Aller au contenu


Photo
- - - - -

Internet Explorer se ferme tout seul


  • Veuillez vous connecter pour répondre
6 réponses à ce sujet

#1 le63corbo

le63corbo

    Junior Member

  • Membres
  • 5 messages

Posté 10 août 2013 - 10:40

Je n ai pas pus resoudre le probleme de reprendre mon internet explorer j ai essayer touts les moyens de reinstalation mais rien a faire
je me remte a vous esperant trouver une solution voici le lien: © CJoint.com, 2012

Modifié par Dylav, 10 août 2013 - 05:06 .
Suppression rapport volumineux par ailleurs hébergé avec lien fourni... ;o)

  • 0

PUBLICITÉ

    Annonces Google

#2 Apollo

Apollo

    Devil Member !

  • Equipe Sécurité
  • 20640 messages

Posté 10 août 2013 - 11:21

Bonjour,

Désactive provisoirement l'antivirus: Si tu ne sais pas comment faire, reporte-toi à cet article.

1) Télécharge Voir le Fichier : RHosts.zip de S!RI sur le bureau, décompresse-le puis exécute-le. Uniquement pour XP !!!

-------------
2) Télécharge AdwCleaner par Xplode: Téléchargements - Outils de Xplode - AdwCleaner

Enregistre-le sur le bureau (et pas ailleurs).

Afin de ne pas fausser le rapport, ne passer l'outil qu'une seule fois svp!


Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.
Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.

Clique sur Suppression et laisse travailler l'outil.

Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.

Le rapport est en outre sauvegardé sous C:\AdwCleaner[S1]

NB: Si l'outil "cale" en mode normal, le lancer en mode sans échec: Comment démarrer Windows en mode sans échec : Astuces pour Dépanner Windows XP

A lire absolument: Lisez d'abord, cliquez après !!! : Questions sur la Sécurité Windows
Logiciels et sponsors : Questions sur la Sécurité Windows

-------------------------

3) Télécharge Junkware Removal Tool sur le bureau: Junkware Removal Tool Download

Site éditeur: Junkware Removal Tool | Information about the tool

Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.

Sous Vista/7/8, clic droit/exécuter en temps qu'administrateur.

Afin de ne pas fausser les rapports, ne passer l'outil qu'une seule fois svp!


Si l'antivirus fait des siennes: désactive-le provisoirement. Si tu ne sais pas comment faire, reporte-toi à cet article.

Poste le rapport généré à la fin de l'analyse.

NB: Le bureau disparaitra un instant, c'est normal.

>>>Si le rapport est long, l'héberger ici: Accueil de Cjoint.com


Image IPB

Image IPB

------------------------
4) Refais un ZHPDiag et héberge le rapport: ne le colle pas sur le forum stp! Donne juste le lien.

@++

Modifié par Apollo, 10 août 2013 - 11:27 .

  • 0

#3 le63corbo

le63corbo

    Junior Member

  • Membres
  • 5 messages

Posté 10 août 2013 - 03:49

© CJoint.com, 2012
  • 0

#4 Apollo

Apollo

    Devil Member !

  • Equipe Sécurité
  • 20640 messages

Posté 10 août 2013 - 04:34

Poste les rapports demandés svp.

++
  • 0

#5 Apollo

Apollo

    Devil Member !

  • Equipe Sécurité
  • 20640 messages

Posté 10 août 2013 - 04:47

ZHPFix :

  • Ferme toutes les applications ouvertes
  • Double-clique sur ZHPFix, raccourci installé par ZHPDiag sur le Bureau
    Important:
    Sous Vista et Windows 7/8 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur.
  • Copie les lignes ci-dessous dans la fenêtre

