Problème de disque dur externe et disques amovibles 2013-10-29T19:08:33+00:00

Dépannage Informatique : Problème de disque dur externe et disques amovibles

  • Auteur
    Messages
  • Younes
    Participant
    Nombre d'articles : 14

    Bonsoir chers tous… Je subi depuis un moment des tracasseries dues a mon disque dur externe. En fait, je suis un passionné de Simulation et Microsoft FSX est mon seul et véritable passe temps. Ceci dit, tous mes addons, logiciels de pilotage ayant rapport avec mon simulateur sont stockés sur mon disque dur externe. Le problème se manifeste comme suit:

    – J’ouvre mon disque dur externe
    – Je clique sur le dossier FSADDONS (contenant tous mes logiciels et softwares)
    Et là c’est la cata… une bulle de dialogue apparaît et me signale que: Windows ne trouve pas GFSADDONS.exe”. Vérifier que vous avez entré le nom correct, puis réessayez. Et mon dossier disparaît des que je ferme la bulle de dialogue
    Alors je me demande quel est le pb vu que c’est un dossier et non un fichier “.exe” du coup je me suis rendu sur la toile pour y recueillir certaines astuces et je me suis retrouvé sur cette plateforme… Elle n’est pas belle la vie? :fumeunpeco:
    Bon assez parlé, passons aux choses sérieuses….

  • Younes
    Participant
    Nombre d'articles : 14

    [spoiler:1n9ryu5e]############################## | UsbFix V 7.146 | [Recherche]

    Utilisateur: Younes (Administrateur) # YOUNES-PC
    Mis à jour le 28/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 18:51:38 | 29/10/2013

    Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: ASUSTeK COMPUTER INC. (P8H61)
    CPU: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    RAM -> [Total : 8157 | Free : 4340]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 64-Bit)
    WB: Windows Internet Explorer : 8.0.7600.16385
    WB: Google Chrome : 30.0.1599.101
    WB: Mozilla Firefox : 6.0

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [Enabled | Updated]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 146 Go (5 Go libre(s) – 3%) [] # NTFS
    D: -> Disque fixe # 319 Go (218 Go libre(s) – 68%) [FsX] # NTFS
    E: -> CD-ROM
    F: -> CD-ROM
    G: -> Disque fixe # 149 Go (52 Go libre(s) – 35%) [YOUNES] # FAT32

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID: 664 |ParentID: 656)
    C:Windowssystem32wininit.exe (ID: 724 |ParentID: 656)
    C:Windowssystem32csrss.exe (ID: 752 |ParentID: 736)
    C:Windowssystem32services.exe (ID: 808 |ParentID: 724)
    C:Windowssystem32winlogon.exe (ID: 832 |ParentID: 736)
    C:Windowssystem32lsass.exe (ID: 868 |ParentID: 724)
    C:Windowssystem32lsm.exe (ID: 880 |ParentID: 724)
    C:Windowssystem32svchost.exe (ID: 992 |ParentID: 808)
    C:Windowssystem32svchost.exe (ID: 476 |ParentID: 808)
    C:WindowsSystem32svchost.exe (ID: 676 |ParentID: 808)
    C:WindowsSystem32svchost.exe (ID: 896 |ParentID: 808)
    C:Windowssystem32svchost.exe (ID: 944 |ParentID: 808)
    C:Windowssystem32AUDIODG.EXE (ID: 1104 |ParentID: 676)
    C:Windowssystem32svchost.exe (ID: 1168 |ParentID: 808)
    C:Windowssystem32svchost.exe (ID: 1280 |ParentID: 808)
    C:Program FilesAlwil SoftwareAvast5AvastSvc.exe (ID: 1352 |ParentID: 808)
    C:Windowssystem32Dwm.exe (ID: 1504 |ParentID: 896)
    C:WindowsExplorer.EXE (ID: 1656 |ParentID: 1496)
    C:Windowssystem32taskhost.exe (ID: 1768 |ParentID: 808)
    C:Windowssystem32svchost.exe (ID: 2036 |ParentID: 808)
    C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1484 |ParentID: 808)
    C:WindowsRNDIS_MGRWmGenieFwSrv.exe (ID: 1424 |ParentID: 808)
    C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 1100 |ParentID: 808)
    C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 2548 |ParentID: 808)
    C:Windowssystem32svchost.exe (ID: 2696 |ParentID: 808)
    C:Program Files (x86)RazerRazer Game BoosterRzKLService.exe (ID: 2860 |ParentID: 808)
    C:Program Files (x86)SuperCopierSuperCopier2.exe (ID: 2816 |ParentID: 1656)
    C:Program FilesAlwil SoftwareAvast5AvastUI.exe (ID: 1988 |ParentID: 356)
    C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID: 2148 |ParentID: 356)
    C:Windowssystem32SearchIndexer.exe (ID: 2436 |ParentID: 808)
    C:WindowsSystem32svchost.exe (ID: 3616 |ParentID: 808)
    D:Program Files (x86)fsx.exe (ID: 3144 |ParentID: 3416)
    D:Program Files (x86)fsdreamteamcouatlcouatl.exe (ID: 4060 |ParentID: 3144)
    C:Windowssystem32svchost.exe (ID: 1124 |ParentID: 808)
    C:WindowsSystem32spoolsv.exe (ID: 2996 |ParentID: 808)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 1456 |ParentID: 1872)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 452 |ParentID: 1456)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3944 |ParentID: 1456)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3952 |ParentID: 1456)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 3320 |ParentID: 1456)
    C:Windowssystem32taskhost.exe (ID: 2612 |ParentID: 808)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4788 |ParentID: 1456)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4552 |ParentID: 1456)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4876 |ParentID: 1456)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 4236 |ParentID: 1456)
    C:Program Files (x86)GoogleChromeApplicationchrome.exe (ID: 2528 |ParentID: 1456)
    C:UsbFixGo.exe (ID: 3704 |ParentID: 1924)
    C:Windowssystem32wbemwmiprvse.exe (ID: 4796 |ParentID: 992)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-274241942-440908366-385262484-1000SOFTWARE | Run : [ultracopier] – “C:Program Files (x86)Supercopiersupercopier.exe”
    HKUS-1-5-21-274241942-440908366-385262484-1000SOFTWARE | Run : [SuperCopier2.exe] – C:Program Files (x86)SuperCopierSuperCopier2.exe
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-18SOFTWARE | RunOnce : [FlashPlayerUpdate] – C:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_110_ActiveX.exe -update activex

    ################## | Référence de comparaison MD5 |

    Md5 : d41d8cd98f00b204e9800998ecf8427e -> G:keybd.exe

    ################## | Recherche générique |

    Présent! G:keybd.exe
    Présent! G:trz4D2F.tmp

    ################## | Comparaison MD5 |

    Présent! Md5 : D41D8CD98F00B204E9800998ECF8427E -> C:UsersYounesMusiccompilsAlbumTHOMOS Arcordéon (09-04-2009 11-13-59)Album inconnu (09-04-2009 11-13-59) .exe
    Présent! Md5 : D41D8CD98F00B204E9800998ECF8427E -> C:UsersYounesMusiccompilsAlbumTHOMOS Arcordéon (09-04-2009 11-13-59)FloppyDiskPartion.exe
    Présent! Md5 : D41D8CD98F00B204E9800998ECF8427E -> G:keybd.exe

    ################## | Registre |

    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|EnableLUA -> 0
    Présent! HKCUSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoFolderOptions -> 1
    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 1
    Présent! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 1

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:1n9ryu5e]

  • Younes
    Participant
    Nombre d'articles : 14

    [spoiler:1s2bbpwx]# AdwCleaner v3.010 – Rapport créé le 29/10/2013 à 19:11:03
    # Mis à jour le 20/10/2013 par Xplode
    # Système d'exploitation : Windows 7 Ultimate (64 bits)
    # Nom d'utilisateur : Younes – YOUNES-PC
    # Exécuté depuis : C:UsersYounesDownloadsadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    [!] Dossier Supprimé : C:ProgramDataStarApp
    [!] Dossier Supprimé : C:ProgramDataBBrowsee2sAove
    [!] Dossier Supprimé : C:ProgramDataconTinuetoySiavae
    [!] Dossier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsSpeedbit Video Downloader
    [!] Dossier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsBBrowsee2sAove
    [!] Dossier Supprimé : C:Program Files (x86)BrowseToSave
    [!] Dossier Supprimé : C:Program Files (x86)continuetosave
    [!] Dossier Supprimé : C:Program Files (x86)RegClean Pro
    [!] Dossier Supprimé : C:Program Files (x86)SearchPredict
    [!] Dossier Supprimé : C:Program Files (x86)Speedbit Video Downloader
    [!] Dossier Supprimé : C:Program Files (x86)Vuze
    [!] Dossier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsSpeedbit Video Downloader
    [!] Dossier Supprimé : C:ProgramDataMicrosoftWindowsStart MenuProgramsBBrowsee2sAove
    [!] Dossier Supprimé : C:UsersYounesAppDataLocalLowToolbar4
    [!] Dossier Supprimé : C:UsersYounesAppDataRoamingMozillaFirefoxProfiles1p8xu5sc.defaultExtensions{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
    [!] Dossier Supprimé : C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultExtensionsdjcpfkccckpeeghiklnhienllljccglb
    [!] Dossier Supprimé : C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultExtensionsledcpigomgblcmofccnacobhmcdkpiea
    [!] Dossier Supprimé : C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultExtensionsohpafhbnohgogojklhkcnlgbpcgcpkak
    [!] Dossier Supprimé : C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultExtensionsjbmihfmcieemmafjkogmdabpdgjndlll
    Fichier Supprimé : C:END
    Fichier Supprimé : C:WindowsSystem32roboot64.exe

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Valeur Supprimée : HKLMSOFTWAREMozillaFirefoxExtensions [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
    Valeur Supprimée : HKLMSOFTWAREMozillaFirefoxExtensions [searchpredict@speedbit.com]
    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionsdjcpfkccckpeeghiklnhienllljccglb
    Clé Supprimée : HKLMSOFTWAREGoogleChromeExtensionsledcpigomgblcmofccnacobhmcdkpiea
    Clé Supprimée : HKLMSOFTWAREClassesAppIDTbCommonUtils.DLL
    Clé Supprimée : HKLMSOFTWAREClassesAppIDTbHelper.EXE
    Clé Supprimée : HKLMSOFTWAREClassesComObject.DeskbarEnabler
    Clé Supprimée : HKLMSOFTWAREClassesComObject.DeskbarEnabler.1
    Clé Supprimée : HKLMSOFTWAREClassesDirectoryshellSPEEDbitVideoConverter
    Clé Supprimée : HKLMSOFTWAREClassesSBConvert.SBConvert
    Clé Supprimée : HKLMSOFTWAREClassesSBConvert.SBConvert.3
    Clé Supprimée : HKLMSOFTWAREClassesSearchPredictObj.SearchPredictObj
    Clé Supprimée : HKLMSOFTWAREClassesSearchPredictObj.SearchPredictObj.1
    Clé Supprimée : HKLMSOFTWAREClassesTbCommonUtils.CommonUtils
    Clé Supprimée : HKLMSOFTWAREClassesTbCommonUtils.CommonUtils.1
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.TbDownloadManager
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.TbDownloadManager.1
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.TbPropertyManager
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.TbPropertyManager.1
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.TbRequest
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.TbRequest.1
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.TbTask
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.TbTask.1
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.ToolbarHelper
    Clé Supprimée : HKLMSOFTWAREClassesTbHelper.ToolbarHelper.1
    Clé Supprimée : HKLMSOFTWAREClassesToolbar3.ContextMenuNotifier
    Clé Supprimée : HKLMSOFTWAREClassesToolbar3.ContextMenuNotifier.1
    Clé Supprimée : HKLMSOFTWAREClassesToolbar3.CustomInternetSecurityImpl
    Clé Supprimée : HKLMSOFTWAREClassesToolbar3.CustomInternetSecurityImpl.1
    Clé Supprimée : HKLMSOFTWAREClassesToolbar3.SearchProviderManager
    Clé Supprimée : HKLMSOFTWAREClassesToolbar3.SearchProviderManager.1
    Clé Supprimée : HKLMSOFTWAREClassesURLSearchHook.ToolbarURLSearchHook
    Clé Supprimée : HKLMSOFTWAREClassesURLSearchHook.ToolbarURLSearchHook.1
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingsystweakasp_rasapi32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingsystweakasp_rasmancs
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallSP_e14dcdfa
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallSP_f2a323db
    Clé Supprimée : HKLMSOFTWAREClassesAppID{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Clé Supprimée : HKLMSOFTWAREClassesAppID{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{389943B0-C3A2-4E69-82CB-8596A84CB3DC}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{92A9ACF4-9333-43AE-9698-DB283326F87F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{C339D489-FABC-41DD-B39D-276101667C70}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{FF7C3CF0-4B15-11D1-ABED-709549C10000}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{61D6341F-E5AF-A797-3DEB-1EBC78191E16}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{2A42D13C-D427-4787-821B-CF6973855778}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{6B458F62-592F-4B25-8967-E6A350A59328}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{81E852CC-1FD5-4004-8761-79A48B975E29}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{3BCF582D-CA87-4C6F-AF3D-B3548A976AB3}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{4509D3CC-B642-4745-B030-645B79522C6D}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{E2343056-CC08-46AC-B898-BFC7ACF4E755}
    Clé Supprimée : HKLMSOFTWAREClassesTypeLib{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{389943B0-C3A2-4E69-82CB-8596A84CB3DC}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{92A9ACF4-9333-43AE-9698-DB283326F87F}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FF7C3CF0-4B15-11D1-ABED-709549C10000}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{61D6341F-E5AF-A797-3DEB-1EBC78191E16}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{389943B0-C3A2-4E69-82CB-8596A84CB3DC}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{92A9ACF4-9333-43AE-9698-DB283326F87F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{FF7C3CF0-4B15-11D1-ABED-709549C10000}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{61D6341F-E5AF-A797-3DEB-1EBC78191E16}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{389943B0-C3A2-4E69-82CB-8596A84CB3DC}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{92A9ACF4-9333-43AE-9698-DB283326F87F}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FF7C3CF0-4B15-11D1-ABED-709549C10000}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{61D6341F-E5AF-A797-3DEB-1EBC78191E16}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{603C4CC9-5DC6-4C44-873F-8281509DF953}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Valeur Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
    Valeur Supprimée : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{0329E7D6-6F54-462D-93F6-F5C3118BADF2}]
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{0FA32667-9A8A-4E9C-902F-CA3323180003}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{2A42D13C-D427-4787-821B-CF6973855778}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{6B458F62-592F-4B25-8967-E6A350A59328}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{81E852CC-1FD5-4004-8761-79A48B975E29}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesInterface{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
    Clé Supprimée : HKCUSoftwareConduit
    Clé Supprimée : HKCUSoftwareAppDataLowSProtector
    Clé Supprimée : HKLMSoftwareConduit
    Clé Supprimée : HKLMSoftwareSP Global
    Clé Supprimée : HKLMSoftwareSProtector
    Clé Supprimée : HKLMSoftwaresystweak
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallSPEEDbit Video Downloader
    Donnée Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows [AppInit_DLLs] – c:progra~2browse~1sprote~1.dll
    Donnée Supprimée : HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows [AppInit_DLLs] – c:progra~2contin~1sprote~1.dll

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v8.0.7600.16385

    -\ Mozilla Firefox v6.0 (fr)

