Internet Explorer se ferme tout seul

[le63corbo]

Je n ai pas pus resoudre le probleme de reprendre mon internet explorer j ai essayer touts les moyens de reinstalation mais rien a faire

je me remte a vous esperant trouver une solution voici le lien: © CJoint.com, 2012

Modifié le 10 août 2013 par Dylav
Suppression rapport volumineux par ailleurs hébergé avec lien fourni... ;o)

[Apollo]

Bonjour,

 

Désactive provisoirement l'antivirus: Si tu ne sais pas comment faire, reporte-toi à cet article.

 

1) Télécharge Voir le Fichier : RHosts.zip de S!RI sur le bureau, décompresse-le puis exécute-le. Uniquement pour XP !!!

 

-------------

2) Télécharge AdwCleaner par Xplode: Téléchargements - Outils de Xplode - AdwCleaner

 

Enregistre-le sur le bureau (et pas ailleurs).

 

Afin de ne pas fausser le rapport, ne passer l'outil qu'une seule fois svp!

 

 

Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.

Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.

 

Clique sur Suppression et laisse travailler l'outil.

 

Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.

 

Le rapport est en outre sauvegardé sous C:\AdwCleaner[s1]

 

NB: Si l'outil "cale" en mode normal, le lancer en mode sans échec: Comment démarrer Windows en mode sans échec : Astuces pour Dépanner Windows XP

 

A lire absolument: Lisez d'abord, cliquez après !!! : Questions sur la Sécurité Windows

Logiciels et sponsors : Questions sur la Sécurité Windows

 

-------------------------

 

3) Télécharge Junkware Removal Tool sur le bureau: Junkware Removal Tool Download

 

Site éditeur: Junkware Removal Tool | Information about the tool

 

Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.

 

Sous Vista/7/8, clic droit/exécuter en temps qu'administrateur.

 

Afin de ne pas fausser les rapports, ne passer l'outil qu'une seule fois svp!

 

 

Si l'antivirus fait des siennes: désactive-le provisoirement. Si tu ne sais pas comment faire, reporte-toi à cet article.

 

Poste le rapport généré à la fin de l'analyse.

 

NB: Le bureau disparaitra un instant, c'est normal.

 

>>>Si le rapport est long, l'héberger ici: Accueil de Cjoint.com

 

 

 

 

------------------------

4) Refais un ZHPDiag et héberge le rapport: ne le colle pas sur le forum stp! Donne juste le lien.

 

@++

Modifié le 10 août 2013 par Apollo

[le63corbo]

© CJoint.com, 2012

[Apollo]

Poste les rapports demandés svp.

 

++

[Apollo]

ZHPFix :

 

• Ferme toutes les applications ouvertes
   
  
• Double-clique sur ZHPFix, raccourci installé par ZHPDiag sur le Bureau
  Important:
  Sous Vista et Windows 7/8 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur.
   
  
• Copie les lignes ci-dessous dans la fenêtre

 

[MD5.CEDB27BACA286F063C3A11D44AF530AE] - (...) -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760] [PID.3444] =>Adware.InstallBrain

[MD5.1E9993AC255B3220BCE71FE9E056BBC9] - (...) -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe [265952] [PID.332] =>Adware.Zugo

G0 - GCSP: Preference [user Data\Default] tore_on_startup": ["http://blekkosearch.mystart.com'>http://blekkosearch.mystart.com =>Spyware.VMNToolbar

G0 - GCSP: Preference [user Data\Default] ore_on_startup": ["http://blekkosearch.mystart.com =>Spyware.VMNToolbar

M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon

P2 - FPN: [HKLM] [@Zwinky_5q.com/Plugin] - (.MindSpark - MindSpark Toolbar Platform Plugin Stub for 32-bit Windows.) -- C:\Program Files\Zwinky_5q\bar\1.bin\NP5qStub.dll =>Adware.MyClearSearch

O2 - BHO: Toolbar BHO - {27488090-768a-4d20-a938-f223f71c344c} . (.MindSpark - MindSpark Toolbar Platform.) -- C:\Program Files\Zwinky_5q\bar\1.bin\5qbar.dll =>Adware.MyClearSearch

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} Clé orpheline =>Toolbar.Babylon

O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} . (...) -- C:\Program Files\IB Updater\Extension32.dll =>Adware.InstallBrain

O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} . (.Pas de propriétaire - Toolbar.) -- C:\Program Files\StartNow Toolbar\Toolbar32.dll =>Adware.Zugo

O2 - BHO: SpecialSavings - {938958E8-355C-49FF-92B0-53C1B87ACEA9} . (.SpecialSavings.com - ScriptHost.) -- C:\Program Files\SpecialSavings\ScriptHost.dll =>PUP.SpecialSavings

O2 - BHO: Smiley Bar for Facebook - {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} . (.Status Winks - ScriptHost.) -- C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll =>Adware.SmileyBar

O2 - BHO: Search Assistant BHO - {bd3ea7c2-3af8-4463-9a9c-6eb8e136cb02} . (.MindSpark - MindSpark Search Assistant.) -- C:\Program Files\Zwinky_5q\bar\1.bin\5qSrcAs.dll =>Adware.MyClearSearch

O2 - BHO: DataMngr - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} . (.iMesh, Inc - Url Helper.) -- C:\Program Files\iMesh Applications\Mediabar\Datamngr\BrowserConnection.dll =>PUP.Datamngr