[MD5.CEDB27BACA286F063C3A11D44AF530AE] - (...) -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760] [PID.3444] =>Adware.InstallBrain
[MD5.1E9993AC255B3220BCE71FE9E056BBC9] - (...) -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe [265952] [PID.332] =>Adware.Zugo
G0 - GCSP: Preference [User Data\Default] tore_on_startup": ["http://blekkosearch.mystart.com =>Spyware.VMNToolbar
G0 - GCSP: Preference [User Data\Default] ore_on_startup": ["http://blekkosearch.mystart.com =>Spyware.VMNToolbar
M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
P2 - FPN: [HKLM] [@Zwinky_5q.com/Plugin] - (.MindSpark - MindSpark Toolbar Platform Plugin Stub for 32-bit Windows.) -- C:\Program Files\Zwinky_5q\bar\1.bin\NP5qStub.dll =>Adware.MyClearSearch
O2 - BHO: Toolbar BHO - {27488090-768a-4d20-a938-f223f71c344c} . (.MindSpark - MindSpark Toolbar Platform.) -- C:\Program Files\Zwinky_5q\bar\1.bin\5qbar.dll =>Adware.MyClearSearch
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} Clé orpheline =>Toolbar.Babylon
O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} . (...) -- C:\Program Files\IB Updater\Extension32.dll =>Adware.InstallBrain
O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} . (.Pas de propriétaire - Toolbar.) -- C:\Program Files\StartNow Toolbar\Toolbar32.dll =>Adware.Zugo
O2 - BHO: SpecialSavings - {938958E8-355C-49FF-92B0-53C1B87ACEA9} . (.SpecialSavings.com - ScriptHost.) -- C:\Program Files\SpecialSavings\ScriptHost.dll =>PUP.SpecialSavings
O2 - BHO: Smiley Bar for Facebook - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} . (.Status Winks - ScriptHost.) -- C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll =>Adware.SmileyBar
O2 - BHO: Search Assistant BHO - {bd3ea7c2-3af8-4463-9a9c-6eb8e136cb02} . (.MindSpark - MindSpark Search Assistant.) -- C:\Program Files\Zwinky_5q\bar\1.bin\5qSrcAs.dll =>Adware.MyClearSearch
O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} . (.iMesh, Inc - Url Helper.) -- C:\Program Files\iMesh Applications\Mediabar\Datamngr\BrowserConnection.dll =>PUP.Datamngr
O2 - BHO: Search-Results Toolbar - {bff6b2ca-366c-4a90-b685-d87776deb0d2} . (.APN LLC - dtx Dynamic Link Library.) -- C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll =>PUP.SearchResults
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\DealBulldog Toolbar Toolbar\tbcore3.dll =>Adware.SocialSkinz
O3 - Toolbar: Search-Results Toolbar - [HKLM]{bff6b2ca-366c-4a90-b685-d87776deb0d2} . (.APN LLC - dtx Dynamic Link Library.) -- C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll =>PUP.SearchResults
O3 - Toolbar: (no name) - [HKLM]{CD3AED25-23AB-4543-B915-159449C37197} Clé orpheline => Infection PUP (Hijacker.Alnaddy)
O3 - Toolbar: StartNow Toolbar - [HKLM]{5911488E-9D1E-40ec-8CBB-06B231CC153F} . (.Pas de propriétaire - Toolbar.) -- C:\Program Files\StartNow Toolbar\Toolbar32.dll =>Adware.Zugo
O3 - Toolbar: Zwinky - [HKLM]{3033124f-06bf-4829-873a-310a125b4d4c} . (.MindSpark - MindSpark Toolbar Platform.) -- C:\Program Files\Zwinky_5q\bar\1.bin\5qbar.dll =>Adware.MyClearSearch
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline => Infection PUP (PUP.SweetIM)
O4 - HKCU\..\Run: [Skymonk2] . (...) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Skymonk2\skymonk2.exe => Infection Rogue (Possible)
O4 - HKUS\S-1-5-21-1801674531-2049760794-1417001333-500\..\Run: [Skymonk2] . (...) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Skymonk2\skymonk2.exe => Infection Rogue (Possible)
O23 - Service: IB Updater (IB Updater) . (...) - C:\Program Files\IB Updater\ExtensionUpdaterService.exe =>Adware.InstallBrain
O23 - Service: KMService (KMService) . (...) - C:\WINDOWS\srvany.exe (.not file.) =>Hijacker.Office
O23 - Service: Updater Service for StartNow Toolbar (Updater Service for StartNow Toolbar) . (...) - C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe =>Adware.Zugo
O23 - Service: ZwinkyService (Zwinky_5qService) . (.COMPANYVERS_NAME - PRODUCTVERS_TITLE.) - C:\Program Files\Zwinky_5q\bar\1.bin\5qbarsvc.exe =>Adware.MyClearSearch
