 40 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417040FF} => Sun Microsystems Java
      O42 - Logiciel: Java 6 Update 31 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216031FF} => Oracle
      O42 - Logiciel: Windows98 SE driver - (.Initio.) [HKLM][64Bits] -- Windows98 SE driver_is1
      [HKCUSoftwareRestart]
      [HKLMSoftwareSUPERAntiSpyware.com] => SUPERAntiSpyware.com*
      [HKLMSoftwareWow6432NodeIncrediMail] => Messaging.Incredimail
      O43 - CFD: 05/11/2013 - 13:51:58 - [] ----D C:Program Files (x86)98se
      O43 - CFD: 25/04/2014 - 09:07:44 - [] ----D C:ProgramDataeBay =>Toolbar.eBay
      O43 - CFD: 04/04/2014 - 00:20:51 - [] ----D C:UsersGérardAppDataRoamingGlarySoft
      O43 - CFD: 09/05/2014 - 20:14:35 - [] ----D C:UsersGérardAppDataRoamingSystem
      O44 - LFC:[MD5.4F7160F9A49CF3AF5AA6663245C62C48] - 06/05/2014 - 20:38:42 ---A- . (...) -- C:Windows_delis32.ini [552] => Infection Diverse (AGENT-GZ.Troj)
      O62 - ADS:Alternate Data Stream File - C:WindowsSystem32hcwhdpvr.ax:Zone.Identifier
      O64 - Services: CurCS - 11/02/2011 - C:WindowsSystem32driversnpf.sys (npf) .(.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) - LEGACY_NPF
      OPT:SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:Program FilesBonjourmDNSResponder.exe
      C:ProgramDataeBay =>Toolbar.eBay^
      ProxyFix
      EmptyPrefetch
      EmptyFlash
      SysRestore
      FirewallRAZ
      EmptyTemp

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Les lignes précedemment copiées doivent être collées dans le cadre
      3. Si c’est le cas, Clic sur “GO


      exemple :

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

    Après avoir passé ce fix , tu me dis comment ça va ?
    :merci2:

  • cambouis
    Participant
    Nombre d'articles : 128

    Bonjour,
    Voici le lien pour le rapport ZPHFix : https://antimalware.top/www/?a=d&i=VOsBFRKmRP” onclick=”window.open(this.href);return false;
    Cordialement
    :merci2:

  • buckhulk
    Participant
    Nombre d'articles : 2391

    il y a un java que j’ai oublié :

    Java 7 Update 40

    tu peux refaire ça stp :

    • Séléctionne et copie le script suivant :

      Script ZHPFix
      Java 7 Update 40
    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Les lignes précedemment copiées doivent être collées dans le cadre
      3. Si c’est le cas, Clic sur “GO


      exemple :

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

    De toute façon ce n’est pas bien grave , comment fonctionne l’ordi maintenant ?

  • cambouis
    Participant
    Nombre d'articles : 128

    Et voilà le lien : https://antimalware.top/www/?a=d&i=278EgVkOy1” onclick=”window.open(this.href);return false;

    Une petite question, tu m’a fait désinstaller Java, pourquoi ?
    @+
    :merci2:

  • buckhulk
    Participant
    Nombre d'articles : 2391

    Je t’ai fait désinstaller java Java 7 Update 40 car on est à Java 7 Update 55 et tu l’as sur ton ordi , donc il faut absolument désinstaller les vielles versions de java regarde ICI

    bon de toute façon c’est pas passé !

    faut faire autrement , tu vas faire comme ça : desinstallation des vielles versions de java

    si tu n’y arrive pas , tu supprimes complètement java et tu réinstalle la dernière version Java ICI

    si tu veux des renseignements sur java : explication de java

    sinon comment fonctionne l’ordi ? tu ne m’as toujours rien dit !

  • cambouis
    Participant
    Nombre d'articles : 128

    Re bonjour,

    Mon PC est plus rapide !!! et aussi il démarre plus rapidement !!! en BREF il est redevenu normal !
    Tu m’a également fait désinstaller “Super Antispywares” serai ce un mauvais logiciel ?
    Je te remercie pour le temps que tu as passé pour m’aider.
    Je vais suivre tes dernières instructions et je te t’informerais du résultat.
    Encore un grand merci pour le travail que tu fait.
    Bien cordialement
    cambouis

  • buckhulk
    Participant
    Nombre d'articles : 2391
    Tu m'a également fait désinstaller "Super Antispywares" serai ce un mauvais logiciel ?

    c’est pas un “mauvais logiciel” , il est complétement dépassé tout simplement et peut t’attirer des “ennuis” il vaut mieux utiliser Malwarebytes une fois par mois (le gratuit) .

    ok donc voici le canned de fin de sosvirus :

    avant passe Delfix :

    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche la case suivantes :
      • Réactiver l’UAC
      • Supprimer les outils de désinfection
      • Effectuer une sauvegarde du registre
      • Purger la restauration système
      • Réinitialisation des paramètres système

    [fin2desinf:291c5xqj][/fin2desinf:291c5xqj]
    [diapo2:291c5xqj][/diapo2:291c5xqj]

    bonne journée
    :bye:

  • cambouis
    Participant
    Nombre d'articles : 128

    Merci pour tous ces conseils,
    J’ai fini le nettoyage avec Delfix.

    :merci2: et :bravo1: :bravo1: :bravo1:

  • buckhulk
    Participant
    Nombre d'articles : 2391

    alors passe une bonne journée :bye:

Le sujet ‘Ports USB infectés’ est fermé à de nouvelles réponses.