    [ Fichier : C:UsersYounesAppDataRoamingMozillaFirefoxProfiles1p8xu5sc.defaultprefs.js ]

    Ligne Supprimée : user_pref(“extensions.enabledAddons”, “searchpredict@speedbit.com:1.0.1.0,{0329E7D6-6F54-462D-93F6-F5C3118BADF2}:3.0.9,{972ce4c6-7e08-4474-a285-3208198ce6fd}:6.0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var1”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var10”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var2”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var3”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var4”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var5”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var6”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var7”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var8”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.Var9”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.cache.tbs_include_xml_spd”, “41/13/19/11/112”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.firstlaunch”, “0”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.guid”, “%7BB16AEEE8-DE3C-A85A-E710-B611B163452E%7D”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader.userId”, “%12”);
    Ligne Supprimée : user_pref(“speedbitvideodownloader_installed_version”, “3.0.9”);

    -\ Google Chrome v30.0.1599.101

    [ Fichier : C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [14626 octets] – [29/10/2013 19:00:40]
    AdwCleaner[R1].txt – [14605 octets] – [29/10/2013 19:10:16]
    AdwCleaner[S0].txt – [14582 octets] – [29/10/2013 19:11:03]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [14643 octets] ##########[/spoiler:1s2bbpwx]

  • Younes
    Participant
    Nombre d'articles : 14

    [spoiler:3jfkh7r8]Malwarebytes Anti-Malware 1.75.0.1300
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Version de la base de données: v2013.10.29.08

    Windows 7 x64 NTFS
    Internet Explorer 8.0.7600.16385
    Younes :: YOUNES-PC [administrateur]

    10/29/2013 6:58:35 PM
    mbam-log-2013-10-29 (18-58-35).txt

    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 217358
    Temps écoulé: 6 minute(s), 17 seconde(s)

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 13
    HKCRCLSID{61D6341F-E5AF-A797-3DEB-1EBC78191E16} (PUP.Optional.MultiPlug.A) -> Aucune action effectuée.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{61D6341F-E5AF-A797-3DEB-1EBC78191E16} (PUP.Optional.MultiPlug.A) -> Aucune action effectuée.
    HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtSettings{61D6341F-E5AF-A797-3DEB-1EBC78191E16} (PUP.Optional.MultiPlug.A) -> Aucune action effectuée.
    HKCUSOFTWAREMicrosoftWindowsCurrentVersionExtStats{61D6341F-E5AF-A797-3DEB-1EBC78191E16} (PUP.Optional.MultiPlug.A) -> Aucune action effectuée.
    HKCRTypelib{F126C9FC-9299-40F2-BD42-C59023AD1E7F} (PUP.Optional.GetNow.A) -> Aucune action effectuée.
    HKCRInterface{237FDFDB-3722-470E-8BA8-90196DABE967} (PUP.Optional.GetNow.A) -> Aucune action effectuée.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} (PUP.Optional.SilentInstall.A) -> Aucune action effectuée.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{CDB906BF-80F9-419F-B9E0-F41F0F7ACA5A} (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{C588D857-090E-4F80-A59A-8DB934E54A08} (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{977BE994-7875-490D-9660-928752B407AC} (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{09CEE975-C1B4-4A2C-5E44-D7D5D657F3B9} (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    HKCUSoftwareAppDataLowSProtector (PUP.Optional.SProtector.A) -> Aucune action effectuée.
    HKLMSOFTWAREMicrosoftShipTr (Trojan.ShipUp) -> Mis en quarantaine et supprimé avec succès.

    Valeur(s) du Registre détectée(s): 1
    HKCUSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer|NoFolderOptions (Hijack.FolderOptions) -> Données: 1 -> Mis en quarantaine et supprimé avec succès.

    Elément(s) de données du Registre détecté(s): 3
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Mauvais: (c:progra~2browse~1sprote~1.dll) Bon: () -> Aucune action effectuée.
    HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWindows|AppInit_DLLs (PUP.Optional.SProtect.A) -> Mauvais: (c:progra~2contin~1sprote~1.dll) Bon: () -> Aucune action effectuée.
    HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvancedFolderHiddenSHOWALL|CheckedValue (PUM.Hijack.System.Hidden) -> Mauvais: (0) Bon: (1) -> Mis en quarantaine et réparé avec succès

    Dossier(s) détecté(s): 1
    C:UsersYounesAppDataLocalTempct2504091 (PUP.Optional.Conduit.A) -> Aucune action effectuée.

    Fichier(s) détecté(s): 16
    C:Program Files (x86)BrowseToSavesprotector.dll (PUP.Optional.SProtect.A) -> Aucune action effectuée.
    C:Program Files (x86)ContinueToSavesprotector.dll (PUP.Optional.SProtect.A) -> Aucune action effectuée.
    C:ProgramDataBBrowsee2sAove51513233b991a.dll (PUP.Optional.MultiPlug.A) -> Aucune action effectuée.
    C:ProgramDataBBrowsee2sAoveuninstall.exe (PUP.Optional.SilentInstall.A) -> Aucune action effectuée.
    C:ProgramDataconTinuetoySiavae51a35f73ed606.dll (PUP.Optional.MultiPlug.A) -> Aucune action effectuée.
    C:ProgramDataInstallMate{A9A31518-A016-4A77-A89C-E834724037EE}Setup.exe (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataInstallMate{A9A31518-A016-4A77-A89C-E834724037EE}TsuDll.dll (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataInstallMate{C9152DAA-673B-43D0-A13B-2F1912F60F5C}Setup.exe (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataInstallMate{C9152DAA-673B-43D0-A13B-2F1912F60F5C}TsuDll.dll (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataInstallMate{C9216AD5-52C9-4FCA-AD21-1AEB12C24823}Setup.exe (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataInstallMate{C9216AD5-52C9-4FCA-AD21-1AEB12C24823}TsuDll.dll (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataInstallMate{DF8A3BBD-6CEF-4E40-ACAB-24CD0469194B}Setup.exe (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:ProgramDataInstallMate{DF8A3BBD-6CEF-4E40-ACAB-24CD0469194B}TsuDll.dll (PUP.Optional.Tarma.A) -> Aucune action effectuée.
    C:UsersYounesAppDataLocalTempct2504091ism.exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:UsersYounesLocal SettingsTemporary Internet FilesContent.IE5LNLXF0LGism[1].exe (PUP.Optional.Conduit.A) -> Aucune action effectuée.
    C:ProgramDataInstallMate{A9A31518-A016-4A77-A89C-E834724037EE}Custom.dll (Trojan.MSIL.Injector) -> Mis en quarantaine et supprimé avec succès.

    (fin)[/spoiler:3jfkh7r8]

  • Younes
    Participant
    Nombre d'articles : 14

    Voici ce à quoi j’ai désormais droit

    … Merci X1000 de votre aide car perdre tous mes logiciels serai synonyme de banqueroute tellement j’ai investi en temps et argent pour les avoir…

  • Younes
    Participant
    Nombre d'articles : 14

    Le rapport ZHPDIAG est trop long et ne suffit pas dans la fenêtre

  • Anonyme
    Nombre d'articles : 0

    Hello ,

    Bienvenue sur SosVirus :welcome:

    Le rapport ZHPDIAG est trop long et ne suffit pas dans la fenêtre

    Héberge ce rapport sur SosUpload : https://antimalware.top/” onclick=”window.open(this.href);return false;

    • Exécute UsbFix
    • Choisi l’option Suppression

      Note : Si UsbFix bloque à 14%, éxécute UsbFix en mode sans échec. (Voir >> ICI <<)

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse
  • Younes
    Participant
    Nombre d'articles : 14

    Le rapport ZHPDIAG https://antimalware.top/log/SosUpload.cd94f43877c00a3e9b89a93f7fbec3a7.txt” onclick=”window.open(this.href);return false;

    je reviens dans quelques minutes avec le rapport USBFIX (mode sans échec), Le disque dur externe doit-il être branché durant le scan?

  • Anonyme
    Nombre d'articles : 0

    Le disque dur externe doit-il être branché durant le scan?

    Oui stp

  • Younes
    Participant
    Nombre d'articles : 14

    @El Desaparecido wrote:

    Le disque dur externe doit-il être branché durant le scan?

    Oui stp

    Voila ce que ca donne

    [spoiler:2mm09x54]############################## | UsbFix V 7.146 | [Suppression]

    Utilisateur: Younes (Administrateur) # YOUNES-PC
    Mis à jour le 28/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 10:00:58 | 30/10/2013

    Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: ASUSTeK COMPUTER INC. (P8H61)
    CPU: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    RAM -> [Total : 8157 | Free : 6819]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 64-Bit)
    WB: Windows Internet Explorer : 8.0.7600.16385
    WB: Google Chrome : 30.0.1599.101
    WB: Mozilla Firefox : 6.0

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    AS: Malwarebytes' Anti-Malware : 1.75.0001
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 146 Go (4 Go libre(s) – 3%) [] # NTFS
    D: -> Disque fixe # 319 Go (218 Go libre(s) – 68%) [FsX] # NTFS
    E: -> CD-ROM
    F: -> CD-ROM
    G: -> Disque fixe # 149 Go (52 Go libre(s) – 35%) [YOUNES] # FAT32

    ################## | Processus Stoppés |

    Stoppé! C:Program FilesAlwil SoftwareAvast5AvastSvc.exe (ID: 1328 |ParentID: 820)
    Stoppé! C:WindowsSystem32spoolsv.exe (ID: 1776 |ParentID: 820)
    Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID: 1900 |ParentID: 820)
    Stoppé! C:WindowsRNDIS_MGRWmGenieFwSrv.exe (ID: 1944 |ParentID: 820)
    Stoppé! C:Program Files (x86)RazerRazer Game BoosterRzKLService.exe (ID: 2016 |ParentID: 820)
    Stoppé! C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID: 1472 |ParentID: 820)
    Stoppé! C:Windowssystem32sppsvc.exe (ID: 2212 |ParentID: 820)
    Stoppé! C:Windowssystem32taskhost.exe (ID: 2724 |ParentID: 820)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE (ID: 2004 |ParentID: 820)
    Stoppé! C:WindowsExplorer.EXE (ID: 2844 |ParentID: 2864)
    Stoppé! C:Program Files (x86)SuperCopierSuperCopier2.exe (ID: 1500 |ParentID: 2844)
    Stoppé! C:Program FilesAlwil SoftwareAvast5AvastUI.exe (ID: 3060 |ParentID: 1540)
    Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (ID: 1348 |ParentID: 1540)
    Stoppé! C:Windowssystem32SearchIndexer.exe (ID: 3156 |ParentID: 820)
    Stoppé! C:Windowssystem32taskmgr.exe (ID: 3496 |ParentID: 860)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [avast5] – “C:Program FilesAlwil SoftwareAvast5avastUI.exe” /nogui
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-274241942-440908366-385262484-1000SOFTWARE | Run : [ultracopier] – “C:Program Files (x86)Supercopiersupercopier.exe”
    HKUS-1-5-21-274241942-440908366-385262484-1000SOFTWARE | Run : [SuperCopier2.exe] – C:Program Files (x86)SuperCopierSuperCopier2.exe
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-18SOFTWARE | RunOnce : [FlashPlayerUpdate] – C:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_110_ActiveX.exe -update activex

    ################## | Référence de comparaison MD5 |

    Md5 : 435cd9fd0193721b56f0c632b5f4a489 -> G:$RECYCLE.BIN.exe
    Md5 : 435cd9fd0193721b56f0c632b5f4a489 -> G:$RECYCLE.BIN.exe
    Md5 : d41d8cd98f00b204e9800998ecf8427e -> G:keybd.exe
    Md5 : 9d8e00cadce7fdc1b6f7f6dc2808624f -> G:System Volume Information.exe
    Md5 : 9d8e00cadce7fdc1b6f7f6dc2808624f -> G:System Volume Information.exe

    ################## | Recherche générique |

    Supprimé! G:$RECYCLE.BIN.exe
    Non supprimé ! G:FS Addons.exe
    Supprimé! G:cours photoshop.exe
    Supprimé! G:System Volume Information.exe
    Supprimé! G:$RECYCLE.BIN$RMVWAML.exe
    Supprimé! G:$RECYCLE.BIN$RGHB91J.exe
    Supprimé! G:$RECYCLE.BIN$RRGTFRG.exe
    Supprimé! G:$RECYCLE.BIN$R2CSGQT.exe
    Supprimé! G:$RECYCLE.BIN$RGDAQFA.exe
    Supprimé! G:$RECYCLE.BIN$R3JZ2JN.exe
    Supprimé! G:$RECYCLE.BIN$ROMWFN9.exe
    Supprimé! G:$RECYCLE.BIN$RD0Q0NE.exe
    Supprimé! G:$RECYCLE.BIN$RA0IKDZ.exe
    Supprimé! G:$RECYCLE.BIN$R5IH8GY.exe
    Supprimé! G:$RECYCLE.BIN$R8ROM5Z.exe
    Supprimé! G:$RECYCLE.BIN$R436S7N.exe
    Supprimé! G:$RECYCLE.BIN$R7D8RUT.exe
    Supprimé! G:keybd.exe
    Supprimé! G:trz4D2F.tmp

    (!) Fichiers temporaires supprimés.

