Win32:vb-eik
Résolu
bfm78
Messages postés
14
Date d'inscription
Statut
Membre
Dernière intervention
-
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Malekal_morte- Messages postés 180304 Date d'inscription Statut Modérateur, Contributeur sécurité Dernière intervention -
Bonjour,
J'ai un virus sur mon disk dur.
Avast mets automatiquements mes fchiers en quarantaine.
J'ai lancé combofix qui me donne le rapport suivant:
ComboFix 15-05-28.01 - betty 30/05/2015 18:38:37.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4008.2102 [GMT 2:00]
Lancé depuis: c:\users\betty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Autorun.inf
c:\users\betty\AppData\Local\dsisetup11098206902.exe
c:\users\betty\AppData\Local\dsisetup6229057522.exe
c:\users\betty\AppData\Local\Microsoft\Windows\Temporary Internet Files\e784bf20-38ee-44de-a233-6a71cf0accde.jpg
c:\users\Brahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\{22BE8A54-87B4-4BB4-A423-BEBBD7D268E4}.xps
c:\users\Brahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\{4287979B-2BE6-480E-BE82-6AAA6EDFD8EC}.xps
D:\Autorun.inf
E:\Autorun.inf
F:\Autorun.inf
H:\Autorun.inf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-04-28 au 2015-05-30 ))))))))))))))))))))))))))))))))))))
.
.
2015-05-30 17:03 . 2015-05-30 17:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-30 17:03 . 2015-05-30 17:03 -------- d-----w- c:\users\Brahim\AppData\Local\temp
2015-05-30 17:03 . 2015-05-30 17:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-05-29 20:40 . 2015-05-29 20:40 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{435CC0D6-E118-4E02-8C00-A0312BD223A8}\offreg.3576.dll
2015-05-29 14:29 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{435CC0D6-E118-4E02-8C00-A0312BD223A8}\mpengine.dll
2015-05-19 06:36 . 2015-05-19 06:36 -------- d-----w- c:\program files\iPod
2015-05-19 06:36 . 2015-05-19 06:37 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-19 06:36 . 2015-05-19 06:37 -------- d-----w- c:\program files\iTunes
2015-05-14 01:10 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:10 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 19:36 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 19:36 . 2015-05-05 01:12 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-13 19:36 . 2015-04-18 03:10 460800 ----a-w- c:\windows\system32\certcli.dll
2015-05-13 19:36 . 2015-04-18 02:56 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-05-13 19:34 . 2015-04-27 19:18 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-05-13 19:33 . 2015-04-10 16:43 10935808 ----a-w- c:\windows\system32\ieframe.dll
2015-05-13 19:32 . 2015-03-04 04:10 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-13 19:32 . 2015-03-04 04:41 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-13 19:32 . 2015-03-04 04:41 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-13 19:32 . 2015-03-04 04:41 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-13 19:32 . 2015-03-04 04:41 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-13 19:32 . 2015-03-04 04:11 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-13 19:32 . 2015-03-04 04:10 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-05-12 17:53 . 2015-05-12 17:59 -------- d-s---w- c:\windows\system32\GWX
2015-05-12 17:53 . 2015-05-12 17:53 -------- d-s---w- c:\windows\SysWow64\GWX
2015-05-10 11:10 . 2015-03-25 03:00 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-05-10 11:10 . 2015-03-25 03:00 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-05-10 11:05 . 2015-03-23 03:24 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-05-10 11:05 . 2015-03-23 03:24 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-05-10 11:05 . 2015-03-23 03:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-05-10 11:05 . 2015-03-23 03:25 769536 ----a-w- c:\windows\system32\invagent.dll
2015-05-10 11:05 . 2015-03-23 03:17 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-05-10 11:05 . 2015-03-23 03:24 419840 ----a-w- c:\windows\system32\devinv.dll
2015-05-10 11:05 . 2015-03-23 03:24 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-05-10 11:05 . 2015-03-23 03:24 192000 ----a-w- c:\windows\system32\aepic.dll
2015-05-10 11:05 . 2015-03-10 03:25 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-05-10 11:05 . 2015-03-10 03:08 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-05-10 11:05 . 2015-03-10 03:05 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-05-10 11:05 . 2015-03-10 03:21 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-05-10 10:51 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-05-10 10:50 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-05-10 10:50 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-05-10 10:50 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-29 20:21 . 2012-03-30 18:49 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-29 20:21 . 2011-09-27 09:05 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-29 05:09 . 2011-09-23 22:13 45056 ----a-w- c:\windows\system32\acovcnt.exe
