Aidez moi a savoir si mon pc est infecté
Résolu/Fermé
Afabus
-
3 mars 2012 à 16:43
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012 - 6 mars 2012 à 23:57
Afabus Messages postés 9 Date d'inscription lundi 5 mars 2012 Statut Membre Dernière intervention 6 mars 2012 - 6 mars 2012 à 23:57
A voir également:
- Aidez moi a savoir si mon pc est infecté
- Mon pc est lent - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Mon pc s'allume mais ne démarre pas windows 10 - Guide
- Plus de son sur mon pc - Guide
18 réponses
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
4 mars 2012 à 21:30
4 mars 2012 à 21:30
Salut,
1/
Télécharge AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur le bouton [ Suppression ]
Patiente...
Poste le rapport qui apparait en fin de recherche.
2/
* Télécharge de AD-Remover sur ton Bureau.
http://security-domain.be/download/AD-Remover.html
/!\ Ferme toutes applications en cours /!\
- Double sur l'icône Ad-remover située sur ton Bureau.
-Pour vista/Seven : clique avec le bouton droit de la souris et choisis « exécuter en tant qu'administrateur »
- Sur la page, clique sur le bouton « Nettoyer»
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c
3/
* Lance Malwarebytes' Anti-Malware
* Fais la mise à jour
* Clique dans l'onglet "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"
A la fin de l'analyse, si MBAM n'a rien trouvé :
* Clique sur OK, le rapport s'ouvre spontanément
Si des menaces ont été détectées :
* Clique sur OK puis "Afficher les résultats"
*Vérifie que toutes les lignes sont cochées
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"
* Copie/colle le rapport dans le prochain message
Remarque :
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant ce fichier puis en l'exécutant.
@+
1/
Télécharge AdwCleaner (merci à Xplode)
Lance AdwCleaner
Clique sur le bouton [ Suppression ]
Patiente...
Poste le rapport qui apparait en fin de recherche.
2/
* Télécharge de AD-Remover sur ton Bureau.
http://security-domain.be/download/AD-Remover.html
/!\ Ferme toutes applications en cours /!\
- Double sur l'icône Ad-remover située sur ton Bureau.
-Pour vista/Seven : clique avec le bouton droit de la souris et choisis « exécuter en tant qu'administrateur »
- Sur la page, clique sur le bouton « Nettoyer»
- Confirme lancement du scan
- Laisse travailler l'outil.
- Poste le rapport qui apparaît à la fin.
(Le rapport est sauvegardé aussi sous C:\Ad-report(Scan/clean).Txt)
(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour c
3/
* Lance Malwarebytes' Anti-Malware
* Fais la mise à jour
* Clique dans l'onglet "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"
A la fin de l'analyse, si MBAM n'a rien trouvé :
* Clique sur OK, le rapport s'ouvre spontanément
Si des menaces ont été détectées :
* Clique sur OK puis "Afficher les résultats"
*Vérifie que toutes les lignes sont cochées
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Le rapport s'ouvre automatiquement après la suppression, il se trouve aussi dans l'onglet "Rapports/Logs"
* Copie/colle le rapport dans le prochain message
Remarque :
- S'il y'a un problème de mise à jour de mbam, tu peux la faire manuellement en téléchargeant ce fichier puis en l'exécutant.
@+
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
4 mars 2012 à 09:43
4 mars 2012 à 09:43
Bonjour,
Nous allons effectuer un diagnostic plus profond de ton PC:
*Télécharge ZHPDiag sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
* Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag"
/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum : http://pjjoint.malekal.com/
Si indisponible, tu peux essayer avec l'un de ces liens:
https://www.terafiles.net/
https://www.casimages.com/
* Tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Hébergement de rapport sur pjjoint.malekal.com
Rends toi sur pjjoint.malekal.com
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
* Clique sur le bouton Envoyer
* Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015
* Copie le lien dans ta prochaine réponse.
@+
Nous allons effectuer un diagnostic plus profond de ton PC:
*Télécharge ZHPDiag sur ton bureau :
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
ou :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
* Laisse toi guider lors de l'installation,coche "Ajouter une icône sur le bureau" et décoche la case "Exécuter ZHPDiag"
/!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »
* Clique sur l'icône représentant une loupe (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Héberge le rapport ZHPDiag.txt sur un des sites ci dessous, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum : http://pjjoint.malekal.com/
Si indisponible, tu peux essayer avec l'un de ces liens:
https://www.terafiles.net/
https://www.casimages.com/
* Tuto zhpdiag :
http://www.premiumorange.com/zeb-help-process/zhpdiag.html
Hébergement de rapport sur pjjoint.malekal.com
Rends toi sur pjjoint.malekal.com
* Clique sur le bouton Parcourir
* Sélectionne le fichier que tu veux héberger et clique sur Ouvrir
* Clique sur le bouton Envoyer
* Un message de confirmation s'affiche (L'upload a réussi ! - Le lien à transmettre à vos correspondant pour visualiser le fichier est : https://pjjoint.malekal.com/files.php?id=df5ea299241015
* Copie le lien dans ta prochaine réponse.
