Supprimer videosaver
yamitony86100
-
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
Bonjour , je cherche a supprimé videosaver de mon ordinateur, suite au différent post sur le sujet, j'ai effectué une analyse via ZHPdiag mais je c'est pas comment obtenir le script pour ZHPfix. Si quelqu'un a une réponse a m'apporté cela serait une bonne nouvelle.
Rapport de l'analyse :
~ Rapport de ZHPDiag v2014.3.12.13 - Nicolas Coolman (12/03/2014)
~ Lancé par sabou (13/03/2014 20:02:35)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection :
http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC):
---\\ Navigateurs Internet
MSIE: Internet Explorer v7.0.5730.13
GCIE: Google Chrome v33.0.1750.146 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Logiciels de protection du système
---\\ Logiciels d'optimisation du système
CCleaner v4.10 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player ActiveX
---\\ Informations sur le système
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 767 MB (22% free)
System Restore: Activé (Enable)
System drive C: has 117 GB (50%) free of 233 GB
---\\ Mode de connexion au système
~ Computer Name: COMPUTER-16C188
~ User Name: sabou
~ All Users Names: UpdatusUser, SUPPORT_388945a0, sabou, HelpAssistant, Guest,
ASPNET, Administrator,
~ Unselected Option:
O1,O39,O40,O41,O42,O43,O44,O45,O46,O47,O48,O49,O50,O51,O52,O53,O54,O55,O56,O57,O58,
O59,O60,O61,O62,O63,O64,O65,O66,O67,O68,O69,O80,O81,O82,O83,O84,O85,O86,O87,O88,O89
, O2,O90,O91,O92,NTFS,O36,O4G, O4,O34
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\sabou\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\sabou\Application Data\
~ %Desktop% : C:\Documents and Settings\sabou\Desktop\
~ %Favorites% : C:\Documents and Settings\sabou\Favorites\
~ %LocalAppData% : C:\Documents and Settings\sabou\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\sabou\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 117 Go of 233 Go)
D: CD-ROM drive (Free 0 Go of 1 Go)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 37 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.12896823FB95BFB3DC9B46BCAEDC9923] - (.Microsoft Corporation - Windows
Explorer.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\Explorer.exe [1033728]
[MD5.F6589BE784647CFDBC22EA51CCB1A57A] - (.Microsoft Corporation - Internet
Extensions for Win32.) (.23/04/2008 - 01:16:29.) -- C:\WINDOWS\system32\wininet.dll
[826368]
[MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon
Application.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Winlogon.exe
[507904]
[MD5.D6EE6014241D034E63C49A50CB2B442A] - (.Microsoft Corporation - Ancillary
Function Driver for WinSock.) (.12/07/2008 - 20:09:42.) --
C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File
System Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys
[63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44544]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider -
High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 09:00:00.) --
C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys
[52480]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network
Address Translator.) (.14/04/2008 - 09:00:00.) --
C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.)
