Sujet Précédent Sujet Suivant

Aidez moi a savoir si mon pc est infecté

Résolu/Fermé
Afabus - 3 mars 2012 à 16:43
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012 - 6 mars 2012 à 23:57
Bonjour, Bonjour, Mon pc rame quand je me connecte sur le net,j'ai fait une analyse avec Hidjackthis,quelqu'un peut-il m'aider et me dire si mon pc est infecté? Voiçi le rapport hidjackthis .

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:22:40, on 03/03/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Propietari@\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.elpartidodehoy.es/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Propietari@\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user')
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Referencia - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5852F5ED-8BF4-11D4-A245-0080C6F74284} (isInstalled Class) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6-windows-i586.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - http://download.sopcast.cn/download/SOPCORE.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
A voir également:

18 réponses

Réponse 1 / 18
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
4 mars 2012 à 21:30
Salut,
1/
Télécharge AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur le bouton [ Suppression ]
Patiente...
Poste le rapport qui apparait en fin de recherche.

2/
* Télécharge de AD-Remover sur ton Bureau.
http://security-domain.be/download/AD-Remover.html

/!\ Ferme toutes applications en cours /!\

- Double sur l'icône Ad-remover située sur ton Bureau.
-Pour vista/Seven : clique avec le bouton droit de la souris et choisis « exécuter en tant qu'administrateur »
- Sur la page, clique sur le bouton « Nettoyer»
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c

3/
* Lance Malwarebytes' Anti-Malware
* Fais la mise à jour
* Clique dans l'onglet "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"

A la fin de l'analyse, si MBAM n'a rien trouvé :

* Clique sur OK, le rapport s'ouvre spontanément

Si des menaces ont été détectées :

* Clique sur OK puis "Afficher les résultats"
*Vérifie que toutes les lignes sont cochées
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"

* Copie/colle le rapport dans le prochain message


Remarque :
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant ce fichier puis en l'exécutant.


@+
1
Réponse 2 / 18
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
4 mars 2012 à 09:43
Bonjour,

Nous allons effectuer un diagnostic plus profond de ton PC:
*Télécharge ZHPDiag sur ton bureau :

https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

* Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag"

/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »

* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum : http://pjjoint.malekal.com/
Si indisponible, tu peux essayer avec l'un de ces liens:
https://www.terafiles.net/
https://www.casimages.com/

* Tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Hébergement de rapport sur pjjoint.malekal.com

Rends toi sur pjjoint.malekal.com
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
* Clique sur le bouton Envoyer
* Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015

* Copie le lien dans ta prochaine réponse.

@+
0
Réponse 3 / 18
Afabus
4 mars 2012 à 21:15
Bonsoir, Merçi Infiniment pour votre aide.Voiçi le lien du rapport complet ZHPDIAG :

http://pjjoint.malekal.com/files.php?id=ZHPDiag_20120304_o11t5m10z13b14
0
Réponse 4 / 18
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012
5 mars 2012 à 10:27
Bonjour, voiçi Les rapports des examens que vous m'avez demandé de faire :

Rapport AdwCleaner :

# AdwCleaner v1.501 - Logfile created 03/04/2012 at 22:42:34
# Updated 04/03/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Propietari@ - ONE
# Running from : C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2L74H69Y\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\ProgramData\Ask
Folder Found : C:\Users\Propietari@\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Propietari@\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Propietari@\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Propietari@\AppData\LocalLow\MyWebSearch
File Found : C:\Program Files\Windows live\messenger\msimg32.dll

***** [H. Navipromo] *****


***** [Registry] *****

Key Found : HKCU\Software\Offerbox
Key Found : HKCU\Software\Spointer
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKLM\SOFTWARE\ASKInstaller
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\bandoo
Key Found : HKLM\SOFTWARE\Offerbox
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Found : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer
Key Found : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer.1
Key Found : HKLM\SOFTWARE\Classes\pdfforge.DllInfo
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText
Key Found : HKLM\SOFTWARE\Classes\pdfforge.Tools
Key Found : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [offerboxffx@offerbox.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [3845 octets] - [04/03/2012 22:42:34]

########## EOF - C:\AdwCleaner[R1].txt - [3973 octets] ##########



Rapport AD-REMOVER :

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 22:46:42 on 04/03/2012, Normal boot

Microsoft® Windows Vista(TM) Home Basic Service Pack 2 (X86)
Propietari@@ONE (SAMSUNG ELECTRONICS CO., LTD. R510/P510)

============== ACTION(S) ==============


Folder deleted: C:\Users\Propietari@\AppData\LocalLow\AskToolbar
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\FunWebProducts
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Internet Saving Optimizer
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Media Access Startup
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\MyWebSearch
Folder deleted: C:\ProgramData\AGI

(!) -- Temporary files deleted.


Key deleted: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}
Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Key deleted: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\ASKInstaller
Key deleted: HKLM\Software\AskToolbar
Key deleted: HKLM\Software\bandoo
Key deleted: HKLM\Software\Casino.com
Key deleted: HKLM\Software\OfferBox
Key deleted: HKLM\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKLM\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\Casino DelRio
Key deleted: HKCU\Software\Casino.com
Key deleted: HKCU\Software\Europa Casino
Key deleted: HKCU\Software\OfferBox
Key deleted: HKCU\Software\Spointer
Key deleted: HKCU\Software\Swiss Casino
Key deleted: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Key deleted: HKCU\Software\AppDataLow\Software\DoubleD
Key deleted: HKCU\Software\AppDataLow\Software\Fun Web Products
Key deleted: HKCU\Software\AppDataLow\Software\FunWebProducts
Key deleted: HKCU\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKCU\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\AppDataLow\Software\MyWebSearch
Key deleted: HKU\.DEFAULT\Software\OfferBox
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\21Nova Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino770
Key deleted: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01D88F3F-FB32-45D1-B314-E696D1178E56}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{113D2CE2-0507-4F86-BEDE-A5C8A7149348}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{16B6279B-9FF5-41FB-8BF9-404324F5DD1F}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\32 Vegas Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino DelRio
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino Tropez
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino.com
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Europa Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\JuicyAccess Toolbar
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Sukoku
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Swiss Casino
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key deleted: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder

Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} (x)
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://search.elpartidodehoy.es/results.php?Keywords={searchTerms})
HKCU_SearchScopes\{11474CF4-133F-4646-ADEE-081A09D64BE1} - "Google" (hxxp://findgala.com/?&uid=302&q={searchTerms})
HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{1048776A-80DA-428D-9D5F-98E3D9355A87} - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (x)
HKCU_ElevationPolicy\{2E422264-6D8A-4ca0-97C7-A2CF868471EA} - C:\Users\Propietari@\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe (?)
HKCU_ElevationPolicy\{3C6C271F-F44D-4E21-9EAC-D7DE6F4F43C9} - C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (x)
HKCU_ElevationPolicy\{5423220C-54CD-427E-8DFA-E96699073F0E} - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (x)
HKCU_ElevationPolicy\{7549ECA2-5177-4913-9535-3235C943578B} - C:\Program Files\Citrix\GoToMeeting\799\G2MInstaller.exe (Citrix Online, a division of Citrix Systems, Inc.)
HKCU_ElevationPolicy\{80C423D0-D429-4CE7-B0FE-738A801FF45D} - C:\Windows\System32\Macromed\Flash\FlashUtil9b.exe (x)
HKCU_ElevationPolicy\{956CCF32-DE3C-4FC0-8250-A9501760FC8F} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{AB08C965-E8C4-43E2-8B34-5DA9BDE77AD7} - C:\Windows\System32\Macromed\Flash\FlashUtil10x_ActiveX.exe (x)
HKCU_ElevationPolicy\{DC5EB6C1-0AFD-4BD2-9C6F-5FAFD844C8AE} - C:\Program Files\Microsoft Silverlight\4.0.50524.0\Silverlight.Configuration.exe (x)
HKCU_ElevationPolicy\{E6D6C468-815B-4DC4-89AF-3FA580AE4CBB} - C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe (x)
HKCU_ElevationPolicy\{F64C1DB3-E751-44D7-8C92-796879EE5FEB} - C:\Windows\System32\Macromed\Flash\FlashUtil10e_ActiveX.exe (x)
HKCU_ElevationPolicy\{F9BEE338-A21F-441D-9716-2E8821DF6484} - C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe (x)
HKCU_ElevationPolicy\{FD1AB2E7-0738-45B0-A8CE-4973F6BB9707} - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (x)
HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (Visicom Media Inc.)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files\Paltalk Messenger\Paltalk.exe,476)
HKLM_Extensions\{5067A26B-1337-4436-8AFE-EE169C2DA79F} - "?" (?)
HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Aplicación auxiliar de vínculos de Adobe PDF Reader" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 1639 File(s)
C:\Program Files\Ad-Remover\Backup: 15 File(s)

C:\Ad-Report-CLEAN[1].txt - 04/03/2012 22:46:49 (10851 Byte(s))

End at: 22:47:43, 04/03/2012

============== E.O.F ==============


Rapport Malwarebites :

======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 22:46:42 on 04/03/2012, Normal boot

Microsoft® Windows Vista(TM) Home Basic Service Pack 2 (X86)
Propietari@@ONE (SAMSUNG ELECTRONICS CO., LTD. R510/P510)

============== ACTION(S) ==============


Folder deleted: C:\Users\Propietari@\AppData\LocalLow\AskToolbar
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\FunWebProducts
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Internet Saving Optimizer
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Media Access Startup
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\MyWebSearch
Folder deleted: C:\ProgramData\AGI

(!) -- Temporary files deleted.


Key deleted: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}
Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Key deleted: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\ASKInstaller
Key deleted: HKLM\Software\AskToolbar
Key deleted: HKLM\Software\bandoo
Key deleted: HKLM\Software\Casino.com
Key deleted: HKLM\Software\OfferBox
Key deleted: HKLM\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKLM\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\Casino DelRio
Key deleted: HKCU\Software\Casino.com
Key deleted: HKCU\Software\Europa Casino
Key deleted: HKCU\Software\OfferBox
Key deleted: HKCU\Software\Spointer
Key deleted: HKCU\Software\Swiss Casino
Key deleted: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Key deleted: HKCU\Software\AppDataLow\Software\DoubleD
Key deleted: HKCU\Software\AppDataLow\Software\Fun Web Products
Key deleted: HKCU\Software\AppDataLow\Software\FunWebProducts
Key deleted: HKCU\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKCU\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\AppDataLow\Software\MyWebSearch
Key deleted: HKU\.DEFAULT\Software\OfferBox
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\21Nova Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino770
Key deleted: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01D88F3F-FB32-45D1-B314-E696D1178E56}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{113D2CE2-0507-4F86-BEDE-A5C8A7149348}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{16B6279B-9FF5-41FB-8BF9-404324F5DD1F}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\32 Vegas Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino DelRio
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino Tropez
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino.com
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Europa Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\JuicyAccess Toolbar
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Sukoku
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Swiss Casino
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key deleted: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder

Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}


============== ADDITIONNAL SCAN ==============

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} (x)
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://search.elpartidodehoy.es/results.php?Keywords={searchTerms})
HKCU_SearchScopes\{11474CF4-133F-4646-ADEE-081A09D64BE1} - "Google" (hxxp://findgala.com/?&uid=302&q={searchTerms})
HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{1048776A-80DA-428D-9D5F-98E3D9355A87} - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (x)
HKCU_ElevationPolicy\{2E422264-6D8A-4ca0-97C7-A2CF868471EA} - C:\Users\Propietari@\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe (?)
HKCU_ElevationPolicy\{3C6C271F-F44D-4E21-9EAC-D7DE6F4F43C9} - C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (x)
HKCU_ElevationPolicy\{5423220C-54CD-427E-8DFA-E96699073F0E} - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (x)
HKCU_ElevationPolicy\{7549ECA2-5177-4913-9535-3235C943578B} - C:\Program Files\Citrix\GoToMeeting\799\G2MInstaller.exe (Citrix Online, a division of Citrix Systems, Inc.)
HKCU_ElevationPolicy\{80C423D0-D429-4CE7-B0FE-738A801FF45D} - C:\Windows\System32\Macromed\Flash\FlashUtil9b.exe (x)
HKCU_ElevationPolicy\{956CCF32-DE3C-4FC0-8250-A9501760FC8F} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{AB08C965-E8C4-43E2-8B34-5DA9BDE77AD7} - C:\Windows\System32\Macromed\Flash\FlashUtil10x_ActiveX.exe (x)
HKCU_ElevationPolicy\{DC5EB6C1-0AFD-4BD2-9C6F-5FAFD844C8AE} - C:\Program Files\Microsoft Silverlight\4.0.50524.0\Silverlight.Configuration.exe (x)
HKCU_ElevationPolicy\{E6D6C468-815B-4DC4-89AF-3FA580AE4CBB} - C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe (x)
HKCU_ElevationPolicy\{F64C1DB3-E751-44D7-8C92-796879EE5FEB} - C:\Windows\System32\Macromed\Flash\FlashUtil10e_ActiveX.exe (x)
HKCU_ElevationPolicy\{F9BEE338-A21F-441D-9716-2E8821DF6484} - C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe (x)
HKCU_ElevationPolicy\{FD1AB2E7-0738-45B0-A8CE-4973F6BB9707} - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (x)
HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (Visicom Media Inc.)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files\Paltalk Messenger\Paltalk.exe,476)
HKLM_Extensions\{5067A26B-1337-4436-8AFE-EE169C2DA79F} - "?" (?)
HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Aplicación auxiliar de vínculos de Adobe PDF Reader" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 1639 File(s)
C:\Program Files\Ad-Remover\Backup: 15 File(s)

C:\Ad-Report-CLEAN[1].txt - 04/03/2012 22:46:49 (10851 Byte(s))

End at: 22:47:43, 04/03/2012

============== E.O.F ==============
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 18
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
5 mars 2012 à 12:59
Re,
1/
Tu as lancé ADWCleaner en mode recherche, relance ADWCleaner puis

choisis " clean" (Suppression) et non recherche

2/
Il manque le rapport Malwarebytes

@+
0
Réponse 6 / 18
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012
5 mars 2012 à 13:33
Bjr, voiçi a nouveau le rapport ADWCleaner :

# AdwCleaner v1.501 - Logfile created 03/05/2012 at 13:21:04
# Updated 04/03/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Propietari@ - ONE
# Running from : C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PD8LTZ6H\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Propietari@\AppData\LocalLow\BabylonToolbar
File Deleted : C:\Program Files\Windows live\messenger\msimg32.dll

***** [H. Navipromo] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.DllInfo
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.Tools
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [3974 octets] - [04/03/2012 22:42:34]
AdwCleaner[S1].txt - [352 octets] - [04/03/2012 22:43:35]
AdwCleaner[S2].txt - [1817 octets] - [05/03/2012 13:21:04]

########## EOF - C:\AdwCleaner[S2].txt - [1945 octets] ##########
0
Réponse 7 / 18
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012
5 mars 2012 à 13:35
Voiçi le rapport Malwarbitres :

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Version de la base de données: v2012.03.05.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Propietari@ :: ONE [administrateur]

05/03/2012 10:33:26
mbam-log-2012-03-05 (10-33-26).txt

Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 294414
Temps écoulé: 52 minute(s), 56 seconde(s)

Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)

Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)

Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)

Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)

Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)

(fin)
0
Réponse 8 / 18
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
5 mars 2012 à 13:54
Re,

Redémarre ton PC, lance ZHPDiag depuis le bureau et prépare stp

un nouveau rapport ZHPDiag ( à héberger ) .. :-)

@+
0
Réponse 9 / 18
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012
5 mars 2012 à 14:10
bjr, juste une chose, avec firefox, mon pc marche trés bien et ne rame pas.
0
Réponse 10 / 18
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
5 mars 2012 à 19:35
Salut,
1/
Prépare stp le rapport ZHPDiag pour faire un diagnostique et pour bien

nettoyer ton PC :-)

Il nous reste des lignes à fixer ...

2/
Quel est le problème de Firefox ?

@+

0
Réponse 11 / 18
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012
5 mars 2012 à 21:23
Bonsoir, voiçi le lien du rapport ZHPDiag :

https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120305_y8i14r7n11e15
0
Réponse 12 / 18
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
5 mars 2012 à 21:35
Re,

1/
Désinstalle Spybot et Ad-Aware il ne servent à rien! :-)

2/
Copie tout le texte présent ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C ) 




