[Résolu] Clef USB infectée

[bernard53]

Ok il y a plein de monde donc.

Télécharge AdwCleaner d'Xplode sur ton bureau.

 

Ensuite :

Valide le mode Scanner

 

 

Puis : valide Rapport et si des intrusions sont détectées valide alors le mode Nettoyer

 

Possibilité après ce lancement d’une demande de redémarrage pour valider toutes les suppressions.

 

- Au redémarrage, un rapport s'ouvrira. Postes le sur le forum.

 

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[s1].txt

Mets les rapports ici car il prend bien de la place.

http://cjoint.com/

ou.

http://www.1fichier.com

Ensuite:

1) Télécharge Junkware Removal Tool sur le bureau: << Junkware Removal Tool Download >>

 

Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.

 

Sous Vista/7/8, clic droit/exécuter en tant qu'administrateur.

 

Poste le rapport généré à la fin de l'analyse.

 

NB: Le bureau disparaitra un instant, c'est normal.

 

 

 

Puis:

* Copie tout le texte présent que tu télécharges dans le lien ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

 

http://31dqar.1fichier.com/

 

Puis Lance ZHPFix depuis le raccourci du bureau.

Valides l’icône IMPORTER

puis valide GO dans cette fenêtre.

 

 

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

A la fin du scan le rapport est sauvegardé directement sur ton bureau. ZHPFixReport.txt

Dis moi quand je vois la quantité de cracks installé cela ets normal un peu que tu es des soucis; fait attention s.t.p.

 

Puis:

 

Tu as trop de chose au démarrage du pc.

 

Tu peux contrôler le démarrage de tous ces processus avec un logiciel comme Starter de Code Stuff.
Télécharge et installe Code Stuff Starter :

http://www.pcastuces.com/logitheque/starter.htm

ou

http://telechargement.zebulon.fr/telecharger-starter.html

pour franchiser le logiciel << Options << langages << French.

Ensuite vas dans l’onglet démarrage et décoches les lignes voulues.

Ne t'inquiète pas si a l'usage tu veux réactiver l'une d'elles, il suffit de la. recocher

Elles sont lancées inutilement au démarrage du système et cela ne comporte aucun danger.

 

 

Lignes à décocher qui sont en relation.

 

 

O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

O4 - HKCU\..\Run: [Cracked Steam Service] . (.Anti-Valve Software - Cracked Steam Service.) -- d:\program files (x86)\cracked steam\Cracked Steam.exe

O4 - HKLM\..\Wow6432Node\Run: [ASUSPRP] . (.ASUSTek Computer Inc. - ASUS Product Register Program.) -- C:\Program Files (x86)\ASUS\APRP\APRP.exe

O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe

O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.ASUSTeK Computer Inc. - A program that manage wireless devices in s.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel Rapid Storage Technology\IAStorIconLaunch.exe

O4 - HKLM\..\Wow6432Node\Run: [HOSTS Anti-Adware_PUPs] . (.Pas de propriétaire - HOSTS Anti-PUPs/Adwares.) -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe

O4 - HKUS\S-1-5-18\..\Run: [MP3 Skype Recorder] . (.Alexander Nikiforov - MP3 Skype Recorder.) -- C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-1996392473-3874279912-2395235358-1001\..\Run: [Cracked Steam Service] . (.Anti-Valve Software - Cracked Steam Service.) -- d:\program files (x86)\cracked steam\Cracked Steam.exe

 

Redémarres le pc ensuite pour constater le mieux.

Modifié le 20 septembre 2013 par bernard53

[gil210]

Bonjour Bernard,

Désolé mais je n'ai u faire les opérations de nettoyage plus tôt :

Voici donc les differents rapports :

ADW

 

http://cjoint.com/?3IvlQXSoWg9

 

