Virus sur ma clé Usb 2013-10-16T08:47:38+00:00

Dépannage Informatique : Virus sur ma clé Usb

  • Auteur
    Messages
  • Miss_estrellita
    Participant
    Nombre d'articles : 23

    Bonjour,

    J’ai besoin d’aide pour désinfecter ma clé USB.

    Symptômes: créations des raccourcis et transformation de mes fichiers en fichiers cachés.
    Le virus s’appelle: Facebook.vbs je crois.

    J’a vraiment besoin d’aide, sachant que je ne veux surtout pas perdre mes fichiers qui sont dans la clé usb.

    Merci par avance pour votre réactivité et votre aide !

  • Anonyme
    Nombre d'articles : 0

    Hello :hello: ,

    Bienvenue sur SosVirus :welcome:

    • Télécharges UsbFix (de El Desaparecido) sur ton Bureau !
    • Exécute UsbFix
    • Choisi l’option Suppression

      Note : Si UsbFix bloque à 14%, éxécute UsbFix en mode sans échec. (Voir >> ICI <<)

    • Copie et Colle le contenu du rapport qui apparaît à la fin du scan dans ta réponse
  • Miss_estrellita
    Participant
    Nombre d'articles : 23

    Merci pour votre rapidité de réponse 🙂

    Voici le rapport ![spoiler:1dd2uds1]############################## | UsbFix V 7.144 | [Suppression]

    Utilisateur: Magda RAIS (Administrateur) # MAGDARAIS-TOSH
    Mis à jour le 08/10/2013 par El Desaparecido – Team SosVirus
    Lancé à 11:01:20 | 16/10/2013

    Site Web: http://www.usbfix.net/” onclick=”window.open(this.href);return false;
    Forum : https://www.sosvirus.net/” onclick=”window.open(this.href);return false;
    Upload Malware: upload_malware.php
    Contact: http://www.usbfix.net/contact/” onclick=”window.open(this.href);return false;

    PC: Intel Corp. (Base Board Product Name)
    CPU: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
    RAM -> [Total : 4078 | Free : 1880]
    Bios: INSYDE
    Boot: Normal boot

    OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1
    WB: Windows Internet Explorer 10.0.9200.16721

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Disque fixe # 297 Go (242 Go libre(s) – 81%) [WINDOWS] # NTFS
    D: -> Disque fixe # 298 Go (260 Go libre(s) – 87%) [Data] # NTFS
    E: -> CD-ROM
    F: -> Disque amovible # 30 Go (30 Go libre(s) – 97%) [USB20FD] # FAT32

    ################## | Regedit Run |

    HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [NBAgent] – “c:Program Files (x86)NeroNero 10Nero BackItUpNBAgent.exe” /WinStart
    HKLMSOFTWARE | Run : [ToshibaServiceStation] – “C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe” /hide:60
    HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWARE | Run : [AdobeCS5.5ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe” -launchedbylogin
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [NBAgent] – “c:Program Files (x86)NeroNero 10Nero BackItUpNBAgent.exe” /WinStart
    HKLMSOFTWAREwow6432Node | Run : [ToshibaServiceStation] – “C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe” /hide:60
    HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWAREwow6432Node | Run : [AdobeCS5.5ServiceManager] – “C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe” -launchedbylogin
    HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-21-339401442-3039507466-214422036-1000SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STAR
    HKUS-1-5-21-339401442-3039507466-214422036-1000SOFTWARE | Run : [Google Update] – “C:UsersMagda RAISAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    HKUS-1-5-21-339401442-3039507466-214422036-1000SOFTWARE | Run : [Sidebar] – C:Program FilesWindows Sidebarsidebar.exe /autoRun
    HKUS-1-5-21-339401442-3039507466-214422036-1000SOFTWARE | Run : [Skype] – “C:Program Files (x86)SkypePhoneSkype.exe” /minimized /regrun
    HKUS-1-5-18SOFTWARE | Run : [TOPI.EXE] – C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe /STARTUP