@+
Bonsoir, Merçi Infiniment pour votre aide.Voiçi le lien du rapport complet ZHPDIAG :
http://pjjoint.malekal.com/files.php?id=ZHPDiag_20120304_o11t5m10z13b14
http://pjjoint.malekal.com/files.php?id=ZHPDiag_20120304_o11t5m10z13b14
Afabus
Messages postés
9
Date d'inscription
lundi 5 mars 2012
Statut
Membre
Dernière intervention
6 mars 2012
5 mars 2012 à 10:27
5 mars 2012 à 10:27
Bonjour, voiçi Les rapports des examens que vous m'avez demandé de faire :
Rapport AdwCleaner :
# AdwCleaner v1.501 - Logfile created 03/04/2012 at 22:42:34
# Updated 04/03/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Propietari@ - ONE
# Running from : C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2L74H69Y\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\ProgramData\Ask
Folder Found : C:\Users\Propietari@\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Propietari@\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Propietari@\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Propietari@\AppData\LocalLow\MyWebSearch
File Found : C:\Program Files\Windows live\messenger\msimg32.dll
***** [H. Navipromo] *****
***** [Registry] *****
Key Found : HKCU\Software\Offerbox
Key Found : HKCU\Software\Spointer
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKLM\SOFTWARE\ASKInstaller
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\bandoo
Key Found : HKLM\SOFTWARE\Offerbox
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Found : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer
Key Found : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer.1
Key Found : HKLM\SOFTWARE\Classes\pdfforge.DllInfo
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText
Key Found : HKLM\SOFTWARE\Classes\pdfforge.Tools
Key Found : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [offerboxffx@offerbox.com]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [3845 octets] - [04/03/2012 22:42:34]
########## EOF - C:\AdwCleaner[R1].txt - [3973 octets] ##########
Rapport AD-REMOVER :
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 22:46:42 on 04/03/2012, Normal boot
Microsoft® Windows Vista(TM) Home Basic Service Pack 2 (X86)
Propietari@@ONE (SAMSUNG ELECTRONICS CO., LTD. R510/P510)
============== ACTION(S) ==============
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\AskToolbar
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\FunWebProducts
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Internet Saving Optimizer
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Media Access Startup
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\MyWebSearch
Folder deleted: C:\ProgramData\AGI
(!) -- Temporary files deleted.
Key deleted: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}
Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Key deleted: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\ASKInstaller
Key deleted: HKLM\Software\AskToolbar
Key deleted: HKLM\Software\bandoo
Key deleted: HKLM\Software\Casino.com
Key deleted: HKLM\Software\OfferBox
Key deleted: HKLM\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKLM\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\Casino DelRio
Key deleted: HKCU\Software\Casino.com
Key deleted: HKCU\Software\Europa Casino
Key deleted: HKCU\Software\OfferBox
Key deleted: HKCU\Software\Spointer
Key deleted: HKCU\Software\Swiss Casino
Key deleted: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Key deleted: HKCU\Software\AppDataLow\Software\DoubleD
Key deleted: HKCU\Software\AppDataLow\Software\Fun Web Products
Key deleted: HKCU\Software\AppDataLow\Software\FunWebProducts
Key deleted: HKCU\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKCU\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\AppDataLow\Software\MyWebSearch
Key deleted: HKU\.DEFAULT\Software\OfferBox
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\21Nova Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino770
Key deleted: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01D88F3F-FB32-45D1-B314-E696D1178E56}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{113D2CE2-0507-4F86-BEDE-A5C8A7149348}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{16B6279B-9FF5-41FB-8BF9-404324F5DD1F}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\32 Vegas Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino DelRio
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino Tropez
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino.com
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Europa Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\JuicyAccess Toolbar
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Sukoku
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Swiss Casino
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key deleted: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== ADDITIONNAL SCAN ==============
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} (x)
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://search.elpartidodehoy.es/results.php?Keywords={searchTerms})
HKCU_SearchScopes\{11474CF4-133F-4646-ADEE-081A09D64BE1} - "Google" (hxxp://findgala.com/?&uid=302&q={searchTerms})
HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{1048776A-80DA-428D-9D5F-98E3D9355A87} - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (x)
HKCU_ElevationPolicy\{2E422264-6D8A-4ca0-97C7-A2CF868471EA} - C:\Users\Propietari@\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe (?)
HKCU_ElevationPolicy\{3C6C271F-F44D-4E21-9EAC-D7DE6F4F43C9} - C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (x)
HKCU_ElevationPolicy\{5423220C-54CD-427E-8DFA-E96699073F0E} - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (x)
HKCU_ElevationPolicy\{7549ECA2-5177-4913-9535-3235C943578B} - C:\Program Files\Citrix\GoToMeeting\799\G2MInstaller.exe (Citrix Online, a division of Citrix Systems, Inc.)