JRT

unkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by ALEXANDRE on 21/09/2013 at 11:19:16,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1996392473-3874279912-2395235358-1001\Software\web assistant
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1996392473-3874279912-2395235358-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\af2cf8fe20ebb4443855807ca5d6e7a3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeepInstaller-IronSource_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeepInstaller-IronSource_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeepInstaller-IronSource_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeepInstaller-IronSource_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2529FDB3-EF20-4510-9A8B-1800C5D14323}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{48C867A3-86E6-4BF2-9494-E1B14091F6BD}

~~~ Files

~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\optimizerpro"
Successfully deleted: [Folder] "C:\ProgramData\software"
Successfully deleted: [Folder] "C:\Users\ALEXANDRE\appdata\local\software"
Successfully deleted: [Folder] "C:\Program Files (x86)\saveshare"
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{0467864F-CB13-42C3-BEDF-F091E0032564}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{0AC1AE6F-C99A-49F9-8D68-C1F97E2E7678}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{0B25E233-1EAB-4AEF-A4BB-D7F8320085B6}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{0B3576C9-E790-4004-B9AF-5A1503444575}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{0B6873F4-4498-45D1-91C7-0C1DCF402D98}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{17195F29-8C28-497F-A71C-60AFE0E15979}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{2748374D-D41D-40EB-91B7-86821E02614A}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{2A0B842F-E88C-48E9-8866-99C3F1BFCA79}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{2EEBBD81-32B0-416D-A8EB-B80CAAF995EE}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{30088357-009F-420D-8C0B-9E53CDF44441}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{3201AB19-DF7A-4F21-A6C1-B04572DED754}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{3426A683-0EE3-4711-B05F-D8C196810B48}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{3B75B006-433A-41B8-B3A4-C94AADC3F54A}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{3EA9DA34-EF0A-4940-AD35-DDE174D61D79}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{44AAE030-7ECC-4DDB-BE21-1C78B84BC8B1}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{49F924B0-C523-4A39-B980-6A6299DC008A}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{4CB5DE1B-020C-46D0-BDB7-811615EA2CE3}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{4F551F0D-B3E1-4EEA-A9C8-181D28B4BFA3}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{5220EBA5-7026-46A6-A32D-891634A7F323}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{52F51781-9D3E-4A0B-886A-D06657B16844}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{550F4DF2-B3F6-4781-8D15-275B23A5E505}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{55C5123C-1D63-4AEC-8D34-9EF6040770AC}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{577C5CC1-2E41-42E2-9EB3-860642464819}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{5A23EBAB-81A7-4831-AB9B-F6CE3E305DC9}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{601F57DA-1DD6-4EBD-82D6-D90E9FA2668B}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{6595F6AA-8C76-4274-8FCD-901465346EE5}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{6A8DDDCD-A15F-422D-948F-84E59E99C4EB}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{6E3CE167-CB87-418F-952D-1EA5046BF74A}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{6F641841-A98B-4367-96CC-DF05EB1D4AF3}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{72C31FC7-2D71-4516-9FFE-D6C1FE020CEA}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{7339030E-E2D7-4BE3-9994-C2ABFC7F2D00}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{75DCB2D0-167A-45FA-B13C-1C3A9ECBC5BA}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{7B46D614-0FA6-4AFA-BCE5-9C53646AA665}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{80F38D9D-1160-4C3D-92AD-9440F4A2466A}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{83CE6B60-8109-4183-9665-12F47DEAAA16}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{8518D8A9-3AC8-47A4-899F-8E5442C75871}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{85BAD2E6-6B4F-4A84-9B48-062FEDF178D8}