    ################## | Processus Stoppés |

    Stoppé! C:Windowssystem32nvvsvc.exe (ID 876 |ParentID 672)
    Stoppé! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (ID 1356 |ParentID 672)
    Stoppé! C:Windowssystem32WLANExt.exe (ID 1364 |ParentID 1008)
    Stoppé! C:Windowssystem32conhost.exe (ID 1372 |ParentID 548)
    Stoppé! C:WindowsSystem32spoolsv.exe (ID 1564 |ParentID 672)
    Stoppé! C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe (ID 1720 |ParentID 672)
    Stoppé! C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe (ID 2044 |ParentID 672)
    Stoppé! C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe (ID 1376 |ParentID 672)
    Stoppé! C:Windowssystem32ThpSrv.exe (ID 2064 |ParentID 672)
    Stoppé! C:Windowssystem32TODDSrv.exe (ID 2388 |ParentID 672)
    Stoppé! C:Program FilesNVIDIA CorporationDisplayNvXDSync.exe (ID 2516 |ParentID 876)
    Stoppé! C:Windowssystem32nvvsvc.exe (ID 2528 |ParentID 876)
    Stoppé! C:Program FilesTOSHIBAPower SaverTosCoSrv.exe (ID 2688 |ParentID 672)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (ID 2788 |ParentID 672)
    Stoppé! C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe (ID 2872 |ParentID 672)
    Stoppé! C:Program FilesTOSHIBATECOTecoService.exe (ID 2940 |ParentID 672)
    Stoppé! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (ID 2992 |ParentID 2788)
    Stoppé! C:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXE (ID 3080 |ParentID 672)
    Stoppé! C:Windowssystem32taskhost.exe (ID 3484 |ParentID 672)
    Stoppé! C:WindowsSystem32rundll32.exe (ID 3804 |ParentID 800)
    Stoppé! C:Windowssystem32taskeng.exe (ID 3948 |ParentID 444)
    Stoppé! C:Program Files (x86)TOSHIBAConfigFreeNDSTray.exe (ID 1920 |ParentID 3948)
    Stoppé! C:Program Files (x86)Toshiba TEMPROTemproTray.exe (ID 2616 |ParentID 3864)
    Stoppé! C:Program FilesTOSHIBABulletinBoardTosNcCore.exe (ID 908 |ParentID 3864)
    Stoppé! C:Program FilesTOSHIBAReelTimeTosReelTimeMonitor.exe (ID 2348 |ParentID 3864)
    Stoppé! C:Program FilesTOSHIBAPower SaverTPwrMain.exe (ID 3656 |ParentID 3864)
    Stoppé! C:Program FilesTOSHIBAFlashCardsTCrdMain.exe (ID 2108 |ParentID 3864)
    Stoppé! C:Program FilesSynapticsSynTPSynTPEnh.exe (ID 2612 |ParentID 3864)
    Stoppé! C:WindowsSystem32ThpSrv.exe (ID 2684 |ParentID 3864)
    Stoppé! C:Program FilesTOSHIBATECOTeco.exe (ID 3572 |ParentID 3864)
    Stoppé! C:Windowssystem32SearchIndexer.exe (ID 3440 |ParentID 672)
    Stoppé! C:Program FilesSynapticsSynTPSynTPHelper.exe (ID 4152 |ParentID 2612)
    Stoppé! C:Program Files (x86)TOSHIBATOSHIBA Online Product InformationTOPI.exe (ID 4200 |ParentID 3864)
    Stoppé! C:Program FilesWindows Sidebarsidebar.exe (ID 4428 |ParentID 3864)
    Stoppé! C:Program Files (x86)SkypePhoneSkype.exe (ID 4768 |ParentID 3864)
    Stoppé! C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtMng.exe (ID 4836 |ParentID 3864)
    Stoppé! C:Program FilesTOSHIBATOSHIBA Places Icon UtilityTosDIMonitor.exe (ID 4884 |ParentID 3864)
    Stoppé! C:Program FilesWindows Media Playerwmpnetwk.exe (ID 5100 |ParentID 672)
    Stoppé! C:Program Files (x86)TOSHIBAConfigFreeCFSwMgr.exe (ID 5116 |ParentID 1920)
    Stoppé! C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.EXE (ID 3152 |ParentID 3864)
    Stoppé! C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe (ID 3404 |ParentID 4812)
    Stoppé! C:Program FilesAVAST SoftwareAvastAvastUI.exe (ID 604 |ParentID 4812)
    Stoppé! C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (ID 4128 |ParentID 4812)
    Stoppé! C:Program Files (x86)TOSHIBAConfigFreeCFIWmxSvcs64.exe (ID 3296 |ParentID 672)
    Stoppé! C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtSrv.exe (ID 3828 |ParentID 672)
    Stoppé! C:Program Files (x86)TOSHIBAConfigFreeCFSvcs.exe (ID 3448 |ParentID 672)
    Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe (ID 5416 |ParentID 672)
    Stoppé! c:Program Files (x86)NeroUpdateNASvc.exe (ID 5716 |ParentID 672)
    Stoppé! C:Program Files (x86)ToshibaBluetooth Toshiba StackTosA2dp.exe (ID 5924 |ParentID 4836)
    Stoppé! C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtHid.exe (ID 6060 |ParentID 4836)
    Stoppé! C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtHsp.exe (ID 1572 |ParentID 4836)
    Stoppé! C:Program Files (x86)ToshibaBluetooth Toshiba StackTosAVRC.exe (ID 5320 |ParentID 4836)
    Stoppé! C:Program Files (x86)ToshibaBluetooth Toshiba StacktosOBEX.exe (ID 1684 |ParentID 4836)
    Stoppé! C:Program Files (x86)TOSHIBABluetooth Toshiba StacktosBtProc.exe (ID 6116 |ParentID 1684)
    Stoppé! C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe (ID 5392 |ParentID 672)
    Stoppé! C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe (ID 5884 |ParentID 672)
    Stoppé! C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe (ID 4260 |ParentID 672)
    Stoppé! C:Program FilesTOSHIBATPHMTPCHSrv.exe (ID 6176 |ParentID 672)
    Stoppé! C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSENotify.exe (ID 6188 |ParentID 3432)
    Stoppé! C:WindowsSystem32WUDFHost.exe (ID 6560 |ParentID 1008)
    Stoppé! C:Program FilesTOSHIBATPHMTPCHWMsg.exe (ID 7060 |ParentID 3332)
    Stoppé! C:Program Files (x86)Mozilla Firefoxfirefox.exe (ID 7120 |ParentID 3864)
    Stoppé! C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAAAM Updates Notifier.exe (ID 2320 |ParentID 4852)
    Stoppé! C:WindowsSysWOW64ctfmon.exe (ID 1492 |ParentID 604)
    Stoppé! C:WindowsSysWOW64NOTEPAD.EXE (ID 6212 |ParentID 6864)
    Stoppé! C:Program Files (x86)Mozilla Firefoxplugin-container.exe (ID 2152 |ParentID 7120)
    Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID 4220 |ParentID 2152)
    Stoppé! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe (ID 5272 |ParentID 4220)

    ################## | Éléments infectieux |

    Supprimé! F:Table de multiplication.doc.lnk
    Supprimé! F:doc info cours.doc.lnk
    Supprimé! F:Activites-des-clubs-seniors.pdf.lnk
    Supprimé! F:Des services en ligne.docx.lnk
    Supprimé! F:Pour que le forum reste un endroit convivial.docx.lnk
    Supprimé! F:CV_Magda_RAIS.doc.lnk
    Supprimé! F:Magda RAIS LM.doc.lnk
    Supprimé! F:Magda RAIS – CV old.docx.lnk
    Supprimé! F:CLE ASSOs.lnk
    Supprimé! F:Autorun.inf.lnk
    Supprimé! F:~WRL0001.tmp.lnk
    Supprimé! F:Facebook.vbs

    (!) Fichiers temporaires supprimés.