(.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB
Minirdr.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys
[456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport
driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys
[162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port
Driver.) (.12/07/2008 - 20:19:54.) -- C:\WINDOWS\system32\Drivers\Parport.sys
[80128]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP
mini-port/call-manager driver.) (.14/04/2008 - 09:00:00.) --
C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP
Device redirector.) (.14/04/2008 - 04:02:52.) --
C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio
Filter Driver.) (.14/04/2008 - 05:10:28.) --
C:\WINDOWS\system32\Drivers\redbook.sys [57600]
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow
Copy Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys
[52352]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/36
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 2/64
~ Mon Bureau (My Desktop) : 0/1361
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.D480F4069BFCD9ACC3E7399317038CCF] - (.Enigma Software Group USA, LLC. -
Service scanner interface.) -- C:\Program Files\Enigma Software
Group\SpyHunter\SH4Service.exe [770432] [PID.0] =>Crapware.SpyHunter
[MD5.E48C1AA03B6519B51756E3232C093300] - (.NVIDIA Corporation - NVIDIA Driver
Helper Service, Version 197.1.) -- C:\WINDOWS\system32\nvsvc32.exe [154216]
[PID.1168]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) --
C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe [43336] [PID.1988]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) --
C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.2004]
[MD5.F08D9F81ED9A632A3E52BBDD0B8AECE3] - (.CybelSoft - Service de détection
matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [1867600]
[PID.220]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes
Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
[418376] [PID.244]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes
Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
[701512] [PID.260]
[MD5.6987C6975FEE96D091FCCD52E8493D27] - (.Bouygues Telecom - DMS.) -- C:\Program
Files\media center Bbox\media center Bouygues Telecom\MediaServer.exe [4177408]
[PID.304]
[MD5.C46594A2025589484E2087B4F6C59EF2] - (...) -- C:\Program
Files\Video-Saver-soft\video-saver157.exe [196096] [PID.520] =>PUP.Video-Saver
[MD5.24CD34BF323BDFE06B117479A4193267] - (...) -- C:\Program
Files\Video-Saver-soft\video-saver_wd.exe [93696] [PID.1412] =>PUP.Video-Saver
[MD5.F7A01E608EDEB9BA5AEA26D1040DA7B7] - (.Realtek Semiconductor Corp. - Realtek HD
Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [20143688] [PID.3348]
[MD5.037B1E7798960E0420003D05BB577EE6] - (...) -- ystem32\RUNDLL32.exe [0]
[PID.3420]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) --
C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.3600]
[MD5.B94A9C5A30D3358CA4C1EC29BEBAEE1B] - (...) -- C:\Program Files\media center
Bbox\media center\external\MediaServerTray.exe [846848] [PID.3996]
[MD5.B8593715992BD23E5C10AE892DF88229] - (.Realtek Semiconductor Corp. - RtWLan (
For WinXP/2003) Application.) -- C:\Program Files\Realtek\11n USB Wireless LAN
Utility\RtWLan.exe [1048576] [PID.2560]
[MD5.463790AEF94D8EAB674631257F53252E] - (.Apple Inc. - iPodService Module
(32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.2440]
[MD5.F41AC5D823E9739E1FD1A497D4BE493F] - (.Google Inc. - Google Chrome.) --
C:\Program Files\Google\Chrome\Application\chrome.exe [859976] [PID.8420]
[MD5.0A3B3936E54E4D0A995E03D16B6FFD60] - (.Foxit Corporation - Foxit Updater.) --
C:\Documents and Settings\sabou\Local Settings\Temp\Foxit Reader Updater.exe
[7672896] [PID.33540]
[MD5.64A2A75D8F4BD07BD0A0029AA8825BBF] - (.Nicolas Coolman - ZHPDiag.) --
C:\Program Files\ZHPDiag\ZHPDiag.exe [8353792] [PID.3836]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\sabou\Local Settings\Application Data\Google\Chrome\User
Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google
Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout
Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff]
MySearchDial Nouvel onglet v.9.4.1.1 (Désactivé) =>Adware.MyWebSearch
~ Google Browser: 16 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs =
http://start.mysearchdial.com =>Adware.MyWebSearch
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 13 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable =
1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy
= 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1
= 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} --
Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} .
(.Microsoft Corporation - Windows Messenger.) -- C:\Program
Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C7D1591-D0DA-4376-9219-D0807487698C}:
NameServer =
8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.2
0,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C7D1591-D0DA-4376-9219-D0807487698C}:
NameServer =
8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.2
0,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C7D1591-D0DA-4376-9219-D0807487698C}:
NameServer =
8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.2
0,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft
Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} .
(.Microsoft Corporation - Windows Shell Common Dll.) --
C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) --
C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related
API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.)
-- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification
Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service
Notification DLL.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Browseui preloader -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser UI
Library.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Browseui preloader -
{8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI
Library.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: media center Bouygues Telecom (media center Bouygues Telecom) .