HKCU_ElevationPolicy\{80C423D0-D429-4CE7-B0FE-738A801FF45D} - C:\Windows\System32\Macromed\Flash\FlashUtil9b.exe (x)
HKCU_ElevationPolicy\{956CCF32-DE3C-4FC0-8250-A9501760FC8F} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{AB08C965-E8C4-43E2-8B34-5DA9BDE77AD7} - C:\Windows\System32\Macromed\Flash\FlashUtil10x_ActiveX.exe (x)
HKCU_ElevationPolicy\{DC5EB6C1-0AFD-4BD2-9C6F-5FAFD844C8AE} - C:\Program Files\Microsoft Silverlight\4.0.50524.0\Silverlight.Configuration.exe (x)
HKCU_ElevationPolicy\{E6D6C468-815B-4DC4-89AF-3FA580AE4CBB} - C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe (x)
HKCU_ElevationPolicy\{F64C1DB3-E751-44D7-8C92-796879EE5FEB} - C:\Windows\System32\Macromed\Flash\FlashUtil10e_ActiveX.exe (x)
HKCU_ElevationPolicy\{F9BEE338-A21F-441D-9716-2E8821DF6484} - C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe (x)
HKCU_ElevationPolicy\{FD1AB2E7-0738-45B0-A8CE-4973F6BB9707} - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (x)
HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (Visicom Media Inc.)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files\Paltalk Messenger\Paltalk.exe,476)
HKLM_Extensions\{5067A26B-1337-4436-8AFE-EE169C2DA79F} - "?" (?)
HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Aplicación auxiliar de vínculos de Adobe PDF Reader" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 1639 File(s)
C:\Program Files\Ad-Remover\Backup: 15 File(s)
C:\Ad-Report-CLEAN[1].txt - 04/03/2012 22:46:49 (10851 Byte(s))
End at: 22:47:43, 04/03/2012
============== E.O.F ==============
Rapport Malwarebites :
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 22:46:42 on 04/03/2012, Normal boot
Microsoft® Windows Vista(TM) Home Basic Service Pack 2 (X86)
Propietari@@ONE (SAMSUNG ELECTRONICS CO., LTD. R510/P510)
============== ACTION(S) ==============
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\AskToolbar
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\FunWebProducts
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Internet Saving Optimizer
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Media Access Startup
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\MyWebSearch
Folder deleted: C:\ProgramData\AGI
(!) -- Temporary files deleted.
Key deleted: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}
Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Key deleted: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\ASKInstaller
Key deleted: HKLM\Software\AskToolbar
Key deleted: HKLM\Software\bandoo
Key deleted: HKLM\Software\Casino.com
Key deleted: HKLM\Software\OfferBox
Key deleted: HKLM\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKLM\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\Casino DelRio
Key deleted: HKCU\Software\Casino.com
Key deleted: HKCU\Software\Europa Casino
Key deleted: HKCU\Software\OfferBox
Key deleted: HKCU\Software\Spointer
Key deleted: HKCU\Software\Swiss Casino
Key deleted: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Key deleted: HKCU\Software\AppDataLow\Software\DoubleD
Key deleted: HKCU\Software\AppDataLow\Software\Fun Web Products
Key deleted: HKCU\Software\AppDataLow\Software\FunWebProducts
Key deleted: HKCU\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKCU\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\AppDataLow\Software\MyWebSearch
Key deleted: HKU\.DEFAULT\Software\OfferBox
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\21Nova Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino770
Key deleted: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01D88F3F-FB32-45D1-B314-E696D1178E56}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{113D2CE2-0507-4F86-BEDE-A5C8A7149348}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{16B6279B-9FF5-41FB-8BF9-404324F5DD1F}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\32 Vegas Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino DelRio
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino Tropez
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino.com
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Europa Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\JuicyAccess Toolbar
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Sukoku
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Swiss Casino
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key deleted: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== ADDITIONNAL SCAN ==============
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} (x)
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://search.elpartidodehoy.es/results.php?Keywords={searchTerms})
HKCU_SearchScopes\{11474CF4-133F-4646-ADEE-081A09D64BE1} - "Google" (hxxp://findgala.com/?&uid=302&q={searchTerms})
HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{1048776A-80DA-428D-9D5F-98E3D9355A87} - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (x)
HKCU_ElevationPolicy\{2E422264-6D8A-4ca0-97C7-A2CF868471EA} - C:\Users\Propietari@\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe (?)
HKCU_ElevationPolicy\{3C6C271F-F44D-4E21-9EAC-D7DE6F4F43C9} - C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (x)
HKCU_ElevationPolicy\{5423220C-54CD-427E-8DFA-E96699073F0E} - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (x)
HKCU_ElevationPolicy\{7549ECA2-5177-4913-9535-3235C943578B} - C:\Program Files\Citrix\GoToMeeting\799\G2MInstaller.exe (Citrix Online, a division of Citrix Systems, Inc.)
HKCU_ElevationPolicy\{80C423D0-D429-4CE7-B0FE-738A801FF45D} - C:\Windows\System32\Macromed\Flash\FlashUtil9b.exe (x)
HKCU_ElevationPolicy\{956CCF32-DE3C-4FC0-8250-A9501760FC8F} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{AB08C965-E8C4-43E2-8B34-5DA9BDE77AD7} - C:\Windows\System32\Macromed\Flash\FlashUtil10x_ActiveX.exe (x)
HKCU_ElevationPolicy\{DC5EB6C1-0AFD-4BD2-9C6F-5FAFD844C8AE} - C:\Program Files\Microsoft Silverlight\4.0.50524.0\Silverlight.Configuration.exe (x)
HKCU_ElevationPolicy\{E6D6C468-815B-4DC4-89AF-3FA580AE4CBB} - C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe (x)
HKCU_ElevationPolicy\{F64C1DB3-E751-44D7-8C92-796879EE5FEB} - C:\Windows\System32\Macromed\Flash\FlashUtil10e_ActiveX.exe (x)
HKCU_ElevationPolicy\{F9BEE338-A21F-441D-9716-2E8821DF6484} - C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe (x)
HKCU_ElevationPolicy\{FD1AB2E7-0738-45B0-A8CE-4973F6BB9707} - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (x)
HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (Visicom Media Inc.)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files\Paltalk Messenger\Paltalk.exe,476)
HKLM_Extensions\{5067A26B-1337-4436-8AFE-EE169C2DA79F} - "?" (?)
HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Aplicación auxiliar de vínculos de Adobe PDF Reader" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 1639 File(s)
C:\Program Files\Ad-Remover\Backup: 15 File(s)
C:\Ad-Report-CLEAN[1].txt - 04/03/2012 22:46:49 (10851 Byte(s))
End at: 22:47:43, 04/03/2012
============== E.O.F ==============
Rapport AdwCleaner :
# AdwCleaner v1.501 - Logfile created 03/04/2012 at 22:42:34
# Updated 04/03/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Propietari@ - ONE
# Running from : C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2L74H69Y\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\ProgramData\Ask
Folder Found : C:\Users\Propietari@\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Propietari@\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Propietari@\AppData\LocalLow\FunWebProducts
Folder Found : C:\Users\Propietari@\AppData\LocalLow\MyWebSearch
File Found : C:\Program Files\Windows live\messenger\msimg32.dll
***** [H. Navipromo] *****
***** [Registry] *****
Key Found : HKCU\Software\Offerbox
Key Found : HKCU\Software\Spointer
Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Found : HKLM\SOFTWARE\ASKInstaller
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\bandoo
Key Found : HKLM\SOFTWARE\Offerbox
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Found : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Found : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Found : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer
Key Found : HKLM\SOFTWARE\Classes\OfferBox.OfferBoxServer.1
Key Found : HKLM\SOFTWARE\Classes\pdfforge.DllInfo
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine
Key Found : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText
Key Found : HKLM\SOFTWARE\Classes\pdfforge.Tools
Key Found : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [offerboxffx@offerbox.com]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [3845 octets] - [04/03/2012 22:42:34]
########## EOF - C:\AdwCleaner[R1].txt - [3973 octets] ##########
Rapport AD-REMOVER :
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 22:46:42 on 04/03/2012, Normal boot
Microsoft® Windows Vista(TM) Home Basic Service Pack 2 (X86)
Propietari@@ONE (SAMSUNG ELECTRONICS CO., LTD. R510/P510)
============== ACTION(S) ==============
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\AskToolbar
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\FunWebProducts
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Internet Saving Optimizer
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Media Access Startup
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\MyWebSearch
Folder deleted: C:\ProgramData\AGI
(!) -- Temporary files deleted.
Key deleted: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}
Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Key deleted: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\ASKInstaller
Key deleted: HKLM\Software\AskToolbar
Key deleted: HKLM\Software\bandoo
Key deleted: HKLM\Software\Casino.com
Key deleted: HKLM\Software\OfferBox
Key deleted: HKLM\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKLM\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\Casino DelRio
Key deleted: HKCU\Software\Casino.com
Key deleted: HKCU\Software\Europa Casino
Key deleted: HKCU\Software\OfferBox
Key deleted: HKCU\Software\Spointer
Key deleted: HKCU\Software\Swiss Casino
Key deleted: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Key deleted: HKCU\Software\AppDataLow\Software\DoubleD
Key deleted: HKCU\Software\AppDataLow\Software\Fun Web Products
Key deleted: HKCU\Software\AppDataLow\Software\FunWebProducts
Key deleted: HKCU\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKCU\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\AppDataLow\Software\MyWebSearch
Key deleted: HKU\.DEFAULT\Software\OfferBox
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\21Nova Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino770
Key deleted: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01D88F3F-FB32-45D1-B314-E696D1178E56}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{113D2CE2-0507-4F86-BEDE-A5C8A7149348}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{16B6279B-9FF5-41FB-8BF9-404324F5DD1F}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\32 Vegas Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino DelRio
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino Tropez
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino.com
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Europa Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\JuicyAccess Toolbar
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Sukoku
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Swiss Casino
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key deleted: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== ADDITIONNAL SCAN ==============
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} (x)
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://search.elpartidodehoy.es/results.php?Keywords={searchTerms})
HKCU_SearchScopes\{11474CF4-133F-4646-ADEE-081A09D64BE1} - "Google" (hxxp://findgala.com/?&uid=302&q={searchTerms})
HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{1048776A-80DA-428D-9D5F-98E3D9355A87} - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (x)
HKCU_ElevationPolicy\{2E422264-6D8A-4ca0-97C7-A2CF868471EA} - C:\Users\Propietari@\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe (?)
HKCU_ElevationPolicy\{3C6C271F-F44D-4E21-9EAC-D7DE6F4F43C9} - C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (x)
HKCU_ElevationPolicy\{5423220C-54CD-427E-8DFA-E96699073F0E} - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (x)
HKCU_ElevationPolicy\{7549ECA2-5177-4913-9535-3235C943578B} - C:\Program Files\Citrix\GoToMeeting\799\G2MInstaller.exe (Citrix Online, a division of Citrix Systems, Inc.)
