Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Ordinateur très lent

Boubou766

Par Boubou766
dans Analyses et éradication malwares

 Partager

Messages recommandés

Boubou766 Junior Member

Boubou766

Posté(e)
Posté(e) (modifié)

Bonsoir !

Ca fait 2 semaines que mon ordinateur rame lorsque j'utilise certains logiciels ou même une simple page internet. J'ai lancé mon antivirus plusieurs fois (Avira), qui me dit qu'il n'y a rien d'anormal, Spybot me dit qu'il y a des fichiers infectés mais je ne peux pas y toucher, j'ai fait tourner la récupération de fichiers qui prend un temps fou et lorsqu'elle est terminée, recommence à zéro. Explorateur windows ouvre aussi des petites fenêtres (à droite de la barre Démarrer) lorsque j'allume la machine m'indiquant qu'un fichier est infecté mais je ne peux rien en faire. J'ai lancé une analyse HiJackThis, si vous pouviez m'aider ce serait top !

Merci d'avance.

Modifié par Boubou766

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

Hijackthis n'est plus valable.

 

1) Télécharge Junkware Removal Tool sur le bureau: http://www.bleepingcomputer.com/download/junkware-removal-tool/

Site éditeur: http://thisisudax.org/

Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.

Sous Vista/7/8, clic droit/exécuter en temps qu'administrateur.

L'outil peut demander si on souhaite vérifier la présence d'une nouvelle version Y/N >> taper Y.
S'il découvre une version obsolète, il le dira et devrez presser une touche. L'outil se fermera.

JRT_New sera créé sur le bureau;

Jette l'ancien JRT et renomme JRT_New en JRT .

Si c'est déjà la bonne version , il commencera sa recherche de malwares normalement. Patience svp.

Afin de ne pas fausser le rapport, ne passer l'outil qu'une seule fois svp!

Si l'antivirus fait des siennes: désactive-le provisoirement. Si tu ne sais pas comment faire, reporte-toi à cet article.

Poste le rapport généré à la fin de l'analyse.

NB: Le bureau disparaitra un instant, c'est normal.

>>>Si le rapport est long, l'héberger ici: http://cjoint.com ou http://dl.free.fr/

capture1-3bf0deb_zpsf4ca5241.jpg

capture2-3bf0dfa_zps7abd8f5a.jpg

------------------------------
2) Télécharge AdwCleaner par Xplode: http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/28-adwcleaner

Enregistre-le sur le bureau (et pas ailleurs).

Afin de ne pas fausser le rapport, ne passer l'outil qu'une seule fois svp!

Si tu es sous XP double clique sur AdwCleaner pour lancer l'outil.
Si tu es sous Vista/Seven, clique droit sur AdwCleaner et choisis exécuter en temps qu'administrateur.

Clique sur Scanner et laisse travailler l'outil.

Cliquer sur Nettoyer, le bouton sera accessible.

Le rapport va s'ouvrir en fichier texte; copie la totalité de son contenu et colle-le dans ta réponse.

Le rapport est en outre sauvegardé sous C:\AdwCleaner[s0]

NB: Si l'outil "cale" en mode normal, le lancer en mode sans échec: http://www.vista-xp.fr/forum/topic93.html

A lire absolument: http://www.vista-xp.fr/forum/topic5482.html
http://www.vista-xp.fr/forum/topic10389.html

-------------------------

3)

ZHPDiag :

  • Télécharge ZHPDiag de Nicolas Coolman. et enregistre-le sur le BUREAU.
    Lien de secours: ftp://zebulon.fr/ZHPDiag2.exe
  • Double-clique sur ZHPDiag.exe pour lancer l'installation
    • Important:
      Sous Vista et Windows 7/8 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur


N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.

[*]L'outil a créé 2 icônes ZHPDiag et ZHPFix sur le Bureau.

[*]Double-clique sur ZHPDiag pour lancer l'exécution

  • Important:
    Sous Vista et Windows 7 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur

Clique sur Configurer.

[*]Clique sur le petit tournevis tournevis.jpg et clique sur TOUS.

capturezhpdiag-4140bba.jpg

Décocher 045 . Clic sur OK.

[*]Clique sur Rechercher pour lancer l'analyse. Tu patientes jusqu'à ce que le scan affiche 100%
Tu refermes ZHPDiag

[*]Le rapport ZHPDiag.txt se trouve sur le Bureau. (et sous c:\ZHP\ZHPDiag.txt)
Ce rapport étant trop long pour le forum, héberge le :

ou http://dl.free.fr/

@++

Boubou766 Junior Member

Boubou766

Posté(e)
  • Auteur
Posté(e)

Merci beaucoup !

Voici le rapport Junkware :