2015-05-14 01:19 . 2011-09-27 06:35 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-04-27 19:04 . 2015-05-13 19:35 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-26 17:37 . 2015-04-26 17:37 1388544 ---h--r- c:\windows\Thumbs .db
2015-04-26 17:37 . 2015-04-26 17:37 1388544 ---h--r- C:\Thumbs .db
2015-04-24 18:14 . 2015-04-24 18:14 40960 ---h--r- C:\Thumbs.com
2015-04-24 18:14 . 2015-04-24 18:14 40960 ----a-w- c:\users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com
2015-04-24 18:14 . 2015-04-24 18:14 40960 ----a-w- c:\users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Windows .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Recovery .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\ProgramData .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Program Files .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Program Files (x86) .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\PerfLogs .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\NvidiaLogs .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\MSOCache .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Intel .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\found.000 .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\eSupport .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Documents and Settings .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Config.Msi .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Boot .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\AsusVibeData .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\ASUS.DAT .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\32788R22FWJFW .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\$Recycle.Bin .scr
2015-04-14 01:38 . 2015-04-14 01:38 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-03-04 04:41 . 2015-05-13 19:32 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:41 . 2015-05-13 19:32 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:10 . 2015-05-13 19:32 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-13 19:32 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-13 19:32 2560 ----a-w- c:\windows\apppatch\AcRes.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cacaoweb"="c:\users\betty\AppData\Roaming\cacaoweb\cacaoweb.exe" [2015-03-28 515888]
"Scan Buttons"="c:\program files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE" [2011-01-21 214360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-09 5227648]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE" [2010-07-29 116632]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
.
c:\users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Online.com [2015-4-24 40960]
Adobe update.com [2015-4-24 40960]
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
OneNote 2010 - Capture d'écran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-13 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d [2011-9-24 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2015-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 20:21]
.
2015-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3238503590-61638626-1550079945-1001Core.job
- c:\users\betty\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:21]
.
2015-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3238503590-61638626-1550079945-1001UA.job
- c:\users\betty\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-01-05 09:55 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2008-05-24 26448]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-04-06 169768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab
FF - ProfilePath - c:\users\betty\AppData\Roaming\Mozilla\Firefox\Profiles\5t27orlm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search
FF - prefs.js: browser.search.selectedEngine - Microsoft (Bing)
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=AV01
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-05-30 19:09:56
ComboFix-quarantined-files.txt 2015-05-30 17:09
.
Avant-CF: 36 804 902 912 octets libres
Après-CF: 39 073 665 024 octets libres
.
- - End Of File - - 17ABE2D2AED7CC621BD03FD0B1C73743
que dois-je en faire?
Merci de votre reponse
J'ai un virus sur mon disk dur.
Avast mets automatiquements mes fchiers en quarantaine.
J'ai lancé combofix qui me donne le rapport suivant:
ComboFix 15-05-28.01 - betty 30/05/2015 18:38:37.1.4 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.4008.2102 [GMT 2:00]
Lancé depuis: c:\users\betty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Autorun.inf
c:\users\betty\AppData\Local\dsisetup11098206902.exe
c:\users\betty\AppData\Local\dsisetup6229057522.exe
c:\users\betty\AppData\Local\Microsoft\Windows\Temporary Internet Files\e784bf20-38ee-44de-a233-6a71cf0accde.jpg
c:\users\Brahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\{22BE8A54-87B4-4BB4-A423-BEBBD7D268E4}.xps
c:\users\Brahim\AppData\Local\Microsoft\Windows\Temporary Internet Files\{4287979B-2BE6-480E-BE82-6AAA6EDFD8EC}.xps
D:\Autorun.inf
E:\Autorun.inf
F:\Autorun.inf
H:\Autorun.inf
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-04-28 au 2015-05-30 ))))))))))))))))))))))))))))))))))))
.
