[vymdiesel]

Rapport de ZHPFix 2017.06.13.1 par Nicolas Coolman, Update du 13/06/2017
Fichier d'export Registre :
Run by Valls y Machinant D at 6/08/2017 13:35:15
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Corbeille vidée (07mn 40s)
Dossier Prefetcher vidé
Réparation des raccourcis navigateur

========== Processus mémoire ==========
SUPPRIMÉ: Memory Process: C:\Users\Valls y Machinant D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage
SUPPRIMÉ: Memory Process: C:\Users\Valls y Machinant D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal
SUPPRIMÉ: Memory Process: C:\Users\Valls y Machinant D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_demo.wponlinesupport.com_0.localstorage
SUPPRIMÉ: Memory Process: C:\Users\Valls y Machinant D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_demo.wponlinesupport.com_0.localstorage-journal

========== Clés du Registre ==========
SUPPRIMÉ:³ HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1916A2AF346D399F50313C393200F14140456616
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2A83E9020591A55FC6DDAD3FB102794C52B24E70
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2B84BFBB34EE2EF949FE1CBE30AA026416EB2216
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\3A850044D8A195CD401A680C012CB0A3B5F8DC08
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\40AA38731BD189F9CDB5B9DC35E2136F38777AF4
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\43D9BCB568E039D073A74A71D8511F7476089CC3
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\471C949A8143DB5AD5CDF1C972864A2504FA23C9
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\61793FCBFA4F9008309BBA5FF12D2CB29CD4151A
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\63FEAE960BAA91E343CE2BD8B71798C76BDB77D0
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6431723036FD26DEA502792FA595922493030F97
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\7D7F4414CCEF168ADF6BF40753B5BECD78375931
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\80962AE4D6C5B442894E95A13E4A699E07D694CF
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\86E817C81A5CA672FE000F36F878C19518D6F844
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\8E5BD50D6AE686D65252F843A9D4B96D197730AB
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9845A431D51959CAF225322B4A4FE9F223CE6D15
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B533345D06F64516403C00DA03187D3BFEF59156
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\B86E791620F759F17B8D25E38CA8BE32E7D5EAC2
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\C060ED44CBD881BD0EF86C0BA287DDCF8167478C
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\CEA586B2CE593EC7D939898337C57814708AB2BE
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\D018B62DC518907247DF50925BB09ACF4A5CB3AD
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F8A54E03AADC5692B850496A4C4630FFEAA29D83
SUPPRIMÉ:³ HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\FA6660A94AB45F6A88C0D7874D89A863D74DEE97
SUPPRIMÉ: HKCU\SOFTWARE\Magicbit
SUPPRIMÉ: HKCU\SOFTWARE\TeleCharger
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}
SUPPRIMÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}

========== Valeurs du Registre ==========
SUPPRIMÉ RunValue: AdobeBridge
Aucune Valeur Standard Profile: FirewallRaz :
Aucune Valeur Domain Profile: FirewallRaz :
Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

========== Préférences navigateur ==========
PRESENT Chrome File: C:\Users\Valls y Machinant D\AppData\Local\Google\Chrome\User Data\Default\Preferences
ABSENT Chrome Site: http://d24n15hnbwhuhn.cloudfront.net

========== Dossiers ==========
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\{3CDFBBDB-7FE0-4CCA-B570-9367883B6BBE}
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\{3D8A5676-4DD1-458A-8EAA-09710C1CC847}
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\{507A5810-C3AB-4BFF-9421-4556674196ED}
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\{69D63DC2-937C-474C-BCE3-15164D6C6D18}
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\{88A7EF21-2959-4470-A09D-FB7C8FB83D1D}
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\{92AF7548-997C-4413-982E-F2FEDFFB5BF8}
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\{EF0EA688-849C-4785-B683-1D10A79FF276}
SUPPRIMÉS Flash Cookies (0)
SUPPRIMÉS Temporaires Windows (821)

========== Fichiers ==========
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d3mwhxgzltpnyp.cloudfront.net_0.localstorage
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d3mwhxgzltpnyp.cloudfront.net_0.localstorage-journal
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage
SUPPRIMÉ: C:\Users\Valls y Machinant D\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal
SUPPRIMÉS Flash Cookies (0) (0 octets)
SUPPRIMÉS Temporaires Windows (2509) (529.558.649 octets)

========== Restauration Système ==========
Aucun Point de restauration du système crée

========== Autre ==========
NON TRAITÉ [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]


========== Récapitulatif ==========
4 : Processus mémoire
32 : Clés du Registre
4 : Valeurs du Registre
9 : Dossiers
6 : Fichiers
2 : Préférences navigateur
1 : Restauration Système
1 : Autre


End of clean in 13mn 45s

========== Chemin de fichier rapport ==========
C:\Users\Valls y Machinant D\AppData\Roaming\ZHP\ZHPFix[R1].txt - 6/08/2017 13:42:56 [7223]

Merci pour vos démarches didier
Passez un agréable dimanche.

