Ihavenet, newsbuster

Résolu
CapitainFlam69 Messages postés 19 Statut Membre -  
CapitainFlam69 Messages postés 19 Statut Membre -
Bonjour à tous,

Mon pc a été infecté par ces 2 foutus virus (ihavenet et newsbusters). j'ai déjà utilisé malwarebytes et adwcleaner mais à chaque fois ces virus reviennent !! Pouvez-vous m'aider ? d'avance merci

28 réponses

  • 1
  • 2
  1. 2011N2 Messages postés 13379 Date d'inscription   Statut Contributeur sécurité Dernière intervention   920
     
    Salut,

    Fais un diagnostic de ton PC avec ZHPDiag, et poste moi le rapport hébergé sur cjoint.

    Gabriel.
    0
  2. capitainFlam69
     
    Voici le rapport

    MERCI

    Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
    Fichier d'export Registre :
    Run by DH at 21/08/2013 14:48:11
    High Elevated Privileges : OK
    Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)

    Corbeille vidée

    ========== Autre ==========
    NON TRAITE [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

    ========== Récapitulatif ==========
    1 : Autre

    End of clean in 00mn 00s

    ========== Chemin de fichier rapport ==========
    C:\ZHP\ZHPFix[R1].txt - 21/08/2013 14:48:11 [493]
    0
    1. capitainflam69
       
      Merci beaucoup !!!

      je me suis trompé désolé ...


      Rapport de ZHPDiag v2013.8.20.29 - Nicolas Coolman (20/08/2013)
      ~ Lancé par DH (21/08/2013 15:42:08)
      ~ Adresse du Site Web http://nicolascoolman.webs.com
      ~ Traduit par Nicolas Coolman
      ~ Etat de la version : Version à jour.
      ~ Liste blanche : Activée par le programme
      ~ Elévation des Privilèges : OK
      ~ User Account Control (UAC): Deactivate by program


      ---\\ Navigateurs Internet
      MSIE: Internet Explorer v10.0.9200.16660
      MFIE: Mozilla Firefox 23.0 (Defaut)

      ---\\ Informations sur les produits Windows
      ~ Langage: Français
      Windows 7 Business Edition, 64-bit Service Pack 1 (Build 7601)
      Windows Server License Manager Script : OK
      ~ Windows(R) 7, OEM_SLP channel
      System Locked Preinstallation (OEM_SLP) : OK
      Windows ID Activation : OK
      ~ Windows Partial Key : 6P6GT
      Windows License : OK
      ~ Windows Remaining Initializations Number : 1
      Software Protection Service (Protection logicielle) : OK
      Windows Automatic Updates : OK
      Windows Activation Technologies : OK

      ---\\ Logiciels de protection du système
      Malwarebytes Anti-Malware version 1.75.0.1300
      McAfee VirusScan Enterprise v8.8.02004
      Windows Defender W7

      ---\\ Logiciels d'optimisation du système
      CCleaner v4.04 =>Piriform Ltd

      ---\\ Logiciels de partage PeerToPeer

      ---\\ Surveillance de Logiciels
      Adobe Flash Player 11 Plugin
      Adobe Reader XI

      ---\\ Informations sur le système
      ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
      ~ Operating System: 64 Bits
      Boot mode: Normal (Normal boot)
      Total RAM: 3976 MB (52% free)
      System Restore: Désactivé (Disabled)
      System drive C: has 186 GB (42%) free of 442 GB

      ---\\ Mode de connexion au système
      ~ Computer Name: INBEP-W7-PC02
      ~ User Name: DH
      ~ All Users Names: Administrateur,
      ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
      Logged in as Administrator

      ---\\ Variables d'environnement
      ~ System Unit : C:\
      ~ %AppData% : C:\Users\dh\AppData\Roaming\
      ~ %Desktop% : C:\Users\dh\Desktop\
      ~ %Favorites% : C:\Users\dh\Favorites\
      ~ %LocalAppData% : C:\Users\dh\AppData\Local\
      ~ %StartMenu% : C:\Users\dh\AppData\Roaming\Microsoft\Windows\Start Menu\
      ~ %Windir% : C:\Windows\
      ~ %System% : C:\Windows\System32\