    ################## | Registre |

    ################## | Listing |

    [30/03/2012 – 15:44:10 | SHD ] C:$RECYCLE.BIN
    [28/05/2013 – 18:55:02 | RASHD ] C:Autorun.inf
    [29/05/2013 – 17:31:58 | N | 2542] C:DelFix.txt
    [02/04/2012 – 19:12:22 | D ] C:DiacammaClient
    [14/07/2009 – 07:08:56 | SHD ] C:Documents and Settings
    [16/10/2013 – 10:32:04 | ASH | 3206959104] C:hiberfil.sys
    [17/11/2011 – 15:32:12 | RD ] C:MSOCache
    [16/10/2013 – 10:32:04 | ASH | 4275945472] C:pagefile.sys
    [14/07/2009 – 05:20:08 | D ] C:PerfLogs
    [09/06/2013 – 13:28:51 | D ] C:Program Files
    [14/10/2013 – 12:43:55 | D ] C:Program Files (x86)
    [30/09/2013 – 10:29:23 | D ] C:ProgramData
    [13/05/2011 – 09:22:02 | N | 176] C:SWSTAMP.TXT
    [16/10/2013 – 10:38:30 | SHD ] C:System Volume Information
    [29/10/2011 – 16:27:00 | D ] C:Toshiba
    [16/10/2013 – 11:02:17 | D ] C:UsbFix
    [16/10/2013 – 11:03:38 | A | 11182] C:UsbFix [Clean 1] MAGDARAIS-TOSH.txt
    [16/10/2013 – 10:59:11 | N | 11701] C:UsbFix [Scan 1] MAGDARAIS-TOSH.txt
    [29/10/2011 – 16:17:20 | D ] C:Users
    [04/12/2012 – 00:37:07 | D ] C:wamp
    [01/10/2013 – 09:56:46 | D ] C:Windows
    [29/10/2011 – 16:19:05 | D ] D:$RECYCLE.BIN
    [28/05/2013 – 18:55:02 | RASHD ] D:Autorun.inf
    [21/05/2011 – 21:18:43 | D ] D:HDDRecovery
    [30/10/2011 – 15:53:29 | D ] D:MAGDARAIS-TOSH
    [30/10/2011 – 15:53:05 | N | 528] D:MediaID.bin
    [21/05/2011 – 22:26:55 | N | 11] D:R15592SO.tag
    [30/10/2011 – 16:34:07 | SHD ] D:System Volume Information
    [25/12/2012 – 16:34:20 | N | 465] D:WINDOWS (C) – Raccourci.lnk
    [30/10/2011 – 15:54:55 | D ] D:WindowsImageBackup
    [22/05/2013 – 14:52:04 | D ] F:CLE ASSOs
    [03/06/2013 – 23:01:02 | HD ] F:Autorun.inf
    [13/06/2013 – 16:34:04 | N | 135168] F:Table de multiplication.doc
    [27/06/2013 – 15:38:30 | N | 1381376] F:doc info cours.doc
    [28/06/2013 – 12:08:26 | N | 797946] F:Activites-des-clubs-seniors.pdf
    [14/09/2013 – 10:21:52 | N | 14332] F:Des services en ligne.docx
    [06/09/2013 – 12:17:10 | N | 24377] F:Pour que le forum reste un endroit convivial.docx
    [07/06/2013 – 16:04:38 | N | 23040] F:Magda RAIS LM.doc
    [27/09/2013 – 12:55:46 | N | 26883] F:Magda RAIS – CV old.docx
    [03/10/2013 – 16:16:22 | N | 51712] F:CV_Magda_RAIS.doc

    ################## | Vaccin |

    C:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    D:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)
    F:Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido)

    ################## | E.O.F | http://www.usbfix.net” onclick=”window.open(this.href);return false; – https://www.sosvirus.net” onclick=”window.open(this.href);return false; |[/spoiler:1dd2uds1]

  • Anonyme
    Nombre d'articles : 0

    • Télécharges Adwcleaner (de Xplode) sur ton Bureau !
    • Fais clic droit dessus, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
      1. Choisi l’option Scanner
      2. Choisi l’option Nettoyer
    • Accepte l’avertissement en cliquant sur OK

    • Acceptes les avertissements/informations en cliquant sur OK
    • Copie et Colle le contenu du rapport qui apparaît au redémarrage du PC

    [hr:bxyu5b0j]

    Nous allons effectuer un diagnostic de ton ordinateur afin de voir si ton pc contient d’autres types d’infection ou pas.

    • Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau.
    • Installe le logiciel.
    • Lance ZHPDiag, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

    • Clique sur Configurer
    • Clique sur l’icône représentant une loupe avec un + (« Lancer le diagnostic »)

      Note : Ne pas fermer le programme même si il est indiqué qu’il ne répond plus.

    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPDiag.txt à été créé.
    • Héberge le rapport ZHPDiag.txt sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum
  • Miss_estrellita
    Participant
    Nombre d'articles : 23

    Voici le rapport , c’est bon ? :[spoiler:bybu912r]# AdwCleaner v3.007 – Rapport créé le 16/10/2013 à 11:18:06
    # Mis à jour le 09/10/2013 par Xplode
    # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Nom d'utilisateur : Magda RAIS – MAGDARAIS-TOSH
    # Exécuté depuis : C:UsersMagda RAISDownloadsadwcleaner.exe
    # Option : Nettoyer

    ***** [ Services ] *****

    ***** [ Fichiers / Dossiers ] *****

    Dossier Supprimé : C:UsersMagda RAISAppDataLocalGoogleChromeUser DataDefaultExtensionscnmdgidklhhnmppphpohildcefnaaflp
    Fichier Supprimé : C:WindowsSystem32roboot64.exe
    Fichier Supprimé : C:UsersMagda RAISAppDataRoamingMozillaFirefoxProfilesua6j0rqr.defaultinvalidprefs.js
    Fichier Supprimé : C:UsersMagda RAISAppDataLocalGoogleChromeUser DataDefaultLocal Storagechrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage

    ***** [ Raccourcis ] *****

    ***** [ Registre ] *****

    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingAskInstallChecker_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingAskInstallChecker_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingaskpartnercobrandingtool_rasapi32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingaskpartnercobrandingtool_rasmancs
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_ebuddy-mobile-messenger_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_ebuddy-mobile-messenger_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_free-youtube-download_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_free-youtube-download_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_meteo-fusion_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_meteo-fusion_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_photofiltre_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_photofiltre_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_quick-media-converter-hd_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_quick-media-converter-hd_RASMANCS
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_rainlendar_RASAPI32
    Clé Supprimée : HKLMSOFTWAREMicrosoftTracingSoftonicDownloader_pour_rainlendar_RASMANCS
    Clé Supprimée : HKLMSOFTWAREClassesAppID{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
    Clé Supprimée : HKLMSOFTWAREClassesCLSID{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
    Clé Supprimée : HKLMSOFTWAREClassesInterface{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
    Clé Supprimée : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    Clé Supprimée : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Clé Supprimée : HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Clé Supprimée : [x64] HKLMSOFTWAREClassesCLSID{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
    Valeur Supprimée : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
    Clé Supprimée : [x64] HKLMSOFTWAREMicrosoftInternet ExplorerSearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    Clé Supprimée : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