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\EPUpdater.job [290] => Infection PUP (Hijacker.BabSolution)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OptimizerPro1UpdaterTask{C47948A1-E122-432D-B9CD-67EFD08972F9}.job [582] =>PUP.OptimizerPro
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OptimizerProUpdaterTask{F4CA9D6E-31B8-49F5-9D12-A41CDF1885FE}.job [576] =>PUP.OptimizerPro
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PC Optimizer Pro Scan.job [424] =>PUP.OptimizerPro
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PC Optimizer Pro startups.job [428] =>PUP.OptimizerPro
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job [456] =>PUP.OptimizerPro
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\YourFile Update.job [316] => Infection PUP (PUP.YourFileDownloader)
[MD5.F1B6B19AA752DEA83BCE4DFEF3D4C5BA] [APT] [EPUpdater] (...) -- C:\Documents and Settings\Administrateur\Application Data\BabSolution\Shared\BabMaint.exe [9808] =>Hijacker.BabSolution
[MD5.00000000000000000000000000000000] [APT] [Express FilesUpdate] (...) -- C:\Program Files\ExpressFiles\EFUpdater.exe (.not file.) [0] =>Adware.ExpressFiles
[MD5.00000000000000000000000000000000] [APT] [OptimizerPro1UpdaterTask{C47948A1-E122-432D-B9CD-67EFD08972F9}] (...) -- C:\Documents and Settings\Administrateur\Application Data\Premium\OptimizerPro1\OptimizerPro1.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.00000000000000000000000000000000] [APT] [OptimizerProUpdaterTask{F4CA9D6E-31B8-49F5-9D12-A41CDF1885FE}] (...) -- C:\Documents and Settings\Administrateur\Application Data\Premium\OptimizerPro\OptimizerPro.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.00000000000000000000000000000000] [APT] [PC Optimizer Pro Scan] (...) -- C:\Program Files\PC Optimizer Pro\StartApps.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.00000000000000000000000000000000] [APT] [PC Optimizer Pro startups] (...) -- C:\Program Files\PC Optimizer Pro\StartApps.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.00000000000000000000000000000000] [APT] [PC Optimizer Pro Updates] (...) -- C:\Program Files\PC Optimizer Pro\StartApps.exe (.not file.) [0] =>PUP.OptimizerPro
[MD5.00000000000000000000000000000000] [APT] [schedule!3168119997] (...) -- C:\Documents and Settings\Administrateur\Application Data\BetterSoft\ContinueToSave\ContinueToSave.exe (.not file.) [0] =>PUP.Offerware
[MD5.00000000000000000000000000000000] [APT] [YourFile Update] (...) -- C:\Program Files\YourFileDownloader\YourFileUpdater.exe (.not file.) [0] =>PUP.YourFileDownloader
O42 - Logiciel: ContinueToSave - (.BetterSoft.) [HKLM] -- ContinueToSave =>PUP.OfferWare
O42 - Logiciel: ContinueToSave 1.74 - (...) [HKLM] -- SP_09b71135 =>PUP.Offerware
O42 - Logiciel: DealBulldog Toolbar Toolbar - (...) [HKLM] -- DealBulldog Toolbar Toolbar =>Adware.SocialSkinz
O42 - Logiciel: IB Updater 2.0.0.574 - (.IncrediBar.) [HKLM] -- {336D0C35-8A85-403a-B9D2-65C292C39087}_is1 =>Adware.InstallBrain
O42 - Logiciel: OptimizerPro - (.Premium.) [HKLM] -- OptimizerPro =>PUP.OptimizerPro
O42 - Logiciel: OptimizerPro1 - (.Premium.) [HKLM] -- OptimizerPro1 =>PUP.OptimizerPro
O42 - Logiciel: Search Assistant MocaFlix 1.66 - (...) [HKLM] -- SP_56ec1d15 => Infection PUP (PUP.Mocaflix)
O42 - Logiciel: Search Assistant SimpleSpeedy 1.74 - (...) [HKLM] -- SP_7699c875 =>PUP.Browse2Save
O42 - Logiciel: Search Assistant WebSearch 1.74 - (...) [HKLM] -- SP_b0285714 => Infection PUP (PUP.Mocaflix)
O42 - Logiciel: Search-Results Toolbar - (.APN LLC.) [HKLM] -- imeshtoolbar2 =>PUP.SearchResults
O42 - Logiciel: SpecialSavings - (.SpecialSavings.com.) [HKLM] -- SpecialSavings =>PUP.SpecialSavings
O42 - Logiciel: StartNow Toolbar - (.StartNow.com.) [HKLM] -- StartNow Toolbar =>Adware.Zugo
O42 - Logiciel: Yontoo 1.10.02 - (.Yontoo LLC.) [HKLM] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo
O42 - Logiciel: Zwinky Firefox Toolbar - (.Mindspark Interactive Network.) [HKLM] -- Zwinky_5qbar Uninstall Firefox =>Adware.MyClearSearch