      ---\\ Enumération des unités disques
      C:\ Hard drive, Flash drive, Thumb drive (Free 186 Go of 442 Go)
      D:\ CD-ROM drive (Not Inserted)
      F:\ CD-ROM drive (Not Inserted)
      Y:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 21 Go)
      Z:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 2 Go)



      ---\\ Etat du Centre de Sécurité Windows
      [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
      ~ Security Center: 37 Legitimates Filtered in 00mn 00s



      ---\\ Recherche particulière de fichiers génériques
      [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/07/2011 - 17:40:28.) -- C:\Windows\Explorer.exe [2871808]
      [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
      [MD5.AC155DD9BD1E6D3B740826A4D1C68AAE] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/07/2013 - 06:13:37.) -- C:\Windows\System32\wininet.dll [2241024]
      [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
      [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
      [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/05/2012 - 20:34:46.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
      [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
      [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
      [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
      [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
      [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
      [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
      [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
      [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.25/07/2011 - 17:43:19.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
      [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
      [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
      [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
      [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
      [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
      [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
      [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
      [MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.25/02/2011 - 07:25:38.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
      ~ Generic Processes: Scanned in 00mn 00s



      ---\\ Etat des fichiers cachés (Caché/Total)
      ~ Mes images (My Pictures) : 1/19
      ~ Mes Videos (My Videos) : 1/988
      ~ Mes Favoris (My Favorites) : 1/8
      ~ Mes Documents (My Documents) : 1/638
      ~ Mon Bureau (My Desktop) : 1/549
      ~ Menu demarrer (Programs) : 1/25
      ~ Hidden Files: Scanned in 00mn 02s



      ---\\ Processus lancés au démarrage du système
      [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3008]
      [MD5.6BA8D86746935498D64CB5CF6286F2EB] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.5112]
      [MD5.3B907953A5229071F085ADBBB261A80F] - (.McAfee, Inc. - Common User Interface.) -- C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe [333416] [PID.4292]
      [MD5.BED38B0ADFF5F5CC6E988A6491017E83] - (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792] [PID.4540]
      [MD5.5091259BA7D650B29311FA922D8368F3] - (.McAfee, Inc. - McTray Application.) -- C:\Program Files (x86)\McAfee\Common Framework\McTray.exe [75368] [PID.4800]
      [MD5.8C3A34613A462646785B4A3AB16F8471] - (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.exe [215656] [PID.5956]
      [MD5.CE4FA8A9D55E0031596387F7F59F2D4F] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440] [PID.568]
      [MD5.AFD99A8D6101E82EB9DAF33FBF368B33] - (.Adifo N.V. - Pas de description.) -- C:\Program Files (x86)\Adifo\BESTMIX323\BESTMIXFeedRation_dg.exe [77420904] [PID.4192]
      [MD5.5397E32E882C0148CEC13D9EACFB7157] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222208] [PID.8172]
      [MD5.D00EA3CBEB3E81CD14BB7A9EA9396FD7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7851008] [PID.6060]
      [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.1912]
      [MD5.29EE4A8F677216056822982F87441DDD] - (.Flexera Software, Inc. - Flexera Software, Inc..) -- C:\Program Files (x86)\Adifo\AdifoLicenseServer2\lmadmin\lmadmin.exe [6587728] [PID.1448]
      [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1884]
      [MD5.97558F429F8F09446AE51C1AA88C9B9B] - (.CrossLoop - CrossLoop Service.) -- C:\Users\dh\AppData\Local\CrossLoop\CrossLoopService.exe [569072] [PID.2176]
      [MD5.0A9F0B8E8388C4D50B1264FC65E8AADA] - (.Hewlett-Packard Company - hpHotkeyMonitor Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440] [PID.2252]
      [MD5.4E0B89D1F647166EC78FEF5430126EE0] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144] [PID.2328]
      [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2364]
      [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2392]
      [MD5.AACB6AD3AEDDE4E4B115FDE632E883E8] - (.McAfee, Inc. - Framework Service.) -- C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [132712] [PID.2416]
      [MD5.2CB697CCB48C77B17BE022A32F9B87F3] - (.McAfee, Inc. - Task Manager.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [210056] [PID.2512]
      [MD5.8CABC4F8E367BF89F845540158553051] - (.McAfee, Inc. - VSCore Announcer.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe [33944] [PID.2608]
      [MD5.879B2ECE793157BB1DE65EB16A42761C] - (.McAfee, Inc. - NAI Product Manager.) -- C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe [345704] [PID.2696]
      [MD5.B857C31FD5991D03D7629A648318D062] - (.Citrix Systems, Inc. - Citrix Pass-through Authentication.) -- C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe [70968] [PID.2764]
      [MD5.9E818B972F685B111EF7BD70E53FC3CD] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584] [PID.3100]
      [MD5.7D67C07C63796775CC5492BCFEAFF125] - (.Microsoft Corporation - SQL Browser Service EXE.) -- C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [267616] [PID.3220]
      [MD5.402794A75A899E296AB3EDEC4ECCB9A8] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [4153184] [PID.3396]
      [MD5.F0458A5ABFC8C269798D398F664666A8] - (.ArcSoft, Inc. - ArcVCapture.) -- C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352] [PID.3556]
      [MD5.C29E0B833C7466BD185892AE3CDCD27D] - (.Flexera Software, Inc. - Activation Licensing Service.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045328] [PID.3792]
      [MD5.5298E3B4844328A11C9EB6C001CF0529] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [994176] [PID.3820]
      [MD5.686045905787B68D829CE647A6DFAD2B] - (.Research In Motion Limited - BlackBerry Device Manager.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536] [PID.4736]
      [MD5.7DEC78C80C628E9D36883C06C3C07E3C] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.2484]
      [MD5.CAF14AD24DFE1C4ABE0D7DFF1C68D4E0] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280] [PID.3536]
      [MD5.23C20B19120BE3394EB7968ABD755A2D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.3964]
      [MD5.DBF241307AAB32837A5FD07F002ED90F] - (.Pas de propriétaire - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [536848] [PID.4996]
      [MD5.25F4EFE9D0624C7C7B0EC823DE901BF3] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.5216]
      ~ Processes Running: Scanned in 00mn 02s



      ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
      C:\Users\dh\AppData\Roaming\Mozilla\Firefox\Profiles\hkc8oam4.default\prefs.js
      ~ Firefox Browser: 16 Legitimates Filtered in 00mn 00s



      ---\\ Internet Explorer, Proxy Management (R5)
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
      R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
      ~ Proxy management: Scanned in 00mn 00s



      ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
      F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
      F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
      F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
      ~ Keys: Scanned in 00mn 00s



      ---\\ Hosts file redirection (O1)
      ~ Le fichier hosts est sain (The hosts file is clean).
      ~ Hosts File: Scanned in 00mn 00s
      ~ Nombre de lignes (Lines number): 21



      ---\\ Applications démarrées par registre & par dossier (O4)
      O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Broadcom Corporation - Broadcom 802.11 Wireless Network Tray Apple.) -- C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
      O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
      O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
      O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
      O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      O4 - HKLM\..\Wow6432Node\Run: [ShStatEXE] . (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.exe
      O4 - HKLM\..\Wow6432Node\Run: [McAfeeUpdaterUI] . (.McAfee, Inc. - Common User Interface.) -- C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe
      O4 - HKLM\..\Wow6432Node\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
      O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
      O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
      O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
      ~ Application: Scanned in 00mn 00s



      ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
      O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBttnIE.dll
      O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office14\ONBTTN~1.dll
      ~ IE Extra Buttons: Scanned in 00mn 00s



      ---\\ Modification Domaine/Adresses DNS (O17)
      O17 - HKLM\System\CCS\Services\Tcpip\..\{08A445EA-D002-42F4-A6F6-74B5A3A8DAB2}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS1\Services\Tcpip\..\{08A445EA-D002-42F4-A6F6-74B5A3A8DAB2}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CS2\Services\Tcpip\..\{08A445EA-D002-42F4-A6F6-74B5A3A8DAB2}: DhcpNameServer = 192.168.1.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = inve-be.local
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
      ~ Domain: Scanned in 00mn 00s