    ***** [ Navigateurs ] *****

    -\ Internet Explorer v10.0.9200.16720

    -\ Mozilla Firefox v24.0 (fr)

    [ Fichier : C:UsersMagda RAISAppDataRoamingMozillaFirefoxProfilesua6j0rqr.defaultprefs.js ]

    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.backgroundjs”, “nn/*****************************************************************************[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.js”, “nnappAPI.ready(function($) {rnrn$(document).ready(function(){rn rn if (window.loca[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_1.code”, “appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_14.name”, “CrossriderUtils”);
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_17.code”, “if(typeof window!==”undefined”){n/*!n * jQuery JavaScript Library v1[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_21.code”, “var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.a[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_22.code”, “(function(a){appAPI.queueManager={queue:[],register:function(b){this.que[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_28.code”, “var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_con[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_47.code”, “(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_49.code”, “if (!appAPI.monetize || appAPI.monetize.isNeedToRun(“monitzation_100”)[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_50.code”, “function create_id(string_size) {n var text = “”;n var possibl[…]
    Ligne Supprimée : user_pref(“extensions.a217e8200a3b343dfb9518ec01d483d7fb98c68091f3f41a1bb1c692cf84781e9com27096.27096.plugins.plugin_78.name”, “CrossriderInfo”);
    Ligne Supprimée : user_pref(“extensions.wrc.SearchRules.ask.com.style”, “.WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(“I[…]
    Ligne Supprimée : user_pref(“extensions.wrc.SearchRules.ask.com.url”, “^hxxp(s)?\:\/\/(.+\.)?ask\.com\/.*”);

    -\ Google Chrome v

    [ Fichier : C:UsersMagda RAISAppDataLocalGoogleChromeUser DataDefaultpreferences ]

    Supprimée : homepage
    Supprimée : icon_url
    Supprimée : search_url
    Supprimée : keyword
    Supprimée : urls_to_restore_on_startup

    *************************

    AdwCleaner[R0].txt – [7199 octets] – [16/10/2013 11:17:28]
    AdwCleaner[S0].txt – [7057 octets] – [16/10/2013 11:18:06]

    ########## EOF – C:AdwCleanerAdwCleaner[S0].txt – [7117 octets] ##########[/spoiler:bybu912r]

  • Anonyme
    Nombre d'articles : 0

    Oui c’est bon 🙂

    J’attend ton rapport ZHPDiag pour vérifier l’état de ton pc 😉

  • Miss_estrellita
    Participant
    Nombre d'articles : 23

    Ok 🙂

    Voici le rapport suivant :[spoiler:2wp9pwwe]~ Rapport de ZHPDiag v2013.10.15.37 – Nicolas Coolman (15/10/2013)
    ~ Lancé par Magda RAIS (16/10/2013 11:29:40)
    ~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
    ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
    ~ Traduit par Nicolas Coolman
    ~ Etat de la version :
    ~ Liste blanche : Activée par le programme
    ~ Elévation des Privilèges : OK
    ~ User Account Control (UAC): Deactivate by program

    —\ Navigateurs Internet
    MSIE: Internet Explorer v10.0.9200.16721
    MFIE: Mozilla Firefox 24.0 (Defaut)

    —\ Informations sur les produits Windows
    ~ Langage: Français
    Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
    Windows Server License Manager Script : OK

    —\ Logiciels de protection du système
    avast! Free Antivirus v8.0.1497.0
    ESET Online Scanner v3
    Windows Defender W7

    —\ Logiciels d'optimisation du système
    CCleaner v4.06 =>Piriform Ltd

    —\ Logiciels de partage PeerToPeer

    —\ Surveillance de Logiciels
    Adobe Flash Player 11 Plugin
    Adobe Reader X
    Java 7 Update 40

    —\ Informations sur le système
    ~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
    ~ Operating System: 64 Bits
    Boot mode: Normal (Normal boot)
    Total RAM: 4077 MB (51% free)
    System Restore: Activé (Enable)
    System drive C: has 242 GB (81%) free of 297 GB

    —\ Mode de connexion au système
    ~ Computer Name: MAGDARAIS-TOSH
    ~ User Name: Magda RAIS
    ~ All Users Names: Magda RAIS, HomeGroupUser$, Administrateur,
    ~ Unselected Option: None
    Logged in as Administrator

    —\ Variables d'environnement
    ~ System Unit : C:
    ~ %AppZHP% : C:UsersMagda RAISAppDataRoamingZHP
    ~ %AppData% : C:UsersMagda RAISAppDataRoaming
    ~ %Desktop% : C:UsersMagda RAISDesktop
    ~ %Favorites% : C:UsersMagda RAISFavorites
    ~ %LocalAppData% : C:UsersMagda RAISAppDataLocal
    ~ %StartMenu% : C:UsersMagda RAISAppDataRoamingMicrosoftWindowsStart Menu
    ~ %Windir% : C:Windows
    ~ %System% : C:WindowsSystem32

    —\ Enumération des unités disques
    C: Hard drive, Flash drive, Thumb drive (Free 242 Go of 297 Go)
    D: Hard drive, Flash drive, Thumb drive (Free 260 Go of 298 Go)
    E: CD-ROM drive (Not Inserted)
    F: Floppy drive, Flash card reader, USB Key (Free 30 Go of 30 Go)
    Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

    —\ Etat du Centre de Sécurité Windows
    ~ Security Center: 38 Legitimates Filtered in 00mn 00s

    —\ Recherche particulière de fichiers génériques
    [MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 07:19:30.) — C:WindowsExplorer.exe [2871808]
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
    [MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/09/2013 – 23:55:10.) — C:WindowsSystem32wininet.dll [2241024]
    [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.21/11/2010 – 04:24:29.) — C:WindowsSystem32Winlogon.exe [390656]
    [MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.21/11/2010 – 04:24:16.) — C:WindowsSystem32sppcomapi.dll [232448]
    [MD5.314C17917AC8523EC77A710215012A65] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.14/09/2013 – 02:10:19.) — C:Windowssystem32DriversAFD.sys [497152]
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
    [MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
    [MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversCdrom.sys [147456]
    [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32DriversDfsC.sys [102400]
    [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversHDAudBus.sys [122368]
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
    [MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
    [MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.21/11/2010 – 04:23:51.) — C:Windowssystem32DriversnetBT.sys [261632]
    [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 15:45:08.) — C:Windowssystem32Driversntfs.sys [1656680]
    [MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
    [MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.21/11/2010 – 04:24:33.) — C:Windowssystem32DriversRasl2tp.sys [129536]
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
    [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32Driverstdx.sys [119296]
    [MD5.DF8126BD41180351A093A3AD2FC8903B] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.25/02/2011 – 07:25:38.) — C:Windowssystem32Driversvolsnap.sys [296320]
    ~ Generic Processes: Scanned in 00mn 00s

