Virus "Recycler" encore 2013-10-08T11:57:31+00:00
  • Auteur
    Messages
  • Photo du profil de vincentgruasvincentgruas
    Participant
    Post count: 27

    Bonjour

    Comme pour mon autre ordi, j’ai fait des diagnostics pour supprimer “recycler”.
    Cela a l’air de marcher en administrateur, mais pas en session utilisateur.
    Voici les derniers rapports.
    Merci

    [spoiler:3rfnkyrs]# AdwCleaner v3.006 – Rapport créé le 08/10/2013 à 12:24:16
    # Mis à jour le 01/10/2013 par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : BAC4 – BAC4-PC
    # Exécuté depuis : C:UsersBAC4Desktopantimalewareadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16686

    *************************

    AdwCleaner[R0].txt – [2708 octets] – [08/10/2013 09:36:07]
    AdwCleaner[R1].txt – [801 octets] – [08/10/2013 12:18:25]
    AdwCleaner[S0].txt – [2621 octets] – [08/10/2013 09:37:18]
    AdwCleaner[S1].txt – [723 octets] – [08/10/2013 12:24:16]

    ########## EOF – C:AdwCleanerAdwCleaner[S1].txt – [782 octets] ##########[/spoiler:3rfnkyrs]
    *****************************************************************************************************************************************

    [spoiler:3rfnkyrs]Malwarebytes Anti-Malware (Essai) 1.75.0.1300
    http://www.malwarebytes.org” onclick=”window.open(this.href);return false;

    Version de la base de données: v2013.10.08.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16686
    BAC4 :: BAC4-PC [administrateur]

    Protection: Activé

    08/10/2013 12:37:21
    mbam-log-2013-10-08 (12-37-21).txt

    Type d'examen: Examen rapide
    Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
    Options d'examen désactivées: P2P
    Elément(s) analysé(s): 228216
    Temps écoulé: 9 minute(s),

    Processus mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Module(s) mémoire détecté(s): 0
    (Aucun élément nuisible détecté)

    Clé(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre détectée(s): 0
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre détecté(s): 0
    (Aucun élément nuisible détecté)

    Dossier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    Fichier(s) détecté(s): 0
    (Aucun élément nuisible détecté)

    (fin)[/spoiler:3rfnkyrs]
    *******************************************************************************************************************************************

    [spoiler:3rfnkyrs]############################## | UsbFix V 7.143 | [Recherche]

    Utilisateur: BAC4 (Administrateur) # BAC4-PC
    Mis à jour le 05/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 13:32:10 | 08/10/2013

    Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Acer (Aspire X1430)
    CPU: AMD E-300 APU with Radeon(tm) HD Graphics
    RAM -> [Total : 3576 | Free : 2175]
    Bios: AMI
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 10.0.9200.16686

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 138 Go (96 Go libre(s) – 69%) [Acer] # NTFS
    D: -> Disque fixe # 139 Go (138 Go libre(s) – 100%) [DATA] # NTFS
    E: -> CD-ROM