O2 - BHO: Search-Results Toolbar - {bff6b2ca-366c-4a90-b685-d87776deb0d2} . (.APN LLC - dtx Dynamic Link Library.) -- C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll =>PUP.SearchResults

O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\DealBulldog Toolbar Toolbar\tbcore3.dll =>Adware.SocialSkinz

O3 - Toolbar: Search-Results Toolbar - [HKLM]{bff6b2ca-366c-4a90-b685-d87776deb0d2} . (.APN LLC - dtx Dynamic Link Library.) -- C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll =>PUP.SearchResults

O3 - Toolbar: (no name) - [HKLM]{CD3AED25-23AB-4543-B915-159449C37197} Clé orpheline => Infection PUP (Hijacker.Alnaddy)

O3 - Toolbar: StartNow Toolbar - [HKLM]{5911488E-9D1E-40ec-8CBB-06B231CC153F} . (.Pas de propriétaire - Toolbar.) -- C:\Program Files\StartNow Toolbar\Toolbar32.dll =>Adware.Zugo

O3 - Toolbar: Zwinky - [HKLM]{3033124f-06bf-4829-873a-310a125b4d4c} . (.MindSpark - MindSpark Toolbar Platform.) -- C:\Program Files\Zwinky_5q\bar\1.bin\5qbar.dll =>Adware.MyClearSearch

O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline => Infection PUP (PUP.SweetIM)

O4 - HKCU\..\Run: [skymonk2] . (...) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Skymonk2\skymonk2.exe => Infection Rogue (Possible)

O4 - HKUS\S-1-5-21-1801674531-2049760794-1417001333-500\..\Run: [skymonk2] . (...) -- C:\Documents and Settings\Administrateur\Local Settings\Application Data\Skymonk2\skymonk2.exe => Infection Rogue (Possible)

O23 - Service: IB Updater (IB Updater) . (...) - C:\Program Files\IB Updater\ExtensionUpdaterService.exe =>Adware.InstallBrain

O23 - Service: KMService (KMService) . (...) - C:\WINDOWS\srvany.exe (.not file.) =>Hijacker.Office

O23 - Service: Updater Service for StartNow Toolbar (Updater Service for StartNow Toolbar) . (...) - C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe =>Adware.Zugo

O23 - Service: ZwinkyService (Zwinky_5qService) . (.COMPANYVERS_NAME - PRODUCTVERS_TITLE.) - C:\Program Files\Zwinky_5q\bar\1.bin\5qbarsvc.exe =>Adware.MyClearSearch

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\EPUpdater.job [290] => Infection PUP (Hijacker.BabSolution)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OptimizerPro1UpdaterTask{C47948A1-E122-432D-B9CD-67EFD08972F9}.job [582] =>PUP.OptimizerPro

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OptimizerProUpdaterTask{F4CA9D6E-31B8-49F5-9D12-A41CDF1885FE}.job [576] =>PUP.OptimizerPro

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PC Optimizer Pro Scan.job [424] =>PUP.OptimizerPro

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PC Optimizer Pro startups.job [428] =>PUP.OptimizerPro

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job [456] =>PUP.OptimizerPro

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\YourFile Update.job [316] => Infection PUP (PUP.YourFileDownloader)

[MD5.F1B6B19AA752DEA83BCE4DFEF3D4C5BA] [APT] [EPUpdater] (...) -- C:\Documents and Settings\Administrateur\Application Data\BabSolution\Shared\BabMaint.exe [9808] =>Hijacker.BabSolution

[MD5.00000000000000000000000000000000] [APT] [Express FilesUpdate] (...) -- C:\Program Files\ExpressFiles\EFUpdater.exe (.not file.) [0] =>Adware.ExpressFiles

[MD5.00000000000000000000000000000000] [APT] [OptimizerPro1UpdaterTask{C47948A1-E122-432D-B9CD-67EFD08972F9}] (...) -- C:\Documents and Settings\Administrateur\Application Data\Premium\OptimizerPro1\OptimizerPro1.exe (.not file.) [0] =>PUP.OptimizerPro

[MD5.00000000000000000000000000000000] [APT] [OptimizerProUpdaterTask{F4CA9D6E-31B8-49F5-9D12-A41CDF1885FE}] (...) -- C:\Documents and Settings\Administrateur\Application Data\Premium\OptimizerPro\OptimizerPro.exe (.not file.) [0] =>PUP.OptimizerPro

[MD5.00000000000000000000000000000000] [APT] [PC Optimizer Pro Scan] (...) -- C:\Program Files\PC Optimizer Pro\StartApps.exe (.not file.) [0] =>PUP.OptimizerPro

[MD5.00000000000000000000000000000000] [APT] [PC Optimizer Pro startups] (...) -- C:\Program Files\PC Optimizer Pro\StartApps.exe (.not file.) [0] =>PUP.OptimizerPro

[MD5.00000000000000000000000000000000] [APT] [PC Optimizer Pro Updates] (...) -- C:\Program Files\PC Optimizer Pro\StartApps.exe (.not file.) [0] =>PUP.OptimizerPro

[MD5.00000000000000000000000000000000] [APT] [schedule!3168119997] (...) -- C:\Documents and Settings\Administrateur\Application Data\BetterSoft\ContinueToSave\ContinueToSave.exe (.not file.) [0] =>PUP.Offerware