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by S‚verine on 16/10/2013 at 14:42:06,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [service] supdate
Successfully deleted: [service] supdate
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cacaoweb
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\search protection
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\babylonhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\complitly.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\pricegongie.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\complitly
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\cr_installer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\zugo
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1878047824-146050596-1867984360-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\escort.escrtbtn.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\64a6e60055d801f4bb8ac269354b72b8
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\64a6e60055d801f4bb8ac269354b72b8
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\1c875dde39636004ca8cdaec335b4160
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\ba086f2d38a8e1a47912955a68b3ad24
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\software.oneclickctrl.8
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softwareupdate.coreclass
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softwareupdate.coreclass.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softwareupdate.ondemandcomclassmachine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\softwareupdate.ondemandcomclassmachine.1.0
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\suggestmeyes.suggestmeyesbho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\suggestmeyes.suggestmeyesbho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.searchprovidermanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.searchprovidermanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylon_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylon_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontc_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\babylontc_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\boxore_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\boxore_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\plus-hd-2_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ffbb818-b13c-11e0-931d-b2664824019b}_is1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0027096.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0027096.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0027096.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0027096.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB02609.IEToolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB02609.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB02609.TBSB02609
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB02609.TBSB02609.3
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB02609
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB02609.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110211701196}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220222702296}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550255705596}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660266706696}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440244704496}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110211701196}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220222702296}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550255705596}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660266706696}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440244704496}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0027096.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0027096.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0027096.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0027096.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB02609.IEToolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB02609.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB02609.TBSB02609
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB02609.TBSB02609.3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar3.TBSB02609
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar3.TBSB02609.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2504091
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2851639
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550255705596}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660266706696}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440244704496}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211701196}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211701196}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211701196}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\DEALPL~1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_photoscape_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_pour_photoscape_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211701196}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550255705596}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660266706696}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440244704496}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\DEALPL~1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_photoscape_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_photoscape_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211701196}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E1577098-ECB1-4771-B93A-782D9DAF63EE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\Dealply.job
Successfully deleted: [File] C:\Windows\syswow64\sho1260.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho25CE.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3061.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4295.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6DB9.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho75ED.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho815E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho932A.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9988.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD95B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDC13.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDE8B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE766.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEC31.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEC98.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF1C5.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoFC2E.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoFC3B.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\dealplylive"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\search protection"
Successfully deleted: [Folder] "C:\Users\S‚verine\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\S‚verine\AppData\Roaming\cacaoweb"
Successfully deleted: [Folder] "C:\Users\S‚verine\AppData\Roaming\complitly"
Successfully deleted: [Folder] "C:\Users\S‚verine\AppData\Roaming\dealply"
Successfully deleted: [Folder] "C:\Users\S‚verine\AppData\Roaming\etype"
Successfully deleted: [Folder] "C:\Users\S‚verine\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\local\dealplylive"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\local\smartbar"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\local\software"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\S‚verine\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Program Files (x86)\boxore"
Successfully deleted: [Folder] "C:\Program Files (x86)\complitly"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\dealply"
Successfully deleted: [Folder] "C:\Program Files (x86)\dealplylive"