    ################## | Comparaison MD5 |

    Supprimé! Md5 : D41D8CD98F00B204E9800998ECF8427E -> C:UsersYounesMusiccompilsAlbumTHOMOS Arcordéon (09-04-2009 11-13-59)Album inconnu (09-04-2009 11-13-59) .exe
    Supprimé! Md5 : D41D8CD98F00B204E9800998ECF8427E -> C:UsersYounesMusiccompilsAlbumTHOMOS Arcordéon (09-04-2009 11-13-59)FloppyDiskPartion.exe
    Non supprimé ! Md5 : D41D8CD98F00B204E9800998ECF8427E -> G:keybd.exe
    Non supprimé ! Md5 : 435CD9FD0193721B56F0C632B5F4A489 -> G:$RECYCLE.BIN.exe
    Non supprimé ! Md5 : 9D8E00CADCE7FDC1B6F7F6DC2808624F -> G:System Volume Information.exe

    ################## | Registre |

    Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem|EnableLUA -> 1
    Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktop -> 0
    Réparé ! HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer|NoActiveDesktopChanges -> 0
    Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{28cf3a03-ebbb-11d4-b3e6-95ef46324056}
    Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{64dfe974-331d-11e2-baa5-5404a61f0b6b}
    Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{6b1a8f8c-ebbd-11d4-a7c3-bd573001930f}
    Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{aa269ba6-3701-11e2-9111-5404a61f0b6b}
    Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{bb603503-e3eb-11e2-8466-001ffb5309e5}
    Supprimé! HKUS-1-5-21-274241942-440908366-385262484-1000Software….Mountpoints2{def75208-3553-11e2-ae6d-001ffb5309e5}

    ################## | Listing |

    [16/01/2001 – 15:25:23 | SHD ] C:$Recycle.Bin
    [29/10/2013 – 19:11:09 | DC ] C:AdwCleaner
    [30/06/2013 – 15:09:14 | RASHDC ] C:Autorun.inf
    [29/10/2013 – 14:07:28 | C | 21685] C:autoupdate.log
    [29/10/2013 – 17:56:58 | SHDC ] C:Config.Msi
    [14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
    [30/10/2013 – 09:49:33 | ASH | 6414835712] C:hiberfil.sys
    [16/01/2001 – 15:41:54 | D ] C:Intel
    [22/07/2012 – 10:06:29 | C | 1015] C:logFile.xsl
    [22/07/2012 – 10:07:44 | RHD ] C:MSOCache
    [16/01/2001 – 15:46:19 | D ] C:NVIDIA
    [30/10/2013 – 09:49:36 | ASH | 8553115648] C:pagefile.sys
    [29/10/2013 – 19:26:43 | C | 512] C:PhysicalDisk0_MBR.bin
    [05/09/2013 – 17:08:37 | D ] C:Program Files
    [29/10/2013 – 19:15:02 | D ] C:Program Files (x86)
    [29/10/2013 – 19:12:09 | HD ] C:ProgramData
    [16/01/2001 – 15:24:58 | SHD ] C:Recovery
    [29/10/2013 – 17:56:32 | SHD ] C:System Volume Information
    [30/10/2013 – 10:03:56 | DC ] C:UsbFix
    [30/10/2013 – 09:57:33 | C | 807] C:UsbFix [Clean 2] YOUNES-PC.txt
    [30/10/2013 – 09:59:30 | C | 1243] C:UsbFix [Clean 4] YOUNES-PC.txt
    [30/10/2013 – 10:04:41 | AC | 7835] C:UsbFix [Clean 5] YOUNES-PC.txt
    [29/10/2013 – 18:31:17 | C | 7073] C:UsbFix [Scan 1] YOUNES-PC.txt
    [29/10/2013 – 18:35:17 | C | 7220] C:UsbFix [Scan 2] YOUNES-PC.txt
    [29/10/2013 – 19:01:44 | C | 7197] C:UsbFix [Scan 3] YOUNES-PC.txt
    [30/06/2013 – 15:12:11 | C | 3676] C:UsbFix.txt
    [02/05/2013 – 14:22:56 | RD ] C:Users
    [30/10/2013 – 09:52:03 | D ] C:Windows
    [20/11/2012 – 18:58:13 | D ] C:wmm_log
    [16/01/2001 – 15:53:16 | SHD ] D:$RECYCLE.BIN
    [29/10/2013 – 14:01:23 | D ] D:a459ac0721ab2217a4a0588c18
    [15/12/2012 – 14:47:39 | D ] D:aircraft
    [16/11/2012 – 08:10:16 | N | 0] D:Aircraft_cameras.INI
    [15/12/2012 – 14:47:39 | N | 118761] D:airlines.txt
    [30/06/2013 – 15:09:16 | RASHD ] D:Autorun.inf
    [20/05/2013 – 06:01:32 | D ] D:B737NG
    [16/11/2012 – 08:12:05 | N | 184] D:B737_.ini
    [20/05/2013 – 06:01:43 | D ] D:CBT767
    [15/12/2012 – 14:47:39 | N | 12808] D:csl_legacy.txt
    [15/12/2012 – 14:47:39 | N | 253054] D:equipment.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1028.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1031.txt
    [07/11/2007 – 08:00:40 | N | 10134] D:eula.1033.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1036.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1040.txt
    [07/11/2007 – 08:00:40 | N | 118] D:eula.1041.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1042.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.2052.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.3082.txt
    [15/12/2012 – 14:47:39 | N | 1535] D:fictional.txt
    [07/11/2007 – 08:00:40 | N | 1110] D:globdata.ini
    [07/11/2007 – 08:03:18 | N | 562688] D:install.exe
    [07/11/2007 – 08:00:40 | N | 843] D:install.ini
    [07/11/2007 – 08:03:18 | N | 76304] D:install.res.1028.dll
    [07/11/2007 – 08:03:18 | N | 96272] D:install.res.1031.dll
    [07/11/2007 – 08:03:18 | N | 91152] D:install.res.1033.dll
    [07/11/2007 – 08:03:18 | N | 97296] D:install.res.1036.dll
    [07/11/2007 – 08:03:18 | N | 95248] D:install.res.1040.dll
    [07/11/2007 – 08:03:18 | N | 81424] D:install.res.1041.dll
    [07/11/2007 – 08:03:18 | N | 79888] D:install.res.1042.dll
    [07/11/2007 – 08:03:18 | N | 75792] D:install.res.2052.dll
    [07/11/2007 – 08:03:18 | N | 96272] D:install.res.3082.dll
    [15/12/2012 – 14:47:39 | N | 11295] D:liveries.txt
    [09/09/2013 – 19:53:46 | D ] D:msdownld.tmp
    [15/12/2012 – 14:47:39 | D ] D:networks
    [06/09/2013 – 12:55:32 | D ] D:Program Files
    [29/10/2013 – 15:47:26 | D ] D:Program Files (x86)
    [15/12/2012 – 14:47:40 | N | 307] D:readme.txt
    [15/12/2012 – 14:47:39 | N | 4935] D:related.txt
    [15/12/2012 – 14:47:39 | N | 81920] D:sbaicontrol10.dll
    [15/12/2012 – 14:47:39 | N | 4468736] D:sbimage.dll
    [15/12/2012 – 14:47:39 | N | 4063232] D:sbmod10.dll
    [15/12/2012 – 14:47:39 | N | 212992] D:sbtrans10.dll
    [15/12/2012 – 14:47:40 | N | 77824] D:sbuninstall.exe
    [15/12/2012 – 14:47:39 | N | 2579968] D:simconnect.msi
    [15/12/2012 – 14:47:39 | D ] D:sound
    [15/12/2012 – 14:47:40 | N | 2550] D:squawkbox.ico
    [15/12/2012 – 14:47:40 | N | 13400] D:squawkbox_eula.txt
    [15/12/2012 – 14:47:39 | N | 1118208] D:squawkbox_fs.exe
    [15/12/2012 – 14:47:39 | N | 1093632] D:squawkbox_fsx.exe
    [16/01/2001 – 15:53:01 | SHD ] D:System Volume Information
    [07/11/2007 – 08:00:40 | N | 5686] D:vcredist.bmp
    [16/11/2012 – 08:10:13 | N | 313] D:VC_cameras.INI
    [07/11/2007 – 08:09:22 | N | 1442522] D:VC_RED.cab
    [07/11/2007 – 08:12:28 | N | 232960] D:VC_RED.MSI
    [15/12/2012 – 14:47:39 | D ] D:weather
    [15/12/2012 – 14:47:39 | N | 308209] D:wx.txt
    [13/03/2012 – 08:37:18 | SHD ] G:$RECYCLE.BIN
    [21/07/2012 – 11:13:54 | D ] G:FS Addons
    [18/08/2012 – 22:48:50 | D ] G:cours photoshop
    [29/10/2013 – 20:01:08 | N | 2] G:ldupver.txt
    [29/10/2013 – 20:35:22 | SHD ] G:System Volume Information
    [05/12/2012 – 10:29:04 | N | 0] G:keybd.exe
    [21/04/2006 – 18:25:18 | D ] G:Recycled
    [03/06/2013 – 17:22:52 | D ] G:XP-Update
    [03/06/2013 – 17:22:52 | D ] G:msdn
    [29/10/2013 – 20:01:24 | N | 94208] G:$RECYCLE.BIN.exe
    [29/10/2013 – 20:01:26 | N | 94208] G:FS Addons.exe
    [29/10/2013 – 20:01:26 | N | 94208] G:cours photoshop.exe
    [29/10/2013 – 20:01:26 | N | 94208] G:System Volume Information.exe

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:2mm09x54]

  • Evasion60
    Participant
    Nombre d'articles : 1557

    :hello: Bonjour El Desaparecido

    —\ Windows product information
    ~ Langage: Anglais
    Windows 7 Ultimate Edition, 64-bit (Build 7600) => Microsoft Corporation // Non à jour
    Windows Server License Manager Script : Absent (Not found) // Version Windows non officielle
    Windows ID Activation : Inconnue (Unknown) // Version Windows non officielle
    Windows Licence : Inconnue (Unknown) // Version Windows non officielle
    Software Protection Service (Protection logicielle) : KO // Windows Protection Logicielle désactivée
    Windows Automatic Updates : OK => Windows Updates Activées
    Windows Activation Technologies : OK => Windows Activation Technologies (KB971033) Intallée

    🙁

  • Younes
    Participant
    Nombre d'articles : 14

    @evasion60 wrote:

    :hello: Bonjour El Desaparecido

    —\ Windows product information
    ~ Langage: Anglais
    Windows 7 Ultimate Edition, 64-bit (Build 7600) => Microsoft Corporation // Non à jour
    Windows Server License Manager Script : Absent (Not found) // Version Windows non officielle
    Windows ID Activation : Inconnue (Unknown) // Version Windows non officielle
    Windows Licence : Inconnue (Unknown) // Version Windows non officielle
    Software Protection Service (Protection logicielle) : KO // Windows Protection Logicielle désactivée
    Windows Automatic Updates : OK => Windows Updates Activées
    Windows Activation Technologies : OK => Windows Activation Technologies (KB971033) Intallée

    🙁

    Sur mon rapport d’hier cela ne figurait pas, il a fallu que je passe en mode sans échec pour que windows me demande d’activer le produit, j’ai le logiciel officiel de W7 qui m’a été livré avec le PC( je ne comprend pas d’ou me vient ce rapport )

    Maintenant que j’y pense, la version que j’ai actuellement sur mon pc n’est pas le W7 (édition américaine) qui est venue avec mon PC, celle que j’utilise est celle (édition française) qu’un pote m’avait installé lorsque j’avais changer de carte-mère, processeur et carte graphique. Si je réinstalle W7, vais-je perdre toute mes données? Je veux dire, vais-je devoir réinstaller tout mon Microsoft Flight Simulator X?

  • Anonyme
    Nombre d'articles : 0

    Oui si tu réinstalles tu perdra tout ..

    Laisse, ça passe pour cette fois 😉 Laisse le disque G connecté et :

    • Télécharge OTM de OldTimer sur ton bureau.
    • Double-clique sur OTM.exe pour le lancer.
    • Sous Vista/Seven , clic droit -> lancer en tant qu’administrateur
    • Copie la liste ci-dessous et colle-la dans le cadre de gauche de OTM sous Paste Instructions for Items to be Moved.


    :files
    G:FS Addons.exe
    :commands
    [emptytemp]
    • Clique sur “MoveIt!” .
    • Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demanderas de redémarrer l’ordinateur.
    • Si c’est le cas, acceptes en cliquant sur “YES”.
    • Post le rapport dans ta prochaine réponse.
    • Le rapport est situé dans C:_OTMMovedFiles (Le nom du rapport correspond au moment de sa création : date_heure.log).
  • Evasion60
    Participant
    Nombre d'articles : 1557

    :hello: Ok El Desaparecido

    Voici le plan du site =>

    Ce rapport vient de l’analyse avec ZHPDiag
    De plus les rapports du 29/10/2013 (donc d’hier) => MBAM comme USBFix disent la même chose :interro:
    Même IE est dans les choux !

    /! Si en mode sans échec, tu as la possibilité de faire toutes tes mises à jour => Fait le STP

    De plus tu risques de planter grave, ta machine =>

    —\ Information on the system
    ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 8156.9 MB (81% free)
    System Restore: Activ� (Enable)
    System drive C: has 5 GB (3%) free of 146 GB => Seuil critique dépassé

    Il faut 20% minimum de libre pour faire tourner un Seven Ultimate !

    Voila le plan du site :hein:

  • Anonyme
    Nombre d'articles : 0

    Exact Michel, j’avais pas encore lu le rapport zhpdiag en fait , je m’étais concentré sur la détection usbfix.

    Le truc c’est qu’il ne pourra pas faire les majs tant que de l’espace n’est pas libéré …

  • Younes
    Participant
    Nombre d'articles : 14

    Rapport OTM

    [spoiler:33x34sbu]All processes killed
    ========== FILES ==========
    File/Folder G:FS Addons.exe not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Default

    User: Default User

    User: Public

    User: UpdatusUser

    User: Younes
    ->Temp folder emptied: 2668846499 bytes
    ->Temporary Internet Files folder emptied: 3221153 bytes
    ->Java cache emptied: 15560187 bytes
    ->FireFox cache emptied: 199470088 bytes
    ->Google Chrome cache emptied: 217784574 bytes
    ->Flash cache emptied: 2596 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 200704 bytes
    %systemroot%System32 .tmp files removed: 0 bytes
    %systemroot%System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%System32drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 25161975 bytes
    %systemroot%system32configsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet Files folder emptied: 87745308 bytes
    %systemroot%sysnativeconfigsystemprofileAppDataLocalMicrosoftWindowsTemporary Internet Files folder emptied: 50540 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 3,069.00 mb

    OTM by OldTimer – Version 3.1.21.0 log created on 10302013_105840

    Files moved on Reboot…
    C:UsersYounesAppDataLocalTempFXSAPIDebugLogFile.txt moved successfully.
    File move failed. C:Windowstemp_avast5_Webshlock.txt scheduled to be moved on reboot.

    Registry entries deleted on Reboot…[/spoiler:33x34sbu]

    Pour ce qui est de l’espace, je vais régler ce petit pb tt de suite

  • Anonyme
    Nombre d'articles : 0

    Redémarre le pc , Relance UsbFix option Listing avec G connecté et post le rapport stp

    [hr:1ew2skau]

    Pour ce qui est de l’espace, je vais régler ce petit pb tt de suite

    Oui fais le de suite stp 🙂
    [hr:1ew2skau]

    • Télécharges Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
      1. Choisi l’option Scanner
      2. Choisi l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Acceptes les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC
  • Younes
    Participant
    Nombre d'articles : 14

    Rapport USBFIX
    [spoiler:tjdh42lj]############################## | UsbFix V 7.146 | [Listing]

    Utilisateur: Younes (Administrateur) # YOUNES-PC
    Mis à jour le 28/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 11:22:04 | 30/10/2013

    Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: ASUSTeK COMPUTER INC. (P8H61)
    CPU: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
    RAM -> [Total : 8157 | Free : 6698]
    Bios: American Megatrends Inc.
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 64-Bit)
    WB: Windows Internet Explorer : 8.0.7600.16385
    WB: Google Chrome : 30.0.1599.101
    WB: Mozilla Firefox : 6.0

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AS: Windows Defender : 6.1.7600.16385 (win7_rtm.090713-1255)
    AS: Malwarebytes' Anti-Malware : 1.75.0001
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 146 Go (30 Go libre(s) – 21%) [] # NTFS
    D: -> Disque fixe # 319 Go (218 Go libre(s) – 68%) [FsX] # NTFS
    E: -> CD-ROM
    F: -> CD-ROM
    G: -> Disque fixe # 149 Go (59 Go libre(s) – 39%) [YOUNES] # FAT32