[HKCU\Software\Alnaddy.com] => Infection PUP (Hijacker.Alnaddy)
[HKCU\Software\AppDataLow\SProtector] =>PUP.Mocaflix
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\BI] => Infection Web (Adware.MegaSearch)
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\ExpressFiles] =>Adware.ExpressFiles
[HKCU\Software\Grand Virtual] =>PUP.GrandVirtual
[HKCU\Software\IB Updater] =>Adware.InstallBrain
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Somoto Toolbar] =>Adware.MegaSearch
[HKCU\Software\SpecialSavings] =>PUP.SpecialSavings
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\StartNow Toolbar] =>Adware.Zugo
[HKCU\Software\StartSearch] =>PUP.StartSearch
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKCU\Software\YourFileDownloader] =>PUP.YourFileDownloader
[HKCU\Software\Zugo] =>Adware.Zugo
[HKCU\Software\Zwinky_5q] =>Adware.MyClearSearch
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\e6d8d9e23ebf43] => Infection PUP (Toolbar.Babylon)
[HKCU\Software\iMesh] =>PUP.iMesh
[HKCU\Software\imeshtoolbar2] =>PUP.iMesh
[HKLM\Software\Alnaddy.com] => Infection PUP (Hijacker.Alnaddy)
[HKLM\Software\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\Babylon] =>Toolbar.Babylon
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\ExpressFiles] =>Adware.ExpressFiles
[HKLM\Software\IB Updater] =>Adware.InstallBrain
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\SProtector] =>PUP.Mocaflix
[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\YourFileDownloader] =>PUP.YourFileDownloader
[HKLM\Software\Zwinky_5q] =>Adware.MyClearSearch
[HKLM\Software\e6d8d9e23ebf43] => Infection PUP (Toolbar.Babylon)
[HKLM\Software\iMeshSRTB] =>PUP.iMesh
O43 - CFD: 03-06-2011 - 11:20:09 - [0] ----D C:\Program Files\Babylon =>Toolbar.Babylon
O43 - CFD: 28-10-2012 - 18:31:04 - [2.074] ----D C:\Program Files\BabylonToolbar =>Toolbar.Babylon
O43 - CFD: 03-06-2013 - 19:10:31 - [0.431] ----D C:\Program Files\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 03-06-2013 - 19:50:42 - [1.473] ----D C:\Program Files\ContinueToSave =>PUP.Offerware
O43 - CFD: 07-11-2012 - 13:50:17 - [3.421] ----D C:\Program Files\DealBulldog Toolbar Toolbar =>Adware.SocialSkinz
O43 - CFD: 05-03-2013 - 21:13:36 - [2.154] ----D C:\Program Files\IB Updater =>Adware.InstallBrain
O43 - CFD: 05-10-2012 - 12:08:14 - [20.091] ----D C:\Program Files\iMesh Applications =>PUP.iMesh
O43 - CFD: 16-11-2012 - 10:26:58 - [0.784] ----D C:\Program Files\MocaFlix => Infection PUP (PUP.Mocaflix)
O43 - CFD: 17-12-2012 - 11:06:26 - [0] ----D C:\Program Files\Red Sky =>Adware.DownTango
O43 - CFD: 01-03-2013 - 12:38:59 - [1.526] ----D C:\Program Files\SimpleSpeedy =>PUP.Browse2Save
O43 - CFD: 06-04-2013 - 22:11:45 - [1.467] ----D C:\Program Files\SpecialSavings =>PUP.SpecialSavings
O43 - CFD: 07-04-2013 - 08:30:40 - [1.875] ----D C:\Program Files\StartNow Toolbar =>Adware.Zugo
O43 - CFD: 03-06-2013 - 19:52:03 - [1.470] ----D C:\Program Files\WebSearch => Infection PUP (PUP.Browse2Save)
O43 - CFD: 02-09-2012 - 22:20:26 - [0.315] ----D C:\Program Files\Yontoo =>Adware.Yontoo
O43 - CFD: 10-08-2013 - 09:49:15 - [9.077] ----D C:\Program Files\Zwinky_5q =>Adware.MyClearSearch
O43 - CFD: 03-06-2013 - 19:40:42 - [1.313] ----D C:\Documents and Settings\Administrateur\Application Data\BabSolution =>Hijacker.BabSolution
O43 - CFD: 28-10-2012 - 18:30:06 - [0.089] ----D C:\Documents and Settings\Administrateur\Application Data\Babylon =>Toolbar.Babylon
O43 - CFD: 18-05-2011 - 20:24:28 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\BabylonToolbar =>Toolbar.Babylon
O43 - CFD: 03-06-2013 - 19:10:36 - [1144.144] ----D C:\Documents and Settings\Administrateur\Application Data\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 21-04-2013 - 22:21:06 - [0.001] ----D C:\Documents and Settings\Administrateur\Application Data\ExpressFiles =>Adware.ExpressFiles
O43 - CFD: 03-10-2012 - 05:15:03 - [0.014] ----D C:\Documents and Settings\Administrateur\Application Data\imeshtoolbar2 =>PUP.iMesh