    —\ Etat des fichiers cachés (Caché/Total)
    ~ Mes images (My Pictures) : 2/371
    ~ Mes musiques (My Musics) : 5/27
    ~ Mes Videos (My Videos) : 1/3
    ~ Mes Favoris (My Favorites) : 1/32
    ~ Mes Documents (My Documents) : 2/587
    ~ Mon Bureau (My Desktop) : 1/1095
    ~ Menu demarrer (Programs) : 1/29
    ~ Hidden Files: Scanned in 00mn 01s

    —\ Processus lancés
    [MD5.97A1AFD42B8016D132C7BF38C955C6E1] – (.TOSHIBA CORPORATION – ConfigFree Task Tray Menu.) — C:Program Files (x86)TOSHIBAConfigFreeNDSTray.exe [304560] [PID.3840]
    [MD5.B141F8F8B0FF37FFC51F9B71EE7A641B] – (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe [19875432] [PID.4652]
    [MD5.FE5534272E1BD61F21FBB2451DFC15B8] – (.TOSHIBA CORPORATION. – Bluetooth Manager.) — C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtMng.exe [2749856] [PID.4760]
    [MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe [4858968] [PID.4868]
    [MD5.8A07221789D46B2EA7DFCA2BC807572A] – (.TOSHIBA CORPORATION – ConfigFree Switch Manager Process.) — C:Program Files (x86)TOSHIBAConfigFreeCFSwMgr.exe [62848] [PID.4888]
    [MD5.C64E9B1C9EA057DCECDCB98F34377811] – (.Microsoft Corporation – Microsoft OneNote Quick Launcher.) — C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.exe [228552] [PID.5040]
    [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [254336] [PID.4348]
    [MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] – (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe [274840] [PID.5136]
    [MD5.934C25B08D102832B0095E0668205EF8] – (.TOSHIBA CORPORATION. – TosA2DP.) — C:Program Files (x86)ToshibaBluetooth Toshiba StackTosA2dp.exe [677264] [PID.6044]
    [MD5.6868CFBF025314D630918A23939B494D] – (.TOSHIBA CORPORATION. – TosBtHid.) — C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtHid.exe [87440] [PID.6128]
    [MD5.C2546BD4174CAD72C78D79339CB2347A] – (.TOSHIBA CORPORATION. – TosBtHSP.) — C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtHsp.exe [746384] [PID.4720]
    [MD5.47B4FCDCE4C0A64A54BC9A66B176B0F1] – (.TOSHIBA CORPORATION. – TosAVRC.) — C:Program Files (x86)ToshibaBluetooth Toshiba StackTosAVRC.exe [447816] [PID.2860]
    [MD5.12FD4EF8F2CBBF98E0A5CED88258DDF3] – (.Mozilla Corporation – Plugin Container for Firefox.) — C:Program Files (x86)Mozilla Firefoxplugin-container.exe [17816] [PID.6180]
    [MD5.EB68851F020D35293EADAADEB18B8220] – (.Adobe Systems, Inc. – Adobe Flash Player 11.9 r900.) — C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_9_900_117.exe [1862536] [PID.5736]
    [MD5.72BE75AADEB890AE5BD8DEC30508F992] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8091648] [PID.5732]
    ~ Processes Running: Scanned in 00mn 00s

    —\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
    C:UsersMagda RAISAppDataLocalGoogleChromeUser DataDefaultPreferences
    G1 – GCS: Preference [User DataDefault] http://www.google.com” onclick=”window.open(this.href);return false;
    G2 – GCE: Preference [User DataDefault] [cnmdgidklhhnmppphpohildcefnaaflp] Services x86 v.1.24.125, (Activé) =>PUP.CrossRider
    ~ Google Browser: 13 Legitimates Filtered in 00mn 08s

    —\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
    C:UsersMagda RAISAppDataRoamingMozillaFirefoxProfilesua6j0rqr.defaultprefs.js
    ~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s

    —\ Internet Explorer, Proxy Management (R5)
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
    R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
    ~ Proxy management: Scanned in 00mn 00s

    —\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
    F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
    F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
    F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Hosts file redirection (O1)
    ~ Le fichier hosts est sain (The hosts file is clean).
    ~ Hosts File: Scanned in 00mn 00s
    ~ Nombre de lignes (Lines number): 3

    —\ Internet Explorer Toolbars (O3)
    O3 – ToolbarWebBrowser: (no name) [64Bits] – [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
    ~ Toolbar: Scanned in 00mn 00s

    —\ Autres liens utilisateurs (O4)
    O4 – GSProgram [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O4 – GSProgram [Public]: Poedit.lnk . (.Vaclav Slavik – Poedit.) — C:Program Files (x86)Poeditbinpoedit.exe
    O4 – GSQuickLaunch [Magda RAIS]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSQuickLaunch [Magda RAIS]: PhotoScape.lnk . (…) — C:Program Files (x86)PhotoScapePhotoScape.exe
    O4 – GSQuickLaunch [Magda RAIS]: Quick Media Converter.lnk . (.Cocoon Software – Quick Media Converter Next Generation HD.) — C:Program FilesQuickMediaConverterQuickMediaConverter.exe
    O4 – GSTaskBar [Magda RAIS]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:UsersMagda RAISAppDataLocalGoogleChromeApplicationchrome.exe
    O4 – GSTaskBar [Magda RAIS]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O4 – GSProgram [Magda RAIS]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSSystemTools [Magda RAIS]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
    O4 – GSDesktop [Magda RAIS]: PhotoScape.lnk . (…) — C:Program Files (x86)PhotoScapePhotoScape.exe
    O4 – GSDesktop [Magda RAIS]: SosVirus Forum Gratuit.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe https://www.sosvirus.net” onclick=”window.open(this.href);return false;
    O4 – GSDesktop [Magda RAIS]: SosVirus sur Facebook.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe http://www.facebook.com” onclick=”window.open(this.href);return false;
    ~ Global Startup: 92 Legitimates Filtered in 00mn 03s