HKCU_ElevationPolicy\{80C423D0-D429-4CE7-B0FE-738A801FF45D} - C:\Windows\System32\Macromed\Flash\FlashUtil9b.exe (x)
HKCU_ElevationPolicy\{956CCF32-DE3C-4FC0-8250-A9501760FC8F} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{AB08C965-E8C4-43E2-8B34-5DA9BDE77AD7} - C:\Windows\System32\Macromed\Flash\FlashUtil10x_ActiveX.exe (x)
HKCU_ElevationPolicy\{DC5EB6C1-0AFD-4BD2-9C6F-5FAFD844C8AE} - C:\Program Files\Microsoft Silverlight\4.0.50524.0\Silverlight.Configuration.exe (x)
HKCU_ElevationPolicy\{E6D6C468-815B-4DC4-89AF-3FA580AE4CBB} - C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe (x)
HKCU_ElevationPolicy\{F64C1DB3-E751-44D7-8C92-796879EE5FEB} - C:\Windows\System32\Macromed\Flash\FlashUtil10e_ActiveX.exe (x)
HKCU_ElevationPolicy\{F9BEE338-A21F-441D-9716-2E8821DF6484} - C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe (x)
HKCU_ElevationPolicy\{FD1AB2E7-0738-45B0-A8CE-4973F6BB9707} - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (x)
HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (Visicom Media Inc.)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files\Paltalk Messenger\Paltalk.exe,476)
HKLM_Extensions\{5067A26B-1337-4436-8AFE-EE169C2DA79F} - "?" (?)
HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Aplicación auxiliar de vínculos de Adobe PDF Reader" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 1639 File(s)
C:\Program Files\Ad-Remover\Backup: 15 File(s)
C:\Ad-Report-CLEAN[1].txt - 04/03/2012 22:46:49 (10851 Byte(s))
End at: 22:47:43, 04/03/2012
============== E.O.F ==============
Rapport Malwarebites :
======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 =======
Updated by TeamXscript on 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
website: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 22:46:42 on 04/03/2012, Normal boot
Microsoft® Windows Vista(TM) Home Basic Service Pack 2 (X86)
Propietari@@ONE (SAMSUNG ELECTRONICS CO., LTD. R510/P510)
============== ACTION(S) ==============
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\AskToolbar
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\FunWebProducts
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Internet Saving Optimizer
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\Media Access Startup
Folder deleted: C:\Users\Propietari@\AppData\LocalLow\MyWebSearch
Folder deleted: C:\ProgramData\AGI
(!) -- Temporary files deleted.
Key deleted: HKLM\Software\Classes\CLSID\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260e0cc-0f75-462e-88a3-1e05c248bf4c}
Key deleted: HKLM\Software\Classes\AppID\{E142D053-7023-4B33-AF22-91F14202142D}
Key deleted: HKLM\Software\Classes\Interface\{115CCBAE-27B0-47C3-BA42-BAB708424393}
Key deleted: HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore
Key deleted: HKLM\Software\Classes\BandooCore.BandooCore.1
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr
Key deleted: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr
Key deleted: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr
Key deleted: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer
Key deleted: HKLM\Software\Classes\OfferBox.OfferBoxServer.1
Key deleted: HKLM\Software\Classes\AppID\BandooCore.EXE
Key deleted: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key deleted: HKLM\Software\ASKInstaller
Key deleted: HKLM\Software\AskToolbar
Key deleted: HKLM\Software\bandoo
Key deleted: HKLM\Software\Casino.com
Key deleted: HKLM\Software\OfferBox
Key deleted: HKLM\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKLM\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\Casino DelRio
Key deleted: HKCU\Software\Casino.com
Key deleted: HKCU\Software\Europa Casino
Key deleted: HKCU\Software\OfferBox
Key deleted: HKCU\Software\Spointer
Key deleted: HKCU\Software\Swiss Casino
Key deleted: HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Key deleted: HKCU\Software\AppDataLow\Software\DoubleD
Key deleted: HKCU\Software\AppDataLow\Software\Fun Web Products
Key deleted: HKCU\Software\AppDataLow\Software\FunWebProducts
Key deleted: HKCU\Software\AppDataLow\Software\Internet Saving Optimizer
Key deleted: HKCU\Software\AppDataLow\Software\Media Access Startup
Key deleted: HKCU\Software\AppDataLow\Software\MyWebSearch
Key deleted: HKU\.DEFAULT\Software\OfferBox
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\21Nova Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Casino770
Key deleted: HKLM\Software\Classes\Installer\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\5B4758C25396ECF468E04F8E063287FF
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01D88F3F-FB32-45D1-B314-E696D1178E56}
Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{113D2CE2-0507-4F86-BEDE-A5C8A7149348}
Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423e-A425-0370799166FB}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{16B6279B-9FF5-41FB-8BF9-404324F5DD1F}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\32 Vegas Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino-On-Net
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino DelRio
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino Tropez
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Casino.com
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Europa Casino
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\JuicyAccess Toolbar
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Sukoku
Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Swiss Casino
Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key deleted: HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key deleted: HKLM\Software\Microsoft\Code Store Database\Distribution Units\CabBuilder
Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|offerboxffx@offerbox.com
Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== ADDITIONNAL SCAN ==============
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{4daac69c-cba7-45e2-9bc8-1044483d3352} (x)
HKCU_SearchScopes\{0633EE93-1111-472f-A0FF-E1416B8B2E3B} - "Google Customized Web Search" (hxxp://search.elpartidodehoy.es/results.php?Keywords={searchTerms})
HKCU_SearchScopes\{11474CF4-133F-4646-ADEE-081A09D64BE1} - "Google" (hxxp://findgala.com/?&uid=302&q={searchTerms})
HKCU_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{1048776A-80DA-428D-9D5F-98E3D9355A87} - C:\Windows\System32\Macromed\Flash\FlashUtil10c.exe (x)
HKCU_ElevationPolicy\{2E422264-6D8A-4ca0-97C7-A2CF868471EA} - C:\Users\Propietari@\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe (?)
