[Résolu] Pubs intempestives

[nefertitou]

Rapport Malwarebytes http://cjoint.com/?3IikmsZ1jTL

Rapport ADWcleaner http://cjoint.com/?3IikCrmxHYh

[bernard53]

ok tu as bien tout supprimé avec "Malwarebytes "?

Comment va ton pc maintenant..

[nefertitou]

Je suis un peu perdue là, je poste ce rapport, je ne sais pas ci c'est ce que tu attendais.

Je n'ai pas de rapport dans la fenêtre noire.

Et pour répondre à ta question, j'ai toujours des pubs, shopping, femmes russes, plans culs et j'en passe!!!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.5.9 (09.07.2013:1)

OS: Microsoft Windows XP x86

Ran by Propri‚taire on 08/09/2013 at 12:09:56,32

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322712280}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355715580}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366716680}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344714480}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355715580}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366716680}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344714480}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c6d006c-d903-47d2-b70d-16376d2c9e99}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8c6d006c-d903-47d2-b70d-16376d2c9e99}

~~~ Files

~~~ Folders

[nefertitou]

Voici le rapport ZHPfix

 

[MD5.FAF3DED03E032ACC6DBC62E60485CF85] - (...) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_59\upt4pc_fr_59.exe [3154416] [PID.1904] =>PUP.Eorezo

G2 - GCE: Preference [user Data\Default] [ofnnlhbgdcabppjmlijllkhekcglbjlg] Lyrics-Monkey v.1.132 (Désactivé) =>Adware.AddLyrics

O4 - HKLM\..\Run: [tuto4pc_fr_59] Clé orpheline =>PUP.Eorezo

O4 - HKLM\..\Run: [upt4pc_fr_59.exe] . (...) -- C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_59\upt4pc_fr_59.exe =>PUP.Eorezo

O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (.not file.) =>PUP.OptimizerPro

O4 - HKUS\S-1-5-21-436374069-1637723038-682003330-1003\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe (.not file.) =>PUP.OptimizerPro

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\EPUpdater.job [286] => Infection PUP (Hijacker.BabSolution)

[HKCU\Software\BabSolution] =>Hijacker.BabSolution

[HKCU\Software\InstallCore] =>Adware.InstallCore

[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive

[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive

[HKCU\Software\tuto4pc] =>PUP.Eorezo

[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKLM\Software\TUTO4PC] =>PUP.Eorezo

[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive

O43 - CFD: 06/09/2013 - 13:47:34 - [3,782] ----D C:\Program Files\tuto4pc_fr_59 =>PUP.Eorezo

O43 - CFD: 06/09/2013 - 13:34:59 - [0] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\Babylon =>Toolbar.Babylon

O43 - CFD: 06/09/2013 - 14:41:23 - [0] ----D C:\Documents and Settings\All Users.WINDOWS\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc

O43 - CFD: 06/09/2013 - 13:34:59 - [0,003] ----D C:\Documents and Settings\Propriétaire\Application Data\Babylon =>Toolbar.Babylon

O43 - CFD: 06/09/2013 - 14:23:57 - [0] ----D C:\Documents and Settings\Propriétaire\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc

O43 - CFD: 06/09/2013 - 13:35:18 - [0,000] ----D C:\Documents and Settings\Propriétaire\Local Settings\Application Data\eorezo =>PUP.Eorezo

O43 - CFD: 07/09/2013 - 07:27:21 - [6,282] ----D C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_59 =>PUP.Eorezo

[HKLM\Software\Google\Chrome\Extensions\ofnnlhbgdcabppjmlijllkhekcglbjlg] =>Adware.AddLyrics^

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Adware.PricePeep

[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKCU\Software\Tuto4pc] =>PUP.Eorezo

[HKLM\Software\Tuto4pc] =>PUP.Eorezo

[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive

[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive

[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon

[HKCU\Software\InstallCore] =>Adware.InstallCore

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods

[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322712280}] =>PUP.CrossRider

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311711180}] =>PUP.CrossRider

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_59 =>PUP.Eorezo^

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Optimizer Pro =>PUP.OptimizerPro^

C:\Program Files\tuto4pc_fr_59 =>PUP.Eorezo^

C:\Documents and Settings\All Users.WINDOWS\Application Data\Babylon =>Toolbar.Babylon^