(.Bouygues Telecom - DMS.) - C:\Program Files\media center Bbox\media center
Bouygues Telecom\MediaServer.exe
O23 - Service: Video-Saver (video-saver) . (...) - C:\Program
Files\Video-Saver-soft\video-saver157.exe =>PUP.Video-Saver
~ Services: 11 Legitimates Filtered in 00mn 06s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: My Current Home Page - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and
Settings\sabou\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\sabou\Local
Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter
=>Crapware.SpyHunter
~ http://nicolascoolman.webs.com/apps/blog/show/41864592-pup-video-saver
=>PUP.Video-Saver
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch
=>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy
=>Hijacker.Proxy
~ MSI: 4 link(s) detected in 00mn 00s
~ 79 Legitimates filtered by white list
End of the scan (255 lines in 00mn 13s)(0)
Bonjour , je cherche a supprimé videosaver de mon ordinateur, suite au différent post sur le sujet, j'ai effectué une analyse via ZHPdiag mais je c'est pas comment obtenir le script pour ZHPfix. Si quelqu'un a une réponse a m'apporté cela serait une bonne nouvelle.
Rapport de l'analyse :
~ Rapport de ZHPDiag v2014.3.12.13 - Nicolas Coolman (12/03/2014)
~ Lancé par sabou (13/03/2014 20:02:35)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection :
http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC):
---\\ Navigateurs Internet
MSIE: Internet Explorer v7.0.5730.13
GCIE: Google Chrome v33.0.1750.146 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
---\\ Logiciels de protection du système
---\\ Logiciels d'optimisation du système
CCleaner v4.10 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player ActiveX
---\\ Informations sur le système
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 767 MB (22% free)
System Restore: Activé (Enable)
System drive C: has 117 GB (50%) free of 233 GB
---\\ Mode de connexion au système
~ Computer Name: COMPUTER-16C188
~ User Name: sabou
~ All Users Names: UpdatusUser, SUPPORT_388945a0, sabou, HelpAssistant, Guest,
ASPNET, Administrator,
~ Unselected Option:
O1,O39,O40,O41,O42,O43,O44,O45,O46,O47,O48,O49,O50,O51,O52,O53,O54,O55,O56,O57,O58,
O59,O60,O61,O62,O63,O64,O65,O66,O67,O68,O69,O80,O81,O82,O83,O84,O85,O86,O87,O88,O89
, O2,O90,O91,O92,NTFS,O36,O4G, O4,O34
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\sabou\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\sabou\Application Data\
~ %Desktop% : C:\Documents and Settings\sabou\Desktop\
~ %Favorites% : C:\Documents and Settings\sabou\Favorites\
~ %LocalAppData% : C:\Documents and Settings\sabou\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\sabou\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 117 Go of 233 Go)
D: CD-ROM drive (Free 0 Go of 1 Go)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 37 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.12896823FB95BFB3DC9B46BCAEDC9923] - (.Microsoft Corporation - Windows
Explorer.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\Explorer.exe [1033728]
[MD5.F6589BE784647CFDBC22EA51CCB1A57A] - (.Microsoft Corporation - Internet
Extensions for Win32.) (.23/04/2008 - 01:16:29.) -- C:\WINDOWS\system32\wininet.dll
[826368]
[MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon
Application.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Winlogon.exe
[507904]
[MD5.D6EE6014241D034E63C49A50CB2B442A] - (.Microsoft Corporation - Ancillary
Function Driver for WinSock.) (.12/07/2008 - 20:09:42.) --
C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File
System Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys
[63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44544]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider -
High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 09:00:00.) --
C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys
[52480]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network
Address Translator.) (.14/04/2008 - 09:00:00.) --
C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.)