[did80]

salut vymdiesel

1/ a désinstaller spybot obsolète

2/
Ouvrir FRST

Presser les touches Ctrl +Y (un notepad copyrighté est ouvert via Ctrl +Y)

Copier le fix (Correctif) dedans

Contenu caché

Vous devez être inscrit et connecté sur ce forum pour voir le contenu caché.

Valider par Ctrl +S pour l'enregistrer

Fermer le fichier Fixlist.txt


--> Clique sur Corriger.



Patiente le temps de la correction.

Note : si l'outil a besoin d'un redémarrage, laisse le système redémarrer normalement, l'outil terminera son travail.

--> Une fois la correction terminée, un rapport Fixlog.txt remplacera le fichier fixlist.

héberge moi sur cjoint le rapport Fixlog

@+

[vymdiesel]

Bonsoir Didier, voici le lien vers FIXLOG Cijoint : http://www.cjoint.com/c/GHhsQzBQXBO

A noter que j'ai remarqué qu'un fichier essaie de s'ouvrir au démarrage :



Merci d'avance pour votre réponse Passez une agréable semaine

[did80]

salut  vymdiesel

tu peux l'analyser stp


rends toi sur virustotal

>> Virustotal ici <<

Clique sur “ choisir un fichier ” et indique le chemin du premier fichier en rouge

en te déplacant dans l'arborescence de Windows, puis sur " ouvrir "

Clique enfin sur “ analyser! ”

Au bout de quelques minutes, un rapport est généré. Si on te dit que le fichier a été analysé clique sur réanalyser

Fais un copié -collé de l'URL de la réponse (ce qui est encadré en rouge ci dessous) que tu postes dans ta réponse



@+

[vymdiesel]

Bonsoir, excusez moi mais je n'ai pas compris quel fichier je dois analyser, comment puis je connaitre son chemin ?

[did80]

re vymdiesel 

ton fichier acrobat.com.exe

gestionnaire des tâches > onglet démarrage

tu le sélectionnes > click droit ouvrir emplacement du fichier

@+

[vymdiesel]

Rebonsoir, il s'agit du fichier Valls dans le dossier C:/users/valls (sans extension :s)

Voici le résultat : This file was last analysed by VirusTotal on 2015-07-06 07:28:39 UTC (2 ans, 1 mois ago) it was first analysed by VirusTotal on 2015-07-06 07:28:39 UTC.

Ratio de détection : 0/56

Vous pouvez jeter un œil à la dernière analyse ou l'analyser à nouveau maintenant.

[did80]

re vymdiesel

il y a des lignes non trouvées supprimer par zhpfix

ceci stp ne fais pas la suppression

Télecharger Roguekiller de Tigsy

https://www.adlice.com/fr/download/roguekiller/

prendre la version correspondant a votre système



Lancer le scan







colle le rapport



@+

[vymdiesel]

Bonjour Didier

Voici le rapport RogueKiller :