O43 - CFD: 01/11/2010 - 22:20:36 - [0,008] -SH-D- C:\ProgramData\6618dae
O43 - CFD: 29/09/2010 - 15:52:18 - [0,546] ----D- C:\Users\Propietari@\AppData\Roaming\moovida-1    => Infection BT (Adware.SPointer)
O43 - CFD: 29/09/2010 - 15:52:00 - [0,146] ----D- C:\Users\Propietari@\AppData\Local\moovida Air    => Infection BT (Adware.SPointer)
O69 - SBI: SearchScopes [HKCU] {11474CF4-133F-4646-ADEE-081A09D64BE1} - (Google) - http://findgala.com
O87 - FAEL: "TCP Query User{82BA2762-BF31-4228-B64E-895B57C17A31}C:\programdata\6618dae\ms6618.exe" |In - Public - P6 - TRUE | .(...) -- C:\programdata\6618dae\ms6618.exe (.not file.)
O87 - FAEL: "UDP Query User{9D43DBD3-975F-46D6-8E5C-35D07BC95624}C:\programdata\6618dae\ms6618.exe" |In - Public - P17 - TRUE | .(...) -- C:\programdata\6618dae\ms6618.exe (.not file.)
[HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF]
C:\Users\Propietari@\AppData\Local\moovida air    => Infection BT (Adware.SPointer)
[HKCU\Software\luckyacecasino]
O43 - CFD: 15/05/2010 - 16:09:52 - [0,020] -SH-D- C:\ProgramData\MSCDDFAAUAE
[MD5.00000000000000000000000000000000] [APT] [{04559F9A-81AF-457C-828A-72E5F878B50C}] (...) -- C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CL9WTPLD\PDFCreator-1.2.3-setup[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{C4E9CDCB-8363-44AE-9D58-48B485BC07C4}] (...) -- C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\38F7F87J\CT3080215_ChatVibes[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{D92A3880-815D-4ED8-AFED-D104188A14EA}] (...) -- C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KKHMRWBZ\rbp_setup[1].exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{F1BBBA99-4E25-4B3E-BF3B-424A0DFEAF3E}] (...) -- C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SRTIWLV\rbp_setup[1].exe (.not file.)
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1    => Safer Networking Limited Spybot - S&D
O43 - CFD: 01/03/2012 - 19:44:58 - [58,952] ----D- C:\Program Files\Spybot - Search & Destroy    => Spybot - Search & Destroy
O43 - CFD: 03/09/2009 - 16:50:28 - [580,056] ----D- C:\ProgramData\MGS
O43 - CFD: 04/03/2012 - 20:38:14 - [0,004] ----D- C:\ProgramData\Spybot - Search & Destroy    => Spybot - Search & Destroy
O43 - CFD: 18/07/2009 - 16:41:24 - [0,000] ----D- C:\Users\Propietari@\AppData\Local\BingoCafe    => Casino.OnlineGame
O43 - CFD: 21/04/2009 - 22:17:54 - [0] -SH-D- C:\Users\Propietari@\AppData\Local\Historial
O43 - CFD: 05/07/2011 - 10:22:46 - [0] ----D- C:\Users\Propietari@\AppData\Local\{08E96943-F6FC-47FB-84DF-6E766578B828}
O43 - CFD: 26/02/2012 - 16:42:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{0DB5260D-E4CD-4D50-93C2-145098D13670}
O43 - CFD: 17/12/2011 - 13:44:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{118CFBA6-1307-4AA2-94FD-BE270D2A81D0}
O43 - CFD: 28/06/2011 - 13:35:20 - [0] ----D- C:\Users\Propietari@\AppData\Local\{13FD3C44-F920-4291-8B23-C40C108A54AD}
O43 - CFD: 12/01/2012 - 22:33:34 - [0] ----D- C:\Users\Propietari@\AppData\Local\{1418B06F-B194-4870-AAB4-442EA0F703F0}
O43 - CFD: 20/07/2011 - 19:39:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{14B3896F-67A9-4DC0-BA51-6CCB229D6ACD}
O43 - CFD: 21/09/2011 - 14:44:06 - [0] ----D- C:\Users\Propietari@\AppData\Local\{198CBDEE-C49F-4AA0-9C00-E181FA3EC800}
O43 - CFD: 10/01/2012 - 22:27:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{1F9C7BD3-C4D4-4B23-B2DF-83B332C25804}
O43 - CFD: 26/06/2011 - 14:06:14 - [0] ----D- C:\Users\Propietari@\AppData\Local\{2C65668B-ECF0-44D8-A7BA-766D01A22F25}
O43 - CFD: 25/02/2012 - 17:05:22 - [0] ----D- C:\Users\Propietari@\AppData\Local\{2DD120EE-2B14-4FC6-B448-ECC47AC68E78}
O43 - CFD: 12/02/2012 - 22:30:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{2FFDD21A-7A5F-42D6-931A-2A8E350FD7F1}
O43 - CFD: 09/07/2011 - 14:07:36 - [0] ----D- C:\Users\Propietari@\AppData\Local\{30123F91-1C25-4A03-AFDD-43851CD234CF}