    —\ Applications lancées au démarrage du sytème (O4)
    O4 – GSStartup [Public]: Bluetooth Manager.lnk . (.TOSHIBA CORPORATION. – Bluetooth Manager.) — C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtMng.exe
    O4 – GSStartup [Public]: Toshiba Places Icon Utility.lnk . (.Toshiba – Toshiba Places Icon Utility.) — C:Program FilesTOSHIBATOSHIBA Places Icon UtilityTosDIMonitor.exe
    O4 – GSStartup [Magda RAIS]: OneNote 2010 – Capture d’écran et lancement.lnk . (.Microsoft Corporation – Microsoft OneNote Quick Launcher.) — C:Program Files (x86)Microsoft OfficeOffice14ONENOTEM.exe =>.Microsoft Corporation
    O4 – HKLM..Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH – Toshiba TEMPRO.) — C:Program Files (x86)Toshiba TEMPROTemproTray.exe =>.Toshiba Corporation
    O4 – HKLM..Run: [TosNC] C:Program Files (x86)ToshibaBulletinBoardTosNcCore.exe (.not file.)
    O4 – HKLM..Run: [TosReelTimeMonitor] C:Program Files (x86)TOSHIBAReelTimeTosReelTimeMonitor.exe (.not file.)
    O4 – HKLM..Run: [TPwrMain] C:Program Files (x86)TOSHIBAPower SaverTPwrMain.exe (.not file.)
    O4 – HKLM..Run: [HSON] C:Program Files (x86)TOSHIBATBSHSON.exe (.not file.)
    O4 – HKLM..Run: [TCrdMain] C:Program Files (x86)TOSHIBAFlashCardsTCrdMain.exe (.not file.)
    O4 – HKLM..Run: [SmartAudio] . (.Conexant systems, Inc. – SmartAudio Control Panel application.) — C:Program FilesCONEXANTSAIISAIICpl.exe
    O4 – HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
    O4 – HKLM..Run: [ThpSrv] Clé orpheline
    O4 – HKLM..Run: [Teco] C:Program Files (x86)TOSHIBATECOTeco.exe (.not file.)
    O4 – HKLM..Run: [TosSENotify] . (.TOSHIBA Corporation – Pas de description.) — C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosWaitSrv.exe
    O4 – HKLM..Run: [TosWaitSrv] C:Program Files (x86)TOSHIBATPHMTosWaitSrv.exe (.not file.)
    O4 – HKLM..Run: [TosVolRegulator] . (.TOSHIBA Corporation – Toshiba Volume Regulator.) — C:Program FilesTOSHIBATosVolRegulatorTosVolRegulator.exe =>.Toshiba Corporation
    O4 – HKLM..Run: [Toshiba Registration] . (.Toshiba Europe GmbH – Toshiba Notebook Registration Reminder.) — C:Program FilesTOSHIBARegistrationToshibaReminder.exe
    O4 – HKLM..Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated – Adobe Updater Startup Utility.) — C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe =>.Adobe Systems Incorporated
    O4 – HKCU..Run: [TOPI.EXE] . (.TOSHIBA – TOSHIBA Online Product Information.) — C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe =>.Toshiba Corporation
    O4 – HKCU..Run: [Google Update] . (.Google Inc. – Programme d'installation de Google.) — C:UsersMagda RAISAppDataLocalGoogleUpdateGoogleUpdate.exe =>.Google Inc
    O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    O4 – HKLM..Wow6432NodeRun: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated – Adobe Acrobat SpeedLauncher.) — C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe
    O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
    O4 – HKLM..Wow6432NodeRun: [NBAgent] . (.Nero AG – Nero BackItUp.) — c:Program Files (x86)NeroNero 10Nero BackItUpNBAgent.exe
    O4 – HKLM..Wow6432NodeRun: [ToshibaServiceStation] . (.TOSHIBA Corporation – TOSHIBA Service Station.) — C:Program Files (x86)TOSHIBATOSHIBA Service StationToshibaServiceStation.exe =>.Toshiba Corporation
    O4 – HKLM..Wow6432NodeRun: [avast] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastavastUI.exe
    O4 – HKLM..Wow6432NodeRun: [AdobeCS5.5ServiceManager] . (.Adobe Systems Incorporated – Adobe CS5.5 Service Manager.) — C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe
    O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
    O4 – HKUSS-1-5-18..Run: [TOPI.EXE] . (.TOSHIBA – TOSHIBA Online Product Information.) — C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe =>.Toshiba Corporation
    O4 – HKUSS-1-5-21-339401442-3039507466-214422036-1000..Run: [TOPI.EXE] . (.TOSHIBA – TOSHIBA Online Product Information.) — C:Program Files (x86)TOSHIBATOSHIBA Online Product Informationtopi.exe =>.Toshiba Corporation
    O4 – HKUSS-1-5-21-339401442-3039507466-214422036-1000..Run: [Google Update] . (.Google Inc. – Programme d'installation de Google.) — C:UsersMagda RAISAppDataLocalGoogleUpdateGoogleUpdate.exe =>.Google Inc
    O4 – HKUSS-1-5-21-339401442-3039507466-214422036-1000..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
    O4 – HKUSS-1-5-21-339401442-3039507466-214422036-1000..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
    ~ Application: Scanned in 00mn 00s

    —\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
    O9 – Extra button: &Envoyer à OneNote [64Bits] – {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:Program Files (x86)MICROS~2Office14ONBttnIE.dll (.not file.)
    O9 – Extra button: Notes &liées OneNote [64Bits] – {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} — C:Program Files (x86)MICROS~2Office14ONBTTN~1.dll (.not file.)
    O9 – Extra button: @C:Program FilesTOSHIBABulletinBoardTosNcUi.dll,-228 [64Bits] – {97F922BD-8563-4184-87EE-8C4ACA438823} . (…) — C:Program FilesTOSHIBABulletinBoardimagespin.ico
    ~ IE Extra Buttons: Scanned in 00mn 00s