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{8B89CB4B-6F10-4263-A584-1A47258154FC}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{8D0B6CCE-0DDE-4AB4-A6F7-E91BDC527DEF}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{8D57094A-FFCA-4114-A380-88E2565372B9}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{8E13AFA1-64F6-41F2-946C-1449E210515D}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{90357FFA-20A2-4598-9F60-A112F4AB3F9B}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{9175B956-68C0-4038-8200-6B4B725A21DB}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{9386492B-61B6-43BE-A78D-BADA0AAE46E4}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{9761B529-F1D0-4B79-BA2E-61DFA183F26F}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{9BFA5165-E019-40D7-B97D-30E43E5A489F}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{9CBDFF87-235E-4733-A2BE-A40274F65E22}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{9CE8F85F-11E0-4BF2-9B99-E3F16DF34B60}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{9EDD3B5B-DD48-4571-9B47-57200E723622}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{9F4F16DD-CFF2-4257-B2FF-DFFB5A70D221}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{AC93BCFC-BF91-4304-8FD3-F03BDADC65F8}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{AF6C20FE-F011-414D-B3ED-830F23D8FF39}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{AFCE0FA8-8E65-40C8-A80B-3B04CF507DFC}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{B1008C5C-E435-49FF-BE74-08AE62343334}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{B2CBF452-3D50-4963-8325-4FAD4ECA7917}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{B2DBD03D-835D-4189-B403-F89F718D7393}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{B3636473-B8B4-4895-8097-2C528C82B4FA}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{B426527E-2481-41AB-8903-EF50FBA7E2B2}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{B71186ED-77C1-44A4-84A0-2393EEB36CB2}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{B8821049-DA74-4AD4-90FB-E6634EAF63D0}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{C2EA3DDC-FEA5-4BA3-BFAC-A8C9FF0490D3}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{C45B2DF3-65D0-4646-AB74-D07EAEB739DE}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{C653C577-321D-4AE7-9161-150E54A9F176}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{CC9A2417-E5B3-4DDA-AF17-59D392D2987D}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{D0B44A26-F40D-410C-A6DF-C208F2421045}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{D0CFD987-F4D0-4045-8B4F-639537DBE238}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{D2D04296-84F1-477B-B27D-A97A40A2FC1B}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{D2D1692D-6B3B-47F1-99DE-AFFD5F1E4D4F}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{D39C409E-45AF-41A0-9B28-E20BB3566305}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{D4FFF043-7102-4288-98A9-CE07367E9E3A}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{D8CFF9FE-DDD8-4E88-9EB8-2E1C45D9C0D5}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{D91867CC-1069-4AB9-B703-45CF8391A746}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{E0077E27-2021-43B6-BEE7-DBB694EDB01C}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{E64C5E21-BEA4-4048-912B-9412EB8C9902}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{E8F70AE1-8EDE-4758-BDE6-4EE1EBDA29EE}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{EABB71DF-7B45-4D04-ADBB-7A2034B326E4}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{EB01C8AE-69EE-4050-BA90-3D15A9DC161E}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{EE627742-CAA7-42CF-BEB5-92C40B5AA562}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{F2026CBD-5229-4B4B-9808-0E75DFDDE871}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{F3EBD3A7-9EBB-4E3B-9484-40A10B5D53C4}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{FE0CF126-DA02-42E9-8E0F-D4C6BFBFE176}
Successfully deleted: [Empty Folder] C:\Users\ALEXANDRE\appdata\local\{FFB49427-D3DB-472B-A6A6-E2416C23C969}
~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21/09/2013 at 11:22:51,72
End of JRT log

 

ZHP

Script Zhpfix

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com =>Toolbar.Babylon
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O1 - Hosts: Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)# Copyright © 1993-2009 Microsoft Corp. => Infection Hosts (Hosts.Redirection)↓