    ################## | Listing |

    [16/01/2001 – 15:25:23 | SHD ] C:$Recycle.Bin
    [29/10/2013 – 19:11:09 | DC ] C:AdwCleaner
    [30/06/2013 – 15:09:14 | RASHDC ] C:Autorun.inf
    [29/10/2013 – 14:07:28 | C | 21685] C:autoupdate.log
    [29/10/2013 – 17:56:58 | SHDC ] C:Config.Msi
    [14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
    [30/10/2013 – 11:19:38 | ASH | 6414835712] C:hiberfil.sys
    [16/01/2001 – 15:41:54 | D ] C:Intel
    [22/07/2012 – 10:06:29 | C | 1015] C:logFile.xsl
    [22/07/2012 – 10:07:44 | RHD ] C:MSOCache
    [16/01/2001 – 15:46:19 | D ] C:NVIDIA
    [30/10/2013 – 11:19:41 | ASH | 8553115648] C:pagefile.sys
    [29/10/2013 – 19:26:43 | C | 512] C:PhysicalDisk0_MBR.bin
    [05/09/2013 – 17:08:37 | D ] C:Program Files
    [29/10/2013 – 19:15:02 | D ] C:Program Files (x86)
    [29/10/2013 – 19:12:09 | HD ] C:ProgramData
    [16/01/2001 – 15:24:58 | SHD ] C:Recovery
    [29/10/2013 – 17:56:32 | SHD ] C:System Volume Information
    [30/10/2013 – 11:22:13 | DC ] C:UsbFix
    [30/10/2013 – 09:57:33 | C | 807] C:UsbFix [Clean 2] YOUNES-PC.txt
    [30/10/2013 – 09:59:30 | C | 1243] C:UsbFix [Clean 4] YOUNES-PC.txt
    [30/10/2013 – 10:05:30 | AC | 12354] C:UsbFix [Clean 5] YOUNES-PC.txt
    [30/10/2013 – 11:21:49 | AC | 6477] C:UsbFix [Listing 1 ] YOUNES-PC.txt
    [30/10/2013 – 11:22:13 | AC | 2487] C:UsbFix [Listing 2 ] YOUNES-PC.txt
    [29/10/2013 – 18:31:17 | C | 7073] C:UsbFix [Scan 1] YOUNES-PC.txt
    [29/10/2013 – 18:35:17 | C | 7220] C:UsbFix [Scan 2] YOUNES-PC.txt
    [29/10/2013 – 19:01:44 | C | 7197] C:UsbFix [Scan 3] YOUNES-PC.txt
    [30/06/2013 – 15:12:11 | C | 3676] C:UsbFix.txt
    [02/05/2013 – 14:22:56 | RD ] C:Users
    [30/10/2013 – 11:21:24 | D ] C:Windows
    [20/11/2012 – 18:58:13 | D ] C:wmm_log
    [30/10/2013 – 10:58:40 | DC ] C:_OTM
    [16/01/2001 – 15:53:16 | SHD ] D:$RECYCLE.BIN
    [29/10/2013 – 14:01:23 | D ] D:a459ac0721ab2217a4a0588c18
    [15/12/2012 – 14:47:39 | D ] D:aircraft
    [16/11/2012 – 08:10:16 | N | 0] D:Aircraft_cameras.INI
    [15/12/2012 – 14:47:39 | N | 118761] D:airlines.txt
    [30/06/2013 – 15:09:16 | RASHD ] D:Autorun.inf
    [20/05/2013 – 06:01:32 | D ] D:B737NG
    [16/11/2012 – 08:12:05 | N | 184] D:B737_.ini
    [20/05/2013 – 06:01:43 | D ] D:CBT767
    [15/12/2012 – 14:47:39 | N | 12808] D:csl_legacy.txt
    [15/12/2012 – 14:47:39 | N | 253054] D:equipment.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1028.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1031.txt
    [07/11/2007 – 08:00:40 | N | 10134] D:eula.1033.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1036.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1040.txt
    [07/11/2007 – 08:00:40 | N | 118] D:eula.1041.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.1042.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.2052.txt
    [07/11/2007 – 08:00:40 | N | 17734] D:eula.3082.txt
    [15/12/2012 – 14:47:39 | N | 1535] D:fictional.txt
    [07/11/2007 – 08:00:40 | N | 1110] D:globdata.ini
    [07/11/2007 – 08:03:18 | N | 562688] D:install.exe
    [07/11/2007 – 08:00:40 | N | 843] D:install.ini
    [07/11/2007 – 08:03:18 | N | 76304] D:install.res.1028.dll
    [07/11/2007 – 08:03:18 | N | 96272] D:install.res.1031.dll
    [07/11/2007 – 08:03:18 | N | 91152] D:install.res.1033.dll
    [07/11/2007 – 08:03:18 | N | 97296] D:install.res.1036.dll
    [07/11/2007 – 08:03:18 | N | 95248] D:install.res.1040.dll
    [07/11/2007 – 08:03:18 | N | 81424] D:install.res.1041.dll
    [07/11/2007 – 08:03:18 | N | 79888] D:install.res.1042.dll
    [07/11/2007 – 08:03:18 | N | 75792] D:install.res.2052.dll
    [07/11/2007 – 08:03:18 | N | 96272] D:install.res.3082.dll
    [15/12/2012 – 14:47:39 | N | 11295] D:liveries.txt
    [09/09/2013 – 19:53:46 | D ] D:msdownld.tmp
    [15/12/2012 – 14:47:39 | D ] D:networks
    [06/09/2013 – 12:55:32 | D ] D:Program Files
    [29/10/2013 – 15:47:26 | D ] D:Program Files (x86)
    [15/12/2012 – 14:47:40 | N | 307] D:readme.txt
    [15/12/2012 – 14:47:39 | N | 4935] D:related.txt
    [15/12/2012 – 14:47:39 | N | 81920] D:sbaicontrol10.dll
    [15/12/2012 – 14:47:39 | N | 4468736] D:sbimage.dll
    [15/12/2012 – 14:47:39 | N | 4063232] D:sbmod10.dll
    [15/12/2012 – 14:47:39 | N | 212992] D:sbtrans10.dll
    [15/12/2012 – 14:47:40 | N | 77824] D:sbuninstall.exe
    [15/12/2012 – 14:47:39 | N | 2579968] D:simconnect.msi
    [15/12/2012 – 14:47:39 | D ] D:sound
    [15/12/2012 – 14:47:40 | N | 2550] D:squawkbox.ico
    [15/12/2012 – 14:47:40 | N | 13400] D:squawkbox_eula.txt
    [15/12/2012 – 14:47:39 | N | 1118208] D:squawkbox_fs.exe
    [15/12/2012 – 14:47:39 | N | 1093632] D:squawkbox_fsx.exe
    [16/01/2001 – 15:53:01 | SHD ] D:System Volume Information
    [07/11/2007 – 08:00:40 | N | 5686] D:vcredist.bmp
    [16/11/2012 – 08:10:13 | N | 313] D:VC_cameras.INI
    [07/11/2007 – 08:09:22 | N | 1442522] D:VC_RED.cab
    [07/11/2007 – 08:12:28 | N | 232960] D:VC_RED.MSI
    [15/12/2012 – 14:47:39 | D ] D:weather
    [15/12/2012 – 14:47:39 | N | 308209] D:wx.txt
    [13/03/2012 – 08:37:18 | SHD ] G:$RECYCLE.BIN
    [21/07/2012 – 11:13:54 | D ] G:FS Addons
    [18/08/2012 – 22:48:50 | D ] G:cours photoshop
    [29/10/2013 – 20:01:08 | N | 2] G:ldupver.txt
    [29/10/2013 – 20:35:22 | SHD ] G:System Volume Information
    [21/04/2006 – 18:25:18 | D ] G:Recycled
    [03/06/2013 – 17:22:52 | D ] G:XP-Update
    [03/06/2013 – 17:22:52 | D ] G:msdn

    ################## | E.O.F |[/spoiler:tjdh42lj]

  • Younes
    Participant
    Nombre d'articles : 14

    Rapport ADWCleaner

    [spoiler:25afn4ti]# AdwCleaner v3.010 – Rapport créé le 30/10/2013 à 11:24:44
    # Mis à jour le 20/10/2013 par Xplode
    # Système d'exploitation : Windows 7 Ultimate (64 bits)
    # Nom d'utilisateur : Younes – YOUNES-PC
    # Exécuté depuis : C:UsersYounesDownloadsadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v8.0.7600.16385

    -\ Mozilla Firefox v6.0 (fr)

    [ Fichier : C:UsersYounesAppDataRoamingMozillaFirefoxProfiles1p8xu5sc.defaultprefs.js ]

    -\ Google Chrome v30.0.1599.101

    [ Fichier : C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    *************************

    AdwCleaner[R0].txt – [14626 octets] – [29/10/2013 19:00:40]
    AdwCleaner[R1].txt – [14605 octets] – [29/10/2013 19:10:16]
    AdwCleaner[R2].txt – [1105 octets] – [30/10/2013 11:23:59]
    AdwCleaner[S0].txt – [14792 octets] – [29/10/2013 19:11:03]
    AdwCleaner[S1].txt – [1027 octets] – [30/10/2013 11:24:44]

    ########## EOF – C:AdwCleanerAdwCleaner[S1].txt – [1087 octets] ##########[/spoiler:25afn4ti]

  • Anonyme
    Nombre d'articles : 0

    Plus de soucis avec le disque G ?

    Refais un scan ZHPDiag et post le nouveau rapport hébergé stp

  • Younes
    Participant
    Nombre d'articles : 14

    @El Desaparecido wrote:

    Plus de soucis avec le disque G ?

    Refais un scan ZHPDiag et post le nouveau rapport hébergé stp

    j’arrive a l’ouvrir et le parcourir sans problème…

    Rapport ZHPDIAG

    [spoiler:2uwt809v]~ Report of ZHPDiag v2013.10.28.74 – Nicolas Coolman (10/28/2013)
    ~ Launched by Younes (10/30/2013 11:55:10 AM)
    ~ Web site address : http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Free support forums for disinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Translated by
    ~ Version State :
    ~ White List : Activate by program
    ~ Elevation of privilege : OK
    ~ User Account Control : Activate by user

    —\ Internet browsers
    MSIE: Internet Explorer v8.0.7600.16385
    MFIE: Mozilla Firefox 6.0
    GCIE: Google Chrome v30.0.1599.101 (Defaut)

    —\ Windows product information
    ~ Langage: Anglais
    Windows 7 Ultimate Edition, 64-bit (Build 7600)
    Windows Server License Manager Script : Absent (Not found)
    Windows ID Activation : Inconnue (Unknown)
    Windows Licence : Inconnue (Unknown)
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ System protection software
    Malwarebytes Anti-Malware version 1.75.0.1300
    Windows Defender W7

    —\ System optimization software

    —\ Sharing software PeerToPeer
    eMule
    Vuze v5.1.0.0 =>P2P.Azureus

    —\ Surveillance software
    Adobe Flash Player 11 Plugin
    Adobe Reader XI
    Java 7 Update 9

    —\ Information on the system
    ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 8156.9 MB (73% free)
    System Restore: Activé (Enable)
    System drive C: has 30 GB (20%) free of 146 GB

    —\ Connection to the system mode
    ~ Computer Name: YOUNES-PC
    ~ User Name: Younes
    ~ All Users Names: Younes, UpdatusUser, ASPNET, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Environment variables
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersYounesAppDataRoamingZHP
    ~ %AppData% : C:UsersYounesAppDataRoaming
    ~ %Desktop% : C:UsersYounesDesktop
    ~ %Favorites% : C:UsersYounesFavorites
    ~ %LocalAppData% : C:UsersYounesAppDataLocal
    ~ %StartMenu% : C:UsersYounesAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumeration of the disk units
    C: Hard drive, Flash drive, Thumb drive (Free 30 Go of 146 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 218 Go of 319 Go)
    E: CD-ROM drive (Not Inserted)
    F: CD-ROM drive (Not Inserted)
    G: Hard drive, Flash drive, Thumb drive (Free 59 Go of 149 Go)

    —\ State of the Windows Security Center
    [HKCUSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvanced] Start_ShowMyGames: Modified
    ~ Security Center: 48 Legitimates Filtered in 00mn AMs

    —\ Search Generic System Files
    [MD5.C235A51CB740E45FFA0EBFB9BAFCDA64] – (.Microsoft Corporation – Explorateur Windows.) (.7/14/2009 – 2:39:10 AM.) — C:WindowsExplorer.exe [2868224]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.7/14/2009 – 2:39:52 AM.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.B1037F0131C9A010D611F6914E03CD92] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.7/14/2009 – 2:41:56 AM.) — C:WindowsSystem32wininet.dll [1193472]
    [MD5.132328DF455B0028F13BF0ABEE51A63A] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.7/14/2009 – 2:39:52 AM.) — C:WindowsSystem32Winlogon.exe [389120]
    [MD5.75341574F21E766748732BDF530C74BD] – (.Microsoft Corporation – Bibliothèque de licences.) (.7/14/2009 – 2:41:54 AM.) — C:WindowsSystem32sppcomapi.dll [231936]
    [MD5.B9384E03479D2506BC924C16A3DB87BC] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.7/14/2009 – 12:21:42 AM.) — C:Windowssystem32DriversAFD.sys [500224]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.7/14/2009 – 2:52:21 AM.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.7/14/2009 – 12:19:47 AM.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.83D2D75E1EFB81B3450C18131443F7DB] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.7/14/2009 – 12:19:54 AM.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.3F1DC527070ACB87E40AFE46EF6DA749] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.7/14/2009 – 12:23:44 AM.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.0A49913402747A0B67DE940FB42CBDBB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.7/14/2009 – 1:06:13 AM.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.7/14/2009 – 12:19:57 AM.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.7/14/2009 – 1:10:03 AM.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.CFDCD8CA87C2A657DEBC150AC35B5E08] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.7/14/2009 – 12:24:00 AM.) — C:Windowssystem32DriversMRxSmb.sys [157184]
    [MD5.9162B273A44AB9DCE5B44362731D062A] – (.Microsoft Corporation – MBT Transport driver.) (.7/14/2009 – 12:21:29 AM.) — C:Windowssystem32DriversnetBT.sys [259072]
    [MD5.356698A13C4630D5B31C37378D469196] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.7/14/2009 – 2:48:27 AM.) — C:Windowssystem32Driversntfs.sys [1659984]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.7/14/2009 – 1:00:41 AM.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.87A6E852A22991580D6D39ADC4790463] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.7/14/2009 – 1:10:12 AM.) — C:Windowssystem32DriversRasl2tp.sys [130048]
    [MD5.9706B84DBABFC4B4CA46C5A82B14DFA3] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.7/14/2009 – 1:18:02 AM.) — C:Windowssystem32Driversrdpdr.sys [165376]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.7/14/2009 – 1:09:09 AM.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.079125C4B17B01FCAEEBCE0BCB290C0F] – (.Microsoft Corporation – TDI Translation Driver.) (.7/14/2009 – 12:21:15 AM.) — C:Windowssystem32Driverstdx.sys [99840]
    [MD5.58F82EED8CA24B461441F9C3E4F0BF5C] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.7/14/2009 – 2:45:55 AM.) — C:Windowssystem32Driversvolsnap.sys [294992]
    ~ Generic Processes: Scanned in 00mn AMs

    —\ Hidden files state (Hidden/Total)
    ~ Mes images (My Pictures) : 1/1011
    ~ Mes musiques (My Musics) : 1/5578
    ~ Mes Videos (My Videos) : 1/249
    ~ Mes Favoris (My Favorites) : 1/26
    ~ Mes Documents (My Documents) : 2/7765
    ~ Mon Bureau (My Desktop) : 3/7928
    ~ Menu demarrer (Programs) : 1/100
    ~ Hidden Files: Scanned in 10mn AMs