    ################## | Processus Actif |

    C:Windowssystem32csrss.exe (ID 464 |ParentID 456)
    C:Windowssystem32wininit.exe (ID 544 |ParentID 456)
    C:Windowssystem32csrss.exe (ID 560 |ParentID 536)
    C:Windowssystem32services.exe (ID 596 |ParentID 544)
    C:Windowssystem32lsass.exe (ID 620 |ParentID 544)
    C:Windowssystem32lsm.exe (ID 628 |ParentID 544)
    C:Windowssystem32winlogon.exe (ID 676 |ParentID 536)
    C:Windowssystem32svchost.exe (ID 772 |ParentID 596)
    C:Windowssystem32svchost.exe (ID 860 |ParentID 596)
    C:Windowssystem32atiesrxx.exe (ID 912 |ParentID 596)
    C:WindowsSystem32svchost.exe (ID 988 |ParentID 596)
    C:WindowsSystem32svchost.exe (ID 268 |ParentID 596)
    C:Windowssystem32svchost.exe (ID 472 |ParentID 596)
    C:Windowssystem32svchost.exe (ID 536 |ParentID 596)
    C:Windowssystem32svchost.exe (ID 1036 |ParentID 596)
    C:Windowssystem32svchost.exe (ID 1132 |ParentID 596)
    C:Windowssystem32atieclxx.exe (ID 1164 |ParentID 912)
    C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID 1208 |ParentID 596)
    C:WindowsSystem32spoolsv.exe (ID 1352 |ParentID 596)
    C:Windowssystem32svchost.exe (ID 1388 |ParentID 596)
    C:Program Files (x86)BonjourmDNSResponder.exe (ID 1716 |ParentID 596)
    C:Program Files (x86)AcerRegistrationGREGsvc.exe (ID 1792 |ParentID 596)
    C:Program FilesAcerAcer UpdaterUpdaterService.exe (ID 1848 |ParentID 596)
    C:WindowsSystem32svchost.exe (ID 1880 |ParentID 596)
    C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe (ID 1912 |ParentID 596)
    C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe (ID 1948 |ParentID 596)
    C:Windowssystem32svchost.exe (ID 1992 |ParentID 596)
    C:Windowssystem32svchost.exe (ID 2172 |ParentID 596)
    C:Windowssystem32svchost.exe (ID 2240 |ParentID 596)
    C:WindowsSystem32WUDFHost.exe (ID 2356 |ParentID 268)
    C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe (ID 2548 |ParentID 1948)
    C:Windowssystem32taskhost.exe (ID 2616 |ParentID 596)
    C:Windowssystem32Dwm.exe (ID 2788 |ParentID 268)
    C:WindowsExplorer.EXE (ID 2840 |ParentID 2624)
    C:Program FilesRealtekAudioHDARAVCpl64.exe (ID 2980 |ParentID 2840)
    C:UsersBAC4AppDataRoamingColor_Server_Client_ToolsJREJRE1.5binDEX_CX700_V1.EXE (ID 2528 |ParentID 2604)
    C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe (ID 2308 |ParentID 3052)
    C:Program Files (x86)EgisTec IPSPmmUpdate.exe (ID 788 |ParentID 3052)
    C:Program Files (x86)Acerclear.fiMovieclear.fiMovieService.exe (ID 1956 |ParentID 3052)
    C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe (ID 2588 |ParentID 3052)
    C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID 2960 |ParentID 3052)
    C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID 3036 |ParentID 3052)
    C:Windowssystem32taskeng.exe (ID 1244 |ParentID 536)
    C:Program Files (x86)Acerclear.fiMVPclear.fiAgent.exe (ID 2804 |ParentID 1244)
    C:Program Files (x86)Acerclear.fiMVP.KernelDMRDMREngine.exe (ID 2796 |ParentID 1244)
    C:Program Files (x86)EgisTec IPSEgisUpdate.exe (ID 236 |ParentID 3032)
    C:Program Files (x86)Acerclear.fiMVPKernelDMRCLMSService.exe (ID 3388 |ParentID 2804)
    C:Windowssystem32SearchIndexer.exe (ID 3556 |ParentID 596)
    C:Program FilesWindows Media Playerwmpnetwk.exe (ID 3084 |ParentID 596)
    C:Program Files (x86)NeroUpdateNASvc.exe (ID 4004 |ParentID 596)
    C:WindowsSystem32svchost.exe (ID 2256 |ParentID 596)
    C:WindowsservicingTrustedInstaller.exe (ID 1336 |ParentID 596)
    C:UsbFixGo.exe (ID 3932 |ParentID 3044)
    C:Windowssystem32wbemwmiprvse.exe (ID 1076 |ParentID 772)