(.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.68755F0FF16070178B54674FE5B847B0] - (.Microsoft Corporation - Windows NT SMB
Minirdr.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys
[456576]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport
driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys
[162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System
Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port
Driver.) (.12/07/2008 - 20:19:54.) -- C:\WINDOWS\system32\Drivers\Parport.sys
[80128]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP
mini-port/call-manager driver.) (.14/04/2008 - 09:00:00.) --
C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP
Device redirector.) (.14/04/2008 - 04:02:52.) --
C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio
Filter Driver.) (.14/04/2008 - 05:10:28.) --
C:\WINDOWS\system32\Drivers\redbook.sys [57600]
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow
Copy Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys
[52352]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2
~ Mes musiques (My Musics) : 1/36
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 2/64
~ Mon Bureau (My Desktop) : 0/1361
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lancés
[MD5.D480F4069BFCD9ACC3E7399317038CCF] - (.Enigma Software Group USA, LLC. -
Service scanner interface.) -- C:\Program Files\Enigma Software
Group\SpyHunter\SH4Service.exe [770432] [PID.0] =>Crapware.SpyHunter
[MD5.E48C1AA03B6519B51756E3232C093300] - (.NVIDIA Corporation - NVIDIA Driver
Helper Service, Version 197.1.) -- C:\WINDOWS\system32\nvsvc32.exe [154216]
[PID.1168]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) --
C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe [43336] [PID.1988]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) --
C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.2004]
[MD5.F08D9F81ED9A632A3E52BBDD0B8AECE3] - (.CybelSoft - Service de détection
matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [1867600]
[PID.220]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes
Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
[418376] [PID.244]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes
Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
[701512] [PID.260]
[MD5.6987C6975FEE96D091FCCD52E8493D27] - (.Bouygues Telecom - DMS.) -- C:\Program
Files\media center Bbox\media center Bouygues Telecom\MediaServer.exe [4177408]
[PID.304]
[MD5.C46594A2025589484E2087B4F6C59EF2] - (...) -- C:\Program
Files\Video-Saver-soft\video-saver157.exe [196096] [PID.520] =>PUP.Video-Saver
[MD5.24CD34BF323BDFE06B117479A4193267] - (...) -- C:\Program
Files\Video-Saver-soft\video-saver_wd.exe [93696] [PID.1412] =>PUP.Video-Saver
[MD5.F7A01E608EDEB9BA5AEA26D1040DA7B7] - (.Realtek Semiconductor Corp. - Realtek HD
Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [20143688] [PID.3348]
[MD5.037B1E7798960E0420003D05BB577EE6] - (...) -- ystem32\RUNDLL32.exe [0]
[PID.3420]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) --
C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.3600]
[MD5.B94A9C5A30D3358CA4C1EC29BEBAEE1B] - (...) -- C:\Program Files\media center
Bbox\media center\external\MediaServerTray.exe [846848] [PID.3996]
[MD5.B8593715992BD23E5C10AE892DF88229] - (.Realtek Semiconductor Corp. - RtWLan (
For WinXP/2003) Application.) -- C:\Program Files\Realtek\11n USB Wireless LAN
Utility\RtWLan.exe [1048576] [PID.2560]
[MD5.463790AEF94D8EAB674631257F53252E] - (.Apple Inc. - iPodService Module
(32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.2440]
[MD5.F41AC5D823E9739E1FD1A497D4BE493F] - (.Google Inc. - Google Chrome.) --
C:\Program Files\Google\Chrome\Application\chrome.exe [859976] [PID.8420]
[MD5.0A3B3936E54E4D0A995E03D16B6FFD60] - (.Foxit Corporation - Foxit Updater.) --
C:\Documents and Settings\sabou\Local Settings\Temp\Foxit Reader Updater.exe
[7672896] [PID.33540]
[MD5.64A2A75D8F4BD07BD0A0029AA8825BBF] - (.Nicolas Coolman - ZHPDiag.) --
C:\Program Files\ZHPDiag\ZHPDiag.exe [8353792] [PID.3836]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Documents and Settings\sabou\Local Settings\Application Data\Google\Chrome\User
Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google
Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout
Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff]
MySearchDial Nouvel onglet v.9.4.1.1 (Désactivé) =>Adware.MyWebSearch
~ Google Browser: 16 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs =
http://start.mysearchdial.com =>Adware.MyWebSearch
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1
~ IE Browser: 13 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer =
http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable =
1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy
= 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1
= 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847}
Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} --
Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} .
(.Microsoft Corporation - Windows Messenger.) -- C:\Program
Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="ie.search.msn.com"
~ IE Paramètres WEB: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C7D1591-D0DA-4376-9219-D0807487698C}:
NameServer =
8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.2
0,156.154.70.1,156.154.71.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C7D1591-D0DA-4376-9219-D0807487698C}:
NameServer =
8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.2
0,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C7D1591-D0DA-4376-9219-D0807487698C}:
NameServer =
8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.2
0,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DA5B4756-816F-4924-81F2-FBE440A94A2E}:
DhcpNameServer = 109.0.66.10 109.0.66.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft
Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} .