HKCU_ElevationPolicy\{3C6C271F-F44D-4E21-9EAC-D7DE6F4F43C9} - C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (x)
HKCU_ElevationPolicy\{5423220C-54CD-427E-8DFA-E96699073F0E} - C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (x)
HKCU_ElevationPolicy\{7549ECA2-5177-4913-9535-3235C943578B} - C:\Program Files\Citrix\GoToMeeting\799\G2MInstaller.exe (Citrix Online, a division of Citrix Systems, Inc.)
HKCU_ElevationPolicy\{80C423D0-D429-4CE7-B0FE-738A801FF45D} - C:\Windows\System32\Macromed\Flash\FlashUtil9b.exe (x)
HKCU_ElevationPolicy\{956CCF32-DE3C-4FC0-8250-A9501760FC8F} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKCU_ElevationPolicy\{AB08C965-E8C4-43E2-8B34-5DA9BDE77AD7} - C:\Windows\System32\Macromed\Flash\FlashUtil10x_ActiveX.exe (x)
HKCU_ElevationPolicy\{DC5EB6C1-0AFD-4BD2-9C6F-5FAFD844C8AE} - C:\Program Files\Microsoft Silverlight\4.0.50524.0\Silverlight.Configuration.exe (x)
HKCU_ElevationPolicy\{E6D6C468-815B-4DC4-89AF-3FA580AE4CBB} - C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe (x)
HKCU_ElevationPolicy\{F64C1DB3-E751-44D7-8C92-796879EE5FEB} - C:\Windows\System32\Macromed\Flash\FlashUtil10e_ActiveX.exe (x)
HKCU_ElevationPolicy\{F9BEE338-A21F-441D-9716-2E8821DF6484} - C:\Windows\System32\Macromed\Flash\FlashUtil10w_ActiveX.exe (x)
HKCU_ElevationPolicy\{FD1AB2E7-0738-45B0-A8CE-4973F6BB9707} - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (x)
HKLM_ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} - C:\Users\Propietari@\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Limited)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{ba20b5da-0f48-40c5-b8c9-2cda4ecf75c2} - C:\Program Files\Toolbar Cleaner\ToolbarCleaner.exe (Visicom Media Inc.)
HKLM_Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - "?" (?)
HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files\Paltalk Messenger\Paltalk.exe,476)
HKLM_Extensions\{5067A26B-1337-4436-8AFE-EE169C2DA79F} - "?" (?)
HKLM_Extensions\{85d1f590-48f4-11d9-9669-0800200c9a66} - "?" (?)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "@btrez.dll,-4015" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "Aplicación auxiliar de vínculos de Adobe PDF Reader" (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 1639 File(s)
C:\Program Files\Ad-Remover\Backup: 15 File(s)
C:\Ad-Report-CLEAN[1].txt - 04/03/2012 22:46:49 (10851 Byte(s))
End at: 22:47:43, 04/03/2012
============== E.O.F ==============
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
5 mars 2012 à 12:59
5 mars 2012 à 12:59
Re,
1/
Tu as lancé ADWCleaner en mode recherche, relance ADWCleaner puis
choisis " clean" (Suppression) et non recherche
2/
Il manque le rapport Malwarebytes
@+
1/
Tu as lancé ADWCleaner en mode recherche, relance ADWCleaner puis
choisis " clean" (Suppression) et non recherche
2/
Il manque le rapport Malwarebytes
@+
Afabus
Messages postés
9
Date d'inscription
lundi 5 mars 2012
Statut
Membre
Dernière intervention
6 mars 2012
5 mars 2012 à 13:33
5 mars 2012 à 13:33
Bjr, voiçi a nouveau le rapport ADWCleaner :
# AdwCleaner v1.501 - Logfile created 03/05/2012 at 13:21:04
# Updated 04/03/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Propietari@ - ONE
# Running from : C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PD8LTZ6H\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Propietari@\AppData\LocalLow\BabylonToolbar
File Deleted : C:\Program Files\Windows live\messenger\msimg32.dll
***** [H. Navipromo] *****
***** [Registry] *****
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.DllInfo
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.Tools
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [3974 octets] - [04/03/2012 22:42:34]
AdwCleaner[S1].txt - [352 octets] - [04/03/2012 22:43:35]
AdwCleaner[S2].txt - [1817 octets] - [05/03/2012 13:21:04]