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
    HKLMSOFTWARE | Run : [EgisTecPMMUpdate] – “C:Program Files (x86)EgisTec IPSPmmUpdate.exe”
    HKLMSOFTWARE | Run : [EgisUpdate] – “C:Program Files (x86)EgisTec IPSEgisUpdate.exe” -d
    HKLMSOFTWARE | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWARE | Run : [ArcadeMovieService] – “C:Program Files (x86)Acerclear.fiMovieclear.fiMovieService.exe”
    HKLMSOFTWARE | Run : [Hotkey Utility] – C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe
    HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWAREwow6432Node | Run : [SuiteTray] – “C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe”
    HKLMSOFTWAREwow6432Node | Run : [EgisTecPMMUpdate] – “C:Program Files (x86)EgisTec IPSPmmUpdate.exe”
    HKLMSOFTWAREwow6432Node | Run : [EgisUpdate] – “C:Program Files (x86)EgisTec IPSEgisUpdate.exe” -d
    HKLMSOFTWAREwow6432Node | Run : [StartCCC] – “C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
    HKLMSOFTWAREwow6432Node | Run : [ArcadeMovieService] – “C:Program Files (x86)Acerclear.fiMovieclear.fiMovieService.exe”
    HKLMSOFTWAREwow6432Node | Run : [Hotkey Utility] – C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe
    HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe”
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-4100385622-4132460776-526010295-1000SOFTWARE | Run : [DexStarter_CX700_V1] – “C:UsersBAC4AppDataRoamingColor_Server_Client_ToolsPrinterDriverCX700_V1DexRunner.bat”
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-19SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}
    HKUS-1-5-18SOFTWARE | RunOnce : [IsMyWinLockerReboot] – msiexec.exe /qn /x{voidguid}

    ################## | Éléments infectieux |

    ################## | Registre |

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:3rfnkyrs]
    *************************************************************************************************************************************

    [spoiler:3rfnkyrs]~ Rapport de ZHPDiag v2013.10.8.22 – Nicolas Coolman (08/10/2013)
    ~ Lancé par BAC4 (08/10/2013 12:50:21)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v10.0.9200.16686 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK
    ~ Windows(R) 7, OEM_SLP channel
    System Locked Preinstallation (OEM_SLP) : OK
    Windows ID Activation : OK
    ~ Windows Partial Key : 7QJB7
    Windows License : OK
    ~ Windows Remaining Initializations Number : 2
    Software Protection Service (Protection logicielle) : OK
    Windows Automatic Updates : OK
    Windows Activation Technologies : OK

    —\ Logiciels de protection du système
    avast! Free Antivirus v8.0.1497.0
    Malwarebytes Anti-Malware version 1.75.0.1300
    Windows Defender W7

    —\ Logiciels d'optimisation du système

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.5.5 – Français
    Java 7 Update 17

    —\ Informations sur le système
    ~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 3576 MB (64% free)
    System Restore: Activé (Enable)
    System drive C: has 96 GB (69%) free of 138 GB

    —\ Mode de connexion au système
    ~ Computer Name: BAC4-PC
    ~ User Name: BAC4
    ~ All Users Names: Client 4, BAC4, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersBAC4AppDataRoamingZHP
    ~ %AppData% : C:UsersBAC4AppDataRoaming
    ~ %Desktop% : C:UsersBAC4Desktop
    ~ %Favorites% : C:UsersBAC4Favorites
    ~ %LocalAppData% : C:UsersBAC4AppDataLocal
    ~ %StartMenu% : C:UsersBAC4AppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 96 Go of 138 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 138 Go of 139 Go)
    E: CD-ROM drive (Not Inserted)
    G: Floppy drive, Flash card reader, USB Key (Not Inserted)

    —\ Etat du Centre de Sécurité Windows
    [HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
    ~ Security Center: 35 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 07:19:30.) — C:WindowsExplorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.AAFA952E774DDDB0956D3BDFAE5B5B99] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.10/08/2013 – 06:22:18.) — C:WindowsSystem32wininet.dll [2241024]
    [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.21/11/2010 – 04:24:29.) — C:WindowsSystem32Winlogon.exe [390656]
    [MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.21/11/2010 – 04:24:16.) — C:WindowsSystem32sppcomapi.dll [232448]
    [MD5.1C7857B62DE5994A75B054A9FD4C3825] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/12/2011 – 04:59:24.) — C:Windowssystem32DriversAFD.sys [498688]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.21/11/2010 – 04:23:51.) — C:Windowssystem32DriversnetBT.sys [261632]
    [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 15:45:08.) — C:Windowssystem32Driversntfs.sys [1656680]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.21/11/2010 – 04:24:33.) — C:Windowssystem32DriversRasl2tp.sys [129536]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32Driverstdx.sys [119296]
    [MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32Driversvolsnap.sys [295808]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes Favoris (My Favorites) : 1/18
    ~ Mon Bureau (My Desktop) : 1/20
    ~ Menu demarrer (Programs) : 1/24
    ~ Hidden Files: Scanned in 00mn 00s