    —\ Process running
    [MD5.8C5B4A20100F09B856B38C9059251919] – (.SuperCopier team – SuperCopier 2 (explorer file copy replaceme.) — C:Program Files (x86)SuperCopierSuperCopier2.exe [296960] [PID.1080]
    [MD5.38AE7A942FC3FAB1C6A27EB65DE8F827] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAlwil SoftwareAvast5AvastUI.exe [2837864] [PID.2276]
    [MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] – (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [958576] [PID.2912]
    [MD5.3E399A1328181C2A352472369DE2A93A] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [844752] [PID.3404]
    [MD5.C4A0673606F8A4D912646E2778630BDD] – (.Azureus Software, Inc – No Comment.) — C:Program Files (x86)VuzeAzureus.exe [316360] [PID.2756] =>P2P.Azureus
    [MD5.3B605772669BDFD6DC266B9320E87B45] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8143872] [PID.5044]
    [MD5.B2386A8E66891F7CFEC9F5A03F0F1210] – (.AVAST Software – avast! Service.) — C:Program FilesAlwil SoftwareAvast5AvastSvc.exe [40384] [PID.1360]
    [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [65640] [PID.2044]
    [MD5.19A22A2869040F5901A343D991A95CFA] – (.Green Packet Berhad. – WiMAX Device Service.) — C:WindowsRNDIS_MGRWmGenieFwSrv.exe [75264] [PID.1212]
    [MD5.FEFA32073D77BB9C741A63B6286479F6] – (.Razer Inc. – RzKLService.) — C:Program Files (x86)RazerRazer Game BoosterRzKLService.exe [106472] [PID.1468]
    [MD5.284303D0B36D7825851A8AD752439E3B] – (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) — C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [378472] [PID.2140]
    ~ Processes Running: Scanned in 00mn AMs

    —\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
    C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultPreferences
    G2 – GCE: Preference [User DataDefault] [jbmihfmcieemmafjkogmdabpdgjndlll] conTinuetoySiavae v.3.9 (Activé) =>PUP.OfferWare
    G2 – GCE: Preference [User DataDefault] [ohpafhbnohgogojklhkcnlgbpcgcpkak] BBrowsee2sAove v.3.8 (Activé) =>Adware.Browse2Save
    ~ Google Browser: 14 Legitimates Filtered in 12mn AMs

    —\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
    C:UsersYounesAppDataRoamingMozillaFirefoxProfiles1p8xu5sc.defaultprefs.js
    ~ Firefox Browser: 11 Legitimates Filtered in 00mn AMs

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn AMs

    —\ Line Analysis F0, F1, F2, F3 – IniFiles, Auto loading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn AMs

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn AMs
    ~ Nombre de lignes (Lines number): 21

    —\ Other User Links (O4)
    O4 – GSDesktop [Public]: 38 Dictionnaires et Recueils de Correspondance.lnk . (.L'Aventure Multimedia – No Comment.) — C:Program Files (x86)Micro Application38 Dictionnaires et Recueils de CorrespondanceLanceMediaDICO38.exe
    O4 – GSDesktop [Public]: Acronis True Image Home 2010.lnk . (.Acronis – Acronis True Image.) — C:Program Files (x86)AcronisTrueImageHomeTrueImageLauncher.exe
    O4 – GSDesktop [Public]: AESHelp for FSX.lnk . (.Aerosoft and Oliver Pabst – No Comment.) — D:Program Files (x86)AerosoftAESAESHELP.exe
    O4 – GSDesktop [Public]: Bigasoft Audio Converter.lnk . (.Bigasoft Corporation – Audio Converter.) — C:Program Files (x86)BigasoftAudio Convertervideoconverter.exe
    O4 – GSDesktop [Public]: eMule.lnk . (.http://www.emule-project.net” onclick=”window.open(this.href);return false; – eMule.) — C:Program Files (x86)eMuleemule.exe
    O4 – GSDesktop [Public]: FlipShare.lnk . (…) — C:Program Files (x86)Flip VideoFlipShareFlipShare.exe
    O4 – GSDesktop [Public]: FTX Central.lnk . (.Orbx Simulation Systems Pty Ltd – FTX Central.) — D:Program Files (x86)ORBXScriptsFTXCentralFTXCentral.exe
    O4 – GSDesktop [Public]: FTX Day.lnk . (…) — D:Program Files (x86)ORBXScriptsFTXLights_Day.exe
    O4 – GSDesktop [Public]: FTX Night.lnk . (…) — D:Program Files (x86)ORBXScriptsFTXLights_Night.exe
    O4 – GSDesktop [Public]: KJAC.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O4 – GSDesktop [Public]: Razer Game Booster.lnk . (.Razer Inc. – RazerGameBooster.) — C:Program Files (x86)RazerRazer Game BoosterRazerGameBooster.exe
    O4 – GSDesktop [Public]: Vuze.lnk . (.Azureus Software, Inc – No Comment.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    O4 – GSProgram [Public]: FlipShare.lnk . (…) — C:Program Files (x86)Flip VideoFlipShareFlipShare.exe
    O4 – GSProgram [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O4 – GSProgram [Public]: Uninstall .lnk . (…) — D:Program Files (x86)Microsoft GamesMicrosoft Flight Simulator XSimObjectsAirplanesUninstal.exe (.not file.)
    O4 – GSProgram [Public]: Vuze.lnk . (.Azureus Software, Inc – No Comment.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    O4 – GSQuickLaunch [Younes]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSQuickLaunch [Younes]: Vuze.lnk . (.Azureus Software, Inc – No Comment.) — C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus
    O4 – GSTaskBar [Younes]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSProgram [Younes]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSProgram [Younes]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSProgram [Younes]: Uninstall Polish Airports vol.1.lnk . (…) — D:Program Files (x86)Microsoft GamesPolishAirportsVol2uninstall.exe (.not file.)
    O4 – GSSystemTools [Younes]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSDesktop [Younes]: ACE (2).lnk . (.Captain Sim – Aircraft Configuration Utility.) — D:Program Files (x86)Captain_Sim130aceACE_130.exe
    O4 – GSDesktop [Younes]: ACE.lnk . (.Captain Sim – ACE 777 Captain.) — D:Program Files (x86)Captain_Sim777aceace_777.exe
    O4 – GSDesktop [Younes]: Acronis True Image Home.lnk . (.Acronis – Acronis True Image.) — C:Program Files (x86)AcronisTrueImageHomeTrueImageLauncher.exe
    O4 – GSDesktop [Younes]: Any Video Converter Ultimate.lnk . (.Any-Video-Converter.com – Any Video Converter Ultimate.) — C:Program Files (x86)AnvSoftAny Video Converter UltimateAVCUltimate.exe
    O4 – GSDesktop [Younes]: Configuration.lnk . (.feelThere – Setup application for feelThere ERJ.) — D:Program Files (x86)FeelThereErjErjSetup.exe
    O4 – GSDesktop [Younes]: EGHI.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Younes]: EVGA Precision.lnk . (…) — C:Program Files (x86)EVGA PrecisionEVGAPrecision.exe
    O4 – GSDesktop [Younes]: FSC_FSX.lnk . (…) — C:WindowsInstaller{2A9A269C-1C36-493C-96D8-60B23FAB2E10}Icon2A9A269C5.exe
    O4 – GSDesktop [Younes]: FSX.lnk . (.Microsoft Corp. – Microsoft Flight Simulator®.) — D:Program Files (x86)fsx.exe
    O4 – GSDesktop [Younes]: FTX Aero.lnk . (.Orbx Simulation Systems Pty. Ltd. – FTX_Aero.) — D:Program Files (x86)ORBXScriptsAeroFTXAero.exe
    O4 – GSDesktop [Younes]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O4 – GSDesktop [Younes]: Hanse-Blampain.lnk . (.Zero G – LaunchAnywhere GUI.) — C:Program Files (x86)Hanse-BlampainHanse-Blampain.exe
    O4 – GSDesktop [Younes]: KJAC.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Younes]: LeConjugueur.lnk . (.Le Conjugueur – Le Conjugueur.) — C:Program Files (x86)LeConjugueurLeConjugueur.exe
    O4 – GSDesktop [Younes]: NGXPerfMan.lnk . (…) — D:Program Files (x86)PMDGPMDG 737 NGXPerfManNGXPerfMan.exe
    O4 – GSDesktop [Younes]: OTM.lnk . (.OldTimer Tools – No Comment.) — C:UsersYounesDownloadsOTM.exe
    O4 – GSDesktop [Younes]: PAJN.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Younes]: PAKT.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Younes]: PMDG Livery Manager.lnk . (…) — D:Program Files (x86)PMDGLivery ManagerPMDG_Livery_Manager.exe
    O4 – GSDesktop [Younes]: PMDG MD-11 Load Manager.lnk . (.Precision Manuals Development Group – MD-11 Load Manager.) — D:Program Files (x86)PMDGMD11_LoadManager.exe
    O4 – GSDesktop [Younes]: PMDG Operations Center.lnk . (…) — C:Program Files (x86)PMDG Operations CenterPMDG Operations Center.exe
    O4 – GSDesktop [Younes]: PMDG_BAe_JS410ConfigManager.lnk . (…) — D:Program Files (x86)PMDGJS4100PMDG_BAe_JS4100_ConfigManager.exe
    O4 – GSDesktop [Younes]: QW146 Dispatcher.lnk . (…) — D:Program Files (x86)QualitywingsLiveryManagerQW146Dispatcher.exe
    O4 – GSDesktop [Younes]: QW757 Livery Manager.lnk . (.Microsoft – Qw757RepaintManager.) — D:Program Files (x86)QualitywingsLiveryManagerQW757RepaintManager.exe
    O4 – GSDesktop [Younes]: SnapShot.lnk . (.StageSoft – No Comment.) — D:Program Files (x86)SnapShot.exe
    O4 – GSDesktop [Younes]: VATroute.lnk . (…) — D:Program Files (x86)VATroute.exe
    O4 – GSDesktop [Younes]: Virtual DJ.lnk . (.Atomix Productions – VirtualDJ.) — C:Program Files (x86)VirtualDJvirtualdj_home.exe
    O4 – GSDesktop [Younes]: VirtualDJ Home FREE.lnk . (.Atomix Productions – VirtualDJ.) — C:Program Files (x86)VirtualDJvirtualdj_home.exe
    O4 – GSDesktop [Younes]: YBBN.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Younes]: YBCS.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Younes]: YMLT.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Younes]: YMMB.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Younes]: YMML.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [Younes]: YSCB.lnk . (.Orbx Simulation Systems Pty Ltd – Orbx Control Panel.) — D:Program Files (x86)ORBXScriptsOrbxControlPanel.exe
    O4 – GSDesktop [UpdatusUser]: Hanse-Blampain.lnk . (.Zero G – LaunchAnywhere GUI.) — C:Program Files (x86)Hanse-BlampainHanse-Blampain.exe
    O4 – GSDesktop [UpdatusUser]: LeConjugueur.lnk . (.Le Conjugueur – Le Conjugueur.) — C:Program Files (x86)LeConjugueurLeConjugueur.exe
    O4 – GSDesktop [UpdatusUser]: Rhodes Xtreme Manual.lnk . (…) — D:Program Files (x86)Addon SceneryRhodes Xtreme Manual.pdf (.not file.)
    O4 – GSDesktop [UpdatusUser]: TOPCAT – Take-Off and Landing Performance Calculation Tool.lnk . (…) — D:Program Files (x86)Microsoft GamesMicrosoft Flight Simulator XTOPCATTOPCAT.exe (.not file.)
    O4 – GSDesktop [UpdatusUser]: VATroute.lnk . (…) — D:Program Files (x86)VATroute.exe
    O4 – GSDesktop [UpdatusUser]: VATSpy.lnk . (…) — D:Program Files (x86)Microsoft GamesVATSpyVATSpy.exe (.not file.)
    ~ Global Startup: 125 Legitimates Filtered in 01mn AMs

    —\ Auto loading programs from Registry and folders (O4)
    O4 – GSStartup [Younes]: VFP6.lnk . (…) — C:UsersYounesDocumentsVisual Studio 2005MSDEVFoxProVFP6.exe (.not file.)
    O4 – GSStartup [Younes]: Visual Studio.lnk . (…) — C:UsersYounesDocumentsVisual Studio 2005MSDEVIDEMSDEV.exe (.not file.)
    O4 – HKCU..Run: [ultracopier] C:Program Files (x86)Supercopiersupercopier.exe (.not file.)
    O4 – HKCU..Run: [SuperCopier2.exe] . (.SuperCopier team – SuperCopier 2 (explorer file copy replaceme.) — C:Program Files (x86)SuperCopierSuperCopier2.exe
    O4 – HKLM..Wow6432NodeRun: [avast5] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAlwil SoftwareAvast5avastUI.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-18..RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated – Adobe® Flash® Player Installer/Uninstaller.) — C:WindowsSysWOW64MacromedFlashFlashUtil32_11_5_502_110_ActiveX.exe
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-274241942-440908366-385262484-1000..Run: [ultracopier] C:Program Files (x86)Supercopiersupercopier.exe (.not file.)
    O4 – HKUSS-1-5-21-274241942-440908366-385262484-1000..Run: [SuperCopier2.exe] . (.SuperCopier team – SuperCopier 2 (explorer file copy replaceme.) — C:Program Files (x86)SuperCopierSuperCopier2.exe
    ~ Application: Scanned in 00mn AMs

    —\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
    O9 – Extra button: Se&nd to OneNote [64Bits] – {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:Program Files (x86)MICROS~2Office14ONBttnIE.dll (.not file.)
    O9 – Extra button: OneNote Lin&ked Notes [64Bits] – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} — C:Program Files (x86)MICROS~2Office14ONBTTN~1.dll (.not file.)
    ~ IE Extra Buttons: Scanned in 00mn AMs

    —\ Lop.com/Domain Hijackers (O17)
    O17 – HKLMSystemCCSServicesTcpip..{2671CBCA-D845-40AD-A42B-1D359BCAC61E}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCCSServicesTcpip..{4CEB4398-C675-4712-9359-E362BC8E9A1A}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCCSServicesTcpip..{977F6D2A-C376-4C64-A735-3529D6DB9453}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCCSServicesTcpip..{B85EF786-6645-485A-B5EC-751446E5AC9A}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCCSServicesTcpip..{DD9FD82D-116A-4609-B4A2-A06D76E62812}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCCSServicesTcpip..{4CEB4398-C675-4712-9359-E362BC8E9A1A}: DhcpDomain = wimax
    O17 – HKLMSystemCCSServicesTcpip..{977F6D2A-C376-4C64-A735-3529D6DB9453}: DhcpDomain = wimax
    O17 – HKLMSystemCCSServicesTcpip..{B85EF786-6645-485A-B5EC-751446E5AC9A}: DhcpDomain = wimax
    O17 – HKLMSystemCCSServicesTcpip..{DD9FD82D-116A-4609-B4A2-A06D76E62812}: DhcpDomain = wimax
    O17 – HKLMSystemCS1ServicesTcpip..{2671CBCA-D845-40AD-A42B-1D359BCAC61E}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{4CEB4398-C675-4712-9359-E362BC8E9A1A}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCS1ServicesTcpip..{977F6D2A-C376-4C64-A735-3529D6DB9453}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCS1ServicesTcpip..{B85EF786-6645-485A-B5EC-751446E5AC9A}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCS1ServicesTcpip..{DD9FD82D-116A-4609-B4A2-A06D76E62812}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCS1ServicesTcpip..{4CEB4398-C675-4712-9359-E362BC8E9A1A}: DhcpDomain = wimax
    O17 – HKLMSystemCS1ServicesTcpip..{977F6D2A-C376-4C64-A735-3529D6DB9453}: DhcpDomain = wimax
    O17 – HKLMSystemCS1ServicesTcpip..{B85EF786-6645-485A-B5EC-751446E5AC9A}: DhcpDomain = wimax
    O17 – HKLMSystemCS1ServicesTcpip..{DD9FD82D-116A-4609-B4A2-A06D76E62812}: DhcpDomain = wimax
    O17 – HKLMSystemCS2ServicesTcpip..{2671CBCA-D845-40AD-A42B-1D359BCAC61E}: DhcpNameServer = 192.168.1.1 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{4CEB4398-C675-4712-9359-E362BC8E9A1A}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCS2ServicesTcpip..{977F6D2A-C376-4C64-A735-3529D6DB9453}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCS2ServicesTcpip..{B85EF786-6645-485A-B5EC-751446E5AC9A}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCS2ServicesTcpip..{DD9FD82D-116A-4609-B4A2-A06D76E62812}: DhcpNameServer = 192.168.111.254
    O17 – HKLMSystemCS2ServicesTcpip..{4CEB4398-C675-4712-9359-E362BC8E9A1A}: DhcpDomain = wimax
    O17 – HKLMSystemCS2ServicesTcpip..{977F6D2A-C376-4C64-A735-3529D6DB9453}: DhcpDomain = wimax
    O17 – HKLMSystemCS2ServicesTcpip..{B85EF786-6645-485A-B5EC-751446E5AC9A}: DhcpDomain = wimax
    O17 – HKLMSystemCS2ServicesTcpip..{DD9FD82D-116A-4609-B4A2-A06D76E62812}: DhcpDomain = wimax
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
    ~ Domain: Scanned in 00mn AMs