Successfully deleted: [Folder] "C:\Program Files (x86)\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\Users\S‚verine\documents\optimizer pro"
Successfully deleted: [Empty Folder] C:\Users\S‚verine\appdata\local\{3AC7C357-03F8-48C7-B795-D60E5CA6CA16}
Successfully deleted: [Empty Folder] C:\Users\S‚verine\appdata\local\{C6CE281C-065E-4183-96F1-4C5E8D933320}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml"
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\user.js
Successfully deleted: [File] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\invalidprefs.js
Successfully deleted: [File] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\searchplugins\delta.xml
Successfully deleted: [File] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\searchplugins\yahoo-zugo.xml
Successfully deleted: [Folder] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\conduitcommon
Successfully deleted: [Folder] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\extensions\ffxtlbr@babylon.com
Successfully deleted: [Folder] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\extensions\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com
Successfully deleted: [Folder] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\extensions\staged
Successfully deleted: [Folder] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
Successfully deleted: [Folder] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted: [Folder] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\extensions\{8a9386b4-e958-4c4c-adf4-8f26db3e4829}
Successfully deleted: [Folder] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Successfully deleted: [Folder] C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\extensions\{c9b68337-e93a-44ea-94dc-cb300ec06444}
Successfully deleted the following from C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\prefs.js
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.defaultthis.engineName", "Web Search");
user_pref("CommunityToolbar.ConduitSearchList", "Web Search");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Mar 01 2012 13:30:33 GMT+0100");
user_pref("CommunityToolbar.globalUserId", "114c63f1-3b15-4bf7-bada-f4f0d0993113");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2851639");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Mar 01 2012 13:30:33 GMT+0100");
user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Mar 01 2012 13:30:36 GMT+0100");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Mar 01 2012 13:30:28 GMT+0100");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "b0de322a-5a44-41c8-8565-c2cc5d3097c0");
user_pref("CommunityToolbar.originalSearchEngine", "Yahoo");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
user_pref("CommunityToolbar.ToolbarsList", "CT2504091,CT2851639");
user_pref("CommunityToolbar.ToolbarsList2", "CT2504091,CT2851639");
user_pref("CommunityToolbar.ToolbarsList4", "CT2504091,CT2851639");
user_pref("CT2504091..clientLogIsEnabled", false);
user_pref("CT2504091.alertChannelId", "897164");
user_pref("CT2504091.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2504091.BrowserCompStateIsOpen_129707804829376918", true);
user_pref("CT2504091.BrowserCompStateIsOpen_129990558296257215", true);
user_pref("CT2504091.BrowserCompStateIsOpen_1359634298000", true);
user_pref("CT2504091.ct2504091.DialogsAlignMode", "LTR");
user_pref("CT2504091.ct2504091.FeedLastCount129079840422964131", 0);
user_pref("CT2504091.ct2504091.globalFirstTimeInfoLastCheckTime", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.ct2504091.LanguagePackLastCheckTime", "Sun Feb 03 2013 18:18:21 GMT+0100");
user_pref("CT2504091.ct2504091.Locale", "en-us");
user_pref("CT2504091.ct2504091.SearchInNewTabLastCheckTime", "Sun Feb 03 2013 18:18:21 GMT+0100");
user_pref("CT2504091.ct2504091.SettingsLastCheckTime", "Sun Feb 03 2013 18:18:20 GMT+0100");
user_pref("CT2504091.ct2504091.SettingsLastUpdate", "1359900625");
user_pref("CT2504091.ct2504091.ThirdPartyComponentsLastCheck", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.ct2504091.ThirdPartyComponentsLastUpdate", "1246786978");
user_pref("CT2504091.ct2504091.toolbarAppMetaDataLastCheckTime", "Sun Feb 03 2013 18:18:21 GMT+0100");
user_pref("CT2504091.ct2504091.toolbarContextMenuLastCheckTime", "Wed Jul 13 2011 14:55:30 GMT+0200");
user_pref("CT2504091.CTID", "ct2504091");
user_pref("CT2504091.CurrentServerDate", "3-2-2013");
user_pref("CT2504091.DialogsAlignMode", "LTR");
user_pref("CT2504091.DialogsGetterLastCheckTime", "Sun Feb 03 2013 18:18:21 GMT+0100");
user_pref("CT2504091.DownloadReferralCookieData", "");
user_pref("CT2504091.EMailNotifierPollDate", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.FeedPollDate128891351169457140", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.FeedPollDate129079840422964131", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.FeedTTL128891351169457140", 40);
user_pref("CT2504091.FirstServerDate", "13-7-2011");
user_pref("CT2504091.FirstTime", true);
user_pref("CT2504091.FirstTimeFF3", true);
user_pref("CT2504091.FixPageNotFoundErrors", true);
user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.GroupingServerCheckInterval", 1440);
user_pref("CT2504091.HasUserGlobalKeys", true);
user_pref("CT2504091.homepageProtectorEnableByLogin", true);
user_pref("CT2504091.HomePageProtectorEnabled", true);
user_pref("CT2504091.initDone", true);
user_pref("CT2504091.Initialize", true);
user_pref("CT2504091.InitializeCommonPrefs", true);
user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
user_pref("CT2504091.InstallationType", "ConduitIntegration");
user_pref("CT2504091.InstalledDate", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.isAppTrackingManagerOn", true);
user_pref("CT2504091.IsGrouping", false);
user_pref("CT2504091.IsInitSetupIni", true);
user_pref("CT2504091.IsMulticommunity", false);
user_pref("CT2504091.IsOpenThankYouPage", false);
user_pref("CT2504091.IsOpenUninstallPage", false);
user_pref("CT2504091.IsProtectorsInit", true);
user_pref("CT2504091.LanguagePackLastCheckTime", "Wed Jul 13 2011 14:55:28 GMT+0200");
user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2504091.LastLogin_3.14.1.0", "Sun Feb 03 2013 18:18:21 GMT+0100");
user_pref("CT2504091.LastLogin_3.5.0.12", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.LatestVersion", "3.14.1.0");
user_pref("CT2504091.Locale", "en-us");
user_pref("CT2504091.MCDetectTooltipHeight", "83");
user_pref("CT2504091.MCDetectTooltipWidth", "295");
user_pref("CT2504091.myStuffEnabled", true);
user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
user_pref("CT2504091.myStuffPublihserMinWidth", 400);
user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
user_pref("CT2504091.OriginalFirstVersion", "3.5.0.12");
user_pref("CT2504091.revertSettingsEnabled", true);
user_pref("CT2504091.SearchEngineBeforeUnload", "Web Search");
user_pref("CT2504091.SearchFromAddressBarIsInit", true);
user_pref("CT2504091.SearchInNewTabEnabled", true);
user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
user_pref("CT2504091.SearchInNewTabLastCheckTime", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
user_pref("CT2504091.searchProtectorEnableByLogin", true);
user_pref("CT2504091.SearchProtectorEnabled", true);
user_pref("CT2504091.SearchProtectorToolbarDisabled", false);
user_pref("CT2504091.ServiceMapLastCheckTime", "Sun Feb 03 2013 18:29:35 GMT+0100");
user_pref("CT2504091.SettingsLastCheckTime", "Wed Jul 13 2011 14:55:23 GMT+0200");
user_pref("CT2504091.SettingsLastUpdate", "1306530423");
user_pref("CT2504091.SHRINK_TOOLBAR", 1);
user_pref("CT2504091.testingCtid", "");
user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Wed Jul 13 2011 14:55:23 GMT+0200");
user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246786978");
user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Wed Jul 13 2011 14:55:27 GMT+0200");
user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Wed Jul 13 2011 14:55:25 GMT+0200");
user_pref("CT2504091.ToolbarShrinkedFromSetup", false);