    —\ Processus lancés
    [MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe [532040] [PID.2548]
    [MD5.2216B4B9AB302984F48F08A1928DD5B6] – (…) — C:UsersBAC4AppDataRoamingColor_Server_Client_ToolsJREJRE1.5binDEX_CX700_V1.exe [106096] [PID.2528]
    [MD5.177B43D22BF388B0D5ED8DD39D51604B] – (.Egis Technology Inc. – SuiteTray.) — C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe [340848] [PID.2308]
    [MD5.7540A112B052AC8DB4BC02F1039B235B] – (.Egis Technology Inc. – PMM Update Application.) — C:Program Files (x86)EgisTec IPSPmmUpdate.exe [408432] [PID.788]
    [MD5.1AA5CE8A101B34121A50173F8A115D88] – (.CyberLink Corp. – clear.fi Movie Resident Program.) — C:Program Files (x86)Acerclear.fiMovieclear.fiMovieService.exe [185640] [PID.1956]
    [MD5.278C64B644C224B28E601381103811A6] – (.Pas de propriétaire – Hotkey Utility.) — C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe [627304] [PID.2588]
    [MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe [4858968] [PID.2960]
    [MD5.12916E0642E92561C98B18A2A2D01B14] – (.Sun Microsystems, Inc. – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [252848] [PID.3036]
    [MD5.327A10AFC14D13C6D3F731855801298C] – (.CyberLink Corp. – clear.fi Resident Program.) — C:Program Files (x86)Acerclear.fiMVPclear.fiAgent.exe [218408] [PID.2804]
    [MD5.B03D7B041D077235226B184F2A4CAA0D] – (.CyberLink – DMREngine.) — C:Program Files (x86)Acerclear.fiMVP.KernelDMRDMREngine.exe [321832] [PID.2796]
    [MD5.6A8ABD13B2C30DED1125919576AA5E59] – (.Egis Technology Inc. – EgisUpdate Release Application.) — C:Program Files (x86)EgisTec IPSEgisUpdate.exe [202608] [PID.236]
    [MD5.BEA5FFED955674A89EAA44D93C7FE2ED] – (.CyberLink – CLMSService.) — C:Program Files (x86)Acerclear.fiMVPKernelDMRCLMSService.exe [214312] [PID.3388]
    [MD5.D57C24B4B039C62FFD5814AFED2660FA] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8066560] [PID.3256]
    [MD5.9330941C8F6DF417F6DBBE998DB6687E] – (.AVAST Software – avast! Service.) — C:Program FilesAVAST SoftwareAvastAvastSvc.exe [46808] [PID.1208]
    [MD5.73686FE0B2E0469F89FD2075BE724704] – (.Apple Computer, Inc. – Bonjour Service.) — C:Program Files (x86)BonjourmDNSResponder.exe [229376] [PID.1716]
    [MD5.C9B2D1D3F86FD3673EF847DEF73B6F9E] – (.Acer Incorporated – Global Registration Service.) — C:Program Files (x86)AcerRegistrationGREGsvc.exe [36456] [PID.1792]
    [MD5.6BB516A31DE232DAB436FF3A117E1E80] – (.Acer Incorporated – Updater Service.) — C:Program FilesAcerAcer UpdaterUpdaterService.exe [255376] [PID.1848]
    [MD5.65085456FD9A74D7F1A999520C299ECB] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [418376] [PID.1912]
    [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe [701512] [PID.1948]
    [MD5.9D1CCE440552500DED3A62F9D779CDB4] – (.Nero AG – NeroUpdate.) — C:Program Files (x86)NeroUpdateNASvc.exe [503080] [PID.4004]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 21