      ---\\ Titr_HJT34=Protocole additionnel (O18)
      O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
      O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
      ~ Protocole Additionnel: Scanned in 00mn 00s



      ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
      O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
      ~ Winlogon: Scanned in 00mn 00s



      ---\\ Liste des services NT non Microsoft et non désactivés (O23)
      O23 - Service: CrossLoop Service (CrossLoopService) . (.CrossLoop - CrossLoop Service.) - C:\Users\dh\AppData\Local\CrossLoop\CrossLoopService.exe
      O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (.not file.)
      O23 - Service: Roxio Burn Launcher (RoxioBurnLauncher) . (.Pas de propriétaire - Roxio Burn Launcher.) - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
      O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) . (.Broadcom Corporation - Broadcom 802.11 Wireless Network Service.) - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.exe
      ~ Services: 27 Legitimates Filtered in 00mn 06s



      ---\\ Tâches planifiées en automatique (O39)
      O39 - APT:Automatic Planified Task - C:\Windows\Tasks\yrgk.job [312]
      [MD5.00000000000000000000000000000000] [APT] [EPUpdater] (...) -- C:\Users\DH\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe (.not file.) [0] =>Hijacker.BabSolution
      ~ Scheduled Task: 14 Legitimates Filtered in 00mn 07s



      ---\\ Logiciels installés (O42)
      O42 - Logiciel: AdifoLicenseServer2 2.00 - (.ADIFO N.V..) [HKLM][64Bits] -- AdifoLicenseServer2_is1
      O42 - Logiciel: AdifoUpdate 1.00 - (.ADIFO N.V..) [HKLM][64Bits] -- AdifoUpdate_is1
      O42 - Logiciel: BESTMIX323 - (.ADIFO N.V..) [HKLM][64Bits] -- BESTMIX323_is1
      O42 - Logiciel: DELTA4 4.00 - (.ADIFO N.V..) [HKLM][64Bits] -- DELTA4_is1
      O42 - Logiciel: Database Manager323 - (.ADIFO N.V..) [HKLM][64Bits] -- Database Manager323_is1
      O42 - Logiciel: Equation Manager323 - (.ADIFO N.V..) [HKLM][64Bits] -- Equation Manager323_is1
      O42 - Logiciel: EvaPig version 1.3.0.4 - (.INRA - Ajinomoto Eurolysine SAS - AFZ.) [HKLM][64Bits] -- EvaPig_is1
      O42 - Logiciel: SqlUtil 1.01 - (.ADIFO N.V..) [HKLM][64Bits] -- SqlUtil_is1
      ~ Logic: 139 Legitimates Filtered in 00mn 00s



      ---\\ HKCU & HKLM Software Keys
      [HKCU\Software\Adifo]
      [HKCU\Software\DealPlyLive] =>PUP.DealPly
      [HKCU\Software\ISL Online]
      [HKCU\Software\Noël Danjou]
      [HKCU\Software\Wkidccrdj]
      [HKLM\Software\Fido]
      [HKLM\Software\Wow6432Node\DealPlyLive] =>PUP.DealPly
      [HKLM\Software\Wow6432Node\FNPlm]
      [HKLM\Software\Wow6432Node\ISL Online]
      [HKLM\Software\Wow6432Node\Wkidccrdj]
      [HKLM\Software\Wow6432Node\adifo]
      ~ Key Software: 208 Legitimates Filtered in 00mn 00s



      ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
      O43 - CFD: 21/03/2013 - 15:03:25 - [428,413] ----D C:\Program Files (x86)\Adifo
      O43 - CFD: 29/04/2013 - 11:44:01 - [12,612] ----D C:\Program Files (x86)\EvaPig
      O43 - CFD: 29/04/2013 - 11:55:20 - [0,010] ----D C:\Users\dh\AppData\Roaming\EvaPig
      ~ Program Folder: 157 Legitimates Filtered in 00mn 09s



      ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
      O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 20/08/2013 - 08:43:05 ---A- . (...) -- C:\Windows\win.ini [478]
      ~ Files: 78 Legitimates Filtered in 01mn 31s



      ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
      O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
      ~ ShellExecuteHooks: Scanned in 00mn 00s



      ---\\ Export de clé d'application autorisée (O47)
      O47 - AAKE:Key Export DP - "C:\Program Files (x86)\Adifo\AdifoLicenseServer2\adlic.exe" [Enabled] .(...) -- C:\Program Files (x86)\Adifo\AdifoLicenseServer2\adlic.exe (.not file.)
      O47 - AAKE:Key Export DP - "C:\Program Files (x86)\Adifo\AdifoLicenseServer2\lmgrd.exe" [Enabled] .(...) -- C:\Program Files (x86)\Adifo\AdifoLicenseServer2\lmgrd.exe (.not file.)
      ~ Keys Export: 2 Legitimates Filtered in 00mn 00s



      ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
      O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
      O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=3
      ~ MWPS: 19 Legitimates Filtered in 00mn 00s



      ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
      O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
      O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
      ~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



      ---\\ Liste des pilotes du système (SDL) (O58)
      O58 - SDL:[MD5.EE9407D42154190C3169D11EA4B8C711] - 26/04/2012 - 23:56:00 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [43800]
      O58 - SDL:[MD5.79D51E7F5926E8CE1B3EBECEBAE28CFF] - 24/02/2009 - 18:35:44 ---A- . (.MagicISO, Inc. - MagicISO SCSI Host Controller.) -- C:\Windows\SysWOW64\drivers\mcdbus.sys [255552]
      ~ Drivers: Scanned in 00mn 00s



      ---\\ Liste des outils de désinfection (LATC) (O63)
      O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
      ~ ADS: Scanned in 00mn 00s



      ---\\ Menu de démarrage Internet (SMI) (O68)
      O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
      ~ Keys: Scanned in 00mn 00s



      ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
      O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
      O69 - SBI: SearchScopes [HKCU] {4D0CE505-E033-40BC-855A-47D3027D52E2} [DefaultScope] - (Google) - http://www.google.be
      ~ Keys: Scanned in 00mn 00s



      ---\\ Recherche particulière à la racine du système (SPRF) (O84)
      [MD5.0985D6AFDFC3F0C21E743EDACBA283D4] [SPRF][21/08/2013] (...) -- C:\Users\dh\AppData\Local\Temp\ExchangePerflog_8484fa31d7bbe8cacfcccd43.dat [28]
      [MD5.16A2E17579A8D780C03A6C9512462EB3] [SPRF][16/08/2013] (...) -- C:\Users\dh\AppData\Local\Temp\pool.bin [256]
      [MD5.FF73FC49930B887C6F3F7D6198EC7CDD] [SPRF][12/04/2013] (.CrossLoop, Inc. - CrossLoop - Simple Secure Screen Sharing.) -- C:\Users\dh\Desktop\CrossLoopSetup.exe [2174544]
      ~ Files: Scanned in 00mn 00s



      ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
      [MD5.73122534D527893BDEFD1F707FFB34F6] [WIS][21/07/2013] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\11f9c09.msi [21803008]
      [MD5.E43A54991EB9B2597AC8A552CACACD73] [WIS][9/09/2011] (.HP - I.R.I.S. OCR.) -- C:\Windows\Installer\59c455d.msi [131072]
      ~ WIS: 104 Legitimates Filtered in 00mn 12s



      ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
      SR - | Auto 5/08/2011 6587728 | (Adifo License Server 2.0) . (.Flexera Software, Inc..) - C:\Program Files (x86)\Adifo\AdifoLicenseServer2\lmadmin\lmadmin.exe
      SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      SS - | Demand 21/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      SR - | Demand 18/01/2013 577536 | (Blackberry Device Manager) . (.Research In Motion Limited.) - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
      SR - | Auto 2/02/2012 945440 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
      SS - | Demand 2/04/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
      SR - | Auto 6/01/2012 569072 | (CrossLoopService) . (.CrossLoop.) - C:\Users\dh\AppData\Local\CrossLoop\CrossLoopService.exe
      SR - | Demand 21/03/2013 1045328 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
      SR - | Auto 14/03/2012 152992 | (HP Power Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
      SS - | Auto 0 | (HP Support Assistant Service) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
      SS - | Demand 12/06/2012 1421728 | (hpCMSrv) . (.Hewlett-Packard Development Company, L.P..) - c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
      SR - | Auto 14/03/2012 365440 | (hpHotkeyMonitor) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
      SR - | Demand 26/04/2012 994176 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
      SR - | Auto 26/04/2012 33560 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
      SR - | Auto 1/03/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
      SR - | Auto 7/03/2012 629984 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe
      SR - | Auto 128280 | (Intel(R) ME Service) . (...) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      SR - | Auto 28/03/2012 165144 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
      SR - | Auto 28/03/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      SR - | Auto 4/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
      SR - | Auto 4/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
      SR - | Auto 27/11/2012 132712 | (McAfeeFramework) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
      SR - | Auto 19/03/2013 201864 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
      SR - | Auto 14/08/2012 210056 | (McTaskManager) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
      SR - | Auto 19/03/2013 170440 | (mfevtp) . (.McAfee, Inc..) - C:\windows\system32\mfevtps.exe
      SS - | Demand 30/07/2013 117656 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      SR - | Auto 7/03/2012 1134584 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
      SS - | Disabled 9/03/2012 117552 | (PdiService) . (.Portrait Displays, Inc..) - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
      SR - | Auto 536848 | (RoxioBurnLauncher) . (...) - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
      SS - | Demand 7/03/2012 1118480 | (RoxMediaDB12OEM) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
      SS - | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
      SR - | Auto 5/03/2012 314880 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
      SS - | Demand 8/12/2011 76416 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
      SR - | Auto 8/07/2013 4153184 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
      SS - | Demand 21/07/2010 814080 | (tvnserver) . (.GlavSoft LLC..) - C:\Users\dh\AppData\Local\CrossLoop\tvnserver.exe
      SR - | Auto 3/02/2012 498352 | (uArcCapture) . (.ArcSoft, Inc..) - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
      SR - | Auto 28/03/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      SR - | Auto 20/03/2012 2694224 | (vcsFPService) . (.Validity Sensors, Inc..) - C:\windows\system32\vcsFPService.exe
      SS - | Disabled 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
      SR - | Auto 13/12/2012 48128 | (wltrysvc) . (.Broadcom Corporation.) - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.exe
      SR - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
      SR - | Auto 14/07/2009 27136 | C:\windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
      ~ Services: Scanned in 00mn 17s



      ---\\ Scan Additionnel (O88)
      Database Version : v2.12862 - (20/08/2013)
      Clés trouvées (Keys found) : 1
      Valeurs trouvées (Values found) : 0
      Dossiers trouvés (Folders found) : 0
      Fichiers trouvés (Files found) : 2

      [HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
      [HKCU\Software\DealPlyLive] =>PUP.DealPly^
      [HKLM\Software\Wow6432Node\DealPlyLive] =>PUP.DealPly^
      ~ Additionnel Scan: 314915 Items scanned in 00mn 28s



      ---\\ Récapitulatif des détections trouvées sur votre station
      ~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
      ~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
      ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
      ~ MSI: 3 link(s) detected in 00mn 28s



      ~ 1155 Legitimates filtered by white list
      End of the scan (439 lines in 03mn 04s)(0)
      0
  3. 2011N2 Messages postés 13379 Date d'inscription   Statut Contributeur sécurité Dernière intervention   920
     
    Re,

    Ok c'est pas tout à fait ce que j'avais demandé mais c'est pas grave. :)

    Passe Junkware Removal Tool comme ceci : http://www.forum-entraide-informatique.com/support/junkware-removal-tool-tutoriel-t8260.html

    Gabriel.
    0
    1. CapitainFlam69 Messages postés 19 Statut Membre
       
      Salut,

      j'ai passé junkware et le rapport me donne ceci :

      ~~~ Registry Values

      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe



      ~~~ Registry Keys

      Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
      Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive
      Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive

      ok super pendant 1 jour mais depuis cela revient en force !!!