O43 - CFD: 01-09-2011 - 12:10:53 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\iWin => Adware.iWinArcade
O43 - CFD: 11-03-2013 - 22:00:47 - [35.116] ----D C:\Documents and Settings\Administrateur\Application Data\OpenCandy =>Adware.OpenCandy
O43 - CFD: 20-04-2013 - 08:34:26 - [0.500] ----D C:\Documents and Settings\Administrateur\Application Data\PriceGong =>Adware.PriceGong
O43 - CFD: 02-10-2012 - 06:57:21 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\searchresultstb =>PUP.SearchResults
O43 - CFD: 06-04-2013 - 22:11:55 - [0.066] ----D C:\Documents and Settings\Administrateur\Application Data\SpecialSavings =>PUP.SpecialSavings
O43 - CFD: 21-12-2012 - 21:41:17 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 07-04-2013 - 08:30:24 - [0.027] ----D C:\Documents and Settings\Administrateur\Application Data\StartNow Toolbar =>Adware.Zugo
O43 - CFD: 10-05-2013 - 19:47:24 - [0.294] ----D C:\Documents and Settings\Administrateur\Application Data\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 27-10-2012 - 18:18:07 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Toolbar4 => Infection BT (Adware.SocialSkinz)
O43 - CFD: 18-11-2012 - 13:07:19 - [0.008] ----D C:\Documents and Settings\Administrateur\Application Data\YourFileDownloader =>PUP.YourFileDownloader
O43 - CFD: 10-08-2013 - 09:49:40 - [0.094] ----D C:\Documents and Settings\Administrateur\Application Data\Zwinky_5q =>Adware.MyClearSearch
O47 - AAKE:Key Export SP - "C:\Program Files\YourFileDownloader\Downloader.exe" [Enabled] .(...) -- C:\Program Files\YourFileDownloader\Downloader.exe (.not file.) =>PUP.YourFileDownloader
O47 - AAKE:Key Export SP - "C:\Program Files\YourFileDownloader\YourFile.exe" [Enabled] .(...) -- C:\Program Files\YourFileDownloader\YourFile.exe (.not file.) =>PUP.YourFileDownloader
O47 - AAKE:Key Export SP - "C:\Program Files\cacaoweb\cacaoweb.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O47 - AAKE:Key Export SP - "C:\Program Files\ExpressFiles\expressdl.exe" [Enabled] .(...) -- C:\Program Files\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles
O47 - AAKE:Key Export SP - "C:\Program Files\ExpressFiles\ExpressFiles.exe" [Enabled] .(...) -- C:\Program Files\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O64 - Services: CurCS - 29-01-2013 - Pas de propriétaire (IB Updater) .(...) - LEGACY_IB_UPDATER =>Adware.InstallBrain
O64 - Services: CurCS - 22-06-2012 - Pas de propriétaire (Updater Service for StartNow Toolbar) .(...) - LEGACY_UPDATER_SERVICE_FOR_STARTNOW_TOOLBAR =>Adware.Zugo
O64 - Services: CurCS - 10-08-2013 - C:\Program Files\Zwinky_5q\bar\1.bin\5qbarsvc.exe (Zwinky_5qService) .(.COMPANYVERS_NAME - PRODUCTVERS_TITLE.) - LEGACY_ZWINKY_5QSERVICE =>Adware.MyClearSearch
O69 - SBI: SearchScopes [HKCU] {16CC3586-3547-4025-9E2F-F04C365D8B90} - (EazelBar Search) - Eazel search =>Hijacker.Eazel
O69 - SBI: SearchScopes [HKCU] {22385635-9830-4C8E-AA0C-F9EA8D0A1390} - (Alnaddy) - النادي - اكبر مجتمع عربي على الانترنت | زواج,اخبار,العاب,سيارات => Infection PUP (Hijacker.Alnaddy)
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://mysearch.avg.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {B224AA02-F7C8-3A2B-859F-560B80767E4A} - (Yahoo!) - StartNow =>Adware.Zugo
O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.a-searchpage.info => Infection PUP (PUP.Browse2Save)
O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - (MyStart Search) - http://mystart.incredimail.com =>Spyware.VMNToolbar
[HKCU\Software\e6d8d9e23ebf43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)
[HKCU\Software\e6d8d9e23ebf43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" => Infection PUP (Toolbar.Babylon)
[HKCU\Software\e6d8d9e23ebf43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)
[HKCU\Software\e6d8d9e23ebf43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" => Infection PUP (Toolbar.Babylon)
[HKCU\Software\e6d8d9e23ebf43] =>Toolbar.Babylon^