user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2504091.undefined", "Wed Jul 13 2011 14:55:24 GMT+0200");
user_pref("CT2504091.usagesFlag", 2);
user_pref("CT2504091.UserID", "UN75700096171676411");
user_pref("CT2504091.ValidationData_Toolbar", 0);
user_pref("CT2851639..clientLogIsEnabled", false);
user_pref("CT2851639.alertChannelId", "1243674");
user_pref("CT2851639.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2851639.autoDisableScopes", -1);
user_pref("CT2851639.backendstorage.cbfirsttime", "546875204D617220303120323031322031333A33303A333620474D542B30313030");
user_pref("CT2851639.BrowserCompStateIsOpen_1359634298000", true);
user_pref("CT2851639.CTID", "CT2851639");
user_pref("CT2851639.CurrentServerDate", "3-2-2013");
user_pref("CT2851639.DialogsAlignMode", "LTR");
user_pref("CT2851639.DialogsGetterLastCheckTime", "Sun Feb 03 2013 18:18:21 GMT+0100");
user_pref("CT2851639.DownloadReferralCookieData", "");
user_pref("CT2851639.DSInstall", false);
user_pref("CT2851639.EMailNotifierPollDate", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedLastCount2548968607390276962", 158);
user_pref("CT2851639.FeedPollDate2429156812186649977", "Thu Mar 01 2012 13:30:30 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156813040823546", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156813130095866", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156813224203613", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156813230837251", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156813454291735", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156813729834876", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156813860870021", "Thu Mar 01 2012 13:30:30 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156814264681793", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156814863075366", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedPollDate2429156815257761081", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.FeedTTL2429156813040823546", 15);
user_pref("CT2851639.FeedTTL2429156813130095866", 10);
user_pref("CT2851639.FeedTTL2429156813454291735", 5);
user_pref("CT2851639.FeedTTL2429156814264681793", 5);
user_pref("CT2851639.FirstServerDate", "1-3-2012");
user_pref("CT2851639.FirstTime", true);
user_pref("CT2851639.FirstTimeFF3", true);
user_pref("CT2851639.FixPageNotFoundErrors", true);
user_pref("CT2851639.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2851639.globalFirstTimeInfoLastCheckTime", "Thu Mar 01 2012 13:30:30 GMT+0100");
user_pref("CT2851639.GroupingServerCheckInterval", 1440);
user_pref("CT2851639.HasUserGlobalKeys", true);
user_pref("CT2851639.homepageProtectorEnableByLogin", true);
user_pref("CT2851639.HPInstall", false);
user_pref("CT2851639.initDone", true);
user_pref("CT2851639.Initialize", true);
user_pref("CT2851639.InitializeCommonPrefs", true);
user_pref("CT2851639.InstallationAndCookieDataSentCount", 3);
user_pref("CT2851639.InstallationId", "ConduitXPEIntegration");
user_pref("CT2851639.InstallationType", "ConduitXPEIntegration");
user_pref("CT2851639.InstalledDate", "Thu Mar 01 2012 13:30:29 GMT+0100");
user_pref("CT2851639.isAppTrackingManagerOn", true);
user_pref("CT2851639.IsGrouping", false);
user_pref("CT2851639.IsInitSetupIni", true);
user_pref("CT2851639.IsMulticommunity", false);
user_pref("CT2851639.IsOpenThankYouPage", true);
user_pref("CT2851639.IsOpenUninstallPage", false);
user_pref("CT2851639.LanguagePackLastCheckTime", "Sun Feb 03 2013 18:18:21 GMT+0100");
user_pref("CT2851639.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2851639.LastLogin_3.12.0.7", "Thu May 10 2012 15:44:06 GMT+0200");
user_pref("CT2851639.LastLogin_3.12.2.3", "Mon Jul 16 2012 22:40:02 GMT+0200");
user_pref("CT2851639.LastLogin_3.14.1.0", "Sun Feb 03 2013 18:18:21 GMT+0100");
user_pref("CT2851639.LastLogin_3.9.0.3", "Thu Mar 01 2012 13:30:33 GMT+0100");
user_pref("CT2851639.LatestVersion", "3.16.0.3");
user_pref("CT2851639.Locale", "fr");
user_pref("CT2851639.MCDetectTooltipHeight", "83");
user_pref("CT2851639.MCDetectTooltipWidth", "295");
user_pref("CT2851639.myStuffEnabled", true);
user_pref("CT2851639.MyStuffEnabledAtInstallation", true);
user_pref("CT2851639.myStuffPublihserMinWidth", 400);
user_pref("CT2851639.myStuffServiceIntervalMM", 1440);
user_pref("CT2851639.OriginalFirstVersion", "3.9.0.3");
user_pref("CT2851639.revertSettingsEnabled", true);
user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search");
user_pref("CT2851639.SearchFromAddressBarIsInit", true);
user_pref("CT2851639.SearchInNewTabEnabled", true);
user_pref("CT2851639.SearchInNewTabIntervalMM", 1440);
user_pref("CT2851639.SearchInNewTabLastCheckTime", "Sun Feb 03 2013 18:18:17 GMT+0100");
user_pref("CT2851639.searchProtectorDialogDelayInSec", 10);
user_pref("CT2851639.searchProtectorEnableByLogin", true);
user_pref("CT2851639.SendProtectorDataViaLogin", true);
user_pref("CT2851639.ServiceMapLastCheckTime", "Sun Feb 03 2013 18:18:18 GMT+0100");
user_pref("CT2851639.SettingsLastCheckTime", "Sun Feb 03 2013 18:18:16 GMT+0100");
user_pref("CT2851639.SettingsLastUpdate", "1359900701");
user_pref("CT2851639.testingCtid", "");
user_pref("CT2851639.ThirdPartyComponentsInterval", 504);
user_pref("CT2851639.ThirdPartyComponentsLastCheck", "Thu Mar 01 2012 13:30:28 GMT+0100");
user_pref("CT2851639.ThirdPartyComponentsLastUpdate", "1255344667");
user_pref("CT2851639.toolbarAppMetaDataLastCheckTime", "Sun Feb 03 2013 18:18:21 GMT+0100");
user_pref("CT2851639.toolbarContextMenuLastCheckTime", "Thu Mar 01 2012 13:30:32 GMT+0100");
user_pref("CT2851639.ToolbarShrinkedFromSetup", false);
user_pref("CT2851639.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2851639.usagesFlag", 2);
user_pref("CT2851639.UserID", "UN40912404149561914");
user_pref("CT2851639.WeatherNetwork", "");
user_pref("CT2851639.WeatherPollDate", "Thu Mar 01 2012 13:30:33 GMT+0100");
user_pref("CT2851639.WeatherUnit", "C");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.id", "3e1f182700000000000082b9a544f0f6");
user_pref("extensions.BabylonToolbar.instlDay", "15558");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111020&tl=gkn109470&tt=3212_6");
user_pref("extensions.BabylonToolbar_i.hardId", "3e1f1827000000000000eab9a544f0f6");
user_pref("extensions.BabylonToolbar_i.id", "3e1f1827000000000000eab9a544f0f6");
user_pref("extensions.BabylonToolbar_i.instlDay", "15394");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.616:52:42");
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst srcExt=def");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "3e1f182700000000000082b9a544f0f6");
user_pref("extensions.delta.instlDay", "15819");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.16.16");
user_pref("extensions.delta.vrsni", "1.8.16.16");
user_pref("extensions.delta.vrsnTs", "1.8.16.1621:47:17");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent0", "1309360637624");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent100", "1308518544115");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1309360637619");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1310118141282");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1310118141247");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent112", "1310118141286");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1308502496579");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent0", "1309360645111");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1309360645107");
user_pref("browser.search.selectedEngine", "SecureSearch");
Emptied folder: C:\Users\S‚verine\AppData\Roaming\mozilla\firefox\profiles\7gvc3073.default\minidumps [9 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\S‚verine\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jeaihkehdlhkocphopopahkfjcfcphef
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/10/2013 at 15:01:08,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