    —\ Internet Explorer Toolbars (O3)
    O3 – Toolbar: (no name) [64Bits] – [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSDesktop [Client 4]: CXP700 – Raccourci.lnk – Clé orpheline
    O4 – GSDesktop [Client 4]: internet.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSDesktop [BAC4]: CXP700 – Raccourci.lnk – Clé orpheline
    O4 – GSDesktop [BAC4]: SosVirus Forum.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe https://www.sosvirus.net” onclick=”window.open(this.href);return false;
    O4 – GSDesktop [BAC4]: SosVirus On Facebook.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe http://www.facebook.com” onclick=”window.open(this.href);return false;
    ~ Global Startup: 80 Legitimates Filtered in 00mn 01s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
    O4 – HKCU..Run: [DexStarter_CX700_V1] . (…) — C:UsersBAC4AppDataRoamingColor_Server_Client_ToolsPrinterDriverCX700_V1DexRunner.bat
    O4 – HKLM..Wow6432NodeRun: [SuiteTray] . (.Egis Technology Inc. – SuiteTray.) — C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe
    O4 – HKLM..Wow6432NodeRun: [EgisTecPMMUpdate] . (.Egis Technology Inc. – PMM Update Application.) — C:Program Files (x86)EgisTec IPSPmmUpdate.exe
    O4 – HKLM..Wow6432NodeRun: [EgisUpdate] . (.Egis Technology Inc. – EgisUpdate Release Application.) — C:Program Files (x86)EgisTec IPSEgisUpdate.exe
    O4 – HKLM..Wow6432NodeRun: [StartCCC] . (.Advanced Micro Devices, Inc. – Catalyst® Control Center Launcher.) — C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLIStart.exe =>.Advanced Micro Devices, Inc
    O4 – HKLM..Wow6432NodeRun: [ArcadeMovieService] . (.CyberLink Corp. – clear.fi Movie Resident Program.) — C:Program Files (x86)Acerclear.fiMovieclear.fiMovieService.exe
    O4 – HKLM..Wow6432NodeRun: [Hotkey Utility] . (.Pas de propriétaire – Hotkey Utility.) — C:Program Files (x86)AcerHotkey UtilityHotkeyUtility.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [avast] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastUI.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-18..RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation – Installateur Windows®.) — C:WindowsSystem32msiexec.exe
    O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-19..RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation – Installateur Windows®.) — C:WindowsSystem32msiexec.exe
    O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-20..RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation – Installateur Windows®.) — C:WindowsSystem32msiexec.exe
    O4 – HKUSS-1-5-21-4100385622-4132460776-526010295-1000..Run: [DexStarter_CX700_V1] . (…) — C:UsersBAC4AppDataRoamingColor_Server_Client_ToolsPrinterDriverCX700_V1DexRunner.bat
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: &Envoyer à OneNote [64Bits] – {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:Program Files (x86)MICROS~2Office14ONBttnIE.dll (.not file.)
    O9 – Extra button: Notes &liées OneNote [64Bits] – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} — C:Program Files (x86)MICROS~2Office14ONBTTN~1.dll (.not file.)
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{93D11351-1662-43F5-91C7-4B57194F2EEC}: NameServer = 192.168.1.1
    O17 – HKLMSystemCS1ServicesTcpip..{93D11351-1662-43F5-91C7-4B57194F2EEC}: NameServer = 192.168.1.1
    O17 – HKLMSystemCS2ServicesTcpip..{93D11351-1662-43F5-91C7-4B57194F2EEC}: NameServer = 192.168.1.1
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwareColor_Server_Client_Tools]
    [HKLMSoftwareWow6432NodeCreo]
    ~ Key Software: 171 Legitimates Filtered in 00mn 02s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 31/05/2013 – 18:21:45 – [90,292] —-D C:UsersBAC4AppDataRoamingColor_Server_Client_Tools
    ~ Program Folder: 133 Legitimates Filtered in 00mn 17s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.D51B6C8C04BE3EC3DFEADDDCB5FE67B3] – 08/10/2013 – 09:05:58