[MD5.00000000000000000000000000000000] [APT] [YourFile Update] (...) -- C:\Program Files\YourFileDownloader\YourFileUpdater.exe (.not file.) [0] =>PUP.YourFileDownloader

O42 - Logiciel: ContinueToSave - (.BetterSoft.) [HKLM] -- ContinueToSave =>PUP.OfferWare

O42 - Logiciel: ContinueToSave 1.74 - (...) [HKLM] -- SP_09b71135 =>PUP.Offerware

O42 - Logiciel: DealBulldog Toolbar Toolbar - (...) [HKLM] -- DealBulldog Toolbar Toolbar =>Adware.SocialSkinz

O42 - Logiciel: IB Updater 2.0.0.574 - (.IncrediBar.) [HKLM] -- {336D0C35-8A85-403a-B9D2-65C292C39087}_is1 =>Adware.InstallBrain

O42 - Logiciel: OptimizerPro - (.Premium.) [HKLM] -- OptimizerPro =>PUP.OptimizerPro

O42 - Logiciel: OptimizerPro1 - (.Premium.) [HKLM] -- OptimizerPro1 =>PUP.OptimizerPro

O42 - Logiciel: Search Assistant MocaFlix 1.66 - (...) [HKLM] -- SP_56ec1d15 => Infection PUP (PUP.Mocaflix)

O42 - Logiciel: Search Assistant SimpleSpeedy 1.74 - (...) [HKLM] -- SP_7699c875 =>PUP.Browse2Save

O42 - Logiciel: Search Assistant WebSearch 1.74 - (...) [HKLM] -- SP_b0285714 => Infection PUP (PUP.Mocaflix)

O42 - Logiciel: Search-Results Toolbar - (.APN LLC.) [HKLM] -- imeshtoolbar2 =>PUP.SearchResults

O42 - Logiciel: SpecialSavings - (.SpecialSavings.com.) [HKLM] -- SpecialSavings =>PUP.SpecialSavings

O42 - Logiciel: StartNow Toolbar - (.StartNow.com.) [HKLM] -- StartNow Toolbar =>Adware.Zugo

O42 - Logiciel: Yontoo 1.10.02 - (.Yontoo LLC.) [HKLM] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo

O42 - Logiciel: Zwinky Firefox Toolbar - (.Mindspark Interactive Network.) [HKLM] -- Zwinky_5qbar Uninstall Firefox =>Adware.MyClearSearch

[HKCU\Software\Alnaddy.com] => Infection PUP (Hijacker.Alnaddy)

[HKCU\Software\AppDataLow\SProtector] =>PUP.Mocaflix

[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar

[HKCU\Software\BI] => Infection Web (Adware.MegaSearch)

[HKCU\Software\BabSolution] =>Hijacker.BabSolution

[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon

[HKCU\Software\DataMngr] =>PUP.Datamngr

[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr

[HKCU\Software\ExpressFiles] =>Adware.ExpressFiles

[HKCU\Software\Grand Virtual] =>PUP.GrandVirtual

[HKCU\Software\IB Updater] =>Adware.InstallBrain

[HKCU\Software\InstallCore] =>Adware.InstallCore

[HKCU\Software\PriceGong] =>Adware.PriceGong

[HKCU\Software\Smartbar] =>Hijacker.SmartBar

[HKCU\Software\Somoto Toolbar] =>Adware.MegaSearch

[HKCU\Software\SpecialSavings] =>PUP.SpecialSavings

[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKCU\Software\StartNow Toolbar] =>Adware.Zugo

[HKCU\Software\StartSearch] =>PUP.StartSearch

[HKCU\Software\SweetIM] =>PUP.SweetIM

[HKCU\Software\WNLT] =>Adware.IncrediBar

[HKCU\Software\YourFileDownloader] =>PUP.YourFileDownloader

[HKCU\Software\Zugo] =>Adware.Zugo

[HKCU\Software\Zwinky_5q] =>Adware.MyClearSearch

[HKCU\Software\cacaoweb] =>PUP.CacaoWeb

[HKCU\Software\e6d8d9e23ebf43] => Infection PUP (Toolbar.Babylon)

[HKCU\Software\iMesh] =>PUP.iMesh

[HKCU\Software\imeshtoolbar2] =>PUP.iMesh

[HKLM\Software\Alnaddy.com] => Infection PUP (Hijacker.Alnaddy)

[HKLM\Software\BabylonToolbar] =>Toolbar.Babylon

[HKLM\Software\Babylon] =>Toolbar.Babylon

[HKLM\Software\DataMngr] =>PUP.Datamngr

[HKLM\Software\ExpressFiles] =>Adware.ExpressFiles

[HKLM\Software\IB Updater] =>Adware.InstallBrain

[HKLM\Software\Iminent] =>Adware.IMBooster

[HKLM\Software\SP Global] =>PUP.AdvancedSystemProtector

[HKLM\Software\SProtector] =>PUP.Mocaflix

[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKLM\Software\SweetIM] =>PUP.SweetIM

[HKLM\Software\YourFileDownloader] =>PUP.YourFileDownloader

[HKLM\Software\Zwinky_5q] =>Adware.MyClearSearch

[HKLM\Software\e6d8d9e23ebf43] => Infection PUP (Toolbar.Babylon)

[HKLM\Software\iMeshSRTB] =>PUP.iMesh

O43 - CFD: 03-06-2011 - 11:20:09 - [0] ----D C:\Program Files\Babylon =>Toolbar.Babylon