    —\ Modification Domaine/Adresses DNS (O17)
    O17 – HKLMSystemCCSServicesTcpip..{1932FB34-0603-41E2-982D-CBF20C0D31A5}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 – HKLMSystemCCSServicesTcpip..{74785A63-7A7B-429A-A94F-CE98E685A4A9}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 – HKLMSystemCS1ServicesTcpip..{1932FB34-0603-41E2-982D-CBF20C0D31A5}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 – HKLMSystemCS1ServicesTcpip..{74785A63-7A7B-429A-A94F-CE98E685A4A9}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 – HKLMSystemCS2ServicesTcpip..{1932FB34-0603-41E2-982D-CBF20C0D31A5}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 – HKLMSystemCS2ServicesTcpip..{74785A63-7A7B-429A-A94F-CE98E685A4A9}: DhcpNameServer = 212.27.40.241 212.27.40.240
    O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 212.27.40.241 212.27.40.240
    ~ Domain: Scanned in 00mn 00s

    —\ Protocole additionnel (O18)
    O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
    O18 – Filter: text/xml [64Bits] – {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE14MSOXMLMF.dll =>.Microsoft Corporation
    ~ Protocole Additionnel: Scanned in 00mn 00s

    —\ Tâches planifiées en automatique (O39)
    [MD5.00000000000000000000000000000000] [APT] [{5B0ABE2C-6AE7-4C47-BD37-6C8280390EB3}] (…) — C:UsersMagda RAISDownloadsHiJackThis.exe (.not file.) [0]
    ~ Scheduled Task: 23 Legitimates Filtered in 00mn 03s

    —\ HKCU & HKLM Software Keys
    [HKCUSoftwarevisionobjects]
    ~ Key Software: 200 Legitimates Filtered in 00mn 00s

    —\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
    O43 – CFD: 25/11/2012 – 22:29:08 – [0,001] —-D C:UsersMagda RAISAppDataLocalPhotoSketcher
    ~ Program Folder: 171 Legitimates Filtered in 00mn 22s

    —\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
    O44 – LFC:[MD5.D1EDC28928A485DB4B2330012B3969CE] – 16/10/2013 – 09:59:11


    . (…) — C:UsbFix [Scan 1] MAGDARAIS-TOSH.txt [11701]
    O44 – LFC:[MD5.1327AD0CC991630C5611705B368EB670] – 16/10/2013 – 10:03:39 —A- . (…) — C:UsbFix [Clean 1] MAGDARAIS-TOSH.txt [12870]
    ~ Files: 101 Legitimates Filtered in 00mn 26s

    —\ Derniers fichiers créés dans Windows Prefetcher (O45)
    O45 – LFCP:[MD5.48AF07C630B3968B59CA91A79AC2DABB] – 16/10/2013 – 10:21:17 —A- – C:WindowsPrefetchSAIICPL.EXE-B8307A71.pf
    O45 – LFCP:[MD5.D0FB93559FEB9B3E34EA4A0E82466739] – 16/10/2013 – 10:21:22 —A- – C:WindowsPrefetchHSON.EXE-D958FD41.pf
    ~ Prefetcher: 138 Legitimates Filtered in 00mn 00s

    —\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
    O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLinkedConnections”=1
    ~ MWPS: 17 Legitimates Filtered in 00mn 00s

    —\ Liste des pilotes du système (SDL) (O58)
    O58 – SDL:[MD5.286193DC28CFB4CEB8D378E20A0850A9] – 30/08/2013 – 08:48:10 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [65336]
    ~ Drivers: 17 Legitimates Filtered in 00mn 00s

    —\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
    O61 – LFC: 14/10/2013 – 11:31:20 —A- . (…) — C:UsersMagda RAISAppDataLocalThunderbirdMozilla Thunderbirdactive-update.xml [57] =>.Mozilla Corporation
    O61 – LFC: 14/10/2013 – 11:31:29 —A- . (…) — C:UsersMagda RAISAppDataRoamingThunderbirdCrash ReportsInstallTime20131010053258 [10] =>.Mozilla Corporation
    O61 – LFC: 14/10/2013 – 11:31:46 —A- . (.Magda RAIS.) — C:UsersMagda RAISDocumentsCV_Magda_RAIS.doc [51712]
    O61 – LFC: 16/10/2013 – 11:31:45 —A- . (…) — C:UsersMagda RAISAppDataRoamingZHPLog.txt [18095] =>.Nicolas Coolman
    O61 – LFC: 16/10/2013 – 11:31:45 —A- . (…) — C:UsersMagda RAISAppDataRoamingZHPTestsZHPDiag.txt [2988] =>.Nicolas Coolman
    O61 – LFC: 16/10/2013 – 11:31:55 —A- . (…) — C:UsersMagda RAISDownloadsadwcleaner.exe [1048960]
    ~ Files: 61 Legitimates Filtered in 00mn 50s

    —\ Liste des outils de désinfection (LATC) (O63)
    O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.&#041;” onclick=”window.open(this.href);return false; [HKLM] — Usbfix
    O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
    ~ ADS: Scanned in 00mn 00s

    —\ Menu de démarrage Internet (SMI) (O68)
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:UsersMagda RAISAppDataLocalGoogleChromeApplicationchrome.exe
    O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
    O69 – SBI: SearchScopes [HKCU] ${searchCLSID} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {83C88B1B-3A02-4926-A5A1-01751D81E9D7} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
    O69 – SBI: SearchScopes [HKCU] {8DE5C7C9-2638-4DBA-8680-16C57DD47E01} – (eBay) – http://rover.ebay.com” onclick=”window.open(this.href);return false;
    ~ Keys: Scanned in 00mn 00s

    —\ Recherche particulière à la racine du système (SPRF) (O84)
    [MD5.6EA18C193AAF14F9EDFF65EED8EFAB2C] [SPRF][09/10/2013] (…) — C:UsersMagda RAISAppDataLocalTempQuarantine.exe [344355]
    ~ Files: 4 Legitimates Filtered in 00mn 00s