O43 - CFD: 27/06/2011 - 20:28:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{3017A2AB-65C3-4F00-84AE-083B7F190B65}
O43 - CFD: 31/10/2011 - 23:12:54 - [0] ----D- C:\Users\Propietari@\AppData\Local\{33A48990-FC6A-4F0C-9EF7-62954DA271FA}
O43 - CFD: 08/04/2011 - 13:47:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{3418B091-1133-40ED-84F3-69EE02E57D74}
O43 - CFD: 10/04/2011 - 20:46:36 - [0] ----D- C:\Users\Propietari@\AppData\Local\{445D2BFD-BAA4-443B-BD7D-3B2327AF42F9}
O43 - CFD: 13/06/2011 - 20:54:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{467F14E1-E2C0-4F50-89C4-7EC5863F8896}
O43 - CFD: 17/12/2011 - 13:43:54 - [0] ----D- C:\Users\Propietari@\AppData\Local\{4C710CC6-90B7-42A1-AD87-66F424D60499}
O43 - CFD: 11/04/2011 - 12:00:22 - [0] ----D- C:\Users\Propietari@\AppData\Local\{4D141584-DA03-4AB6-8774-F95A0DED65D5}
O43 - CFD: 07/11/2011 - 16:54:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{518836B1-32A9-4516-BACA-6FCBD5FE7DF8}
O43 - CFD: 21/09/2011 - 14:44:38 - [0] ----D- C:\Users\Propietari@\AppData\Local\{54196477-B650-4B0D-9F6E-B11AF2876757}
O43 - CFD: 20/07/2011 - 19:39:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{56915CD6-D051-4825-9B71-D0BE29ED0BE2}
O43 - CFD: 29/06/2011 - 10:23:56 - [0] ----D- C:\Users\Propietari@\AppData\Local\{570D97C3-E510-453F-ACF5-DC24DAEBEC8E}
O43 - CFD: 29/06/2011 - 10:35:48 - [0] ----D- C:\Users\Propietari@\AppData\Local\{5CDA2150-B2BB-41A8-8761-85F2C58AD6B8}
O43 - CFD: 08/07/2011 - 22:30:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{63339D59-41C9-497E-9F63-B3D14FD494AB}
O43 - CFD: 27/11/2011 - 23:31:20 - [0] ----D- C:\Users\Propietari@\AppData\Local\{685F5DFD-8AE8-4878-A814-15DCD3A57F49}
O43 - CFD: 21/09/2011 - 14:43:54 - [0] ----D- C:\Users\Propietari@\AppData\Local\{6AD0AA9A-F7DC-493B-93B7-C04764D70D53}
O43 - CFD: 31/10/2011 - 23:13:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{6B9DC6BD-8AC3-4423-B2EB-AD9CA9D0A598}
O43 - CFD: 04/08/2011 - 13:46:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{71421A35-CE30-4EF3-8159-7B785EF6400D}
O43 - CFD: 29/06/2011 - 13:50:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{75796355-9A55-42FB-BFBE-3BC27D022F18}
O43 - CFD: 10/01/2012 - 22:27:02 - [0] ----D- C:\Users\Propietari@\AppData\Local\{7785B063-7CB6-40FC-9211-F7DDC11C0C10}
O43 - CFD: 09/04/2011 - 14:17:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{7AE6AE87-AD5E-4398-A574-5037F6328622}
O43 - CFD: 27/07/2011 - 14:31:26 - [0] ----D- C:\Users\Propietari@\AppData\Local\{7F1B528D-0E3D-4E9D-AF0E-EFC293D8BF0F}
O43 - CFD: 18/07/2011 - 21:01:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{80F57CF1-F2D0-46C7-9752-77C2053A0135}
O43 - CFD: 10/04/2011 - 8:45:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{816F5F5E-F396-481E-A12A-69F36CC813ED}
O43 - CFD: 03/09/2011 - 22:27:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{826CF207-4726-4ACE-9785-1F04F80FC853}
O43 - CFD: 09/02/2012 - 22:45:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{8587F8B0-4F1A-4426-91E2-9444E1F5C0E0}
O43 - CFD: 04/08/2011 - 13:48:46 - [0] ----D- C:\Users\Propietari@\AppData\Local\{8E0DC750-6AFF-45C5-AEF8-D5943160FB4E}
O43 - CFD: 09/01/2012 - 22:04:18 - [0] ----D- C:\Users\Propietari@\AppData\Local\{8F878C35-2C5B-456D-8C79-03DF6AFDA75C}
O43 - CFD: 22/12/2011 - 22:08:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{8F8B059A-49D1-49D1-98AE-76BE9D7027A9}
O43 - CFD: 25/02/2012 - 17:05:12 - [0] ----D- C:\Users\Propietari@\AppData\Local\{901090C8-0C89-4744-8555-2D5BFA493D0A}
O43 - CFD: 18/05/2011 - 14:33:34 - [0] ----D- C:\Users\Propietari@\AppData\Local\{93626FB8-A95C-442A-9D6E-8BADC8A2C464}
O43 - CFD: 04/07/2011 - 17:51:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{9850EC8D-7A05-44C4-B46A-539236FD89B7}