SR - | Auto 188760 | (IB Updater) . (...) - C:\Program Files\IB Updater\ExtensionUpdaterService.exe =>Adware.InstallBrain
SS - | Auto 0 | (KMService) . (...) - C:\WINDOWS\srvany.exe =>Hijacker.Office
SR - | Auto 265952 | (Updater Service for StartNow Toolbar) . (...) - C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe =>Adware.Zugo
SS - | Auto 10-08-2013 42504 | (Zwinky_5qService) . (.COMPANYVERS_NAME.) - C:\Program Files\Zwinky_5q\bar\1.bin\5qbarsvc.exe =>Adware.MyClearSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27488090-768A-4D20-A938-F223F71C344C}] =>Adware.MyClearSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>Toolbar.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}] =>Adware.InstallBrain^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}] =>Adware.SmileyBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BD3EA7C2-3AF8-4463-9A9C-6EB8E136CB02}] =>Adware.MyClearSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.SearchResults^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz^
[HKLM\SYSTEM\CurrentControlSet\Services\IB Updater] =>Adware.InstallBrain^
[HKLM\SYSTEM\CurrentControlSet\Services\KMService] =>Hijacker.Office^
[HKLM\SYSTEM\CurrentControlSet\Services\Updater Service for StartNow Toolbar] =>Adware.Zugo^
[HKLM\SYSTEM\CurrentControlSet\Services\Zwinky_5qService] =>Adware.MyClearSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave] =>PUP.OfferWare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_09b71135] =>PUP.Offerware^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealBulldog Toolbar Toolbar] =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1] =>Adware.InstallBrain^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro] =>PUP.OptimizerPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro1] =>PUP.OptimizerPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_7699c875] =>PUP.Browse2Save^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\imeshtoolbar2] =>PUP.SearchResults^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings] =>PUP.SpecialSavings^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar] =>Adware.Zugo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zwinky_5qbar Uninstall Firefox] =>Adware.MyClearSearch^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar
[HKLM\Software\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] =>PUP.iMesh
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}] =>PUP.Software.Updater
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo
[HKLM\Software\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] =>Adware.IncrediBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{6e4c89cf-3061-4ee4-b22a-b7a8aaea5cb3}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{35039355-8B79-4EA2-8175-F18BAFC5E685}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{B119FBCC-0FFA-4C0F-AEA6-2FCE4A3D3E12}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater
[HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}] =>Adware.IncrediBar
[HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] =>Adware.IncrediBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] =>Adware.IncrediBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo
[HKLM\Software\Classes\BrowserConnection.Loader.1] =>Adware.Bandoo
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru
[HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru
[HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater
[HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater
[HKLM\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] =>Adware.IncrediBar
[HKLM\Software\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca] =>Adware.IncrediBar
[HKLM\Software\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco] =>PUP.1ClickDownloader
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\FilesFrog Update Checker] =>Adware.Agent
[HKCU\Software\Grand Virtual] =>Spyware.AgenceExclusive
[HKLM\Software\Classes\Interface\{CFC4F268-E789-42E1-B255-FDFAE36C547F}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{BDCF34FD-97CD-4707-9266-1DC19A9EF01D}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{E55E0B19-457D-4ED3-B589-0103D41C83EC}] =>Hijacker.Alnaddy
[HKCU\Software\iMesh] =>PUP.iMesh
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\PriceGong] =>Adware.PriceGong
[HKLM\Software\SP Global] =>PUP.AdvancedSystemProtector
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\AppDataLow\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\SProtector] =>PUP.AdvancedSystemProtector
[HKCU\Software\StartSearch] =>Hijacker.Agent
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKCU\Software\Zugo] =>Adware.Zugo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}] =>PUP.Software.Updater
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15] =>PUP.Mocaflix
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Alnaddy.com] =>Hijacker.Alnaddy
[HKLM\Software\Alnaddy.com] =>Hijacker.Alnaddy
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook] =>Adware.SmileyBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}] =>Adware.Zugo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}] =>Adware.Zugo
[HKLM\Software\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}] =>Adware.Zugo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}] =>Adware.SmileyBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}] =>Adware.SmileyBar
[HKLM\Software\Classes\CLSID\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}] =>Adware.SmileyBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] =>PUP.iMesh
[HKCU\Software\imeshtoolbar2] =>PUP.iMesh
[HKLM\Software\iMeshSRTB] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.Datamngr
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.Datamngr
[HKLM\Software\Classes\CLSID\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.Datamngr
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.Datamngr
[HKLM\Software\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}] =>PUP.Datamngr
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD3AED25-23AB-4543-B915-159449C37197}] =>Hijacker.Alnaddy