      Est-ce que je dois faire autre chose ?

      MERCI BEAUCOUP pour ton aide !!!
      0
  4. 2011N2 Messages postés 13379 Date d'inscription   Statut Contributeur sécurité Dernière intervention   920
     
    Salut,

    Ok. :)
    Fais moi un nouveau ZHPDiag, mais comme ce qui est indiqué dans le tuto que je t'ai donné la première fois (Configurer, ...).

    Pense à héberger le rapport sur cjoint.

    Merci,

    Gabriel.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. 2011N2 Messages postés 13379 Date d'inscription   Statut Contributeur sécurité Dernière intervention   920
     
    Re,

    Analyse le fichier suivant : C:\Windows\Tasks\yrgk.job
    Sur VirusTotal, comme ceci

    Gabriel.
    0
  7. CapitainFlam69 Messages postés 19 Statut Membre
     
    Apparemment je n'ai pas les droits pour faire cela !!
    0
  8. 2011N2 Messages postés 13379 Date d'inscription   Statut Contributeur sécurité Dernière intervention   920
     
    Re,

    Tu as accès au fichier ou tu ne le trouves pas ?

    Gabriel.
    0
  9. CapitainFlam69 Messages postés 19 Statut Membre
     
    Hep,

    j'ai accès mais quand je le sélectionne via VirusTotal, il me dit que je n'ai pas les droits de l'ouvrir
    0
  10. CapitainFlam69 Messages postés 19 Statut Membre
     
    Yep,

    c'est fait mais rien trouvé !!

    Merci
    0
  11. 2011N2 Messages postés 13379 Date d'inscription   Statut Contributeur sécurité Dernière intervention   920
     
    Re,

    Rien trouvé sur VirusTotal ?

    Fais ZHPFix comme ceci avec ces lignes.

    Gabriel.
    0
  12. Malekal_morte- Messages postés 178136 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   24 712
     
    Pour éviter de se retrouver avec 10 pages de ZHPDiag à tourner en rond.

    Les redirections Ihavenet sont dûs à virtumonde qui se charge par une DLL (sur Seven/Vista, y a un .job pour le lancer).

    Quelques exemples de sujets récents résolus :
    https://forum.malekal.com/viewtopic.php?t=44467&start=
    https://forum.malekal.com/viewtopic.php?t=41991&start=
    https://forums.commentcamarche.net/forum/affich-28580419-suppression-virus-de-redirection-ihavenet
    https://forums.commentcamarche.net/forum/affich-28581107-virus-ihavenet-com

    Like the angel you are, you laugh creating a lightness in my chest,
    Your eyes they penetrate me,
    (Your answer's always 'maybe')
    That's when I got up and left
    0
  13. 2011N2 Messages postés 13379 Date d'inscription   Statut Contributeur sécurité Dernière intervention   920
     
    Salut,

    Ok merci de l'info Malekal. :)

    CapitainFlam69, fais moi un nouveau ZHPDiag mais de la manière indiquée sur le tutoriel, soit : Cliquer sur Configurer, la loupe la ploue à droite (Diagnostic avec légitimes), et tu réponds Oui au message demandant un rapport full options.
    Tu penseras à héberger le rapport.

    Gabriel.
    0
  14. CapitainFlam69 Messages postés 19 Statut Membre
     
    Salut Gabriel,

    Désolé de répondre si tardivement ...

    J'ai effectué un otl puis maintenant j'ai fais le ZHPDial et voici le rapport :

    https://www.cjoint.com/?3HEoAcpSh5b

    Encore un grand merci pour tout !!!
    0
  15. 2011N2 Messages postés 13379 Date d'inscription   Statut Contributeur sécurité Dernière intervention   920
     
    Salut,

    Pas grave. :)

    Refais ZHPFix avec ces lignes.

    Gabriel.
    0
  • 1
  • 2