O43 - CFD: 12/04/2011 - 10:26:22 - [0] ----D- C:\Users\Propietari@\AppData\Local\{9E9FAAC8-7C60-44F9-B4EC-277974E61AE5}
O43 - CFD: 07/04/2011 - 15:26:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{9EF5FFB3-90FB-4BA1-AB2F-E92FD5F78493}
O43 - CFD: 12/02/2012 - 22:31:02 - [0] ----D- C:\Users\Propietari@\AppData\Local\{9FD16684-5773-479A-97D3-A9D219719BE6}
O43 - CFD: 14/01/2012 - 12:36:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{A6D292F6-B0C9-405F-BC34-75676E9EB546}
O43 - CFD: 07/11/2011 - 16:55:00 - [0] ----D- C:\Users\Propietari@\AppData\Local\{A769C17E-E239-4874-B31D-EF1AEE79221C}
O43 - CFD: 31/05/2011 - 13:56:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{A7EA7A42-0BF1-4784-8A4A-59C5FCA8B41C}
O43 - CFD: 26/02/2012 - 16:42:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{AB2F1A9B-91A6-4A0F-AB15-D0ADEEE204AA}
O43 - CFD: 11/05/2011 - 14:55:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{AD66E02E-9FD8-4F42-A620-37A5BBCA5C7E}
O43 - CFD: 27/11/2011 - 23:31:30 - [0] ----D- C:\Users\Propietari@\AppData\Local\{AE46CB18-73E7-4C1B-B763-C94BB545343B}
O43 - CFD: 19/07/2011 - 20:09:22 - [0] ----D- C:\Users\Propietari@\AppData\Local\{B7EAFB58-B20A-4F70-8215-966FCDF1721E}
O43 - CFD: 09/02/2012 - 22:45:26 - [0] ----D- C:\Users\Propietari@\AppData\Local\{BCA81EE6-906B-4A42-9518-900B17092EE9}
O43 - CFD: 31/10/2011 - 22:10:06 - [0] ----D- C:\Users\Propietari@\AppData\Local\{C35B60FE-F61D-4765-B533-65E123F81176}
O43 - CFD: 31/12/2011 - 14:42:18 - [0] ----D- C:\Users\Propietari@\AppData\Local\{C716BDE8-695E-4308-93BB-129EF409AEAA}
O43 - CFD: 06/01/2012 - 20:51:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{CC1294F4-36B8-4A1C-93CF-7C97F105971C}
O43 - CFD: 09/01/2012 - 22:03:06 - [0] ----D- C:\Users\Propietari@\AppData\Local\{CE230DFC-9D6C-405A-A94C-56B717956196}
O43 - CFD: 08/04/2011 - 20:17:38 - [0] ----D- C:\Users\Propietari@\AppData\Local\{CE91D3A5-3608-4DC4-856A-A75CB695599D}
O43 - CFD: 22/12/2011 - 22:08:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{D6BAF67B-2B66-4CE7-909C-FFD13C92DD36}
O43 - CFD: 14/01/2012 - 12:37:00 - [0] ----D- C:\Users\Propietari@\AppData\Local\{D92E3AE5-979D-49EB-9F88-B366A039B16E}
O43 - CFD: 19/07/2011 - 13:37:08 - [0] ----D- C:\Users\Propietari@\AppData\Local\{DB571477-06F0-465D-9996-F46BF4D32CBD}
O43 - CFD: 11/02/2012 - 22:23:26 - [0] ----D- C:\Users\Propietari@\AppData\Local\{DCF4B814-4940-4FA9-BAA2-19A124EF47DF}
O43 - CFD: 01/07/2011 - 7:35:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{DE6C21A0-6C08-44A1-9D12-76CA6127846D}
O43 - CFD: 06/01/2012 - 20:51:48 - [0] ----D- C:\Users\Propietari@\AppData\Local\{DEBD0B36-892D-4339-B24F-9328E112B755}
O43 - CFD: 12/01/2012 - 22:33:44 - [0] ----D- C:\Users\Propietari@\AppData\Local\{E05509BD-C2B9-48B2-8938-4180C7AE29B8}
O43 - CFD: 16/06/2011 - 22:16:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F1A31567-A759-4CB7-B942-4F279F392617}
O43 - CFD: 30/10/2011 - 21:52:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F1E3665E-2DFB-4DB9-B9CB-05054E381ACE}
O43 - CFD: 29/06/2011 - 20:19:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F1F45D59-2423-4F4B-9094-C675A6C3A4F0}
O43 - CFD: 30/06/2011 - 10:56:20 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F38D9797-12B7-45F3-8297-F49B71AE47B7}
O43 - CFD: 31/12/2011 - 14:42:08 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F4ED5A19-1975-494C-B7E2-A0109EB755EB}
O43 - CFD: 10/06/2011 - 18:30:56 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F5FCDF1C-D96A-49E9-B644-3064E95E1739}
O43 - CFD: 01/06/2011 - 10:35:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F77290A1-669F-43AD-A084-66A64A0DA93D}
O43 - CFD: 11/02/2012 - 22:23:36 - [0] ----D- C:\Users\Propietari@\AppData\Local\{FB1F8F45-2A49-4198-A654-AC28E7BBD745}
O43 - CFD: 27/06/2011 - 13:45:34 - [0] ----D- C:\Users\Propietari@\AppData\Local\{FB67456D-D902-451E-8CF9-6F9C981E4843}