    . (…) — C:DelFix.txt [499]
    O44 – LFC:[MD5.1EFF505C427531F932D94A2174B406BD] – 08/10/2013 – 10:31:55


    . (…) — C:UsbFix [Clean 1] BAC4-PC.txt [7994]
    O44 – LFC:[MD5.10B27D138FA20C54F4D5F3449C5382FE] – 08/10/2013 – 10:49:04 —A- . (…) — C:UsbFix [Clean 2] BAC4-PC.txt [8087]
    O44 – LFC:[MD5.AA1312F28AAC91BA7DC0A99C6ED4CB75] – 08/10/2013 – 10:50:20 —A- . (…) — C:Windowsntbtlog.txt [128966]
    O44 – LFC:[MD5.A139A13EE288BECFD572D32FC5DB40D4] – 08/10/2013 – 11:17:06 —A- . (…) — C:UsbFix [Scan 2] BAC4-PC.txt [8665]
    ~ Files: 21 Legitimates Filtered in 00mn 09s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.910A748C61442532D4C989AFC0FAEA0C] – 08/10/2013 – 07:22:01 —A- – C:WindowsPrefetchCLMSSERVICE.EXE-340C3804.pf
    O45 – LFCP:[MD5.EA8379D094B8E9BECAEF31BF37B86088] – 08/10/2013 – 09:36:38 —A- – C:WindowsPrefetchSUITETRAY.EXE-42757614.pf
    O45 – LFCP:[MD5.55D9C1EE5230CD38DFD963BF4AD7012B] – 08/10/2013 – 11:13:13 —A- – C:WindowsPrefetchGO.EXE-9F5F9B7B.pf
    ~ Prefetcher: 143 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    ~ MWPS: 16 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
    O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
    ~ MWPE Keys: 7 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.286193DC28CFB4CEB8D378E20A0850A9] – 30/08/2013 – 08:48:10 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [65336]
    ~ Drivers: 16 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 08/10/2013 – 12:52:04 —A- . (…) — C:UsersBAC4AppDataRoamingZHPLog.txt [18241] =>.Nicolas Coolman
    O61 – LFC: 08/10/2013 – 12:52:04 —A- . (…) — C:UsersBAC4AppDataRoamingZHPTestsZHPDiag.txt [2831] =>.Nicolas Coolman
    ~ 1 Fichiers temporaires (Temporary files)
    ~ Files: 6 Legitimates Filtered in 00mn 02s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.)” onclick=”window.open(this.href);return false; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Associations Shell Spawning (O67)
    O67 – Shell Spawning: < .html> [HKLM..openCommand] (.Not Key.)
    O67 – Shell Spawning: < .html>
    [HKCU..openCommand] (.Not Key.)
    O67 – Shell Spawning: < .html>
    [HKCR..openCommand] (.Not Key.)
    ~ FASS Keys: 19 Legitimates Filtered in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.9182C3ECAB695D72C5937499705D68FB] [SPRF][01/10/2013] (…) — C:UsersBAC4AppDataLocalTempQuarantine.exe [344601]
    [MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][22/06/2012] (…) — C:UsersBAC4AppDataRoamingwklnhst.dat [0]
    ~ Files: 2 Legitimates Filtered in 00mn 00s