C:\Documents and Settings\All Users.WINDOWS\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc^

C:\Documents and Settings\Propriétaire\Application Data\Babylon =>Toolbar.Babylon^

C:\Documents and Settings\Propriétaire\Application Data\SpeedMaxPc =>PUP.SpeedMaxPc^

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\eorezo =>PUP.Eorezo^

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_59 =>PUP.Eorezo^

C:\Program Files\Software =>Adware.Boxore

C:\Program Files\Optimizer Pro =>PUP.OptimizerPro

C:\Documents and Settings\Propriétaire\Application Data\Optimizer Pro =>PUP.OptimizerPro

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_59\upt4pc_fr_59.exe =>PUP.Eorezo^

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ofnnlhbgdcabppjmlijllkhekcglbjlg =>Adware.AddLyrics^

[HKCU\Software\BabSolution] =>Hijacker.BabSolution^

[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive^

[HKCU\Software\tuto4pc] =>PUP.Eorezo^

[HKLM\Software\TUTO4PC] =>PUP.Eorezo^

C:\WINDOWS\Tasks\EPUpdater.job =>Hijacker.BabSolution

G2 - GCE: Preference [user Data\Default] [boipimhfjpakfgckhbljjengakjhkcbp] MixiDJ Toolbar v.1.2 (Désactivé) =>Toolbar.MixiDJ

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com =>Toolbar.DeltaSearch

O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - http://www2.delta-search.com =>Toolbar.DeltaSearch

[HKLM\Software\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp] =>Toolbar.MixiDJ^

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent

[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch

[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch

C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp =>Toolbar.MixiDJ^

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\WinZipDriverUpdater_UPDATES.job [298]

FirewallRaz

EmptyFlash

Emptytemp

SysRestore

[bernard53]

C'est OK pour ceux-la.

Quand est-il de Malwarebytes?

[nefertitou]

Je ne sais pas, a toi de me le dire, je t'ai posté le rapport pécédemment

[bernard53]

Justement je vois ceci Aucune action effectuée.

Seulement certains suppriment les détections après le rapport d'ou ma demande.

Et dis moi comment va ton pc s.t.p.

[nefertitou]

Excuses moi, j'ai bossé ses 3 derniers jours, je n'ai pas eu le temps de me connecter.

J'ai toujours des pubs qui s'affichent.

[bernard53]

tu as bien valider ZHPfix comme ceci.

* Copie tout le texte présent que tu télécharges dans le lien ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

 

p://r439x0.1fichier.com/

 

 

Puis Lance ZHPFix depuis le raccourci du bureau.

Valides l’icône IMPORTER

puis valide GO dans cette fenêtre.

 

 

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

A la fin du scan le rapport est sauvegardé directement sur ton bureau. ZHPFixReport.txt

 

Ceci en plus.

 

Réinitialisation de tes navigateurs.

http://www.commentcamarche.net/faq/26679-reinitialiser-son-navigateur

Modifier son moteur de recherche.

http://www.security-helpzone.com/forum/Thread-Changer-son-moteur-de-recherche

[nefertitou]

Rapport de ZHPFix 2013.8.28.2 par Nicolas Coolman, Update du 28/08/2013

Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-13-09-2013-11-32-44.txt

Run by Propriétaire at 13/09/2013 11:32:44

High Elevated Privileges : OK

Windows XP Home Edition Service Pack 3 (Build 2600)

Corbeille vidée

========== Clé(s) du Registre ==========

ABSENT Key: HKCU\Software\BabSolution

ABSENT Key: HKCU\Software\InstallCore

ABSENT Key: HKCU\Software\SpeedMaxPc

ABSENT Key: HKCU\Software\TutoTag

ABSENT Key: HKCU\Software\Tutorials

ABSENT Key: HKCU\Software\tuto4pc

ABSENT Key: HKLM\Software\SpeedMaxPc

ABSENT Key: HKLM\Software\TUTO4PC

ABSENT Key: HKLM\Software\Tutorials

ABSENT Key: HKLM\Software\Google\Chrome\Extensions\ofnnlhbgdcabppjmlijllkhekcglbjlg

ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}

ABSENT Key: HKLM\Software\Classes\Prod.cap

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}

ABSENT Key: HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322712280}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311711180}

ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC

ABSENT SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

ABSENT Key: HKLM\Software\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

ABSENT Key: HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

ABSENT Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}

ABSENT Key: HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

========== Valeur(s) du Registre ==========

ABSENT RunValue: tuto4pc_fr_59

ABSENT RunValue: upt4pc_fr_59.exe

ABSENT RunValue: Optimizer Pro

ABSENT [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_59

ABSENT [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Optimizer Pro

ABSENT Valeur Domain Profile: FirewallRaz :

Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

========== Elément(s) de donnée du Registre ==========

SUPPRIME R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page

========== Préférences navigateur ==========

ABSENT Folder Chrome: ofnnlhbgdcabppjmlijllkhekcglbjlg

ABSENT Folder Chrome: boipimhfjpakfgckhbljjengakjhkcbp

========== Dossier(s) ==========

ABSENT C:\Program Files\tuto4pc_fr_59

ABSENT C:\Documents and Settings\All Users.WINDOWS\Application Data\Babylon

ABSENT C:\Documents and Settings\All Users.WINDOWS\Application Data\SpeedMaxPc

ABSENT C:\Documents and Settings\Propriétaire\Application Data\Babylon

ABSENT C:\Documents and Settings\Propriétaire\Application Data\SpeedMaxPc

ABSENT C:\Documents and Settings\Propriétaire\Local Settings\Application Data\eorezo

ABSENT C:\Documents and Settings\Propriétaire\Local Settings\Application Data\tuto4pc_fr_59

SUPPRIME Flash Cookies

SUPPRIME Temporaires Windows

========== Fichier(s) ==========

ABSENT Folder/File: c:\documents and settings\propriétaire\local settings\application data\tuto4pc_fr_59\upt4pc_fr_59.exe

SUPPRIME File: c:\documents and settings\propriétaire\local settings\application data\google\chrome\user data\default\preferences

ABSENT File: c:\documents and settings\propriétaire\local settings\application data\tuto4pc_fr_59\upt4pc_fr_59.exe

ABSENT File: c:\program files\optimizer pro\optprolauncher.exe

ABSENT File: c:\windows\tasks\epupdater.job

ABSENT Folder/File: c:\program files\tuto4pc_fr_59

ABSENT Folder/File: c:\documents and settings\all users.windows\application data\babylon

ABSENT Folder/File: c:\documents and settings\all users.windows\application data\speedmaxpc

ABSENT Folder/File: c:\documents and settings\propriétaire\application data\babylon

ABSENT Folder/File: c:\documents and settings\propriétaire\application data\speedmaxpc

ABSENT Folder/File: c:\documents and settings\propriétaire\local settings\application data\eorezo

ABSENT Folder/File: c:\documents and settings\propriétaire\local settings\application data\tuto4pc_fr_59

ABSENT Folder/File: c:\program files\software

ABSENT Folder/File: c:\program files\optimizer pro

ABSENT Folder/File: c:\documents and settings\propriétaire\application data\optimizer pro

ABSENT Folder/File: c:\documents and settings\propriétaire\local settings\application data\google\chrome\user data\default\extensions\ofnnlhbgdcabppjmlijllkhekcglbjlg

ABSENT Folder/File: c:\windows\tasks\epupdater.job

ABSENT Folder/File: c:\documents and settings\propriétaire\local settings\application data\google\chrome\user data\default\extensions\boipimhfjpakfgckhbljjengakjhkcbp

ABSENT File: c:\windows\tasks\winzipdriverupdater_updates.job

SUPPRIME Flash Cookies

SUPPRIME Temporaires Windows

========== Restauration Système ==========

Point de restauration du système créé avec succès

========== Récapitulatif ==========

26 : Clé(s) du Registre

7 : Valeur(s) du Registre

1 : Elément(s) de donnée du Registre

9 : Dossier(s)

21 : Fichier(s)

2 : Préférences navigateur

1 : Restauration Système

End of clean in 00mn 05s

========== Chemin de fichier rapport ==========

C:\ZHP\ZHPFix[R1].txt - 11/09/2013 11:39:20 [6145]

C:\ZHP\ZHPFix[R2].txt - 13/09/2013 11:32:44 [5871]