O43 - CFD: 28-10-2012 - 18:31:04 - [2.074] ----D C:\Program Files\BabylonToolbar =>Toolbar.Babylon

O43 - CFD: 03-06-2013 - 19:10:31 - [0.431] ----D C:\Program Files\cacaoweb =>PUP.CacaoWeb

O43 - CFD: 03-06-2013 - 19:50:42 - [1.473] ----D C:\Program Files\ContinueToSave =>PUP.Offerware

O43 - CFD: 07-11-2012 - 13:50:17 - [3.421] ----D C:\Program Files\DealBulldog Toolbar Toolbar =>Adware.SocialSkinz

O43 - CFD: 05-03-2013 - 21:13:36 - [2.154] ----D C:\Program Files\IB Updater =>Adware.InstallBrain

O43 - CFD: 05-10-2012 - 12:08:14 - [20.091] ----D C:\Program Files\iMesh Applications =>PUP.iMesh

O43 - CFD: 16-11-2012 - 10:26:58 - [0.784] ----D C:\Program Files\MocaFlix => Infection PUP (PUP.Mocaflix)

O43 - CFD: 17-12-2012 - 11:06:26 - [0] ----D C:\Program Files\Red Sky =>Adware.DownTango

O43 - CFD: 01-03-2013 - 12:38:59 - [1.526] ----D C:\Program Files\SimpleSpeedy =>PUP.Browse2Save

O43 - CFD: 06-04-2013 - 22:11:45 - [1.467] ----D C:\Program Files\SpecialSavings =>PUP.SpecialSavings

O43 - CFD: 07-04-2013 - 08:30:40 - [1.875] ----D C:\Program Files\StartNow Toolbar =>Adware.Zugo

O43 - CFD: 03-06-2013 - 19:52:03 - [1.470] ----D C:\Program Files\WebSearch => Infection PUP (PUP.Browse2Save)

O43 - CFD: 02-09-2012 - 22:20:26 - [0.315] ----D C:\Program Files\Yontoo =>Adware.Yontoo

O43 - CFD: 10-08-2013 - 09:49:15 - [9.077] ----D C:\Program Files\Zwinky_5q =>Adware.MyClearSearch

O43 - CFD: 03-06-2013 - 19:40:42 - [1.313] ----D C:\Documents and Settings\Administrateur\Application Data\BabSolution =>Hijacker.BabSolution

O43 - CFD: 28-10-2012 - 18:30:06 - [0.089] ----D C:\Documents and Settings\Administrateur\Application Data\Babylon =>Toolbar.Babylon

O43 - CFD: 18-05-2011 - 20:24:28 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\BabylonToolbar =>Toolbar.Babylon

O43 - CFD: 03-06-2013 - 19:10:36 - [1144.144] ----D C:\Documents and Settings\Administrateur\Application Data\cacaoweb =>PUP.CacaoWeb

O43 - CFD: 21-04-2013 - 22:21:06 - [0.001] ----D C:\Documents and Settings\Administrateur\Application Data\ExpressFiles =>Adware.ExpressFiles

O43 - CFD: 03-10-2012 - 05:15:03 - [0.014] ----D C:\Documents and Settings\Administrateur\Application Data\imeshtoolbar2 =>PUP.iMesh

O43 - CFD: 01-09-2011 - 12:10:53 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\iWin => Adware.iWinArcade

O43 - CFD: 11-03-2013 - 22:00:47 - [35.116] ----D C:\Documents and Settings\Administrateur\Application Data\OpenCandy =>Adware.OpenCandy

O43 - CFD: 20-04-2013 - 08:34:26 - [0.500] ----D C:\Documents and Settings\Administrateur\Application Data\PriceGong =>Adware.PriceGong

O43 - CFD: 02-10-2012 - 06:57:21 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\searchresultstb =>PUP.SearchResults

O43 - CFD: 06-04-2013 - 22:11:55 - [0.066] ----D C:\Documents and Settings\Administrateur\Application Data\SpecialSavings =>PUP.SpecialSavings

O43 - CFD: 21-12-2012 - 21:41:17 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc

O43 - CFD: 07-04-2013 - 08:30:24 - [0.027] ----D C:\Documents and Settings\Administrateur\Application Data\StartNow Toolbar =>Adware.Zugo

O43 - CFD: 10-05-2013 - 19:47:24 - [0.294] ----D C:\Documents and Settings\Administrateur\Application Data\SwvUpdater =>PUP.Software.Updater

O43 - CFD: 27-10-2012 - 18:18:07 - [0] ----D C:\Documents and Settings\Administrateur\Application Data\Toolbar4 => Infection BT (Adware.SocialSkinz)

O43 - CFD: 18-11-2012 - 13:07:19 - [0.008] ----D C:\Documents and Settings\Administrateur\Application Data\YourFileDownloader =>PUP.YourFileDownloader

O43 - CFD: 10-08-2013 - 09:49:40 - [0.094] ----D C:\Documents and Settings\Administrateur\Application Data\Zwinky_5q =>Adware.MyClearSearch

O47 - AAKE:Key Export SP - "C:\Program Files\YourFileDownloader\Downloader.exe" [Enabled] .(...) -- C:\Program Files\YourFileDownloader\Downloader.exe (.not file.) =>PUP.YourFileDownloader

