Re: infecté sur chrome

dans AdwCleaner par Chapi

Bonjour Maxjules.

Pour commencer, on va faire l'export du dossier d'Extensions de Google Chrome.

  • Via l'explorateur, rends toi ici :
    C:\Users\max\AppData\Local\Google\Chrome\User Data\Default\
  • Ensuite fais un clic droit sur le dossier "Extensions", sélectionne "Envoyez-vers" puis "Dossier compressé".
  • Un fichier Extensions.zip est alors créé.
  • Rends toi sur up2sha.re.
  • Héberge ce fichier ...

Re: AdwCleaner Report

dans AdwCleaner par barsim

The missing log-file:

Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman,
Update du 19/10/2015
Fichier d'export Registre :
Run by sjb at 12/2/2015 10:12:58 AM
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Recycle Bin emptied (07mn AMs)

========== Software ==========
REMOVES: Adobe Shockwave Player 12.0

========== Registry keys ==========
R...

Re: AdwCleaner Report

dans AdwCleaner par barsim

Here's the Report after running the ZHPFix tool, but didn't select the ZHPFix REMOVAL while it was running. Was I right?

Script ZHPFix:

O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {0099B484-C24C-4D5F-8167-B0F6DF196E72} ©
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited
HKCU\SOFTWARE\BitDefender
HKCU\SOFTWARE\McAfe...

Re: AdwCleaner Report

dans AdwCleaner par barsim

Here's the Report after running the ZHPFix tool, but didn't select the ZHPFix while it was running. Was I right?

Script ZHPFix:

O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {0099B484-C24C-4D5F-8167-B0F6DF196E72} ©
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited
HKCU\SOFTWARE\BitDefender
HKCU\SOFTWARE\McAfee
P2 - EX...

Re: AdwCleaner Report

dans AdwCleaner par fr33tux

Hello,

Please repeat what you did with Chapi with ZHPFix, but using the following content :

Script ZHPFix:

O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {0099B484-C24C-4D5F-8167-B0F6DF196E72} ©
HKLM\SOFTWARE\Wow6432Node\McAfee
HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited
HKCU\SOFTWARE\BitDefender
HKCU\SOFTWARE\McAfee
P2 - EXT: (...) -- C:\Progr...

Re: I'm not sure what to clean/remove.

Hi Chapi,

This is ZHPFixReport without using Drop-box opton:

Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015 Fichier d'export Registre : Run by My Computer at 11/27/2015 2:39:30 PM High Elevated Privileges : OK Windows Vista Business Edition, 64-bit  (Build 6000)

Recycle Bin emptied (14mn AMs) Prefetcher emptied

========== Software ========== REMOVES: Kaspersky Secu...

Re: I'm not sure what to clean/remove.

dans Désinfection par Chapi

Ok, so I've made a more detailled explanation (all the links refer to a picture with what to do) :

Re: I'm not sure what to clean/remove.

dans Désinfection par Chapi

Hi,

Sadly, that's not what I'm waitting for. Here is an example of a ZHPFix script :

Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre : 
Run by Chapi at 27/11/2015 17:43:39
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Corbeille vidée (Annulé par l'utilisateur)


========== Récapitulatif =========...

Re: I'm not sure what to clean/remove.

Hi Chapi

Sorry about my confusing words, here's the ZHFixReport (1):

Script ZHPFix P2 - EXT FILE: (...) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi HKCU\SOFTWARE\AppDataLow\Software\arcadeparlorconfig O43 - CFD: 15/03/2015 - [] D -- C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44} HKCU\SOFTWARE...

Re: I'm not sure what to clean/remove.

Here's the original script:

Script ZHPFix
P2 - EXT FILE: (...) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi
HKCU\SOFTWARE\AppDataLow\Software\arcadeparlorconfig
O43 - CFD: 15/03/2015 - [] D -- C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
HKCU\SOFTWARE\DriverSupport
O43 - CFD: 21/11/2015 - []...