O4 - GS\Desktop [updatusUser]: Ringtone Maker.lnk . (...) -- C:\Program Files (x86)\Ringtone Maker\RingtoneMaker.exe (.not file.) =>Adware.SPointer
O4 - GS\Desktop [ALEXANDRE]: Ringtone Maker.lnk . (...) -- C:\Program Files (x86)\Ringtone Maker\RingtoneMaker.exe (.not file.) =>Adware.SPointer
[HKCU\Software\DC3_FEXEC] =>Trojan.Fynloski
[HKLM\Software\Wow6432Node\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
O43 - CFD: 12/09/2013 - 15:35:09 - [0,471] ----D C:\Program Files (x86)\SaveShare =>Adware.SaveShare
O43 - CFD: 20/09/2013 - 15:58:18 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 20/07/2012 - 19:20:28 - [0,001] ----D C:\ProgramData\OptimizerPro =>PUP.OptimizerPro
O43 - CFD: 28/10/2012 - 00:06:01 - [0] ----D C:\ProgramData\Software => Infection PUP (Adware.Boxore)
O43 - CFD: 20/09/2013 - 15:58:18 - [0,004] ----D C:\Users\ALEXANDRE\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 17/09/2013 - 20:32:27 - [0,003] ----D C:\Users\ALEXANDRE\AppData\Roaming\dclogs => Stolen.Data
O43 - CFD: 22/08/2013 - 17:23:03 - [0,000] ----D C:\Users\ALEXANDRE\AppData\Roaming\Youtube Downloader HD =>PUP.Dealio
O43 - CFD: 20/09/2013 - 15:58:32 - [0] ----D C:\Users\ALEXANDRE\AppData\Local\Babylon =>Toolbar.Babylon
O43 - CFD: 16/08/2012 - 16:00:28 - [0] ----D C:\Users\ALEXANDRE\AppData\Local\Software => Infection PUP (Adware.Boxore)
O61 - LFC: 17/09/2013 - 20:21:16 ---A- . (...) -- C:\Users\ALEXANDRE\AppData\Roaming\sysdate.exe [704227] => Infection FakeAlert (Possible)
O61 - LFC: 20/09/2013 - 14:58:55 ---A- . (...) -- C:\Users\ALEXANDRE\AppData\Roaming\Babylon\log_file.txt [4471] =>Toolbar.Babylon
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
[MD5.4E10E79F581F9C6E827119CFE9FF9191] [sPRF][17/09/2013] (...) -- C:\Users\ALEXANDRE\AppData\Roaming\sysdate.exe [704227] => Infection FakeAlert (Possible)
O90 - PUC: "4340C4778499EED41AE496DC3D613EC6" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "AF2CF8FE20EBB4443855807CA5D6E7A3" . (.Boxore Client.) -- C:\Windows\Installer\{EF8FC2FA-BE02-444B-8355-08C75A6D7E3A}\boxore.ico =>Adware.Boxore
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}] =>Adware.GamePlayLabs
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\AF2CF8FE20EBB4443855807CA5D6E7A3] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Products\AF2CF8FE20EBB4443855807CA5D6E7A3] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AF2CF8FE20EBB4443855807CA5D6E7A3] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Features\AF2CF8FE20EBB4443855807CA5D6E7A3] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Products\AF2CF8FE20EBB4443855807CA5D6E7A3] =>Adware.Boxore
[HKLM\Software\Wow6432Node\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\DC3_FEXEC] =>Trojan.Fynloski
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
C:\Program Files (x86)\SaveShare =>Adware.SaveShare^
C:\ProgramData\Babylon =>Toolbar.Babylon^
C:\ProgramData\OptimizerPro =>PUP.OptimizerPro^
C:\Users\ALEXANDRE\AppData\Roaming\Babylon =>Toolbar.Babylon^
C:\Users\ALEXANDRE\AppData\Roaming\Youtube Downloader HD =>PUP.Dealio^
C:\Users\ALEXANDRE\AppData\Local\Babylon =>Toolbar.Babylon^
C:\ProgramData\Software =>Adware.Boxore
C:\Users\ALEXANDRE\AppData\Local\Software =>Adware.Boxore
C:\Users\ALEXANDRE\AppData\LocalLow\SearchNewTab =>Adware.FastSaveApp
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon^
C:\Users\ALEXANDRE\AppData\Roaming\Babylon\log_file.txt =>Toolbar.Babylon^
C:\Windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe =>PUP.SweetIM^
C:\Windows\Installer\{EF8FC2FA-BE02-444B-8355-08C75A6D7E3A}\boxore.ico =>Adware.Boxore^
O43 - CFD: 20/09/2013 - 15:14:49 - [3,241] ----D C:\ProgramData\InstallMate => Toolbar.Tarma
O69 - SBI: SearchScopes [HKCU] {48C867A3-86E6-4BF2-9494-E1B14091F6BD} - (WiseConvert 1.5 Customized Web Search) - http://search.conduit.com =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma
C:\ProgramData\InstallMate =>Toolbar.Tarma

FirewallRaz
EmptyFlash
Emptytemp
SysRestore

 

ZHP Fix

Rapport de ZHPFix 2013.9.19.8 par Nicolas Coolman, Update du 19/09/2013
Fichier d'export Registre :
Run by ALEXANDRE at 21/09/2013 11:39:40
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée

========== Processus mémoire ==========
SUPPRIMÉ: Memory Process: C:\Windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe

========== Clés du Registre ==========
SUPPRIMÉ: HKCU\Software\DC3_FEXEC
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Products\\4340C4778499EED41AE496DC3D613EC6]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6]