    —\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
    SR – | Auto 09/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
    SS – | Demand 09/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
    SR – | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
    SR – | Auto 28/01/2010 249200 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) – C:Program Files (x86)TOSHIBAConfigFreeCFIWmxSvcs64.exe
    SR – | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) – C:Program Files (x86)TOSHIBAConfigFreeCFSvcs.exe
    SS – | Auto 29/10/2011 136176 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 29/10/2011 136176 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
    SS – | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) – C:Program Files (x86)Common FilesInstallShieldDriver1050Intel 32IDriverT.exe
    SR – | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
    SS – | Demand 14/10/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
    SR – | Auto 14/01/2011 572712 | (NAUpdate) . (.Nero AG.) – c:Program Files (x86)NeroUpdateNASvc.exe
    SR – | Auto 16/01/2011 993896 | (NVSvc) . (.NVIDIA Corporation.) – C:WindowsSystem32nvvsvc.exe
    SS – | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
    SR – | Auto 16/01/2011 378984 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
    SS – | Demand 10/02/2011 112080 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) – C:Program Files (x86)Toshiba TEMPROTemproSvc.exe =>.Toshiba Corporation
    SR – | Auto 24/12/2010 526848 | (Thpsrv) . (.TOSHIBA Corporation.) – C:Windowssystem32ThpSrv.exe
    SR – | Demand 29/11/2010 54136 | (TMachInfo) . (.TOSHIBA Corporation.) – C:Program Files (x86)TOSHIBATOSHIBA Service StationTMachInfo.exe =>.Toshiba Corporation
    SR – | Auto 20/10/2010 138656 | (TODDSrv) . (.TOSHIBA Corporation.) – C:Windowssystem32TODDSrv.exe
    SR – | Auto 09/12/2010 489384 | (TosCoSrv) . (.TOSHIBA Corporation.) – C:Program FilesTOSHIBAPower SaverTosCoSrv.exe
    SR – | Demand 12/04/2010 196976 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) – C:Program Files (x86)ToshibaBluetooth Toshiba StackTosBtSrv.exe
    SR – | Auto 02/03/2011 266680 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) – C:Program FilesTOSHIBATECOTecoService.exe =>.Toshiba Corporation
    SR – | Demand 08/12/2010 137632 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) – C:Program FilesTOSHIBATOSHIBA HDD SSD AlertTosSmartSrv.exe
    SR – | Demand 20/12/2010 822704 | (TPCHSrv) . (.TOSHIBA Corporation.) – C:Program FilesTOSHIBATPHMTPCHSrv.exe
    SR – | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
    SS – | Demand 13/05/2012 22016 | (wampapache) . (.Apache Software Foundation.) – c:wampbinapacheapache2.2.22binhttpd.exe
    SS – | Demand 19/04/2012 9693696 | (wampmysqld) . (…) – c:wampbinmysqlmysql5.5.24binmysqld.exe
    SR – | Auto 01/03/2011 27648 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
    SR – | Auto 01/03/2011 27648 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
    ~ Services: Scanned in 00mn 46s

    —\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
    Run by Magda RAIS at 16/10/2013 11:33:12
    ~ OS 64 not supported by MBR tool
    ~ MBR: 0 Legitimates Filtered in 00mn 00s

    —\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
    Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
    Run by Magda RAIS at 16/10/2013 11:33:14

    ********* Dump file Name *********
    C:PhysicalDisk0_MBR.bin
    ~ MBR: Scanned in 00mn 02s

    —\ Scan Additionnel (O88)
    Database Version : 12948 – (15/10/2013)
    Clés trouvées (Keys found) : 1
    Valeurs trouvées (Values found) : 0
    Dossiers trouvés (Folders found) : 1
    Fichiers trouvés (Files found) : 0

    [HKLMSoftwareGoogleChromeExtensionscnmdgidklhhnmppphpohildcefnaaflp] =>PUP.CrossRider^
    C:UsersMagda RAISAppDataLocalGoogleChromeUser DataDefaultExtensionscnmdgidklhhnmppphpohildcefnaaflp =>PUP.CrossRider
    ~ Additionnel Scan: 293664 Items scanned in 00mn 25s

    —\ Récapitulatif des détections trouvées sur votre station
    ~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider” onclick=”window.open(this.href);return false; =>PUP.CrossRider
    ~ MSI: 1 link(s) detected in 00mn 25s

    ~ 1433 Legitimates filtered by white list
    End of the scan (418 lines in 03mn 59s)(0)[/spoiler:2wp9pwwe]

  • Anonyme
    Nombre d'articles : 0
    • Séléctionne et copie le script suivant :

      Script ZHPFix
      [HKLMSoftwareGoogleChromeExtensionscnmdgidklhhnmppphpohildcefnaaflp]
      C:UsersMagda RAISAppDataLocalGoogleChromeUser DataDefaultExtensionscnmdgidklhhnmppphpohildcefnaaflp
      EmptyCLSID
      Emptytemp
      EmptyFlash

    • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

      1. Clique sur Importer
      2. Les lignes précedemment copiées doivent être collées dans le cadre
      3. Si c’est le cas, Clic sur “GO

    • Confirmes les nettoyages des données en cliquant sur “Oui
    • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
    • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

    [hr:1hwxohwy]

    • Pour supprimer les outils de désinfections utilisés :
    • Télécharges Delfix sur ton Bureau.
    • Lance Delfix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
    • Coche la case suivantes :
      • Supprimer les outils de désinfection
      • Purger la restauration système

  • Miss_estrellita
    Participant
    Nombre d'articles : 23

    Tadam ! 🙂

    Rapport de ZHPFix 2013.10.15.11 par Nicolas Coolman, Update du 15/10/2013
    Fichier d’export Registre :
    Run by Magda RAIS at 16/10/2013 11:45:34
    High Elevated Privileges : OK
    Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

    Corbeille vidée

    ========== Dossiers ==========
    Aucun dossiers CLSID Local utilisateur vide
    SUPPRIME Temporaires Windows
    SUPPRIME Flash Cookies

    ========== Fichiers ==========
    SUPPRIME Temporaires Windows
    SUPPRIME Flash Cookies

    ========== Récapitulatif ==========
    3 : Dossiers
    2 : Fichiers

    End of clean in 00mn 04s

    ========== Chemin de fichier rapport ==========
    C:UsersMagda RAISAppDataRoamingZHPZHPFix[R1].txt – 16/10/2013 11:45:38 [636]

  • Anonyme
    Nombre d'articles : 0

    🙂

    T’as passé DelFix ?

  • Miss_estrellita
    Participant
    Nombre d'articles : 23

    Oui tout est fait 🙂

  • Anonyme
    Nombre d'articles : 0

    Alors tu vas pouvoir mettre ton sujet en résolu 🙂

    [hr:3hl21lag]

    [fin2desinf:3hl21lag][/fin2desinf:3hl21lag]

  • Anonyme
    Nombre d'articles : 0

    [Résolu par Miss_estrellita – 16/10/2013]

    Ca claque 🙂

    Bonne fin de semaine 😉

Le sujet ‘Virus sur ma clé Usb’ est fermé à de nouvelles réponses.