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD3AED25-23AB-4543-B915-159449C37197}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\AppID\{AFE75FBA-AF4F-4F93-BE4E-9B58EDF370BF}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\TypeLib\{AFE75FBA-AF4F-4F93-BE4E-9B58EDF370BF}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\AppID\{D651E893-3D08-458D-A242-0E6B862E6507}] =>Hijacker.Alnaddy
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{55928DD2-8878-4275-AAB3-B3A09A67A1EB}] =>Hijacker.Alnaddy
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55928DD2-8878-4275-AAB3-B3A09A67A1EB}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{063922B3-931A-481A-A55E-4EB198BD9DFE}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{1088C560-0B2F-48A8-A449-3DB6D53FF8BA}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{1A897D73-1756-4251-B841-D633A63BA73F}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{FEDFBB0E-4889-47EE-90E6-F88BFD927629}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{23E0C19C-6650-4788-88BB-71979CC3263F}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{F7F4F65C-DA43-486C-92F4-5D35ACB81D11}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\Interface\{F3E11C16-FC77-47EB-9314-931BEB9C5C55}] =>Hijacker.Alnaddy
[HKLM\Software\Classes\delta.deltaappCore] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltaappCore.1] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd.1] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}] =>Hijacker.Eazel
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}] =>Hijacker.Eazel
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{16CC3586-3547-4025-9E2F-F04C365D8B90}] =>Hijacker.Eazel
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PC Optimizer Pro] =>Rogue.PCOptimizerPro
[HKLM\Software\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk] =>Spyware.GophotoIt
[HKCU\Software\BI] =>Adware.MegaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings
[HKLM\Software\Classes\CLSID\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites
[HKLM\Software\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}] =>Toolbar.Babylon
[HKLM\Software\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\YontooIEClient.DLL] =>Adware.Yontoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714] =>Adware.Browse2Save^
C:\Program Files\Babylon =>Toolbar.Babylon^
C:\Program Files\BabylonToolbar =>Toolbar.Babylon^
C:\Program Files\cacaoweb =>PUP.CacaoWeb^
C:\Program Files\ContinueToSave =>PUP.Offerware^
C:\Program Files\DealBulldog Toolbar Toolbar =>Adware.SocialSkinz^
C:\Program Files\IB Updater =>Adware.InstallBrain^
C:\Program Files\iMesh Applications =>PUP.iMesh^
C:\Program Files\Red Sky =>Adware.DownTango^
C:\Program Files\SimpleSpeedy =>PUP.Browse2Save^
C:\Program Files\SpecialSavings =>PUP.SpecialSavings^
C:\Program Files\StartNow Toolbar =>Adware.Zugo^
C:\Program Files\Yontoo =>Adware.Yontoo^
C:\Program Files\Zwinky_5q =>Adware.MyClearSearch^
C:\Documents and Settings\Administrateur\Application Data\BabSolution =>Hijacker.BabSolution^
C:\Documents and Settings\Administrateur\Application Data\Babylon =>Toolbar.Babylon^
C:\Documents and Settings\Administrateur\Application Data\BabylonToolbar =>Toolbar.Babylon^
C:\Documents and Settings\Administrateur\Application Data\cacaoweb =>PUP.CacaoWeb^
C:\Documents and Settings\Administrateur\Application Data\ExpressFiles =>Adware.ExpressFiles^
C:\Documents and Settings\Administrateur\Application Data\imeshtoolbar2 =>PUP.iMesh^
C:\Documents and Settings\Administrateur\Application Data\OpenCandy =>Adware.OpenCandy^
C:\Documents and Settings\Administrateur\Application Data\PriceGong
C:\Documents and Settings\Administrateur\Application Data\searchresultstb
C:\Documents and Settings\Administrateur\Application Data\SpecialSavings
C:\Documents and Settings\Administrateur\Application Data\SpeedMaxPc
C:\Documents and Settings\Administrateur\Application Data\StartNow Toolbar
C:\Documents and Settings\Administrateur\Application Data\SwvUpdater
C:\Documents and Settings\Administrateur\Application Data\YourFileDownloader
C:\Documents and Settings\Administrateur\Application Data\Zwinky_5q
C:\Program Files\YouTube Downloader
C:\Program Files\MocaFlix
C:\Program Files\Smiley Bar for Facebook
C:\Program Files\SimilarSites
C:\Program Files\WebSearch
C:\Program Files\Optimizer Pro
C:\Documents and Settings\Administrateur\Application Data\iWin
C:\Documents and Settings\Administrateur\Application Data\SimilarSites s
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Bundled software uninstaller
C:\Documents and Settings\Administrateur\Local Settings\Application Data\eSupport.com
C:\Program Files\IB Updater\ExtensionUpdaterService.exe
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml
C:\Program Files\Zwinky_5q\bar\1.bin\5qbar.dll
C:\Program Files\IB Updater\Extension32.dll
C:\Program Files\StartNow Toolbar\Toolbar32.dll
C:\Program Files\SpecialSavings\ScriptHost.dll
C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll
C:\Program Files\Zwinky_5q\bar\1.bin\5qSrcAs.dll
C:\Program Files\iMesh Applications\Mediabar\Datamngr\BrowserConnection.dll
C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll
C:\Program Files\DealBulldog Toolbar Toolbar\tbcore3.dll
C:\Program Files\Zwinky_5q\bar\1.bin\5qbarsvc.exe
C:\WINDOWS\Tasks\OptimizerPro1UpdaterTask{C47948A1-E122-432D-B9CD-67EFD08972F9}.job
C:\WINDOWS\Tasks\OptimizerProUpdaterTask{F4CA9D6E-31B8-49F5-9D12-A41CDF1885FE}.job
C:\WINDOWS\Tasks\PC Optimizer Pro Scan.job
C:\WINDOWS\Tasks\PC Optimizer Pro startups.job
C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job
C:\Documents and Settings\Administrateur\Application Data\BabSolution\Shared\BabMaint.exe
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\BabSolution]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\ExpressFiles]
[HKCU\Software\IB Updater]
[HKCU\Software\Smartbar]
[HKCU\Software\SpecialSavings]
[HKCU\Software\StartNow Toolbar]
[HKCU\Software\YourFileDownloader]
[HKCU\Software\Zwinky_5q]
[HKLM\Software\Babylon]
[HKLM\Software\ExpressFiles]
[HKLM\Software\IB Updater]
[HKLM\Software\YourFileDownloader]
[HKLM\Software\Zwinky_5q]
[HKCU\Software\e6d8d9e23ebf43]
C:\WINDOWS\srvany.exe
C:\WINDOWS\Tasks\EPUpdater.job
C:\WINDOWS\Tasks\schedule!3168119997.job
firewallraz
emptytemp
emptyflash