.
2015-05-30 17:03 . 2015-05-30 17:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-30 17:03 . 2015-05-30 17:03 -------- d-----w- c:\users\Brahim\AppData\Local\temp
2015-05-30 17:03 . 2015-05-30 17:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-05-29 20:40 . 2015-05-29 20:40 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{435CC0D6-E118-4E02-8C00-A0312BD223A8}\offreg.3576.dll
2015-05-29 14:29 . 2015-05-03 03:16 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{435CC0D6-E118-4E02-8C00-A0312BD223A8}\mpengine.dll
2015-05-19 06:36 . 2015-05-19 06:36 -------- d-----w- c:\program files\iPod
2015-05-19 06:36 . 2015-05-19 06:37 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-19 06:36 . 2015-05-19 06:37 -------- d-----w- c:\program files\iTunes
2015-05-14 01:10 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:10 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 19:36 . 2015-05-05 01:29 342016 ----a-w- c:\windows\system32\schannel.dll
2015-05-13 19:36 . 2015-05-05 01:12 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-05-13 19:36 . 2015-04-18 03:10 460800 ----a-w- c:\windows\system32\certcli.dll
2015-05-13 19:36 . 2015-04-18 02:56 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-05-13 19:34 . 2015-04-27 19:18 146432 ----a-w- c:\windows\system32\msaudite.dll
2015-05-13 19:33 . 2015-04-10 16:43 10935808 ----a-w- c:\windows\system32\ieframe.dll
2015-05-13 19:32 . 2015-03-04 04:10 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2015-05-13 19:32 . 2015-03-04 04:41 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2015-05-13 19:32 . 2015-03-04 04:41 342016 ----a-w- c:\windows\system32\apphelp.dll
2015-05-13 19:32 . 2015-03-04 04:41 23552 ----a-w- c:\windows\system32\sdbinst.exe
2015-05-13 19:32 . 2015-03-04 04:41 6656 ----a-w- c:\windows\system32\shimeng.dll
2015-05-13 19:32 . 2015-03-04 04:11 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2015-05-13 19:32 . 2015-03-04 04:10 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2015-05-12 17:53 . 2015-05-12 17:59 -------- d-s---w- c:\windows\system32\GWX
2015-05-12 17:53 . 2015-05-12 17:53 -------- d-s---w- c:\windows\SysWow64\GWX
2015-05-10 11:10 . 2015-03-25 03:00 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-05-10 11:10 . 2015-03-25 03:00 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-05-10 11:05 . 2015-03-23 03:24 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-05-10 11:05 . 2015-03-23 03:24 957952 ----a-w- c:\windows\system32\appraiser.dll
2015-05-10 11:05 . 2015-03-23 03:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-05-10 11:05 . 2015-03-23 03:25 769536 ----a-w- c:\windows\system32\invagent.dll
2015-05-10 11:05 . 2015-03-23 03:17 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-05-10 11:05 . 2015-03-23 03:24 419840 ----a-w- c:\windows\system32\devinv.dll
2015-05-10 11:05 . 2015-03-23 03:24 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-05-10 11:05 . 2015-03-23 03:24 192000 ----a-w- c:\windows\system32\aepic.dll
2015-05-10 11:05 . 2015-03-10 03:25 1882624 ----a-w- c:\windows\system32\msxml3.dll
2015-05-10 11:05 . 2015-03-10 03:08 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-05-10 11:05 . 2015-03-10 03:05 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2015-05-10 11:05 . 2015-03-10 03:21 2048 ----a-w- c:\windows\system32\msxml3r.dll
2015-05-10 10:51 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-05-10 10:50 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-05-10 10:50 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-05-10 10:50 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-29 20:21 . 2012-03-30 18:49 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-29 20:21 . 2011-09-27 09:05 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-29 05:09 . 2011-09-23 22:13 45056 ----a-w- c:\windows\system32\acovcnt.exe
2015-05-14 01:19 . 2011-09-27 06:35 140425016 ----a-w- c:\windows\system32\MRT.exe
2015-04-27 19:04 . 2015-05-13 19:35 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-26 17:37 . 2015-04-26 17:37 1388544 ---h--r- c:\windows\Thumbs .db
2015-04-26 17:37 . 2015-04-26 17:37 1388544 ---h--r- C:\Thumbs .db
2015-04-24 18:14 . 2015-04-24 18:14 40960 ---h--r- C:\Thumbs.com
2015-04-24 18:14 . 2015-04-24 18:14 40960 ----a-w- c:\users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com