FirewallRAZ
EmptyTemp
EmptyFlash




Puis Lance ZHPFix depuis le raccourci du bureau .

* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .

* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

Clique sur le bouton GO

Copie/Colle le rapport à l'écran dans ton prochain message.

@+
0
Réponse 13 / 18
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012
5 mars 2012 à 22:25
Bsr, quand je clique sur GO, s'affiche en anglais (YOU CONFIRM THE CLEANING OF THE DATA) je cliques sur OUI ou sur NON?
0
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
6 mars 2012 à 05:41
Bonjour,

Clique sur "OUI"

@+
0
Réponse 14 / 18
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012
6 mars 2012 à 13:22
Voiçi le rapport :

Rapport de ZHPFix 1.12.3380 par Nicolas Coolman, Update du 05/02/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-06-03-2012-13-16-25.txt
Run by Propietari@ at 06/03/2012 13:16:25
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/

========== Software ==========
NOT FOUND Software Key: {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

========== Registry Key ==========
NOT FOUND SearchScopes :{11474CF4-133F-4646-ADEE-081A09D64BE1}
NOT FOUND Key: HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF
NOT FOUND Key: HKCU\Software\luckyacecasino

========== Registry Value ==========
NOT FOUND TCP Query User{82BA2762-BF31-4228-B64E-895B57C17A31}C:/programdata/6618dae/ms6618.exe
NOT FOUND UDP Query User{9D43DBD3-975F-46D6-8E5C-35D07BC95624}C:/programdata/6618dae/ms6618.exe
No Value in Standard Profile Register Key FirewallRaz :
No Value in Domain Profile Register Key FirewallRaz :
DELETED FirewallRaz (None) : {3B38E851-3AF9-496C-B415-35AB7DEE50BF}
DELETED FirewallRaz (Public) : TCP Query User{4A6CD651-D1DC-42B2-995D-652D19589113}C:\program files\tvuplayer\tvuplayer.exe
DELETED FirewallRaz (Public) : UDP Query User{E2BD53E8-37C1-4D11-8811-B0735BD4123E}C:\program files\tvuplayer\tvuplayer.exe
DELETED FirewallRaz (Public) : TCP Query User{5424E6CE-77FE-495F-BDCF-ECDDF001ECAF}C:\program files\sopcast\adv\sopadver.exe
DELETED FirewallRaz (Public) : UDP Query User{E38F2B4B-F621-414C-B509-7B7F4549D673}C:\program files\sopcast\adv\sopadver.exe
DELETED FirewallRaz (Public) : TCP Query User{73CE04A8-4174-4215-BEF9-7BA471D876A0}C:\program files\voipcheapcom.com\voipcheapcom\voipcheapcom.exe
DELETED FirewallRaz (Public) : UDP Query User{775F3DD1-164D-4854-BB73-2F3978EC2320}C:\program files\voipcheapcom.com\voipcheapcom\voipcheapcom.exe
DELETED FirewallRaz (Public) : TCP Query User{E3101E74-DC2E-4585-B7BE-8DF51393798D}C:\program files\sony\media go\mediago.exe
DELETED FirewallRaz (Public) : UDP Query User{7A001C63-2C29-4C97-BB90-FA54E8E995A4}C:\program files\sony\media go\mediago.exe
DELETED FirewallRaz (Public) : TCP Query User{3B719075-6404-4A0D-B49B-A3DB0F166C99}C:\program files\nokia\nokia software updater\nsu_ui_client.exe
DELETED FirewallRaz (Public) : UDP Query User{08819BCB-8DE0-4DCD-902F-AEAE3AAE38C1}C:\program files\nokia\nokia software updater\nsu_ui_client.exe
DELETED FirewallRaz (Public) : TCP Query User{524255AD-4C91-4889-A814-8118645BCB15}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
DELETED FirewallRaz (Public) : UDP Query User{6D3D614A-3115-44FF-A55C-D2C199597395}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
DELETED FirewallRaz (Public) : TCP Query User{116E8C90-FF68-49E6-BA8B-1CBA3CB0FC9A}C:\program files\spyware terminator\spywareterminatorupdate.exe
DELETED FirewallRaz (Public) : UDP Query User{E54C2229-3E81-4BE6-B9E9-CDCC8178F04B}C:\program files\spyware terminator\spywareterminatorupdate.exe
DELETED FirewallRaz (Public) : TCP Query User{EA01E298-7998-4E5A-B6F6-966DDBE53F5D}C:\program files\voipbuster.com\voipbuster\voipbuster.exe
DELETED FirewallRaz (Public) : UDP Query User{D5B95BF5-6ED1-45CC-B628-5A9048BF0DD2}C:\program files\voipbuster.com\voipbuster\voipbuster.exe
DELETED FirewallRaz (Public) : TCP Query User{7019B9FE-8862-4810-948E-9BE155ABCFEC}C:\program files\sopcast\sopcast.exe
DELETED FirewallRaz (Public) : UDP Query User{C80BDB6D-C2E8-48A0-A972-B5C3660B17ED}C:\program files\sopcast\sopcast.exe