Celui de Adwcleaner :

 

# AdwCleaner v3.007 - Rapport créé le 16/10/2013 à 15:23:03
# Mis à jour le 09/10/2013 par Xplode
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nom d'utilisateur : Séverine - ASUS-SÉVERINE
# Exécuté depuis : C:\Users\Séverine\Desktop\adwcleaner.exe
# Option : Nettoyer
***** [ Services ] *****
***** [ Fichiers / Dossiers ] *****
Dossier Supprimé : C:\ProgramData\Ask
Dossier Supprimé : C:\ProgramData\DSearchLink
Dossier Supprimé : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Dossier Supprimé : C:\Program Files (x86)\Services x86
Dossier Supprimé : C:\Program Files\Babylon
Dossier Supprimé : C:\Users\Séverine\AppData\Local\Bundled software uninstaller
Dossier Supprimé : C:\Users\Séverine\AppData\Local\Services x86
Dossier Supprimé : C:\Users\Séverine\AppData\Roaming\WebPlayerBdd
Dossier Supprimé : C:\Users\Séverine\AppData\Roaming\Mozilla\Firefox\Profiles\7gvc3073.default\adawaretb
Dossier Supprimé : C:\Users\Séverine\AppData\Roaming\Mozilla\Firefox\Profiles\7gvc3073.default\CT2851639
Dossier Supprimé : C:\Users\Séverine\AppData\Roaming\Mozilla\Firefox\Profiles\7gvc3073.default\Extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
Dossier Supprimé : C:\Users\Séverine\AppData\Roaming\Mozilla\Firefox\Profiles\7gvc3073.default\Extensions\{75623D5D-4683-402A-B610-AC4BAB767C86}
Dossier Supprimé : C:\Users\Séverine\AppData\Roaming\Mozilla\Firefox\Profiles\7gvc3073.default\Extensions\cacaoweb@cacaoweb.org
Fichier Supprimé : C:\Users\Séverine\Desktop\cacaoweb.exe
Fichier Supprimé : C:\Users\Séverine\AppData\Roaming\Mozilla\Firefox\Profiles\7gvc3073.default\bProtector_extensions.rdf
Fichier Supprimé : C:\Windows\System32\Tasks\Dealply
Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore
Fichier Supprimé : C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
Fichier Supprimé : C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA
***** [ Raccourcis ] *****
***** [ Registre ] *****
Valeur Supprimée : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{9CD2384C-143B-4790-A075-E7FEFE2A554B}]
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\fjglfdldpdljgfjkfgieaocdapejkdlh
Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Clé Supprimée : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.software.oneclickctrl.8
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Clé Supprimée : HKLM\SOFTWARE\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8
Clé Supprimée : HKCU\Software\5853df8fb534ee46
Clé Supprimée : HKLM\SOFTWARE\5853df8fb534ee46
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{092A2C6B-43EE-4F9F-8F8E-14ED5E11C14B}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{257A6158-1416-4B31-9BF8-29FF49F3814F}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{32451DFC-C23B-4E12-866C-FC7982238504}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{7555B87D-D711-48B2-B97D-04DF700652BA}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AC5C4189-A8A0-4C9D-8910-C9CEF8360077}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C0924543-15FD-4F3D-889C-0B4562A9CB45}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}
Clé Supprimée : HKLM\SOFTWARE\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}
Clé Supprimée : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0924543-15FD-4F3D-889C-0B4562A9CB45}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0924543-15FD-4F3D-889C-0B4562A9CB45}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C0924543-15FD-4F3D-889C-0B4562A9CB45}
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7555B87D-D711-48B2-B97D-04DF700652BA}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7555B87D-D711-48B2-B97D-04DF700652BA}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C9FC4C5A-2C9B-4E41-8DA2-2F379D74CF45}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FD5CD67F-DA82-6C3B-A049-4E82BBB6B6E2}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Clé Supprimée : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Valeur Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Clé Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Clé Supprimée : HKCU\Software\cacaoweb
Clé Supprimée : HKCU\Software\AppDataLow\Software\Services x86
Clé Supprimée : HKCU\Software\AppDataLow\Software\XingHaoLyrics
Clé Supprimée : HKLM\Software\adawaretb
Clé Supprimée : HKLM\Software\Services x86
Clé Supprimée : HKLM\Software\SimplyGen
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Services x86
***** [ Navigateurs ] *****
-\\ Internet Explorer v10.0.9200.16686
Paramètre Restauré : HKCU\Software\Microsoft\Internet Explorer\Main [start Page Restore]
-\\ Mozilla Firefox v11.0 (fr)
[ Fichier : C:\Users\Séverine\AppData\Roaming\Mozilla\Firefox\Profiles\7gvc3073.default\prefs.js ]
-\\ Google Chrome v30.0.1599.69
[ Fichier : C:\Users\Séverine\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Supprimée : homepage
*************************
AdwCleaner[R0].txt - [13089 octets] - [16/10/2013 15:21:42]
AdwCleaner[s0].txt - [12602 octets] - [16/10/2013 15:23:03]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [12663 octets] ##########

 

 

Et le lien de ZHPDiag :

 

http://cjoint.com/?0JtsVGnLpCK

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonsoir,

 

1A)

ZHPFix :

 

  • Ferme toutes les applications ouvertes

     

     

  • Double-clique sur ZHPFix, raccourci installé par ZHPDiag sur le Bureau
    Important:
    Sous Vista et Windows 7/8 : il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur.