SUPPRIMÉ: [HKLM\Software\Classes\Installer\Features\AF2CF8FE20EBB4443855807CA5D6E7A3]
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011441179}
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AF2CF8FE20EBB4443855807CA5D6E7A3
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

========== Valeurs du Registre ==========
ABSENT Valeur Standard Profile: FirewallRaz :
ABSENT Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (Private) : TCP Query User{E8A25CFE-954A-445D-93E7-399041B5A91A}C:\windows\syswow64\rundll32.exe
SUPPRIMÉ: FirewallRaz (Private) : UDP Query User{BAB3355C-858C-47F7-8B68-7297AD1BB307}C:\windows\syswow64\rundll32.exe
SUPPRIMÉ: FirewallRaz (Public) : {24B3318F-D985-4843-B398-21F288912A0A}
SUPPRIMÉ: FirewallRaz (Public) : {B5CA5A65-CA11-4E18-B6AF-C974EB6CD4EF}

========== Eléments de donnée du Registre ==========
SUPPRIMÉ: R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page

========== Dossiers ==========
SUPPRIMÉ: C:\Users\ALEXANDRE\AppData\Roaming\dclogs
SUPPRIMÉ: C:\Users\ALEXANDRE\AppData\Roaming\Youtube Downloader HD
SUPPRIMÉ: c:\users\alexandre\appdata\locallow\searchnewtab
SUPPRIMÉ: C:\ProgramData\InstallMate
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Fichiers ==========
SUPPRIMÉ: c:\users\alexandre\appdata\roaming\sysdate.exe
SUPPRIMÉ: c:\windows\installer\{774c0434-9948-4dee-a14e-69cdd316e36c}\arpproducticon.exe
SUPPRIMÉ: C:\Windows\Installer\{EF8FC2FA-BE02-444B-8355-08C75A6D7E3A}\boxore.ico
SUPPRIME Flash Cookies
SUPPRIME Temporaires Windows

========== Fichier HOSTS ==========
Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus.

========== Restauration Système ==========
Point de restauration du système créé avec succès


========== Récapitulatif ==========
1 : Processus mémoire
34 : Clés du Registre
6 : Valeurs du Registre
1 : Eléments de donnée du Registre
6 : Dossiers
5 : Fichiers
1 : Fichier HOSTS
1 : Restauration Système

End of clean in 00mn 24s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 21/09/2013 11:39:45 [6334]

 

 

OUF! Voilà les differents rapports, j'espère que cela n'est pas trop confu.

"Dis moi quand je vois la quantité de cracks installé cela ets normal un peu que tu es des soucis; fait attention s.t.p."

 

A ce sujet, tu auras bien compris qu'il s'agit de la machine de mon fils (15 ans). J'essaie de le raisonner et lui demande de se discipliner un peu quant à l'usage des telechargements mais c'est un dur combat.....

Voilà pour l'essentiel, merci encore pour ton aide précieuse et ta disponibilité.

Bon week-end

Gil

[bernard53]

ok comment va ton pc s.t.p.

[gil210]

Bonsoir,

A priori, le PC va bien mais, à vrai dire, vue la configuration de la machine, il n'a jamais vraiment "ramé". J'avais simplement constaté qu'il y avait bcp de Malwares (239 exactement) en balayant avec MBAM. Le fiston joue en ligne et telecharge un peu à l'aveuglette.

Sinon, peux-tu me résumer en deux mots de quoi il était infecté ?

Peut-on utiliser régulièrement les différents outils que tu m'as proposé ces jours-ci (ADW, JRT et ZHP Fix) ?

Merci encore pour ton aide et les éventuelles réponses que tu pourrais apporter à mes questions.

Bonne soirée

Gil

[gil210]

Autre explication : selon mon fils, le PC a été infecté suite à une mise à jour de Java et, j'ai lu par ailleurs que cela est assez courant.....

A voir!!!!

Merci encore

[bernard53]

1-le pc était infecté par tous ces petits intrusion du au net. Rien de bien méchant quand tu en a un mais de grande quantité te pourrisse la vie.

Cela est beaucoup du justement non seulement au téléchargement mais aussi au installation faite trop vite.

Certaines case d'installation de toolbar sont cochées par défaut, donc prendre juste un peu de temps au moment des installations pour décocher tout cela.

Concernant Java.:

Pour ma part je l'ai supprimer du pc car pas besoin de son utilité. Quand sur un site j'en ai besoin j'acceptes le plu ding à ce moment précis et c'est tout.

 

si tu penses avoir un soucis sur le net utilise (ADW, JRT )

Prends bien les dernières versions.

Pour ZHPFIX non: il faut d'abord qu'une analyse avec ZHPdiag soit faite avant.

Si tu penses que tout va marque ton post en résolu s.t.p.

http://forum.zebulon.fr/comment-afficher-son-sujet-comme-resolu-t180253.html

 

Bien sur si tu as une autre question n'hésite pas.

Bon dimanche

Modifié le 22 septembre 2013 par bernard53

[gil210]

Bonjour Bernard et merci pour tes précieux conseils.

Bon dimanche.

[gil210]

 

Modifié le 11 octobre 2013 par gil210