Re: infecté sur chrome

Bonjour,

On est reparti :

Alors d'abord une petite question, es-tu sûr que le pop-up se lance au démarage du navigateur Google Chrome et pas de Mozilla Firefox. En effet, tes messages MBAM indiquent une connection vers statsweb.proxad.net démarré par Mozilla Firefox.

A noté que statsweb.proxad.net appartenant à Free, il est probable qu'il s'agisse d'un Faux Positif. J'ai donc contacté quelqu...

Re: bizarre voice in my laptop speakers

on Désinfection by ****

here is AdwCleaner[S0]:

# AdwCleaner v4.106 - Report created 21/12/2014 at 17:33:54
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Albert - JEAN
# Running from : C:\Users\Albert\Downloads\adwcleaner_4.106 (1).exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : CltMngSvc Service Deleted : netfilter64
[#...

Re: AdwCleaner Report

Hello,

Here's MalwareByte's log:

Malwarebytes Anti-Malware www.malwarebytes.org

Scan Date: 11/30/2015 Scan Time: 5:32 PM Logfile: Scan.txt Administrator: Yes

Version: 2.2.0.1024 Malware Database: v2015.11.30.06 Rootkit Database: v2015.11.26.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled

OS: Windows 7 Service Pack 1 CPU: x64 F...

Re: I'm not sure what to clean/remove.

Hi Chapi,

This is ZHPFixReport without using Drop-box opton:

Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015 Fichier d'export Registre : Run by My Computer at 11/27/2015 2:39:30 PM High Elevated Privileges : OK Windows Vista Business Edition, 64-bit  (Build 6000)

Recycle Bin emptied (14mn AMs) Prefetcher emptied

========== Software ========== REMOVES: Kaspersky Secu...

Re: I'm not sure what to clean/remove.

Ok, so I've made a more detailled explanation (all the links refer to a picture with what to do) :

Re: I'm not sure what to clean/remove.

Hi,

Sadly, that's not what I'm waitting for. Here is an example of a ZHPFix script :

Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre : 
Run by Chapi at 27/11/2015 17:43:39
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)

Corbeille vidée (Annulé par l'utilisateur)


========== Récapitulatif =========...

Re: I'm not sure what to clean/remove.

Hi Chapi

Sorry about my confusing words, here's the ZHFixReport (1):

Script ZHPFix P2 - EXT FILE: (...) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi HKCU\SOFTWARE\AppDataLow\Software\arcadeparlorconfig O43 - CFD: 15/03/2015 - [] D -- C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44} HKCU\SOFTWARE...

Re: I'm not sure what to clean/remove.

Here's the original script:

Script ZHPFix
P2 - EXT FILE: (...) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi
HKCU\SOFTWARE\AppDataLow\Software\arcadeparlorconfig
O43 - CFD: 15/03/2015 - [] D -- C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
HKCU\SOFTWARE\DriverSupport
O43 - CFD: 21/11/2015 - []...

Re: I'm not sure what to clean/remove.

Hi from France :)

We will use ZHPFix, another tool from Nicolas Coolman, in order to remove what remains of those softwares and the little thing AdwCleaner missed.

  • Go on the download page of ZhpFix, click on the blue button "Download Now".
  • Save the file where do you want and launch it with right click : "launch as administrator".
  • Follow the instructions during the installation.
  • Then click ...

Re: I'm not sure what to clean/remove.

Hello from Canada,

Ok, before using a script to eliminate all remaining threats, I need you to tell me about some software that I don't know :

Do you know :

  • BankId: keeper
  • Turbo Tax ( 2010 2013 2014): keeper
  • Quick Tax: keeper
  • Memorex exPressit Label Design Studio: keeper
  • arcadeparlorconfig: definetly remove Spying!!

You also have some uncommon Firefox's extensions such as video download...