O47 - AAKE:Key Export SP - "C:\Program Files\YourFileDownloader\YourFile.exe" [Enabled] .(...) -- C:\Program Files\YourFileDownloader\YourFile.exe (.not file.) =>PUP.YourFileDownloader

O47 - AAKE:Key Export SP - "C:\Program Files\cacaoweb\cacaoweb.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb

O47 - AAKE:Key Export SP - "C:\Program Files\ExpressFiles\expressdl.exe" [Enabled] .(...) -- C:\Program Files\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles

O47 - AAKE:Key Export SP - "C:\Program Files\ExpressFiles\ExpressFiles.exe" [Enabled] .(...) -- C:\Program Files\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles

O64 - Services: CurCS - 29-01-2013 - Pas de propriétaire (IB Updater) .(...) - LEGACY_IB_UPDATER =>Adware.InstallBrain

O64 - Services: CurCS - 22-06-2012 - Pas de propriétaire (Updater Service for StartNow Toolbar) .(...) - LEGACY_UPDATER_SERVICE_FOR_STARTNOW_TOOLBAR =>Adware.Zugo

O64 - Services: CurCS - 10-08-2013 - C:\Program Files\Zwinky_5q\bar\1.bin\5qbarsvc.exe (Zwinky_5qService) .(.COMPANYVERS_NAME - PRODUCTVERS_TITLE.) - LEGACY_ZWINKY_5QSERVICE =>Adware.MyClearSearch

O69 - SBI: SearchScopes [HKCU] {16CC3586-3547-4025-9E2F-F04C365D8B90} - (EazelBar Search) - Eazel search =>Hijacker.Eazel

O69 - SBI: SearchScopes [HKCU] {22385635-9830-4C8E-AA0C-F9EA8D0A1390} - (Alnaddy) - النادي - اكبر مجتمع عربي على الانترنت | زواج,اخبار,العاب,سيارات => Infection PUP (Hijacker.Alnaddy)

O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://mysearch.avg.com =>Adware.MyWebSearch

O69 - SBI: SearchScopes [HKCU] {B224AA02-F7C8-3A2B-859F-560B80767E4A} - (Yahoo!) - StartNow =>Adware.Zugo

O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.a-searchpage.info => Infection PUP (PUP.Browse2Save)

O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - (MyStart Search) - http://mystart.incredimail.com =>Spyware.VMNToolbar

[HKCU\Software\e6d8d9e23ebf43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\e6d8d9e23ebf43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\e6d8d9e23ebf43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\e6d8d9e23ebf43\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" => Infection PUP (Toolbar.Babylon)

[HKCU\Software\e6d8d9e23ebf43] =>Toolbar.Babylon^

 

SR - | Auto 188760 | (IB Updater) . (...) - C:\Program Files\IB Updater\ExtensionUpdaterService.exe =>Adware.InstallBrain

SS - | Auto 0 | (KMService) . (...) - C:\WINDOWS\srvany.exe =>Hijacker.Office

SR - | Auto 265952 | (Updater Service for StartNow Toolbar) . (...) - C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe =>Adware.Zugo

SS - | Auto 10-08-2013 42504 | (Zwinky_5qService) . (.COMPANYVERS_NAME.) - C:\Program Files\Zwinky_5q\bar\1.bin\5qbarsvc.exe =>Adware.MyClearSearch

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27488090-768A-4D20-A938-F223F71C344C}] =>Adware.MyClearSearch^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>Toolbar.Babylon^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}] =>Adware.InstallBrain^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}] =>Adware.SmileyBar^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BD3EA7C2-3AF8-4463-9A9C-6EB8E136CB02}] =>Adware.MyClearSearch^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] =>PUP.Datamngr^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.SearchResults^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz^

[HKLM\SYSTEM\CurrentControlSet\Services\IB Updater] =>Adware.InstallBrain^

[HKLM\SYSTEM\CurrentControlSet\Services\KMService] =>Hijacker.Office^

[HKLM\SYSTEM\CurrentControlSet\Services\Updater Service for StartNow Toolbar] =>Adware.Zugo^

[HKLM\SYSTEM\CurrentControlSet\Services\Zwinky_5qService] =>Adware.MyClearSearch^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave] =>PUP.OfferWare^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_09b71135] =>PUP.Offerware^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealBulldog Toolbar Toolbar] =>Adware.SocialSkinz^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1] =>Adware.InstallBrain^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro] =>PUP.OptimizerPro^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro1] =>PUP.OptimizerPro^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_7699c875] =>PUP.Browse2Save^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\imeshtoolbar2] =>PUP.SearchResults^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings] =>PUP.SpecialSavings^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar] =>Adware.Zugo^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo^

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zwinky_5qbar Uninstall Firefox] =>Adware.MyClearSearch^

[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods

[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon

[HKLM\Software\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon

[HKLM\Software\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo

[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo

[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo

[HKLM\Software\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}] =>PUP.SweetIM

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar

[HKLM\Software\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}] =>Adware.IncrediBar

[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon

[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>Adware.IMBooster

[HKLM\Software\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade

[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{474597C5-AB09-49d6-A4D5-2E8D7341384E}] =>PUP.iMesh

[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon

[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon

[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent

[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}] =>PUP.Software.Updater

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo

[HKLM\Software\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}] =>Adware.Zugo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] =>Adware.IncrediBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] =>Adware.IncrediBar

[HKLM\Software\Classes\Interface\{6e4c89cf-3061-4ee4-b22a-b7a8aaea5cb3}] =>Adware.Bandoo