========== Repertory ==========
NOT FOUND C:\ProgramData\6618dae
NOT FOUND C:\Users\Propietari@\AppData\Roaming\moovida-1
NOT FOUND C:\Users\Propietari@\AppData\Local\moovida Air
NOT FOUND C:\ProgramData\MSCDDFAAUAE
DELETE on Reboot Folder**: C:\Program Files\Spybot - Search & Destroy
DELETED Folder: C:\ProgramData\MGS
DELETED Folder: C:\ProgramData\Spybot - Search & Destroy
DELETED Folder: C:\Users\Propietari@\AppData\Local\BingoCafe
DELETED Folder: C:\Users\Propietari@\AppData\Local\Historial
DELETED Folder: C:\Users\Propietari@\AppData\Local\{08E96943-F6FC-47FB-84DF-6E766578B828}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{0DB5260D-E4CD-4D50-93C2-145098D13670}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{118CFBA6-1307-4AA2-94FD-BE270D2A81D0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{13FD3C44-F920-4291-8B23-C40C108A54AD}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{1418B06F-B194-4870-AAB4-442EA0F703F0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{14B3896F-67A9-4DC0-BA51-6CCB229D6ACD}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{198CBDEE-C49F-4AA0-9C00-E181FA3EC800}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{1F9C7BD3-C4D4-4B23-B2DF-83B332C25804}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{2C65668B-ECF0-44D8-A7BA-766D01A22F25}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{2DD120EE-2B14-4FC6-B448-ECC47AC68E78}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{2FFDD21A-7A5F-42D6-931A-2A8E350FD7F1}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{30123F91-1C25-4A03-AFDD-43851CD234CF}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{3017A2AB-65C3-4F00-84AE-083B7F190B65}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{33A48990-FC6A-4F0C-9EF7-62954DA271FA}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{3418B091-1133-40ED-84F3-69EE02E57D74}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{445D2BFD-BAA4-443B-BD7D-3B2327AF42F9}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{467F14E1-E2C0-4F50-89C4-7EC5863F8896}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{4C710CC6-90B7-42A1-AD87-66F424D60499}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{4D141584-DA03-4AB6-8774-F95A0DED65D5}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{518836B1-32A9-4516-BACA-6FCBD5FE7DF8}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{54196477-B650-4B0D-9F6E-B11AF2876757}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{56915CD6-D051-4825-9B71-D0BE29ED0BE2}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{570D97C3-E510-453F-ACF5-DC24DAEBEC8E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{5CDA2150-B2BB-41A8-8761-85F2C58AD6B8}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{63339D59-41C9-497E-9F63-B3D14FD494AB}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{685F5DFD-8AE8-4878-A814-15DCD3A57F49}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{6AD0AA9A-F7DC-493B-93B7-C04764D70D53}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{6B9DC6BD-8AC3-4423-B2EB-AD9CA9D0A598}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{71421A35-CE30-4EF3-8159-7B785EF6400D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{75796355-9A55-42FB-BFBE-3BC27D022F18}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{7785B063-7CB6-40FC-9211-F7DDC11C0C10}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{7AE6AE87-AD5E-4398-A574-5037F6328622}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{7F1B528D-0E3D-4E9D-AF0E-EFC293D8BF0F}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{80F57CF1-F2D0-46C7-9752-77C2053A0135}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{816F5F5E-F396-481E-A12A-69F36CC813ED}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{826CF207-4726-4ACE-9785-1F04F80FC853}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8587F8B0-4F1A-4426-91E2-9444E1F5C0E0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8E0DC750-6AFF-45C5-AEF8-D5943160FB4E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8F878C35-2C5B-456D-8C79-03DF6AFDA75C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8F8B059A-49D1-49D1-98AE-76BE9D7027A9}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{901090C8-0C89-4744-8555-2D5BFA493D0A}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{93626FB8-A95C-442A-9D6E-8BADC8A2C464}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9850EC8D-7A05-44C4-B46A-539236FD89B7}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9E9FAAC8-7C60-44F9-B4EC-277974E61AE5}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9EF5FFB3-90FB-4BA1-AB2F-E92FD5F78493}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9FD16684-5773-479A-97D3-A9D219719BE6}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{A6D292F6-B0C9-405F-BC34-75676E9EB546}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{A769C17E-E239-4874-B31D-EF1AEE79221C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{A7EA7A42-0BF1-4784-8A4A-59C5FCA8B41C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{AB2F1A9B-91A6-4A0F-AB15-D0ADEEE204AA}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{AD66E02E-9FD8-4F42-A620-37A5BBCA5C7E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{AE46CB18-73E7-4C1B-B763-C94BB545343B}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{B7EAFB58-B20A-4F70-8215-966FCDF1721E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{BCA81EE6-906B-4A42-9518-900B17092EE9}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{C35B60FE-F61D-4765-B533-65E123F81176}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{C716BDE8-695E-4308-93BB-129EF409AEAA}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{CC1294F4-36B8-4A1C-93CF-7C97F105971C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{CE230DFC-9D6C-405A-A94C-56B717956196}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{CE91D3A5-3608-4DC4-856A-A75CB695599D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{D6BAF67B-2B66-4CE7-909C-FFD13C92DD36}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{D92E3AE5-979D-49EB-9F88-B366A039B16E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DB571477-06F0-465D-9996-F46BF4D32CBD}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DCF4B814-4940-4FA9-BAA2-19A124EF47DF}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DE6C21A0-6C08-44A1-9D12-76CA6127846D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DEBD0B36-892D-4339-B24F-9328E112B755}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{E05509BD-C2B9-48B2-8938-4180C7AE29B8}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F1A31567-A759-4CB7-B942-4F279F392617}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F1E3665E-2DFB-4DB9-B9CB-05054E381ACE}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F1F45D59-2423-4F4B-9094-C675A6C3A4F0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F38D9797-12B7-45F3-8297-F49B71AE47B7}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F4ED5A19-1975-494C-B7E2-A0109EB755EB}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F5FCDF1C-D96A-49E9-B644-3064E95E1739}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F77290A1-669F-43AD-A084-66A64A0DA93D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{FB1F8F45-2A49-4198-A654-AC28E7BBD745}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{FB67456D-D902-451E-8CF9-6F9C981E4843}
DELETED Window Temporary: : 78
DELETED Flash Cookies: 1

========== File ==========
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\moovida air
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\cl9wtpld\pdfcreator-1.2.3-setup
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\38f7f87j\ct3080215_chatvibes
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\kkhmrwbz\rbp_setup
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\1srtiwlv\rbp_setup
DELETED Window Temporary: : 477
DELETED Flash Cookies: 0

========== Task ==========
NOT FOUND Task: {04559F9A-81AF-457C-828A-72E5F878B50C}
NOT FOUND Task: {C4E9CDCB-8363-44AE-9D58-48B485BC07C4}
NOT FOUND Task: {D92A3880-815D-4ED8-AFED-D104188A14EA}
NOT FOUND Task: {F1BBBA99-4E25-4B3E-BF3B-424A0DFEAF3E}


========== Summary ==========
3 : Registry Key
23 : Registry Value
86 : Repertory
7 : File
1 : Software
4 : Task


End of clean in 04mn 48s

========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 06/03/2012 13:16:25 [12126]
0
Réponse 15 / 18
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
Modifié par Fish66 le 6/03/2012 à 13:32
Re,

1/
Je te conseille de désinstaller : Microsoft Antimalware , Malwarebytes est suffisant

2/
* Telecharge et install link officiel : >>>USBFix ICI<<<
ou : >>> ICI <<<

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

* Double clique sur le raccourci UsbFix sur ton Bureau (clique droit avec la souris

:exécuter en tant qu'administrateur pour vista/seven), l'installation se fera

automatiquement

* Clique sur "Recherche"

* Laisse travailler l'outil

* A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse (il est aussi sauvegardé a la racine du disque dur : C:\UsbFix.txt )


@+

_ _ _ Fish66_ _ _ I''"""""I_ _ membre contributeur sécurité_ _I''"""""I_ _ _
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
0
Réponse 16 / 18
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012
6 mars 2012 à 15:32
Sincèrement je n'arrive pas a suivre.Merçi commeme pour ton aide
0
Réponse 17 / 18
Fish66 Messages postés 17505 Date d'inscription dimanche 24 juillet 2011 Statut Contributeur sécurité Dernière intervention 16 juin 2021 1 318
6 mars 2012 à 19:26
Re,

Quel est le problème exactement ? je peux encore t'aider :-)

@+
0
Réponse 18 / 18
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012
6 mars 2012 à 23:57
Sayé j'ai déjà solutionné le problème,mon pc marche très très bien.

Merci pour votre Aide.
0