    —\ Extra protocols (O18)
    O18 – Handler: vbscript [64Bits] – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll =>.Microsoft Corporation
    O18 – Filter: text/xml [64Bits] – {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn AMs

    —\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
    O23 – Service: RNDIS Device Service (GenieService) . (.Green Packet Berhad. – WiMAX Device Service.) – C:WindowsRNDIS_MGRWmGenieFwSrv.exe
    O23 – Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation – Stereo Vision Control Panel API Server.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    ~ Services: 7 Legitimates Filtered in 02mn AMs

    —\ Task Planned Automatically (039)
    [MD5.00000000000000000000000000000000] [APT] [{02706645-EA50-4ADF-AC65-3DFCF62B5D5F}] (…) — G:FS AddonsFSX by EpikkSoftsJVC 1124RunNavData.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{14B3C263-BA32-47E5-BAD6-1110FE9E2FD8}] (…) — G:FS AddonsFSX by EpikkSoftsJVC 1124RunNavData.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{1F25E935-0844-4DEA-AF67-A4E8A6AE498C}] (…) — G:FS AddonsFSX by EpikkSoftsJVC 1124RunNavData.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{5406818B-D748-4CC3-95C2-C6D49BB3D490}] (…) — C:UsersYounesDesktopsb4setup.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{8C68F6A5-84D8-4415-981E-DE408375274A}] (…) — G:FS AddonsFSX by EpikkSoftsJVC 1124RunNavData.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{A1B95D27-B261-42B3-99C5-6C5403F04646}] (…) — C:UsersYounesDesktopPMDG.rar3-PMDG 737 6700 NGX.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{C0DD7580-BE5F-47F9-ACB5-CAC7CB9A68E3}] (…) — G:FS AddonsFSX by EpikkSoftsJVC 1124RunNavData.exe (.not file.) [0]
    [MD5.00000000000000000000000000000000] [APT] [{E067EDED-38E2-4DBA-8A50-16C7CA2A89AE}] (…) — G:FS AddonsFSX by EpikkSoftsJVC 1124RunNavData.exe (.not file.) [0]
    ~ Scheduled Task: 17 Legitimates Filtered in 00mn AMs

    —\ Software installed (O42)
    O42 – Logiciel: Accu-Feel Air, Land, and Sea – (…) [HKLM][64Bits] — Accu-Feel Air, Land, and Sea
    O42 – Logiciel: Ben Gurion X – (.FSAddon Publishing.) [HKLM][64Bits] — Ben Gurion X1.0
    O42 – Logiciel: BrowseToSave – (…) [HKLM][64Bits] — {E6E9009E-9593-4CC9-AE22-DDB13D0A2268} =>Adware.Browse2Save
    O42 – Logiciel: ERJ145LR American Eagle (v1.02) – (…) [HKCU][64Bits] — ERJ145LR American Eagle (v1.02)
    O42 – Logiciel: ERJ145LR v2 World Airliners 1 (v1.01) – (…) [HKLM][64Bits] — ERJ145LR v2 World Airliners 1 (v1.01)
    O42 – Logiciel: FeelThere ERJ v.2 SP2 – (…) [HKCU][64Bits] — FeelThere ERJ v.2 SP2
    O42 – Logiciel: FlipShare – (.Flip Video.) [HKLM][64Bits] — {97C658D2-61FB-027F-0D76-E9CDC84AFEC7}
    O42 – Logiciel: Hanse-Blampain – (…) [HKLM][64Bits] — Hanse-Blampain
    O42 – Logiciel: Imaginesim WSSS Singapore FSX 1.00 – (…) [HKLM][64Bits] — Imaginesim WSSS Singapore FSX 1.00
    O42 – Logiciel: Latin VFR MHTG FSX – (.SimMarket.) [HKLM][64Bits] — LatinVFRMHTGFSX_is1
    O42 – Logiciel: Majestic MJC8Q400 – (…) [HKLM][64Bits] — MJC8Q400
    O42 – Logiciel: QualityWings Ultimate 146 Collection FSX – (…) [HKLM][64Bits] — QualityWings Ultimate 146 Collection FSX
    O42 – Logiciel: QualityWings Ultimate 757 Collection FSX 1.2.2 – (…) [HKLM][64Bits] — QualityWings Ultimate 757 Collection FSX_is1
    O42 – Logiciel: Remove UK2000 Belfast Xtreme files – (…) [HKLM][64Bits] — UK2000 Belfast Xtreme
    O42 – Logiciel: Remove UK2000 Edinburgh Xtreme files – (…) [HKLM][64Bits] — UK2000 Edinburgh Xtreme
    O42 – Logiciel: Shade – (…) [HKCU][64Bits] — Shade
    O42 – Logiciel: TJSJ San Juan FSX – (…) [HKLM][64Bits] — TJSJ San Juan FSX
    O42 – Logiciel: TOPCAT 2.70 – Take-Off and Landing Performance Calculation Tool – (.FlightSimSoft.com Inh. Christian Grill.) [HKLM][64Bits] — TOPCAT
    O42 – Logiciel: TaiCreations Noi Bai for FSX 1.00 – (…) [HKLM][64Bits] — TaiCreations Noi Bai for FSX 1.00
    O42 – Logiciel: Text-o-Matic for FSX – (…) [HKCU][64Bits] — Text-o-Matic for FSX
    O42 – Logiciel: UK2000 Cumbernauld Xtreme FSX – (.UK2000 Scenery.) [HKLM][64Bits] — UK2000 Cumbernauld Xtreme FSX
    O42 – Logiciel: UK2000 East Midlands Xtreme FSX – (.UK2000 Scenery.) [HKLM][64Bits] — UK2000 East Midlands Xtreme FSX
    O42 – Logiciel: UK2000 Gatwick Xtreme FSX – (.UK2000 Scenery.) [HKLM][64Bits] — UK2000 Gatwick Xtreme FSX
    O42 – Logiciel: UK2000 Heathrow Xtreme FSX – (.UK2000 Scenery.) [HKLM][64Bits] — UK2000 Heathrow Xtreme
    O42 – Logiciel: UK2000 Leeds Xtreme FSX – (.UK2000 Scenery.) [HKLM][64Bits] — UK2000 Leeds Xtreme FSX
    O42 – Logiciel: UK2000 London City Xtreme FSX – (.UK2000 Scenery.) [HKLM][64Bits] — UK2000 London City Xtreme FSX
    O42 – Logiciel: UK2000 Luton Xtreme FSX – (.UK2000 Scenery.) [HKLM][64Bits] — UK2000 Luton Xtreme FSX
    O42 – Logiciel: UK2000 Newcastle Xtreme FSX – (.UK2000 Scenery.) [HKLM][64Bits] — UK2000 Newcastle Xtreme FSX
    O42 – Logiciel: Ultimate Mahjong – (…) [HKLM][64Bits] — Ultimate Mahjong
    O42 – Logiciel: UltimateDefrag – (.DiskTrix, Inc..) [HKLM][64Bits] — UltimateDefrag
    O42 – Logiciel: VAT-Spy – (…) [HKLM][64Bits] — VATSpy
    O42 – Logiciel: VATroute 0.0.1.021 – (.Dirk Trinkaus, Henning Hülsebusch.) [HKLM][64Bits] — VATroute
    O42 – Logiciel: VTBS-FSX 2010 1.00 Ver.FSX – (…) [HKLM][64Bits] — VTBS-FSX 2010 1.00 Ver.FSX
    ~ Logic: 223 Legitimates Filtered in 00mn AMs

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareAncestry.com]
    [HKCUSoftwareConduit] =>Toolbar.Conduit
    [HKCUSoftwareFadeamp]
    [HKCUSoftwareFlip Video]
    [HKCUSoftwareImagineSim]
    [HKCUSoftwareJeppesen]
    [HKCUSoftwareLevel 27 Technologies]
    [HKCUSoftwareQualityWings]
    [HKCUSoftwareSpeedBit]
    [HKCUSoftwareTOPCAT – Christian Grill]
    [HKCUSoftwareUltimate Mahjong Demo]
    [HKCUSoftwarealex_t]
    [HKLMSoftwareWow6432NodeAbraxis]
    [HKLMSoftwareWow6432NodeAncestry.com]
    [HKLMSoftwareWow6432NodeFlip Video]
    [HKLMSoftwareWow6432NodeFlorenc]
    [HKLMSoftwareWow6432NodeFrance VFR]
    [HKLMSoftwareWow6432NodeInInstallCount]
    [HKLMSoftwareWow6432NodeJeppesen]
    [HKLMSoftwareWow6432NodeLLH]
    [HKLMSoftwareWow6432NodeLeonardo]
    [HKLMSoftwareWow6432NodeLevel 27 Technologies]
    [HKLMSoftwareWow6432NodeSpeedBit]
    [HKLMSoftwareWow6432NodeUk2000 Scenery]
    ~ Key Software: 289 Legitimates Filtered in 00mn AMs

    —\ Contents of the Common Files folders (O43)
    O43 – CFD: 12/15/2012 – 2:41:06 PM – [0.134] —-D C:Program Files (x86)aircraft
    O43 – CFD: 7/22/2012 – 10:05:48 AM – [220.684] —-D C:Program Files (x86)Flip Video
    O43 – CFD: 9/10/2013 – 9:49:19 AM – [0.007] —-D C:Program Files (x86)FSC9
    O43 – CFD: 9/9/2013 – 7:40:55 PM – [0] —-D C:Program Files (x86)GUMB7D9.tmp
    O43 – CFD: 5/12/2013 – 9:24:09 PM – [0] —-D C:Program Files (x86)GUMFC49.tmp
    O43 – CFD: 5/2/2013 – 2:22:28 PM – [61.782] —-D C:Program Files (x86)Hanse-Blampain
    O43 – CFD: 12/15/2012 – 2:41:06 PM – [0.191] —-D C:Program Files (x86)networks
    O43 – CFD: 6/7/2013 – 5:51:20 PM – [0] —-D C:Program Files (x86)PCFixKit
    O43 – CFD: 12/15/2012 – 2:41:06 PM – [2.611] —-D C:Program Files (x86)sound
    O43 – CFD: 2/27/2013 – 10:12:49 AM – [1.121] —-D C:Program Files (x86)TotalImageConverter
    O43 – CFD: 7/9/2013 – 3:42:50 PM – [7.083] —-D C:Program Files (x86)Ultimate Mahjong demo
    O43 – CFD: 12/15/2012 – 2:41:06 PM – [0.086] —-D C:Program Files (x86)weather
    O43 – CFD: 7/22/2012 – 7:52:56 AM – [0.007] —-D C:Program Files (x86)Wings of POWER II
    O43 – CFD: 10/29/2012 – 8:00:45 PM – [1.782] —-D C:Program Files (x86)Common FilesTOPCAT
    O43 – CFD: 7/22/2012 – 10:06:12 AM – [7.155] —-D C:ProgramDataFlip Video
    O43 – CFD: 5/27/2013 – 2:35:30 PM – [6.455] —-D C:ProgramDataInstallMate =>PUP.Tarma
    O43 – CFD: 11/28/2012 – 1:57:36 AM – [0.001] —-D C:ProgramDataSpeedBit
    O43 – CFD: 8/21/2012 – 1:30:56 AM – [0.006] —-D C:UsersYounesAppDataRoaming4X_DATA
    O43 – CFD: 7/22/2012 – 10:06:29 AM – [1.155] —-D C:UsersYounesAppDataRoamingFlip Video
    O43 – CFD: 7/16/2013 – 4:27:06 PM – [0] —-D C:UsersYounesAppDataRoamingfscabincrew
    O43 – CFD: 6/7/2013 – 5:49:30 PM – [0.000] —-D C:UsersYounesAppDataRoamingPCFixKit
    O43 – CFD: 9/10/2012 – 9:51:41 PM – [0.000] —-D C:UsersYounesAppDataRoamingQualityWings
    O43 – CFD: 12/15/2012 – 1:43:57 PM – [1.858] —-D C:UsersYounesAppDataRoamingVAT-Spy
    O43 – CFD: 5/2/2013 – 2:22:57 PM – [0.008] —-D C:UsersYounesAppDataLocalAncestry.com
    O43 – CFD: 11/22/2012 – 2:57:23 PM – [0.001] —-D C:UsersYounesAppDataLocalStageSoft
    O43 – CFD: 7/23/2012 – 12:49:05 PM – [0.005] —-D C:UsersYounesAppDataRoamingMicrosoftWindowsStart MenuProgramsEiresim Cork Ultimate FsX
    O43 – CFD: 5/4/2013 – 3:30:20 PM – [0.002] —-D C:UsersYounesAppDataRoamingMicrosoftWindowsStart MenuProgramsFeelThere
    O43 – CFD: 2/5/2013 – 8:28:57 PM – [0.001] —-D C:UsersYounesAppDataRoamingMicrosoftWindowsStart MenuProgramsLebor OLBAX V1.0
    O43 – CFD: 12/12/2012 – 10:51:36 PM – [0.001] —-D C:UsersYounesAppDataRoamingMicrosoftWindowsStart MenuProgramsShade
    O43 – CFD: 7/22/2012 – 7:57:24 AM – [0.906] —-D C:UsersYounesAppDataRoamingMicrosoftWindowsStart MenuProgramsSim Giants
    O43 – CFD: 11/15/2012 – 6:42:28 PM – [0.001] —-D C:UsersYounesAppDataRoamingMicrosoftWindowsStart MenuProgramsSunSkyJet Sceneries
    O43 – CFD: 5/4/2013 – 3:43:43 PM – [0] —-D C:UsersYounesAppDataRoamingMicrosoftWindowsStart MenuProgramsTOPCAT
    O43 – CFD: 5/12/2013 – 5:00:09 AM – [0] —-D C:UsersYounesAppDataRoamingMicrosoftWindowsStart MenuProgramsUK2000 Scenery
    O43 – CFD: 7/9/2013 – 3:42:48 PM – [0] —-D C:UsersYounesAppDataRoamingMicrosoftWindowsStart MenuProgramsUltimate Mahjong
    ~ Program Folder: 219 Legitimates Filtered in 20mn AMs