    —\ Liste des exceptions du parefeu (FirewallRules) (O87)
    O87 – FAEL: “TCP Query User{DFC931D9-D2A1-4A8D-AF31-3967D65178F6}C:usersclient 4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe” | In – Private – P6 – TRUE | .(…) — C:usersclient 4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe
    O87 – FAEL: “UDP Query User{8DE7A4D6-E85D-4E3B-B12A-F758136BEAE9}C:usersclient 4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe” | In – Private – P17 – TRUE | .(…) — C:usersclient 4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe
    O87 – FAEL: “TCP Query User{D9CD96D2-9A1E-4BD8-9EA8-4D52D7BFBCFB}C:usersclient 4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe” | In – Public – P6 – TRUE | .(…) — C:usersclient 4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe
    O87 – FAEL: “UDP Query User{12CF3446-5B8F-4A05-AF6E-BC23B358880A}C:usersclient 4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe” | In – Public – P17 – TRUE | .(…) — C:usersclient 4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe
    O87 – FAEL: “TCP Query User{D7C4CA5D-D300-4659-85EE-904D72506ACF}C:usersbac4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe” | In – Private – P6 – TRUE | .(…) — C:usersbac4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe
    O87 – FAEL: “UDP Query User{332F6DE7-246F-4FE8-A07A-A79CAF900397}C:usersbac4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe” | In – Private – P17 – TRUE | .(…) — C:usersbac4appdataroamingcolor_server_client_toolsjrejre1.5bindex_cx700_v1.exe
    ~ Firewall: 207 Legitimates Filtered in 00mn 02s

    —\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
    SS – | Demand 23/09/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SR – | Auto 24/05/2011 204288 | (AMD External Events Utility) . (.AMD.) – C:WindowsSystem32atiesrxx.exe
    SR – | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    SR – | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) – C:Program Files (x86)BonjourmDNSResponder.exe
    SS – | Demand 02/04/2011 173424 | (EgisTec Ticket Service) . (.Egis Technology Inc..) – C:Program Files (x86)Common FilesEgisTecServicesEgisTicketService.exe
    SS – | Demand 22/06/2012 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) – C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
    SS – | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) – C:Program Files (x86)WildTangent GamesAppGamesAppService.exe
    SR – | Auto 30/05/2011 36456 | (GREGService) . (.Acer Incorporated.) – C:Program Files (x86)AcerRegistrationGREGsvc.exe
    SR – | Auto 06/02/2012 255376 | (Live Updater Service) . (.Acer Incorporated.) – C:Program FilesAcerAcer UpdaterUpdaterService.exe
    SR – | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe
    SR – | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe
    SR – | Auto 04/05/2010 503080 | (NAUpdate) . (.Nero AG.) – C:Program Files (x86)NeroUpdateNASvc.exe
    SR – | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 42s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by BAC4 at 08/10/2013 12:53:36
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by BAC4 at 08/10/2013 12:53:38

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 12943 – (08/10/2013)
    Clés trouvées (Keys found) : 0
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 0
    Fichiers trouvés (Files found) : 0

    ~ Additionnel Scan: 270091 Items scanned in 01mn 04s

    ~ 1546 Legitimates filtered by white list
    End of the scan (375 lines in 04mn 22s)(0)[/spoiler:3rfnkyrs]MERCI

  • Anonyme
    Post count: 0

    Comme pour mon autre ordi, j’ai fait des diagnostics pour supprimer “recycler”.
    Cela a l’air de marcher en administrateur, mais pas en session utilisateur.

    Quel est le symptome qui te fait dire ça ?

  • Photo du profil de Evasion60Evasion60
    Participant
    Post count: 1557

    :hello: Bonjour Cédric

    Doublon, déjà pris en charge ;)

    Sujet “Fermé
    Merci de rester sur le 1er sujet, ou tu es pris en charge :)

  • Photo du profil de H.A.W.XH.A.W.X
    Participant
    Post count: 1704

    Hello vous deux :)

    Tu es sur qu’il ne parle pas d’un autre ordinateur ? Je suis pas sur que ça soit un doublon ;)

    ++

  • Photo du profil de Evasion60Evasion60
    Participant
    Post count: 1557

    :hello: Re

    J’ai réouvert ton sujet ;)

    /! Ton log ZHPDiag ne montre aucune infections

    Comment se manifeste ton infection ?

    A te lire

    Edité =>
    Recycled” sont les corbeilles de Windows
    Sont-elles vidées ?

  • Photo du profil de Evasion60Evasion60
    Participant
    Post count: 1557

    :hello: Bonjour

    Aucune réponse depuis le 08/10/2013 :(

    [norephelpe:1nqcz24f][/norephelpe:1nqcz24f]

    Bonne continuation ;)

Le sujet ‘Virus "Recycler" encore’ est fermé à de nouvelles réponses.