[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>Toolbar.Babylon

[HKLM\Software\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}] =>Adware.Yontoo

[HKLM\Software\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] =>Adware.Yontoo

[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{35039355-8B79-4EA2-8175-F18BAFC5E685}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{B119FBCC-0FFA-4C0F-AEA6-2FCE4A3D3E12}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}] =>Adware.Agent

[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits

[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater

[HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}] =>Adware.SocialSkinz

[HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater

[HKLM\Software\Classes\TypeLib\{A147AA03-820F-4A0F-9F34-D6CB4004A2F9}] =>PUP.iMesh

[HKLM\Software\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>Toolbar.Babylon

[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>Toolbar.Babylon

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}] =>PUP.SweetIM

[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch

[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper

[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz

[HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>Toolbar.Babylon

[HKLM\Software\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}] =>Adware.SocialSkinz

[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch

[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}] =>Adware.IncrediBar

[HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon

[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}] =>Adware.SocialSkinz

[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo

[HKLM\Software\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo

[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar

[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] =>Adware.IncrediBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] =>Adware.IncrediBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz

[HKLM\Software\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}] =>Adware.Yontoo

[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo

[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon

[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon

[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon

[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon

[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar] =>Toolbar.Babylon

[HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo

[HKLM\Software\Classes\BrowserConnection.Loader.1] =>Adware.Bandoo

[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods

[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods

[HKLM\Software\Classes\CLSID\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru

[HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru

[HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater

[HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater

[HKLM\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] =>Adware.IncrediBar

[HKLM\Software\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca] =>Adware.IncrediBar

[HKLM\Software\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco] =>PUP.1ClickDownloader

[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader

[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon

[HKLM\Software\BabylonToolbar] =>Toolbar.Babylon

[HKCU\Software\cacaoweb] =>PUP.CacaoWeb

[HKCU\Software\DataMngr] =>Adware.Bandoo

[HKLM\Software\DataMngr] =>Adware.Bandoo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\FilesFrog Update Checker] =>Adware.Agent

[HKCU\Software\Grand Virtual] =>Spyware.AgenceExclusive

[HKLM\Software\Classes\Interface\{CFC4F268-E789-42E1-B255-FDFAE36C547F}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{BDCF34FD-97CD-4707-9266-1DC19A9EF01D}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{E55E0B19-457D-4ED3-B589-0103D41C83EC}] =>Hijacker.Alnaddy

[HKCU\Software\iMesh] =>PUP.iMesh

[HKLM\Software\Iminent] =>Adware.IMBooster

[HKCU\Software\PriceGong] =>Adware.PriceGong

[HKLM\Software\SP Global] =>PUP.AdvancedSystemProtector

[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKCU\Software\AppDataLow\SProtector] =>PUP.AdvancedSystemProtector

[HKLM\Software\SProtector] =>PUP.AdvancedSystemProtector

[HKCU\Software\StartSearch] =>Hijacker.Agent

[HKCU\Software\SweetIM] =>PUP.SweetIM

[HKLM\Software\SweetIM] =>PUP.SweetIM

[HKCU\Software\WNLT] =>Adware.IncrediBar

[HKCU\Software\Zugo] =>Adware.Zugo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}] =>PUP.Software.Updater

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_56ec1d15] =>PUP.Mocaflix

[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon

[HKCU\Software\InstallCore] =>Adware.InstallCore

[HKCU\Software\Alnaddy.com] =>Hijacker.Alnaddy

[HKLM\Software\Alnaddy.com] =>Hijacker.Alnaddy

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods

[HKLM\Software\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook] =>Adware.SmileyBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}] =>Adware.Zugo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}] =>Adware.Zugo

[HKLM\Software\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}] =>Adware.Zugo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}] =>Adware.SmileyBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}] =>Adware.SmileyBar

[HKLM\Software\Classes\CLSID\{944FEDFD-C4FD-441D-8275-9C651A9FFBDE}] =>Adware.SmileyBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] =>PUP.iMesh

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] =>PUP.iMesh

[HKLM\Software\Classes\CLSID\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}] =>PUP.iMesh

[HKCU\Software\imeshtoolbar2] =>PUP.iMesh

[HKLM\Software\iMeshSRTB] =>PUP.iMesh

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.Datamngr

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.Datamngr

[HKLM\Software\Classes\CLSID\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.Datamngr

[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}] =>PUP.Datamngr

[HKLM\Software\Classes\CLSID\{950F80EF-32C2-47DD-9C35-9576E21EE66E}] =>PUP.Datamngr

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD3AED25-23AB-4543-B915-159449C37197}] =>Hijacker.Alnaddy

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD3AED25-23AB-4543-B915-159449C37197}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\AppID\{AFE75FBA-AF4F-4F93-BE4E-9B58EDF370BF}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\TypeLib\{AFE75FBA-AF4F-4F93-BE4E-9B58EDF370BF}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\AppID\{D651E893-3D08-458D-A242-0E6B862E6507}] =>Hijacker.Alnaddy

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{55928DD2-8878-4275-AAB3-B3A09A67A1EB}] =>Hijacker.Alnaddy