RogueKiller V12.11.9.0 (x64) [Aug 3 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Valls y Machinant D [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 08/07/2017 23:09:38 (Duration : 01:37:08)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 29 ¤¤¤
[PUP.DownloadAssistant] (X64) HKEY_LOCAL_MACHINE\Software\DVDVideoSoft -> Found
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Myfree Codec -> Found
[PUP.Gen1] (X86) HKEY_LOCAL_MACHINE\Software\Universal -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3970656006-1066801099-3330193111-1000\Software\Myfree Codec -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3970656006-1066801099-3330193111-1000\Software\Myfree Codec -> Found
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-3970656006-1066801099-3330193111-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec -> Found
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-3970656006-1066801099-3330193111-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-3970656006-1066801099-3330193111-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-3970656006-1066801099-3330193111-1000\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DC66C766-B41A-48E0-B711-397B73516343}C:\users\valls y machinant d\appdata\local\apps\2.0\0qap3m9h.1vm\0qe4gnpo.2gl\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\valls y machinant d\appdata\local\apps\2.0\0qap3m9h.1vm\0qe4gnpo.2gl\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe|Name=launcher.exe|Desc=launcher.exe|Defer=User| [7] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{B8B8FE62-ABC0-4601-A5F2-A8E3BF013EF2}C:\users\valls y machinant d\appdata\local\apps\2.0\0qap3m9h.1vm\0qe4gnpo.2gl\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\valls y machinant d\appdata\local\apps\2.0\0qap3m9h.1vm\0qe4gnpo.2gl\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe|Name=launcher.exe|Desc=launcher.exe|Defer=User| [7] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7704FA73-73B5-416D-8462-0B8A5CABCF85} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS66ED\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4D2F9D74-CF62-47B0-AACB-7EE64F9BEEF7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS66ED\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {30909C57-0669-4D2D-A95D-D0EFA263AA5B} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS4CCB\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A3A78007-7065-42A1-BBD8-97D320E6F32D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS4CCB\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F718353E-901B-4BB2-9E23-7A3FD8F07183} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS4FD4\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2A9837B4-C679-4D58-9B89-58D420948BB1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS4FD4\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {066C9270-6DE0-42EA-8519-D2BB2B1FDA32} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS28E0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3BD3B29D-3115-4CDF-BBB4-FD3DA58018C2} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS28E0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | TCP Query User{DC66C766-B41A-48E0-B711-397B73516343}C:\users\valls y machinant d\appdata\local\apps\2.0\0qap3m9h.1vm\0qe4gnpo.2gl\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\valls y machinant d\appdata\local\apps\2.0\0qap3m9h.1vm\0qe4gnpo.2gl\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe|Name=launcher.exe|Desc=launcher.exe|Defer=User| [7] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | UDP Query User{B8B8FE62-ABC0-4601-A5F2-A8E3BF013EF2}C:\users\valls y machinant d\appdata\local\apps\2.0\0qap3m9h.1vm\0qe4gnpo.2gl\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\valls y machinant d\appdata\local\apps\2.0\0qap3m9h.1vm\0qe4gnpo.2gl\laun...app_59711684aa47878d_0001.001e_488c36b75bc31b10\launcher.exe|Name=launcher.exe|Desc=launcher.exe|Defer=User| [7] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7704FA73-73B5-416D-8462-0B8A5CABCF85} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS66ED\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4D2F9D74-CF62-47B0-AACB-7EE64F9BEEF7} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS66ED\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {30909C57-0669-4D2D-A95D-D0EFA263AA5B} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS4CCB\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A3A78007-7065-42A1-BBD8-97D320E6F32D} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS4CCB\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F718353E-901B-4BB2-9E23-7A3FD8F07183} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS4FD4\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {2A9837B4-C679-4D58-9B89-58D420948BB1} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS4FD4\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {066C9270-6DE0-42EA-8519-D2BB2B1FDA32} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS28E0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3BD3B29D-3115-4CDF-BBB4-FD3DA58018C2} : v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Valls y Machinant D\AppData\Local\Temp\7zS28E0\HPDiagnosticCoreUI.exe|Name=HPSAPS| [x] -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 4 ¤¤¤
[PUP.Gen1][Folder] C:\Users\Valls y Machinant D\AppData\Roaming\Download Manager -> Found
[PUP.DownloadAssistant][Folder] C:\Users\Valls y Machinant D\AppData\Roaming\DVDVideoSoft -> Found
[PUP.Gen1][Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec -> Found
[PUP.Gen1][Folder] C:\Program Files (x86)\MyFree Codec -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://www.google.com/|http://www.netvi ... e/membres/] -> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 11962e1874389b3f553754d9a1b9aa64
[BSP] ee436c278a952cb3d9b1793cc86130c8 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 19456 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 39847936 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 40052736 | Size: 466894 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 996251648 | Size: 467417 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] Le périphérique n?est pas prêt. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

+++++ PhysicalDrive2: Multiple Flash Reader USB Device +++++
--- User ---
[MBR] cee6dce24b91a282fe3acfaf3583d0fa
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8192 | Size: 14976 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Cette demande n?est pas prise en charge. )

[did80]

Salut vymdiesel

je suppose que tu te sers de MyFree Codec pour gérer un tél Samsung via kiés

a ne pas désinstaller

essaye de supprimer le reste

copies le rapport après suppression stp ç+