########## EOF - C:\AdwCleaner[S2].txt - [1945 octets] ##########
# AdwCleaner v1.501 - Logfile created 03/05/2012 at 13:21:04
# Updated 04/03/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Propietari@ - ONE
# Running from : C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PD8LTZ6H\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Users\Propietari@\AppData\LocalLow\BabylonToolbar
File Deleted : C:\Program Files\Windows live\messenger\msimg32.dll
***** [H. Navipromo] *****
***** [Registry] *****
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.DllInfo
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText
Key Deleted : HKLM\SOFTWARE\Classes\pdfforge.Tools
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4e1d-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4fde-B055-AE7B0F4CF080}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [3974 octets] - [04/03/2012 22:42:34]
AdwCleaner[S1].txt - [352 octets] - [04/03/2012 22:43:35]
AdwCleaner[S2].txt - [1817 octets] - [05/03/2012 13:21:04]
########## EOF - C:\AdwCleaner[S2].txt - [1945 octets] ##########
Afabus
Messages postés
9
Date d'inscription
lundi 5 mars 2012
Statut
Membre
Dernière intervention
6 mars 2012
5 mars 2012 à 13:35
5 mars 2012 à 13:35
Voiçi le rapport Malwarbitres :
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Version de la base de données: v2012.03.05.02
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Propietari@ :: ONE [administrateur]
05/03/2012 10:33:26
mbam-log-2012-03-05 (10-33-26).txt
Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 294414
Temps écoulé: 52 minute(s), 56 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Version de la base de données: v2012.03.05.02
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Propietari@ :: ONE [administrateur]
05/03/2012 10:33:26
mbam-log-2012-03-05 (10-33-26).txt
Type d'examen: Examen complet
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 294414
Temps écoulé: 52 minute(s), 56 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
5 mars 2012 à 13:54
5 mars 2012 à 13:54
Re,
Redémarre ton PC, lance ZHPDiag depuis le bureau et prépare stp
un nouveau rapport ZHPDiag ( à héberger ) .. :-)
@+
Redémarre ton PC, lance ZHPDiag depuis le bureau et prépare stp
un nouveau rapport ZHPDiag ( à héberger ) .. :-)
@+
Afabus
Messages postés
9
Date d'inscription
lundi 5 mars 2012
Statut
Membre
Dernière intervention
6 mars 2012
5 mars 2012 à 14:10
5 mars 2012 à 14:10
bjr, juste une chose, avec firefox, mon pc marche trés bien et ne rame pas.
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
5 mars 2012 à 19:35
5 mars 2012 à 19:35
Salut,
1/
Prépare stp le rapport ZHPDiag pour faire un diagnostique et pour bien
nettoyer ton PC :-)
Il nous reste des lignes à fixer ...
2/
Quel est le problème de Firefox ?
@+
1/
Prépare stp le rapport ZHPDiag pour faire un diagnostique et pour bien
nettoyer ton PC :-)
Il nous reste des lignes à fixer ...
2/
Quel est le problème de Firefox ?
@+
Afabus
Messages postés
9
Date d'inscription
lundi 5 mars 2012
Statut
Membre
Dernière intervention
6 mars 2012
5 mars 2012 à 21:23
5 mars 2012 à 21:23
Bonsoir, voiçi le lien du rapport ZHPDiag :
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120305_y8i14r7n11e15
https://pjjoint.malekal.com/files.php?id=ZHPDiag_20120305_y8i14r7n11e15
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
5 mars 2012 à 21:35
5 mars 2012 à 21:35
Re,
1/
Désinstalle Spybot et Ad-Aware il ne servent à rien! :-)
2/
Copie tout le texte présent ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )
Puis Lance ZHPFix depuis le raccourci du bureau .
* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .
Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
Clique sur le bouton GO
Copie/Colle le rapport à l'écran dans ton prochain message.