     

     

  • Copie les lignes ci-dessous dans la fenêtre

sauf citation.

 

 

Script ZhpFix

G2 - GCE: Preference [user Data\Default] [bkomkajifikmkfnjgphkjcfeepbnojok] PriceGong v.5.6.2 (Désactivé) =>Adware.PriceGong
O4 - HKLM\..\Wow6432Node\Run: [iMBooster] C:\Program Files (x86)\Iminent\IMBooster\IMBooster.exe (.not file.) =>Adware.IMBooster
[MD5.00000000000000000000000000000000] [APT] [{8EE0DAE6-EDE7-4D4A-A9A5-6C6E10273E7E}] (...) -- C:\Users\Séverine\AppData\Roaming\eType\eTypeUninstall.exe (.not file.) [0] => Infection PUP (Adware.Zugo)
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {A5D4928E-6B88-40B2-A9BF-E0DD652B43B4} =>Adware.Boxore
O42 - Logiciel: searchweb - (.searchweb.) [HKLM][64Bits] -- searchweb =>Adware.SocialSkinz
O43 - CFD: 21/11/2011 - 19:47:55 - [3,651] ----D C:\Program Files (x86)\searchweb =>Adware.SocialSkinz
O43 - CFD: 09/10/2013 - 12:47:59 - [0,723] ----D C:\Program Files (x86)\Toolbar Cleaner =>Adware.ToolbarCleaner
O87 - FAEL: "TCP Query User{18F4E9D5-2474-4D42-A6DD-CBBAE9A4D605}C:\users\séverine\downloads\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\séverine\downloads\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{83233BD0-9170-47A9-87A9-927520D81034}C:\users\séverine\downloads\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\séverine\downloads\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{30458CCE-2E85-4CCB-BEC8-E216F2251347}C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{D561C609-AD74-45EE-BC32-65A40C5CF810}C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{6510AEF7-63D5-4AAC-85C8-9E17113D73DA}C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{110F4E7A-54DB-4D8D-9980-98175DD974F7}C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O90 - PUC: "E8294D5A88B62B049AFB0EDD56B2344B" . (.Boxore Client.) -- C:\Windows\Installer\{A5D4928E-6B88-40B2-A9BF-E0DD652B43B4}\boxore.ico =>Adware.Boxore
[MD5.026F36BFD59303EE74723BB1DA03EA17] [WIS][30/05/2012] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\14766838.msi [1863680] =>Adware.Boxore
[MD5.2B4435B8A24C72CB360B64EB4397D43A] [WIS][30/12/2011] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\c0a7777.msi [45056] =>Adware.Boxore
[HKLM\Software\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok] =>Adware.PriceGong^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A5D4928E-6B88-40B2-A9BF-E0DD652B43B4}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchweb] =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A5D4928E-6B88-40B2-A9BF-E0DD652B43B4}] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\searchweb] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF] =>PUP.Dealio
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211701196}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211701196}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:IMBooster =>Adware.IMBooster^
C:\Program Files (x86)\searchweb =>Adware.SocialSkinz^
C:\Program Files (x86)\Toolbar Cleaner =>Adware.ToolbarCleaner^
C:\Users\Séverine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok =>Adware.PriceGong^
C:\Windows\Installer\14766838.msi =>Adware.Boxore^
C:\Windows\Installer\c0a7777.msi =>Adware.Boxore^
firewallraz
emptytemp
emptyflash

 

Cliquer sur IMPORTER., cela devrait coller le contenu du presse papier dans la fenêtre ZHPFix.

 

  • Le script doit automatiquement apparaitre dans ZHPFix.

     

    Clique sur le bouton GO pour lancer le nettoyage

 

 

  • Valide par Oui la désinstallation des programmes si demandé.

     

     

  • Laisse l'outil travailler. Si un redémarrage est demandé, accepte et redémarre le PC

     

     

  • Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.
    Le rapport ZHPFixReport.txt est enregistré sous C:\ZHP\ZHPFix.txt

 

Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide.

 

--------------------------------------

1B)

 

Télécharger SFTGC.exe sur le Bureau >>>> il ne peut pas être ailleurs! L'y déplacer si nécessaire.

Fermer les appli et navigateurs.

Sous XP, double cliquer sur le fichier.
Sous les autres versions de Windows, clic droit sur le fichier et choisir Exécuter en tant qu'administrateur.

Après l'initialisation, cliquer sur Go pour lancer le nettoyage.

Un rapport va s'ouvrir à la fin.
Ce rapport est sur le bureau (SFT.txt)

Héberger sur http://cjoint.com pour ne pas planter le sujet. ou http://dl.free.fr/

--------------------------
2) Télécharge Malwarebytes' Anti-Malware (MBAM).

Enregistre l'exécutable sur le bureau. http://fr.malwarebytes.org/

http://www.pcastuces.com/logitheque/malwarebytes_anti-malware.htm

Attention, ne rien installer d'autre que MBAM car il est parfois proposé des trucs inutiles comme Registry Booster ou autres bêtises. A éviter donc.
A la fin de l'installation, décocher la case proposant l'essai de la version Pro.