2015-04-24 18:14 . 2015-04-24 18:14 40960 ----a-w- c:\users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Windows .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Recovery .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\ProgramData .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Program Files .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Program Files (x86) .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\PerfLogs .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\NvidiaLogs .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\MSOCache .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Intel .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\found.000 .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\eSupport .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Documents and Settings .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Config.Msi .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\Boot .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\AsusVibeData .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\ASUS.DAT .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\32788R22FWJFW .scr
2015-04-24 18:14 . 2015-04-24 18:14 40960 ------r- C:\$Recycle.Bin .scr
2015-04-14 01:38 . 2015-04-14 01:38 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-03-04 04:41 . 2015-05-13 19:32 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:41 . 2015-05-13 19:32 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:10 . 2015-05-13 19:32 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-13 19:32 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-13 19:32 2560 ----a-w- c:\windows\apppatch\AcRes.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
- Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cacaoweb"="c:\users\betty\AppData\Roaming\cacaoweb\cacaoweb.exe" [2015-03-28 515888]
"Scan Buttons"="c:\program files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE" [2011-01-21 214360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-20 60712]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-09 5227648]
"PMSpeed"="c:\program files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE" [2010-07-29 116632]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
.
c:\users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Online.com [2015-4-24 40960]
Adobe update.com [2015-4-24 40960]
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-30 204288]
OneNote 2010 - Capture d'écran et lancement.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-13 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe -d [2011-9-24 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
.
.
Contenu du dossier 'Tâches planifiées'
.
2015-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 20:21]
.
2015-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3238503590-61638626-1550079945-1001Core.job
- c:\users\betty\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:21]
.
2015-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3238503590-61638626-1550079945-1001UA.job
- c:\users\betty\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-06 12:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-01-05 09:55 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2008-05-24 26448]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-04-06 169768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
uInternet Settings,ProxyOverride = *.local
IE: &Envoyer à OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 89.2.0.1 89.2.0.2
DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/v/ra3RgI_VSoCPalw7aL2ig_0fSS8.cab
FF - ProfilePath - c:\users\betty\AppData\Roaming\Mozilla\Firefox\Profiles\5t27orlm.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search
FF - prefs.js: browser.search.selectedEngine - Microsoft (Bing)
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=AV01
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search
.
- - - - ORPHELINS SUPPRIMES - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-05-30 19:09:56
ComboFix-quarantined-files.txt 2015-05-30 17:09
.
Avant-CF: 36 804 902 912 octets libres
Après-CF: 39 073 665 024 octets libres
.
- - End Of File - - 17ABE2D2AED7CC621BD03FD0B1C73743
que dois-je en faire?
Merci de votre reponse
12 réponses
Salut,
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Suis ce tutoriel FRST: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
(et bien prendre le temps de lire afin d'appliquer correctement - tout y est expliqué).
Télécharge et lance le scan FRST, cela va générer trois rapports FRST :
- FRST.txt
- Shortcut.txt
- Additionnal.txt
Envoie, comme expliqué, ces trois rapports sur le site http://pjjoint.malekal.com et en retour donne les trois liens pjjoint qui mènent à ses rapports ici dans une nouvelle réponse afin que l'on puisse les consulter.