(.Microsoft Corporation - Windows Shell Common Dll.) --
C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) --
C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related
API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Offline Network Agent.)
-- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification
Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - Secondary Logon Service
Notification DLL.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - Common DLL to receive
Winlogon notification.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Browseui preloader -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Shell Browser UI
Library.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Browseui preloader -
{8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Shell Browser UI
Library.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: media center Bouygues Telecom (media center Bouygues Telecom) .
(.Bouygues Telecom - DMS.) - C:\Program Files\media center Bbox\media center
Bouygues Telecom\MediaServer.exe
O23 - Service: Video-Saver (video-saver) . (...) - C:\Program
Files\Video-Saver-soft\video-saver157.exe =>PUP.Video-Saver
~ Services: 11 Legitimates Filtered in 00mn 06s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop Component 0: My Current Home Page - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and
Settings\sabou\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\sabou\Local
Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter
=>Crapware.SpyHunter
~ http://nicolascoolman.webs.com/apps/blog/show/41864592-pup-video-saver
=>PUP.Video-Saver
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch
=>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy
=>Hijacker.Proxy
~ MSI: 4 link(s) detected in 00mn 00s
~ 79 Legitimates filtered by white list
End of the scan (255 lines in 00mn 13s)(0)
A voir également:
- Supprimer videosaver
- Supprimer rond bleu whatsapp - Guide
- Supprimer page word - Guide
- Supprimer pub youtube - Accueil - Streaming
- Fichier impossible à supprimer - Guide
- Supprimer compte instagram - Guide
6 réponses
Salut,
Tu as essayé de le désinstaller par programmes et fonctionnalités du panneau de configuration ?
Tu as essayé de le désinstaller par programmes et fonctionnalités du panneau de configuration ?
ok,
Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.
**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE
Faire un Scan OTL - Temps : Environ 40min
=============================================
OTL permet de diagnostiquer les programmes qui tournent et déceler des infections - Le programme va générer deux rapports OTL.txt et Extras.txt
Fournir les deux rapports :
Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/
* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).
* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Clique sur le bouton Analyse.
**** Si durant le scan - OTL ne répond pas, ne touche à rien et laisse le scan se poursuivre ****
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent).
Donne le ou les liens pjjoint qui pointent vers ces rapports ici dans une réponse.
Je répète : donne le lien du rapport pjjoint ici en réponse.
NE PAS COPIER/COLLER LE RAPPORT ICI - DONNER LE LIEN PJJOINT DANS UN NOUVEAU MESSAGE
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Désactive les proxys : https://forums.commentcamarche.net/forum/affich-37640573-desactiver-son-proxy
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
SRV - [2014/03/10 20:39:57 | 000,196,096 | ---- | M] () [Auto | Running] -- C:\Program Files\Video-Saver-soft\video-saver157.exe -- (video-saver)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\sabou\Application Data\Complitly\Complitly.dll (SimplyGen)
O3 - HKU\S-1-5-21-299502267-1078145449-725345543-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
[2014/03/10 20:39:58 | 000,000,000 | ---D | C] -- C:\Program Files\Video-Saver-soft
[2014/03/13 12:49:17 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\Video-Saver_wd.job
* poste le rapport ici
Redémarre l'ordinateur
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Relance OTL.
o sous Personnalisation (Custom Scan), copie_colle le contenu du cadre ci dessous (bien prendre :OTL en début).
Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
:OTL
SRV - [2014/03/10 20:39:57 | 000,196,096 | ---- | M] () [Auto | Running] -- C:\Program Files\Video-Saver-soft\video-saver157.exe -- (video-saver)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Documents and Settings\sabou\Application Data\Complitly\Complitly.dll (SimplyGen)
O3 - HKU\S-1-5-21-299502267-1078145449-725345543-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
[2014/03/10 20:39:58 | 000,000,000 | ---D | C] -- C:\Program Files\Video-Saver-soft
[2014/03/13 12:49:17 | 000,000,378 | ---- | M] () -- C:\WINDOWS\tasks\Video-Saver_wd.job
* poste le rapport ici
Redémarre l'ordinateur
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left