MBAMPRO.jpg

MBAMparam_zps4e3ce4d1.jpg

Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.

Ce logiciel est à garder.

Uniquement en cas de problème de mise à jour:

Télécharger mises à jour MBAM

Exécute le fichier après l'installation de MBAM

Connecter les supports amovibles (clés usb etc.) avant de lancer l'analyse.

 

  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen complet"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :

    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.

    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Si MBAM demande à redémarrer le pc, fais-le.

 

Si au redémarrage Windows te dit qu'il a bloqué certains programmes de démarrage, clique sur la bulle puis sur Exécuter les programmes bloqués/Malwarebytes Anti-Malware.

@++

 

Boubou766 Junior Member

Boubou766

Posté(e)
  • Auteur
Posté(e)

Alors, voilà les 3 autres rapports :

 

ZHPFix :

 

Rapport de ZHPFix 2013.10.15.11 par Nicolas Coolman, Update du 15/10/2013
Fichier d'export Registre :
Run by Séverine at 19/10/2013 19:03:21
High Elevated Privileges : OK
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Corbeille vidée
========== Logiciels ==========
SUPPRIMÉ: Boxore Client
ABSENT Uninstall Process: c:\program files (x86)\searchweb\tbunsh7f0f.tmp\uninstaller.exe
========== Clés du Registre ==========
SUPPRIMÉ Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\searchweb]
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211701196}
SUPPRIMÉ: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211701196}
SUPPRIMÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC
========== Valeurs du Registre ==========
SUPPRIMÉ RunValue: IMBooster
SUPPRIMÉ: TCP Query User{18F4E9D5-2474-4D42-A6DD-CBBAE9A4D605}C:\users\séverine\downloads\cacaoweb.exe
SUPPRIMÉ: UDP Query User{83233BD0-9170-47A9-87A9-927520D81034}C:\users\séverine\downloads\cacaoweb.exe
SUPPRIMÉ: TCP Query User{30458CCE-2E85-4CCB-BEC8-E216F2251347}C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIMÉ: UDP Query User{D561C609-AD74-45EE-BC32-65A40C5CF810}C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIMÉ: TCP Query User{6510AEF7-63D5-4AAC-85C8-9E17113D73DA}C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe
SUPPRIMÉ: UDP Query User{110F4E7A-54DB-4D8D-9980-98175DD974F7}C:\users\séverine\appdata\roaming\cacaoweb\cacaoweb.exe
ABSENT Valeur Domain Profile: FirewallRaz :
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
SUPPRIMÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-In-UDP
SUPPRIMÉ: FirewallRaz (None) : NetPres-WSD-Out-UDP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-In-TCP
SUPPRIMÉ: FirewallRaz (Public) : NetPres-Out-TCP
SUPPRIMÉ: FirewallRaz (None) : {0E28CC82-CB9B-476A-A1E2-22359842D803}
SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{B9898E5F-6429-4D58-9E91-5A30935FFF44}C:\program files (x86)\limewire\limewire.exe
SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{EE724C3F-C5B2-4707-A50D-8BE732421F5D}C:\program files (x86)\limewire\limewire.exe
SUPPRIMÉ: FirewallRaz (Public) : {4833A562-EBAD-4232-B4A5-0D876B68E776}
SUPPRIMÉ: FirewallRaz (Public) : {B439C969-E7F0-4020-BCD1-6C8A487A6F8C}
SUPPRIMÉ: FirewallRaz (Private) : TCP Query User{93C0DD65-F5F7-4CA5-8C8E-D870982DB332}C:\program files (x86)\limewire\limewire.exe
SUPPRIMÉ: FirewallRaz (Private) : UDP Query User{0D529DFD-1443-4069-9E33-8B7D950D80E5}C:\program files (x86)\limewire\limewire.exe
SUPPRIMÉ: FirewallRaz (Public) : {FA4CDEE8-603E-4BAA-AEF3-3F9FBBEA220B}
SUPPRIMÉ: FirewallRaz (Public) : {7D93D659-32ED-4028-AA76-17271FBD89E2}
SUPPRIMÉ: FirewallRaz (Public) : {1B16D719-77F1-4E99-8B3A-4C3DE54664E4}
SUPPRIMÉ: FirewallRaz (Public) : {B5450F18-347D-4110-A89E-7F8B58260ADE}
SUPPRIMÉ: FirewallRaz (Private) : {BF08E39F-D26F-4A36-B0DA-19CA2652766F}
SUPPRIMÉ: FirewallRaz (Private) : {7DB47980-12B7-48AD-9CA4-C5EF1F618F8B}
SUPPRIMÉ: FirewallRaz (Private) : {51CA6C7E-223F-43DD-8D27-EEBB5B2324DC}
SUPPRIMÉ: FirewallRaz (Private) : {338A0998-A542-42EB-9F6F-C706726B1EFB}
SUPPRIMÉ: FirewallRaz (Public) : {BB627A00-76C3-4D29-8CF7-13E3E8FA7B1D}
SUPPRIMÉ: FirewallRaz (Public) : {797D70EB-8BB8-420B-A594-8FBE6985179F}
SUPPRIMÉ: FirewallRaz (Public) : {FC65908B-D050-4EFF-8119-462BD2D013E5}
SUPPRIMÉ: FirewallRaz (Public) : {793B3290-BCD8-440E-821B-04AA73921C63}
SUPPRIMÉ: FirewallRaz (Public) : {C1826CEB-8BD1-4D68-B06B-D4C190522278}
SUPPRIMÉ: FirewallRaz (Public) : {BDC5A700-AA1A-457C-9F91-3BCB09FB66A5}
SUPPRIMÉ: FirewallRaz (Public) : TCP Query User{220D40DE-AD3B-46DF-87E2-D52875227152}E:\easysetupassistant\wr841n\easysetupassistant.exe
SUPPRIMÉ: FirewallRaz (Public) : UDP Query User{D7397E31-87F4-4AC0-ABC9-ECDEEB21FB7B}E:\easysetupassistant\wr841n\easysetupassistant.exe
SUPPRIMÉ: FirewallRaz (Private) : TCP Query User{6D408240-8C46-491B-A4C7-F4A898A195CE}E:\easysetupassistant\wr841n\easysetupassistant.exe
SUPPRIMÉ: FirewallRaz (Private) : UDP Query User{92CAC20A-14A1-43BD-BE68-2C57DF4E5115}E:\easysetupassistant\wr841n\easysetupassistant.exe
========== Dossiers ==========
SUPPRIMÉ: C:\Program Files (x86)\searchweb
SUPPRIMÉ: C:\Program Files (x86)\Toolbar Cleaner
SUPPRIME Temporaires Windows (115)
SUPPRIME Flash Cookies (0)
========== Fichiers ==========
SUPPRIMÉ: c:\users\séverine\appdata\local\google\chrome\user data\default\preferences
SUPPRIMÉ: C:\Windows\Installer\c0a7777.msi
SUPPRIME Temporaires Windows (182)
SUPPRIME Flash Cookies (0)
========== Tache planifiée ==========
SUPPRIMÉ: {8EE0DAE6-EDE7-4D4A-A9A5-6C6E10273E7E}
========== Récapitulatif ==========
14 : Clés du Registre
39 : Valeurs du Registre
4 : Dossiers
4 : Fichiers
2 : Logiciels
1 : Tache planifiée
End of clean in 04mn 06s
========== Chemin de fichier rapport ==========
C:\Users\Séverine\AppData\Roaming\ZHP\ZHPFix[R1].txt - 19/10/2013 19:05:24 [6439]
Lien SFTGC :
Et le rapport Malwarebytes :
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Version de la base de données: v2013.10.20.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Séverine :: ASUS-SÉVERINE [administrateur]
21/10/2013 08:52:18
mbam-log-2013-10-21 (08-52-18).txt
Type d'examen: Examen complet (C:\|D:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 645325
Temps écoulé: 4 heure(s), 25 minute(s), 21 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 1
C:\Users\Séverine\AppData\Local\Temp\CT3310393 (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
Fichier(s) détecté(s): 13
C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe\Adobe InDesign CS6\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe Suite CS6\CS6\amtlib.dll\32-bit\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Program Files (x86)\Adobe Suite CS6\CS6\amtlib.dll\64-bit\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Séverine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2BFG0EGW\spstub[1].exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Séverine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCCZ3DBG\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Séverine\Downloads\Assimil_-_Le_Portugais_du_Br.exe (PUP.BundleInstaller.DW) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Séverine\Downloads\bs_WINRAR.exe (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Séverine\Downloads\EuphemiaUCAS_downloader_by_Ffonts.exe (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Séverine\Downloads\Non confirmé 381558.crdownload (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès.
C:\Users\Séverine\AppData\Local\Temp\CT3310393\ddt.csf (PUP.Optional.Conduit.A) -> Mis en quarantaine et supprimé avec succès.
(fin)
Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