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{55928DD2-8878-4275-AAB3-B3A09A67A1EB}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{063922B3-931A-481A-A55E-4EB198BD9DFE}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{1088C560-0B2F-48A8-A449-3DB6D53FF8BA}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{1A897D73-1756-4251-B841-D633A63BA73F}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{FEDFBB0E-4889-47EE-90E6-F88BFD927629}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{23E0C19C-6650-4788-88BB-71979CC3263F}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{F7F4F65C-DA43-486C-92F4-5D35ACB81D11}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\Interface\{F3E11C16-FC77-47EB-9314-931BEB9C5C55}] =>Hijacker.Alnaddy

[HKLM\Software\Classes\delta.deltaappCore] =>PUP.Funmoods

[HKLM\Software\Classes\delta.deltaappCore.1] =>PUP.Funmoods

[HKLM\Software\Classes\delta.deltadskBnd] =>PUP.Funmoods

[HKLM\Software\Classes\delta.deltadskBnd.1] =>PUP.Funmoods

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}] =>Hijacker.Eazel

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}] =>Hijacker.Eazel

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{16CC3586-3547-4025-9E2F-F04C365D8B90}] =>Hijacker.Eazel

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\PC Optimizer Pro] =>Rogue.PCOptimizerPro

[HKLM\Software\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk] =>Spyware.GophotoIt

[HKCU\Software\BI] =>Adware.MegaSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings

[HKLM\Software\Classes\CLSID\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings

[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites

[HKLM\Software\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}] =>Toolbar.Babylon

[HKLM\Software\Classes\YontooIEClient.Api] =>Adware.Yontoo

[HKLM\Software\Classes\YontooIEClient.Api.1] =>Adware.Yontoo

[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods

[HKLM\Software\Classes\AppID\YontooIEClient.DLL] =>Adware.Yontoo

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714] =>Adware.Browse2Save^

C:\Program Files\Babylon =>Toolbar.Babylon^

C:\Program Files\BabylonToolbar =>Toolbar.Babylon^

C:\Program Files\cacaoweb =>PUP.CacaoWeb^

C:\Program Files\ContinueToSave =>PUP.Offerware^

C:\Program Files\DealBulldog Toolbar Toolbar =>Adware.SocialSkinz^

C:\Program Files\IB Updater =>Adware.InstallBrain^

C:\Program Files\iMesh Applications =>PUP.iMesh^

C:\Program Files\Red Sky =>Adware.DownTango^

C:\Program Files\SimpleSpeedy =>PUP.Browse2Save^

C:\Program Files\SpecialSavings =>PUP.SpecialSavings^

C:\Program Files\StartNow Toolbar =>Adware.Zugo^

C:\Program Files\Yontoo =>Adware.Yontoo^

C:\Program Files\Zwinky_5q =>Adware.MyClearSearch^

C:\Documents and Settings\Administrateur\Application Data\BabSolution =>Hijacker.BabSolution^

C:\Documents and Settings\Administrateur\Application Data\Babylon =>Toolbar.Babylon^

C:\Documents and Settings\Administrateur\Application Data\BabylonToolbar =>Toolbar.Babylon^

C:\Documents and Settings\Administrateur\Application Data\cacaoweb =>PUP.CacaoWeb^

C:\Documents and Settings\Administrateur\Application Data\ExpressFiles =>Adware.ExpressFiles^

C:\Documents and Settings\Administrateur\Application Data\imeshtoolbar2 =>PUP.iMesh^

C:\Documents and Settings\Administrateur\Application Data\OpenCandy =>Adware.OpenCandy^

C:\Documents and Settings\Administrateur\Application Data\PriceGong

C:\Documents and Settings\Administrateur\Application Data\searchresultstb

C:\Documents and Settings\Administrateur\Application Data\SpecialSavings

C:\Documents and Settings\Administrateur\Application Data\SpeedMaxPc

C:\Documents and Settings\Administrateur\Application Data\StartNow Toolbar

C:\Documents and Settings\Administrateur\Application Data\SwvUpdater

C:\Documents and Settings\Administrateur\Application Data\YourFileDownloader

C:\Documents and Settings\Administrateur\Application Data\Zwinky_5q

C:\Program Files\YouTube Downloader

C:\Program Files\MocaFlix

C:\Program Files\Smiley Bar for Facebook

C:\Program Files\SimilarSites

C:\Program Files\WebSearch

C:\Program Files\Optimizer Pro

C:\Documents and Settings\Administrateur\Application Data\iWin

C:\Documents and Settings\Administrateur\Application Data\SimilarSites s

C:\Documents and Settings\Administrateur\Local Settings\Application Data\Bundled software uninstaller

C:\Documents and Settings\Administrateur\Local Settings\Application Data\eSupport.com

C:\Program Files\IB Updater\ExtensionUpdaterService.exe

C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe

C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml

C:\Program Files\Zwinky_5q\bar\1.bin\5qbar.dll

C:\Program Files\IB Updater\Extension32.dll

C:\Program Files\StartNow Toolbar\Toolbar32.dll

C:\Program Files\SpecialSavings\ScriptHost.dll

C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll

C:\Program Files\Zwinky_5q\bar\1.bin\5qSrcAs.dll

C:\Program Files\iMesh Applications\Mediabar\Datamngr\BrowserConnection.dll

C:\Program Files\iMesh Applications\Mediabar\Datamngr\SRTOOL~1\searchresultsDx.dll

C:\Program Files\DealBulldog Toolbar Toolbar\tbcore3.dll

C:\Program Files\Zwinky_5q\bar\1.bin\5qbarsvc.exe

C:\WINDOWS\Tasks\OptimizerPro1UpdaterTask{C47948A1-E122-432D-B9CD-67EFD08972F9}.job