    —\ Last modified or created files under Windows and System32 (O44)
    O44 – LFC:[MD5.2F8182300B38EF593C396A59AC880A11] – 10/30/2013 – 10:05:30 AM —A- . (…) — C:UsbFix [Clean 5] YOUNES-PC.txt [12354]
    O44 – LFC:[MD5.AD6997C9298FA1FDF19358DDD1B3364B] – 10/30/2013 – 11:21:49 AM —A- . (…) — C:UsbFix [Listing 1 ] YOUNES-PC.txt [6477]
    O44 – LFC:[MD5.2E41D16EF00F13925CAA0644DBC0F003] – 10/30/2013 – 11:22:13 AM —A- . (…) — C:UsbFix [Listing 2 ] YOUNES-PC.txt [6552]
    O44 – LFC:[MD5.551EF43E1C4C4DDE5C92DE58DC5CC560] – 10/30/2013 – 11:26:06 AM —A- . (…) — C:Windowsgenfwsrv.log [1009586]
    O44 – LFC:[MD5.B1D31BEF5DF41433791C63E4784E717E] – 10/30/2013 – 11:26:15 AM —A- . (…) — C:WindowsAutoKMS.log [427399]
    O44 – LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] – 10/30/2013 – 11:39:17 AM —A- . (…) — C:END [0]
    ~ Files: 23 Legitimates Filtered in 09mn AMs

    —\ Last files created in Windows Prefetcher (O45)
    O45 – LFCP:[MD5.2D817BFE5F1BC0CCD36007D2D61DF5ED] – 10/28/2013 – 10:38:27 PM —A- – C:WindowsPrefetchADOBE PHOTOSHOP CS5.EXE-C89FED65.pf
    O45 – LFCP:[MD5.298EDA2AF6DF41EC9BFEDC7F2E1F824C] – 10/28/2013 – 10:52:50 PM —A- – C:WindowsPrefetchLOGTRANSPORT2.EXE-C2262700.pf
    O45 – LFCP:[MD5.EA957FF0163694650B4ED7B9576BD45B] – 10/28/2013 – 2:03:14 PM —A- – C:WindowsPrefetchSF.BIN-27A9EA0B.pf
    O45 – LFCP:[MD5.90F2DB11C1D775292EEFEE994DE2F4C3] – 10/29/2013 – 1:12:28 PM —A- – C:WindowsPrefetchAVAST03.SETUP-C3A11468.pf
    O45 – LFCP:[MD5.06AE4B72B7E349A890C542E49F2B2540] – 10/29/2013 – 1:40:43 AM —A- – C:WindowsPrefetchFTXNZQN100.EXE-8A9E3C25.pf
    O45 – LFCP:[MD5.BE510C29A588FFE486086D1F922B06A7] – 10/29/2013 – 1:42:32 AM —A- – C:WindowsPrefetchMODULEINSTALLER.EXE-602BA801.pf
    O45 – LFCP:[MD5.F7C9722FDE16163713454D367AD57EB5] – 10/29/2013 – 1:42:42 AM —A- – C:WindowsPrefetchFTXCONFIGURATOR.EXE-1DCC85C2.pf
    O45 – LFCP:[MD5.3F7FE5E7AD269666E8A3C5224F92EF30] – 10/29/2013 – 1:47:49 PM —A- – C:WindowsPrefetchGAMEBOOSTER.EXE-EE649315.pf
    O45 – LFCP:[MD5.525E6E5202BA3EC94B49E245ADB29BB3] – 10/29/2013 – 1:48:01 PM —A- – C:WindowsPrefetchGBTRAY.EXE-1F6B94CA.pf
    O45 – LFCP:[MD5.EFA9EE146C3D6AB3C77FD5FDAE644E8C] – 10/29/2013 – 1:48:12 PM —A- – C:WindowsPrefetchRZUPDATEMANAGER.EXE-A48FAD03.pf
    O45 – LFCP:[MD5.9EF3A1B91C7A6D526CC60E0A4E2883D6] – 10/29/2013 – 2:00:12 PM —A- – C:WindowsPrefetchTMP5271.TMP.EXE-97D580BE.pf
    O45 – LFCP:[MD5.AD4BADA99F760EE798E90642D7CDF78B] – 10/29/2013 – 2:04:30 PM —A- – C:WindowsPrefetchDOTNETFX45LP_FULL_X86_X64FR.E-838E7368.pf
    O45 – LFCP:[MD5.B80C4EC5D8431CC2255A9CF24D3F0047] – 10/29/2013 – 2:08:30 PM —A- – C:WindowsPrefetchUNINSTALLPOWERPLANS.EXE-F05E0806.pf
    O45 – LFCP:[MD5.6E055E33619EEE61D73D41941B3CA688] – 10/29/2013 – 2:08:42 PM —A- – C:WindowsPrefetchSETUPSYSTEMSTART.EXE-3D26ECB9.pf
    O45 – LFCP:[MD5.092B7EEBEAFA2D38DA4831C3F21FF53B] – 10/29/2013 – 2:08:56 PM —A- – C:WindowsPrefetchRZKLSERVICE.EXE-2113B899.pf
    O45 – LFCP:[MD5.4FEDF3A96827C29CB5096DD43851A5F9] – 10/29/2013 – 2:09:07 PM —A- – C:WindowsPrefetchRAZERGAMEBOOSTER.EXE-3D88C981.pf
    O45 – LFCP:[MD5.56104E3B517F8046394E1420D965ED03] – 10/29/2013 – 2:13:27 AM —A- – C:WindowsPrefetchRECOVERMYFILES.EXE-C26F2E9D.pf
    O45 – LFCP:[MD5.0A4359F637331DED6852FE063D7B4F49] – 10/29/2013 – 2:17:06 PM —A- – C:WindowsPrefetchFSCABINCREWMODULE.EXE-762A4003.pf
    O45 – LFCP:[MD5.C636B4A3CF1D4DA7DD656B56A9DE8290] – 10/29/2013 – 2:18:41 PM —A- – C:WindowsPrefetchPROCESSCAPTURER.EXE-BF9AC456.pf
    O45 – LFCP:[MD5.E56D60EEDC8C5A8F75E2738D57B88A64] – 10/29/2013 – 3:47:26 PM —A- – C:WindowsPrefetchEZCALOADER.EXE-E6B368F2.pf
    O45 – LFCP:[MD5.43AFB2D8592BB5451B65238A90A2EF6A] – 10/29/2013 – 3:47:35 PM —A- – C:WindowsPrefetchEZCA.EXE-7F2DDDAF.pf
    O45 – LFCP:[MD5.1479681E58E06D8AF7679C0F5394BD15] – 10/29/2013 – 9:57:19 PM —A- – C:WindowsPrefetchVIRTUALDJ_HOME.EXE-97CE2AB3.pf
    O45 – LFCP:[MD5.3895C0BD34D70E4282709BB1157978A3] – 10/30/2013 – 11:26:44 AM —A- – C:WindowsPrefetchAVAST02.SETUP-42A18533.pf
    O45 – LFCP:[MD5.8B6A560A51C99E913B79687335B56871] – 10/30/2013 – 11:40:17 AM —A- – C:WindowsPrefetchAZUREUS.EXE-997C5496.pf =>P2P.Azureus
    O45 – LFCP:[MD5.1E5AF942B7A938D250C9D50B2CD5A9A9] – 10/30/2013 – 11:41:58 AM —A- – C:WindowsPrefetchFILZIP.EXE-D5102095.pf
    ~ Prefetcher: 138 Legitimates Filtered in 01mn AMs

    —\ Operations and functions at Windows Explorer startup (O46)
    O46 – SEH:ShellExecuteHooks – Groove GFS Stub Execution Hook [64Bits] – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:PROGRA~2MICROS~1Office14GROOVEEX.DLL
    ~ ShellExecuteHooks: Scanned in 00mn AMs

    —\ ShareTools MSconfig StartupReg (SMSR) (O53)
    O53 – SMSR:HKLM…startupregZune Launcher [Key] . (…) — C:Program FilesZuneZuneLauncher.exe (.not file.)
    ~ SMSR Keys: 16 Legitimates Filtered in 00mn AMs

    —\ Microsoft Windows Policies System (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn AMs

    —\ System Drivers List (SDL) (O58)
    O58 – SDL:[MD5.E8184039D57365BEE3EAA750375C44AD] – 6/28/2010 – 9:32:36 PM —A- . (.ALWIL Software – avast! File System Access Blocking Driver.) — C:WindowsSystem32DriversaswFsBlk.sys [20048]
    O58 – SDL:[MD5.19166026A93206F9C6A8CD3A1F010AE4] – 4/2/2009 – 1:30:14 PM —A- . (…) — C:WindowsSysWOW64driversASUSHWIO.SYS [10296]
    ~ Drivers: 16 Legitimates Filtered in 00mn AMs

    —\ Last modified or created user files (O61)
    O61 – LFC: 10/27/2013 – 11:57:41 AM —A- . (…) — C:UsersYounesDocumentsVirtualDJTracklisting2013-10-27.m3u [977]
    O61 – LFC: 10/28/2013 – 11:56:14 AM —A- . (…) — C:UsersYounesAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [260408]
    O61 – LFC: 10/28/2013 – 11:56:45 AM —A- . (…) — C:UsersYounesAppDataRoamingPMDGPMDG Operations CenterLiveriesPMDG 777-200LR – AC.ptp [12479640]
    O61 – LFC: 10/28/2013 – 11:56:45 AM —A- . (…) — C:UsersYounesAppDataRoamingPMDGPMDG Operations CenterLiveriesPMDG 777-200LR – JL.ptp [18317728]
    O61 – LFC: 10/28/2013 – 11:56:45 AM —A- . (…) — C:UsersYounesAppDataRoamingPMDGPMDG Operations CenterPMDG 737NGX Livery Backup.dat [24136]
    O61 – LFC: 10/28/2013 – 11:56:45 AM —A- . (…) — C:UsersYounesAppDataRoamingPMDGPMDG Operations CenterPMDG 777X Livery Backup.dat [11104]
    O61 – LFC: 10/28/2013 – 11:56:45 AM —A- . (…) — C:UsersYounesAppDataRoamingPMDGPMDG Operations CenterPMDG J41 Livery Backup.dat [6494]
    O61 – LFC: 10/28/2013 – 11:57:41 AM —A- . (…) — C:UsersYounesDocumentsVirtualDJTracklisting2013-10-28.m3u [193]
    O61 – LFC: 10/28/2013 – 11:59:04 AM —A- . (…) — C:UsersYounesDownloadsFX_F-S-dre-a-m-t-e-a-m-G-en-e-ve.rar_ [104570750]
    O61 – LFC: 10/28/2013 – 11:59:04 AM —A- . (…) — C:UsersYounesDownloadsPMDG_VHHX [NG] V2.0.zip [1710720]
    O61 – LFC: 10/28/2013 – 11:59:04 AM —A- . (…) — C:UsersYounesDownloadsWing Creation – Narita RJAA.rar [550085847]
    O61 – LFC: 10/28/2013 – 11:59:04 AM —A- . (…) — C:UsersYounesDownloadsanz2.zip [8348887]
    O61 – LFC: 10/29/2013 – 11:56:39 AM —A- . (…) — C:UsersYounesAppDataLocalRazerGameBooster2AccountsRazerLoginData.xml [568]
    O61 – LFC: 10/29/2013 – 11:56:39 AM —A- . (…) — C:UsersYounesAppDataLocalRazerGameBooster2AccountsRzLogins.xml [199]
    O61 – LFC: 10/29/2013 – 11:56:42 AM —A- . (…) — C:UsersYounesAppDataRoamingEZCAdbgeneral.INI [1881]
    O61 – LFC: 10/29/2013 – 11:56:43 AM R–A- . (…) — C:UsersYounesAppDataRoamingMicrosoftInstaller{A6AC699F-8315-40CA-8F70-E917494978AB}VirtualdjIcon [289422]
    O61 – LFC: 10/29/2013 – 11:56:44 AM —A- . (…) — C:UsersYounesAppDataRoamingMicrosoftOISToolbars.dat [780]
    O61 – LFC: 10/29/2013 – 11:56:46 AM —A- . (…) — C:UsersYounesAppDataRoamingZHPZHPADSReport.txt [351] =>.Nicolas Coolman
    O61 – LFC: 10/29/2013 – 11:56:47 AM —A- . (…) — C:UsersYounesAppDataRoamingZHPZHPDiag.txt [60877] =>.Nicolas Coolman
    O61 – LFC: 10/29/2013 – 11:57:41 AM —A- . (…) — C:UsersYounesDocumentsVirtualDJTracklistingToUpload.vdjsend [112]
    O61 – LFC: 10/29/2013 – 11:57:41 AM —A- . (…) — C:UsersYounesDocumentsVirtualDJTracklisting2013-10-29.m3u [1391]
    O61 – LFC: 10/29/2013 – 11:57:41 AM —A- . (…) — C:UsersYounesDocumentsVirtualDJTracklistingtracklist.txt [31040]
    O61 – LFC: 10/29/2013 – 11:57:42 AM —A- . (…) — C:UsersYounesDocumentsVirtualDJVirtualDJ Database v6.xml [2052266]
    O61 – LFC: 10/29/2013 – 11:59:04 AM —A- . (…) — C:UsersYounesDownloadsadwcleaner.exe [1060070]
    O61 – LFC: 10/29/2013 – 11:59:04 AM —A- . (…) — C:UsersYounesDownloadsexe_fix_w7.zip [886]
    O61 – LFC: 10/29/2013 – 11:59:04 AM —A- . (…) — C:UsersYounesDownloadsfolder_fix_w7.zip [1547]
    O61 – LFC: 10/30/2013 – 11:56:14 AM —A- . (…) — C:UsersYounesAppDataLocalGDIPFONTCACHEV1.DAT [147880]
    O61 – LFC: 10/30/2013 – 11:56:38 AM —A- . (…) — C:UsersYounesAppDataLocalGoogleChromeUser DataLocal State [46323]
    O61 – LFC: 10/30/2013 – 11:56:46 AM —A- . (…) — C:UsersYounesAppDataRoamingZHPLog.txt [38190] =>.Nicolas Coolman
    O61 – LFC: 10/30/2013 – 11:56:46 AM —A- . (…) — C:UsersYounesAppDataRoamingZHPTestsZHPDiag.txt [2866] =>.Nicolas Coolman
    ~ 14 Fichiers temporaires (Temporary files)
    ~ Files: 737 Legitimates Filtered in 29mn AMs

    —\ List all tools cleaner (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.&#41; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn AMs

    —\ File Associations Shell Spawning (O67)
    O67 – Shell Spawning: < .html> [HKCU..openCommand] (.Not Key.)
    ~ FASS Keys: 19 Legitimates Filtered in 00mn AMs

    —\ Start Menu Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn AMs

    —\ Search Browser Infection (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKUS.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKUSS-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn AMs

    —\ Crack & Keygen Files (CKF) (O82)
    C:UsersYounesDocumentsNero.7.Premium.v7.9.6.0.FR.Incl-Keygen.rar
    C:UsersYounesDocumentsNero.7.Premium.v7.9.6.0.FR.Incl-Keygen.rar
    ~ Files: Scanned in 39mn AMs