Bonjour,

 

Comment se comporte la machine?

 

1)

Fais ces vérifications de sécurité stp:

fleche_droite_003.gifhttp://theknitter-apollo.xooit.com/p17644.htm

Ou ici: http://www.vista-xp.fr/forum/topic13109.html#p108827

Le PSI de Secunia est pratique pour connaître les failles dans diverses applications.

En français depuis la version 3.0. Très simple d'utilisation.

 

2) Fais un nouveau scan ZHPDiag et héberge son rapport sur cjoint.com stp.

 

@++

Boubou766 Junior Member

Boubou766

Posté(e)
  • Auteur
Posté(e)

Salut !

Et bien, c'est nettement mieux ! Je n'ai pas réussi à lancer le PSI de Secunia, il ne veut pas s'ouvrir au lancement du logiciel.. Par contre je ne peux plus ouvrir aucun logiciel de la Suite Adobe CS6. Faut-il que je réinstalle la Suite ?

Aussi, il y a toujours la demande de vérification du disque lorsque j'allume le PC, si je la laisse, elle prend toujours un temps fou et je suis obligée de l'éteindre..

 

Voilà le nouveau rapport de ZHPDiag :

http://cjoint.com/?0JxcZFLg6ce

Apollo Devil Member !

Apollo

Posté(e)
Posté(e)

 

Suite Adobe CS6. Faut-il que je réinstalle la Suite ?

 

Yes mais tâche de prendre la dernière version, si possible.

 

 

 

Aussi, il y a toujours la demande de vérification du disque lorsque j'allume le PC

 

 

Pour cela, il vaut mieux t'adresser au forum Hardware.

 

--------------------------------------

Mets Firefox à jour.

 

Le pc est désinfecté icon_wink.gif

 

Désinstaller les outils spéciaux.

Télécharge DelFix sur ton bureau. http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/3-delfix

Lance-le et appuie sur le bouton "Supprimer les outils de désinfection". >> Exécuter.

NB, tu peux également cocher la case "Purger la restauration système", un nouveau point sera automatiquement créé. Conseillé quand le pc est désinfecté.

capture-3c1f928.jpg

Delfix s'autodétruira ensuite.

 

Pense à éditer ton premier post pour ajouter "Résolu" devant le titre. Pour cela clique sur "Modifier" dans ton premier post. Tu pourras alors changer le titre.

Utilise pour ça, l'éditeur complet icon_wink.gif

@++

 

 

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...