Voici la correction à effectuer avec FRST.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
2015-05-19 08:36 - 2015-05-19 08:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
CHR Extension: (Astromenda New Tab) - C:\Users\betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-12-20]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 107.20.147.195]
CHR StartupUrls: Default -> hxxp://astromenda.com/?f=7&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 107.20.147.195]
CHR DefaultSearchKeyword: Default -> astromenda.com
CHR DefaultSearchURL: Default -> http://astromenda.com/?results.php?&q={searchTerms}&f=4&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 184.72.238.218]
Startup: C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com [2015-04-24] ()
Startup: C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com [2015-04-24] ()
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Fais un scan en ligne NOD32 : https://www.malekal.com/scan-antivirus-ligne-nod32/#NOD32
Enregistre le rapport
Envoie le sur http://pjjoint.malekal.com
Donne le lien ici.
Tu peux t'inspirer de cette note explicative avec des captures d'écran pour t'aider: https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/#fix
Ouvre le bloc-notes : Touche Windows + R, dans le champs executer, tape notepad et OK.
Copie/colle dedans ce qui suit :
2015-05-19 08:36 - 2015-05-19 08:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
CHR Extension: (Astromenda New Tab) - C:\Users\betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-12-20]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 107.20.147.195]
CHR StartupUrls: Default -> hxxp://astromenda.com/?f=7&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 107.20.147.195]
CHR DefaultSearchKeyword: Default -> astromenda.com
CHR DefaultSearchURL: Default -> http://astromenda.com/?results.php?&q={searchTerms}&f=4&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 184.72.238.218]
Startup: C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com [2015-04-24] ()
Startup: C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com [2015-04-24] ()
Une fois, le texte coller dans le bloc-note.
Menu Fichier puis Enregistrer sous.
A gauche, place toi sur le bureau.
Dans le champs en bas, nom du fichier mets : fixlist.txt
Clic sur Enregistrer - cela va créer un fichier fixlist.txt sur le bureau.
Relance FRST et clic sur le bouton Fix
Selon comment un redémarrage est nécessaire (pas obligatoire).
Un fichier texte apparaît, copie/colle le contenu ici dans un nouveau message.
Redémarre l'ordinateur
Fais un scan en ligne NOD32 : https://www.malekal.com/scan-antivirus-ligne-nod32/#NOD32
Enregistre le rapport
Envoie le sur http://pjjoint.malekal.com
Donne le lien ici.
quand je relance first, rien ne se passe.
mon fichier est bien créé et present sur mon bureau
message; no fixlist.txt found.
the fixlist.txt should be in the same folder/directory the tool is located
mon fichier est bien créé et present sur mon bureau
message; no fixlist.txt found.
the fixlist.txt should be in the same folder/directory the tool is located
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by betty at 2015-05-30 20:24:03 Run:1
Running from C:\Users\betty\Desktop
Loaded Profiles: betty (Available Profiles: UpdatusUser & betty & Brahim)
Boot Mode: Normal
==============================================
fixlist content:
2015-05-19 08:36 - 2015-05-19 08:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
CHR Extension: (Astromenda New Tab) - C:\Users\betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-12-20]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 107.20.147.195]
CHR StartupUrls: Default -> hxxp://astromenda.com/?f=7&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 107.20.147.195]
CHR DefaultSearchKeyword: Default -> astromenda.com
CHR DefaultSearchURL: Default -> http://astromenda.com/?results.php?&q={searchTerms}&f=4&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 184.72.238.218]
Startup: C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com [2015-04-24] ()
Startup: C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com [2015-04-24] ()
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 => Moved successfully.
C:\Users\betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae" => key Removed successfully
Chrome HomePage Removed successfully
Chrome StartupUrls Removed successfully
Chrome DefaultSearchKeyword Removed successfully
Chrome DefaultSearchURL Removed successfully
C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com => Moved successfully.
C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com => Moved successfully.