    —\ Search Particular Root Folder (SPRF) (O84)
    [MD5.41D8363C9C452E1501160BCCB9587EFA] [SPRF][8/20/2012] (…) — C:UsersYounesAppDataLocalfusioncache.dat [94]
    [MD5.0E771375445E13429E68CAE720A48B72] [SPRF][10/30/2013] (…) — C:UsersYounesAppDataLocalTempi4jdel0.exe [35224]
    [MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][10/19/2013] (…) — C:UsersYounesAppDataLocalTempQuarantine.exe [344355]
    [MD5.4D30775F821236A00F4C3BF12897C44B] [SPRF][11/7/2012] (.Ross A Carlson – Fuel planner utility for the 737 NG aircraft in MS Flight Simulator..) — C:UsersYounesDesktopFuelPlanner737NG.exe [208896]
    [MD5.AD834A51534F4F22CC137205C7B7C03E] [SPRF][8/11/2011] (.Christian Grill – TOPCAT – Take-Off and Landing Performance Calculation Tool.) — C:UsersYounesDesktopTOPCAT.exe [1628672]
    [MD5.06E5AA3C8989E43A1EA851D84AF6F3AD] [SPRF][6/9/2012] (.No owner – UltimateDefrag 4.) — C:UsersYounesDesktopUltimateDefrag.exe [6108581]
    [MD5.F9657EA35C68816470AB34451F54F835] [SPRF][12/15/2012] (…) — C:Program Files (x86)sbaicontrol10.dll [81920]
    [MD5.B73972EA36808B5BCB8AD9635C2B945B] [SPRF][12/15/2012] (…) — C:Program Files (x86)sbimage.dll [4468736]
    [MD5.0A27BC5CB2D7D0B09E2B86B27E95F9E0] [SPRF][12/15/2012] (…) — C:Program Files (x86)sbmod10.dll [4063232]
    [MD5.A782730241B50D42FBB3400901AF5B0C] [SPRF][12/15/2012] (…) — C:Program Files (x86)sbtrans10.dll [212992]
    [MD5.65AC2F019216EF5E2620480B4D06BC09] [SPRF][12/15/2012] (…) — C:Program Files (x86)sbuninstall.exe [77824]
    [MD5.76AD8A4E765DF36C77F29EB69BEC3782] [SPRF][12/15/2012] (.Joel M. DeYoung – squawkbox_fs.exe.) — C:Program Files (x86)squawkbox_fs.exe [1118208]
    [MD5.30749E97E4D63C6C2DEB5173F2C049D7] [SPRF][12/15/2012] (.Joel M. DeYoung – squawkbox_fsx.exe.) — C:Program Files (x86)squawkbox_fsx.exe [1093632]
    ~ Files: 14 Legitimates Filtered in 01mn AMs

    —\ Firewall Active Exception List (FirewallRules) (O87)
    O87 – FAEL: “TCP Query User{1AD47BA2-DEB0-48D0-AD59-9107E126C8EF}C:windowskeygen.exe” |In – Public – P6 – TRUE | .(…) — C:windowskeygen.exe (.not file.)
    O87 – FAEL: “UDP Query User{BF0FE463-68EF-4AAE-857D-B05052C5A4C8}C:windowskeygen.exe” |In – Public – P17 – TRUE | .(…) — C:windowskeygen.exe (.not file.)
    O87 – FAEL: “{A531913A-8DFD-41E5-B280-596B69C0DCF2}” | In – None – P17 – TRUE | .(.Green Packet Berhad. – WiMAX Device Manager.) — C:WindowsRNDIS_MGRWmGenieSrv.exe
    O87 – FAEL: “{83E4DCEE-C873-44A9-A7B6-1DE5196F9C55}” | Out – None – P17 – TRUE | .(.Green Packet Berhad. – WiMAX Device Manager.) — C:WindowsRNDIS_MGRWmGenieSrv.exe
    O87 – FAEL: “TCP Query User{8BBE77BC-63F4-424C-A876-8611FBEB2DDC}C:program files (x86)fsfdtfwinnfwinn.exe” |In – Public – P6 – TRUE | .(…) — C:program files (x86)fsfdtfwinnfwinn.exe (.not file.)
    O87 – FAEL: “UDP Query User{A2BCC02A-1716-47CD-812C-D575F7360B6D}C:program files (x86)fsfdtfwinnfwinn.exe” |In – Public – P17 – TRUE | .(…) — C:program files (x86)fsfdtfwinnfwinn.exe (.not file.)
    O87 – FAEL: “TCP Query User{25C72DDD-0A1E-4D14-8E13-B7F63C317C33}C:program files (x86)fsfdtcontrol panelfsfdtcp.exe” |In – Public – P6 – TRUE | .(…) — C:program files (x86)fsfdtcontrol panelfsfdtcp.exe (.not file.)
    O87 – FAEL: “UDP Query User{8EEE0513-5F76-43FD-BCCE-DEBB2EA7564D}C:program files (x86)fsfdtcontrol panelfsfdtcp.exe” |In – Public – P17 – TRUE | .(…) — C:program files (x86)fsfdtcontrol panelfsfdtcp.exe (.not file.)
    ~ Firewall: 196 Legitimates Filtered in 00mn AMs

    —\ Windows Installer Scan (WIS) (O93) (NTFS)
    [MD5.27C54EDB3225284A262D6A8A2D0649F1] [WIS][5/6/2011] (.Flip Video – FlipShare 5.12.3.0.) — C:WindowsInstaller1161005.msi [62862848]
    [MD5.DA80EE36A6B03442249E4B603ECA70C5] [WIS][9/10/2013] (.Sascha W. Felix – Volker Heine © 2013 – Navigational Tool for Microsoft® Flight Simulator 2004® – FSX®.) — C:WindowsInstaller6c16b2.msi [84314624]
    ~ WIS: 57 Legitimates Filtered in 16mn AMs

    —\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Disabled 3/27/2010 1054568 | (AcrSch2Svc) . (.Acronis.) – C:Program Files (x86)Common FilesAcronisSchedule2schedul2.exe
    SR – | Auto 5/11/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SS – | Disabled 11/23/2012 250808 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SS – | Disabled 1/16/2001 2480048 | (afcdpsrv) . (.Acronis.) – C:Program Files (x86)Common FilesAcronisCDPafcdpsrv.exe
    SR – | Auto 6/28/2010 40384 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
    SR – | Demand 6/28/2010 40384 | (avast! Mail Scanner) . (.AVAST Software.) – C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
    SR – | Demand 6/28/2010 40384 | (avast! Web Scanner) . (.AVAST Software.) – C:Program FilesAlwil SoftwareAvast5AvastSvc.exe
    SS – | Demand 1/16/2001 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) – C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
    SS – | Disabled 5/6/2011 460144 | (FlipShare Service) . (…) – C:Program Files (x86)Flip VideoFlipShareFlipShareService.exe
    SS – | Disabled 5/6/2011 1085440 | (FlipShareServer) . (…) – C:Program Files (x86)Flip VideoFlipShareServerFlipShareServer.exe
    SR – | Auto 8/3/2012 75264 | (GenieService) . (.Green Packet Berhad..) – C:WindowsRNDIS_MGRWmGenieFwSrv.exe
    SS – | Auto 11/24/2012 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 11/24/2012 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 4/4/2005 69632 | (IDriverT) . (.Macrovision Corporation.) – C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
    SS – | Demand 4/13/2007 792112 | (NBService) . (.Nero AG.) – C:Program Files (x86)NeroNero 7Nero BackItUpNBService.exe
    SR – | Demand 5/16/2007 271920 | (NMIndexingService) . (.Nero AG.) – C:Program Files (x86)Common FilesAheadLibNMIndexingService.exe
    SS – | Disabled 3/20/2011 1012328 | (NVSvc) . (.NVIDIA Corporation.) – C:WindowsSystem32nvvsvc.exe
    SS – | Disabled 10/2/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
    SR – | Auto 9/18/2013 106472 | (RzKLService) . (.Razer Inc..) – C:Program Files (x86)RazerRazer Game BoosterRzKLService.exe
    SS – | Auto 1/8/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    SR – | Auto 3/20/2011 378472 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    SR – | Auto 7/14/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SS – | Demand 7/10/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 7/14/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 17mn AMs

    —\ Search Master Boot Record Infection (MBR)(O80)
    Run by Younes at 10/30/2013 12:01:45 PM
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn AMs

    —\ Search Master Boot Record Infection (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Younes at 10/30/2013 12:01:47 PM

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 02mn AMs

    —\ Scan Additionnel (O88)
    Database Version : 12960 – (10/28/2013)
    Clés trouvées (Keys found) : 8
    Valeurs trouvées (Values found) : 3
    Dossiers trouvés (Folders found) : 1
    Fichiers trouvés (Files found) : 5

    [HKLMSoftwareGoogleChromeExtensionsjbmihfmcieemmafjkogmdabpdgjndlll] =>PUP.OfferWare^
    [HKLMSoftwareGoogleChromeExtensionsohpafhbnohgogojklhkcnlgbpcgcpkak] =>Adware.Browse2Save^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{E6E9009E-9593-4CC9-AE22-DDB13D0A2268}] =>Adware.Browse2Save^
    [HKCUSoftwareClasses.bgl] =>Toolbar.Conduit
    [HKLMSoftwareClassesToolbar3.SBCONVERT] =>Toolbar.Agent
    [HKLMSoftwareClassesToolbar3.SBCONVERT.1] =>Toolbar.Agent
    [HKLMSoftwareWow6432NodeClassesToolbar3.SBCONVERT] =>Toolbar.Agent
    [HKLMSoftwareWow6432NodeClassesToolbar3.SBCONVERT.1] =>Toolbar.Agent
    C:ProgramDataInstallMate =>PUP.Tarma^
    C:Program Files (x86)VuzeAzureus.exe =>P2P.Azureus^
    C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultExtensionsjbmihfmcieemmafjkogmdabpdgjndlll =>PUP.OfferWare^
    C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultExtensionsohpafhbnohgogojklhkcnlgbpcgcpkak =>Adware.Browse2Save^
    [HKCUSoftwareConduit] =>Toolbar.Conduit^
    C:WindowsAutoKMS.exe =>Trojan.Keygen
    ~ Additionnel Scan: 247508 Items scanned in 10mn AMs

    —\ Summary of the detections found on your workstation
    ~ http://nicolascoolman.webs.com/apps/blog/show/27332348-pup-offerware” onclick=”window.open(this.href);return false; =>PUP.Offerware
    ~ http://nicolascoolman.webs.com/apps/blog/show/26627530-adware-browse2save” onclick=”window.open(this.href);return false; =>Adware.Browse2Save
    ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
    ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma” onclick=”window.open(this.href);return false; =>PUP.Tarma
    ~ MSI: 4 link(s) detected in 10mn AMs

    ~ 2035 Legitimates filtered by white list
    End of the scan (695 lines in 47mn AMs)(2)[/spoiler:2uwt809v]

  • Anonyme
    Nombre d'articles : 0

    Plus de soucis non plus avec le dossier : FS Addons ?

    • Séléctionne et copie le script suivant :

      Script ZHPFix
      [HKCUSOFTWAREMicrosoftWindowsCurrentVersionExplorerAdvanced] Start_ShowMyGames: Modified
      O87 – FAEL: “TCP Query User{1AD47BA2-DEB0-48D0-AD59-9107E126C8EF}C:windowskeygen.exe” |In – Public – P6 – TRUE | .(…) — C:windowskeygen.exe (.not file.)
      O87 – FAEL: “UDP Query User{BF0FE463-68EF-4AAE-857D-B05052C5A4C8}C:windowskeygen.exe” |In – Public – P17 – TRUE | .(…) — C:windowskeygen.exe (.not file.)
      O87 – FAEL: “{A531913A-8DFD-41E5-B280-596B69C0DCF2}” | In – None – P17 – TRUE | .(.Green Packet Berhad. – WiMAX Device Manager.) — C:WindowsRNDIS_MGRWmGenieSrv.exe
      O87 – FAEL: “{83E4DCEE-C873-44A9-A7B6-1DE5196F9C55}” | Out – None – P17 – TRUE | .(.Green Packet Berhad. – WiMAX Device Manager.) — C:WindowsRNDIS_MGRWmGenieSrv.exe
      O87 – FAEL: “TCP Query User{8BBE77BC-63F4-424C-A876-8611FBEB2DDC}C:program files (x86)fsfdtfwinnfwinn.exe” |In – Public – P6 – TRUE | .(…) — C:program files (x86)fsfdtfwinnfwinn.exe (.not file.)
      O87 – FAEL: “UDP Query User{A2BCC02A-1716-47CD-812C-D575F7360B6D}C:program files (x86)fsfdtfwinnfwinn.exe” |In – Public – P17 – TRUE | .(…) — C:program files (x86)fsfdtfwinnfwinn.exe (.not file.)
      O87 – FAEL: “TCP Query User{25C72DDD-0A1E-4D14-8E13-B7F63C317C33}C:program files (x86)fsfdtcontrol panelfsfdtcp.exe” |In – Public – P6 – TRUE | .(…) — C:program files (x86)fsfdtcontrol panelfsfdtcp.exe (.not file.)
      O87 – FAEL: “UDP Query User{8EEE0513-5F76-43FD-BCCE-DEBB2EA7564D}C:program files (x86)fsfdtcontrol panelfsfdtcp.exe” |In – Public – P17 – TRUE | .(…) — C:program files (x86)fsfdtcontrol panelfsfdtcp.exe (.not file.)
      [HKLMSoftwareGoogleChromeExtensionsjbmihfmcieemmafjkogmdabpdgjndlll]
      [HKLMSoftwareGoogleChromeExtensionsohpafhbnohgogojklhkcnlgbpcgcpkak]
      [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{E6E9009E-9593-4CC9-AE22-DDB13D0A2268}]
      [HKCUSoftwareClasses.bgl
      [HKLMSoftwareClassesToolbar3.SBCONVERT]
      [HKLMSoftwareClassesToolbar3.SBCONVERT.1]
      [HKLMSoftwareWow6432NodeClassesToolbar3.SBCONVERT]
      [HKLMSoftwareWow6432NodeClassesToolbar3.SBCONVERT.1]
      C:ProgramDataInstallMate
      C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultExtensionsjbmihfmcieemmafjkogmdabpdgjndlll
      C:UsersYounesAppDataLocalGoogleChromeUser DataDefaultExtensionsohpafhbnohgogojklhkcnlgbpcgcpkak
      [HKCUSoftwareConduit]
      EmptyCLSID
      Emptytemp
      EmptyFlash

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Les lignes précedemment copiées doivent être collées dans le cadre
      3. Si c’est le cas, Clic sur “GO

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.
  • Younes
    Participant
    Nombre d'articles : 14

    ZHPFIXREPORT

    https://antimalware.top/log/SosUpload.1d72ff8b11a18348ddefcd9bf266154c.txt” onclick=”window.open(this.href);return false;

  • Anonyme
    Nombre d'articles : 0

    Si tu considères ton soucis réglé, tu vas pouvoir passer ton sujet en résolu.

    • Pour supprimer les outils de désinfections utilisés :
    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche la case suivantes :
      • Supprimer les outils de désinfection
      • Purger la restauration système

    [hr:27wj5qck]

    [fin2desinf:27wj5qck][/fin2desinf:27wj5qck]

  • Younes
    Participant
    Nombre d'articles : 14

    Merci bcp pour votre aide et support, je tacherai de suivre au mieux les conseils et astuces que vs promulguez au bas de la page… Merci 1000 fois :merci2:

  • Anonyme
    Nombre d'articles : 0

    De rien 😉

    Bonne semaine 🙂

Le sujet ‘Problème de disque dur externe et disques amovibles’ est fermé à de nouvelles réponses.