C:\WINDOWS\Tasks\OptimizerProUpdaterTask{F4CA9D6E-31B8-49F5-9D12-A41CDF1885FE}.job

C:\WINDOWS\Tasks\PC Optimizer Pro Scan.job

C:\WINDOWS\Tasks\PC Optimizer Pro startups.job

C:\WINDOWS\Tasks\PC Optimizer Pro Updates.job

C:\Documents and Settings\Administrateur\Application Data\BabSolution\Shared\BabMaint.exe

[HKCU\Software\AppDataLow\Software\Smartbar]

[HKCU\Software\BabSolution]

[HKCU\Software\DataMngr_Toolbar]

[HKCU\Software\ExpressFiles]

[HKCU\Software\IB Updater]

[HKCU\Software\Smartbar]

[HKCU\Software\SpecialSavings]

[HKCU\Software\StartNow Toolbar]

[HKCU\Software\YourFileDownloader]

[HKCU\Software\Zwinky_5q]

[HKLM\Software\Babylon]

[HKLM\Software\ExpressFiles]

[HKLM\Software\IB Updater]

[HKLM\Software\YourFileDownloader]

[HKLM\Software\Zwinky_5q]

[HKCU\Software\e6d8d9e23ebf43]

C:\WINDOWS\srvany.exe

C:\WINDOWS\Tasks\EPUpdater.job

C:\WINDOWS\Tasks\schedule!3168119997.job

firewallraz

emptytemp

emptyflash

 

• Le script doit automatiquement apparaitre dans ZHPFix, sinon, colle-le. (avec le bouton "coller le presse-papier)
   
  Clique sur le bouton GO pour lancer le nettoyage

 

• Valide par Oui la désinstallation des programmes si demandé
   
  
• Laisse l'outil travailler. Si un redémarrage est demandé, accepte et redémarre le PC
   
  
• Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.
  Le rapport ZHPFixReport.txt est enregistré sous C:\ZHP\ZHPFix.txt

 

Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide.

 

++

[le63corbo]

Rapport de ZHPFix 2013.7.20.5 par Nicolas Coolman, Update du 20/07/2013

Fichier d'export Registre :

Run by Administrateur at 10-08-2013 17:15:24

High Elevated Privileges : OK

Windows XP Professional Service Pack 3 (Build 2600)

 

Corbeille vidée

 

========== Clé(s) du Registre ==========

CTFDisabledCTFMon désactivé par défaut

 

 

========== Récapitulatif ==========

1 : Clé(s) du Registre

Mais internet Explrer elle se ferme aussitot demarrer

 

End of clean in 15mn 26s

 

========== Chemin de fichier rapport ==========

C:\ZHP\ZHPFix[R1].txt - 10-08-2013 17:15:26 [482]

Modifié le 10 août 2013 par le63corbo

[Apollo]

J'ai demandé des rapports. Te ficherais-tu de moi par hasard?

 

Si c'est le cas, on aura vite terminé car j'en resterais là.

 

Travaille en mode sans échec si nécessaire: Pour faire des analyses en mode sans échec faire comme suit: Comment démarrer Windows en mode sans échec : Astuces pour Dépanner Windows XP

 

 

1) Télécharger SFTGC.exe sur le Bureau >>>> il ne peut pas être ailleurs! L'y déplacer si nécessaire.

 

Sous XP, double cliquer sur le fichier.

Sous les autres versions de Windows, clic droit sur le fichier et choisir Exécuter en tant qu'administrateur.

 

Après l'initialisation, cliquer sur Go pour lancer le nettoyage.

 

Un rapport va s'ouvrir à la fin.

Ce rapport est sur le bureau (SFT.txt)

 

Héberger sur Accueil de Cjoint.com pour ne pas planter le sujet.

 

 

--------------------------

2) Le logiciel qui suit n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.

Ne pas utiliser en dehors de ce cas de figure.

 

Désactive ton antivirus, firewall et antispyware le temps de l'analyse.

Si vous ne savez pas comment faire, reportez-vous à cet article.

 

Connecter les supports amovibles (clé usb et autres) avant de procéder.

 

 

Tutoriel officiel

 

Télécharge ComboFix sur ton bureau (et pas ailleurs).

• Si la console de récupération n'est pas installée sur un XP, ComboFix va proposer de l'installer: Accepter!
   
  
   
  
• Assure toi que tous les programmes soient fermés avant de commencer.
  
• Double-clique ComboFix.exe afin de l'exécuter.
  
• Clique sur "Oui" au message de Limitation de Garantie qui s'affiche.
  
• Il est possible que ton pare-feu (firewall) te demande si tu acceptes ou non l'accès de nircmd.cfexe à la zone sûre: accepte.
  
• Ne ferme pas la fenêtre qui vient de s'ouvrir, tu te retrouverais avec un bureau vide.
  
• Lorsque l'analyse sera terminée, un rapport apparaîtra.
  
• Copie-colle ce rapport dans ta prochaine réponse.
  Le rapport se trouve dans : C:\Combofix.txt.

 

Si tu perds la connexion après le passage de ComboFix, voici comment la réparer ICI.

 

 

Si le message: "Tentative d'opération non autorisée sur une clé du Registre marquée pour suppression".

apparaissait, redémarrer le pc.

 

@++