Ran by betty at 2015-05-30 20:24:03 Run:1
Running from C:\Users\betty\Desktop
Loaded Profiles: betty (Available Profiles: UpdatusUser & betty & Brahim)
Boot Mode: Normal
==============================================
fixlist content:
2015-05-19 08:36 - 2015-05-19 08:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
CHR Extension: (Astromenda New Tab) - C:\Users\betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2014-12-20]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.google.com/service/update2/crx
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 107.20.147.195]
CHR StartupUrls: Default -> hxxp://astromenda.com/?f=7&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 107.20.147.195]
CHR DefaultSearchKeyword: Default -> astromenda.com
CHR DefaultSearchURL: Default -> http://astromenda.com/?results.php?&q={searchTerms}&f=4&a=ast_tele_14_34_ff&cd=2XzuyEtN2Y1L1QzuyEzzyD0DyCtD0Fzz0E0FtB0D0BtD0CyDtN0D0Tzu0SzyyCtBtN1L2XzutBtFtBtCtFtCzztFyBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCyC0DyByEyCzytBtGyByCyDyBtGtCyB0B0AtG0A0AyCtBtGyD0AyC0A0F0F0FyByCyB0A0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0AyE0DtDtAyByBtG0FtBtC0DtGyE0DtA0DtG0A0A0D0AtGtA0FtA0EtD0DyB0EtAyCtA0E2Q&cr=435765263&ir= [Pays US - 184.72.238.218]
Startup: C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com [2015-04-24] ()
Startup: C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com [2015-04-24] ()
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 => Moved successfully.
C:\Users\betty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae" => key Removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae" => key Removed successfully
Chrome HomePage Removed successfully
Chrome StartupUrls Removed successfully
Chrome DefaultSearchKeyword Removed successfully
Chrome DefaultSearchURL Removed successfully
C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Online.com => Moved successfully.
C:\Users\betty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe update.com => Moved successfully.
End of Fixlog 20:24:06
bonsoir,
le scan est terminé voici le lien
https://pjjoint.malekal.com/files.php?id=20150531_k14s14q11e9b7
le scan est terminé voici le lien
https://pjjoint.malekal.com/files.php?id=20150531_k14s14q11e9b7
ok =)
Peut-être un nettoyage avec USBFix pour finir de terminer et ça devrait rouler je pense.
Tutorial USBFix : https://www.malekal.com/usbfix-supprimer-virus-usb/
Eventuellement transmets le rapport via pjjoint.
Avast! n'émet plus d'alerte sur l'ordinateur ?
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
Peut-être un nettoyage avec USBFix pour finir de terminer et ça devrait rouler je pense.
Tutorial USBFix : https://www.malekal.com/usbfix-supprimer-virus-usb/
Eventuellement transmets le rapport via pjjoint.
Avast! n'émet plus d'alerte sur l'ordinateur ?
Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left
bon la bonne nouvelle c'est que le virus est pati
par contre la mauvaise, je ne retrouve plus des dossiers sur mon disk dur alors que la taille est la meme
par contre la mauvaise, je ne retrouve plus des dossiers sur mon disk dur alors que la taille est la meme
Bonsoir,
C'est tout simple, pour nettoyer ton pc de toutes "merdes" qui ont pu venir en installant quelque chose voir en navigant ect fait ceci tu m'en diras des nouvelles:
Un coup d'ADWCleaner:https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
Ensuite: CCleaner:https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/ (nettoyage de registre, navigateurs ect..)
Et RevoUninstaller: https://www.commentcamarche.net/telecharger/utilitaires/19405-revo-uninstaller/
Par la suite, fais une défragmentation de ton disque: https://www.youtube.com/watch?v=ffl0kFVUO2k
Et arrête Avast, ils ont pris la grosse tête et ça ralentis le pc. Utilise Microsoft Security Essential :)
Bonne soirée à tous!
C'est tout simple, pour nettoyer ton pc de toutes "merdes" qui ont pu venir en installant quelque chose voir en navigant ect fait ceci tu m'en diras des nouvelles:
Un coup d'ADWCleaner:https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/
Ensuite: CCleaner:https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/ (nettoyage de registre, navigateurs ect..)
Et RevoUninstaller: https://www.commentcamarche.net/telecharger/utilitaires/19405-revo-uninstaller/
Par la suite, fais une défragmentation de ton disque: https://www.youtube.com/watch?v=ffl0kFVUO2k
Et arrête Avast, ils ont pris la grosse tête et ça ralentis le pc. Utilise Microsoft Security Essential :)
Bonne soirée à tous!