  • Le script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le. (avec le bouton "coller le presse-papier) Image IPB

    Clique sur le bouton GO pour lancer le nettoyage

  • Valide par Oui la désinstallation des programmes si demandé
  • Laisse l'outil travailler. Si un redémarrage est demandé, accepte et redémarre le PC
  • Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.
    Le rapport ZHPFixReport.txt est enregistré sous C:\ZHP\ZHPFix.txt

Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide.

++
  • 0

#6 le63corbo

le63corbo

    Junior Member

  • Membres
  • 5 messages

Posté 10 août 2013 - 07:02

Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013
Fichier d'export Registre :
Run by Administrateur at 10-08-2013 17:15:24
High Elevated Privileges : OK
Windows XP Professional Service Pack 3 (Build 2600)

Corbeille vidée

========== Clé(s) du Registre ==========
CTFDisabledCTFMon désactivé par défaut


========== Récapitulatif ==========
1 : Clé(s) du Registre
Mais internet Explrer elle se ferme aussitot demarrer

End of clean in 15mn 26s

========== Chemin de fichier rapport ==========
C:\ZHP\ZHPFix[R1].txt - 10-08-2013 17:15:26 [482]

Modifié par le63corbo, 10 août 2013 - 07:03 .

  • 0

#7 Apollo

Apollo

    Devil Member !

  • Equipe Sécurité
  • 20640 messages

Posté 10 août 2013 - 07:11

J'ai demandé des rapports. Te ficherais-tu de moi par hasard?

Si c'est le cas, on aura vite terminé car j'en resterais là.

Travaille en mode sans échec si nécessaire: Pour faire des analyses en mode sans échec faire comme suit: Comment démarrer Windows en mode sans échec : Astuces pour Dépanner Windows XP


1) Télécharger SFTGC.exe sur le Bureau >>>> il ne peut pas être ailleurs! L'y déplacer si nécessaire.

Sous XP, double cliquer sur le fichier.
Sous les autres versions de Windows, clic droit sur le fichier et choisir Exécuter en tant qu'administrateur.

Après l'initialisation, cliquer sur Go pour lancer le nettoyage.

Un rapport va s'ouvrir à la fin.
Ce rapport est sur le bureau (SFT.txt)

Héberger sur Accueil de Cjoint.com pour ne pas planter le sujet.


--------------------------
2) Le logiciel qui suit n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.
Ne pas utiliser en dehors de ce cas de figure.


Désactive ton antivirus, firewall et antispyware le temps de l'analyse.
Si vous ne savez pas comment faire, reportez-vous à cet article.

Connecter les supports amovibles (clé usb et autres) avant de procéder.


Tutoriel officiel

Télécharge ComboFix sur ton bureau (et pas ailleurs).
  • Image IPBSi la console de récupération n'est pas installée sur un XP, ComboFix va proposer de l'installer: Accepter!

    Image IPB
  • Assure toi que tous les programmes soient fermés avant de commencer.
  • Double-clique ComboFix.exe afin de l'exécuter.
  • Clique sur "Oui" au message de Limitation de Garantie qui s'affiche.
  • Il est possible que ton pare-feu (firewall) te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.
  • Ne ferme pas la fenêtre qui vient de s'ouvrir, tu te retrouverais avec un bureau vide.
  • Lorsque l'analyse sera terminée, un rapport apparaîtra.
  • Copie-colle ce rapport dans ta prochaine réponse.
    Le rapport se trouve dans : C:\Combofix.txt.

Si tu perds la connexion après le passage de ComboFix, voici comment la réparer ICI.


Si le message: "Tentative d'opération non autorisée sur une clé du Registre marquée pour suppression".
apparaissait, redémarrer le pc.


@++
  • 0