@+
1/
Désinstalle Spybot et Ad-Aware il ne servent à rien! :-)
2/
Copie tout le texte présent ci-dessous ( tu le selectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C )
O43 - CFD: 01/11/2010 - 22:20:36 - [0,008] -SH-D- C:\ProgramData\6618dae O43 - CFD: 29/09/2010 - 15:52:18 - [0,546] ----D- C:\Users\Propietari@\AppData\Roaming\moovida-1 => Infection BT (Adware.SPointer) O43 - CFD: 29/09/2010 - 15:52:00 - [0,146] ----D- C:\Users\Propietari@\AppData\Local\moovida Air => Infection BT (Adware.SPointer) O69 - SBI: SearchScopes [HKCU] {11474CF4-133F-4646-ADEE-081A09D64BE1} - (Google) - http://findgala.com O87 - FAEL: "TCP Query User{82BA2762-BF31-4228-B64E-895B57C17A31}C:\programdata\6618dae\ms6618.exe" |In - Public - P6 - TRUE | .(...) -- C:\programdata\6618dae\ms6618.exe (.not file.) O87 - FAEL: "UDP Query User{9D43DBD3-975F-46D6-8E5C-35D07BC95624}C:\programdata\6618dae\ms6618.exe" |In - Public - P17 - TRUE | .(...) -- C:\programdata\6618dae\ms6618.exe (.not file.) [HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF] C:\Users\Propietari@\AppData\Local\moovida air => Infection BT (Adware.SPointer) [HKCU\Software\luckyacecasino] O43 - CFD: 15/05/2010 - 16:09:52 - [0,020] -SH-D- C:\ProgramData\MSCDDFAAUAE [MD5.00000000000000000000000000000000] [APT] [{04559F9A-81AF-457C-828A-72E5F878B50C}] (...) -- C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CL9WTPLD\PDFCreator-1.2.3-setup[1].exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{C4E9CDCB-8363-44AE-9D58-48B485BC07C4}] (...) -- C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\38F7F87J\CT3080215_ChatVibes[1].exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{D92A3880-815D-4ED8-AFED-D104188A14EA}] (...) -- C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KKHMRWBZ\rbp_setup[1].exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{F1BBBA99-4E25-4B3E-BF3B-424A0DFEAF3E}] (...) -- C:\Users\Propietari@\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SRTIWLV\rbp_setup[1].exe (.not file.) O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 => Safer Networking Limited Spybot - S&D O43 - CFD: 01/03/2012 - 19:44:58 - [58,952] ----D- C:\Program Files\Spybot - Search & Destroy => Spybot - Search & Destroy O43 - CFD: 03/09/2009 - 16:50:28 - [580,056] ----D- C:\ProgramData\MGS O43 - CFD: 04/03/2012 - 20:38:14 - [0,004] ----D- C:\ProgramData\Spybot - Search & Destroy => Spybot - Search & Destroy O43 - CFD: 18/07/2009 - 16:41:24 - [0,000] ----D- C:\Users\Propietari@\AppData\Local\BingoCafe => Casino.OnlineGame O43 - CFD: 21/04/2009 - 22:17:54 - [0] -SH-D- C:\Users\Propietari@\AppData\Local\Historial O43 - CFD: 05/07/2011 - 10:22:46 - [0] ----D- C:\Users\Propietari@\AppData\Local\{08E96943-F6FC-47FB-84DF-6E766578B828} O43 - CFD: 26/02/2012 - 16:42:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{0DB5260D-E4CD-4D50-93C2-145098D13670} O43 - CFD: 17/12/2011 - 13:44:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{118CFBA6-1307-4AA2-94FD-BE270D2A81D0} O43 - CFD: 28/06/2011 - 13:35:20 - [0] ----D- C:\Users\Propietari@\AppData\Local\{13FD3C44-F920-4291-8B23-C40C108A54AD} O43 - CFD: 12/01/2012 - 22:33:34 - [0] ----D- C:\Users\Propietari@\AppData\Local\{1418B06F-B194-4870-AAB4-442EA0F703F0} O43 - CFD: 20/07/2011 - 19:39:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{14B3896F-67A9-4DC0-BA51-6CCB229D6ACD} O43 - CFD: 21/09/2011 - 14:44:06 - [0] ----D- C:\Users\Propietari@\AppData\Local\{198CBDEE-C49F-4AA0-9C00-E181FA3EC800} O43 - CFD: 10/01/2012 - 22:27:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{1F9C7BD3-C4D4-4B23-B2DF-83B332C25804} O43 - CFD: 26/06/2011 - 14:06:14 - [0] ----D- C:\Users\Propietari@\AppData\Local\{2C65668B-ECF0-44D8-A7BA-766D01A22F25} O43 - CFD: 25/02/2012 - 17:05:22 - [0] ----D- C:\Users\Propietari@\AppData\Local\{2DD120EE-2B14-4FC6-B448-ECC47AC68E78} O43 - CFD: 12/02/2012 - 22:30:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{2FFDD21A-7A5F-42D6-931A-2A8E350FD7F1} O43 - CFD: 09/07/2011 - 14:07:36 - [0] ----D- C:\Users\Propietari@\AppData\Local\{30123F91-1C25-4A03-AFDD-43851CD234CF} O43 - CFD: 27/06/2011 - 20:28:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{3017A2AB-65C3-4F00-84AE-083B7F190B65} O43 - CFD: 31/10/2011 - 23:12:54 - [0] ----D- C:\Users\Propietari@\AppData\Local\{33A48990-FC6A-4F0C-9EF7-62954DA271FA} O43 - CFD: 08/04/2011 - 13:47:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{3418B091-1133-40ED-84F3-69EE02E57D74} O43 - CFD: 10/04/2011 - 20:46:36 - [0] ----D- C:\Users\Propietari@\AppData\Local\{445D2BFD-BAA4-443B-BD7D-3B2327AF42F9} O43 - CFD: 13/06/2011 - 20:54:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{467F14E1-E2C0-4F50-89C4-7EC5863F8896} O43 - CFD: 17/12/2011 - 13:43:54 - [0] ----D- C:\Users\Propietari@\AppData\Local\{4C710CC6-90B7-42A1-AD87-66F424D60499} O43 - CFD: 11/04/2011 - 12:00:22 - [0] ----D- C:\Users\Propietari@\AppData\Local\{4D141584-DA03-4AB6-8774-F95A0DED65D5} O43 - CFD: 07/11/2011 - 16:54:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{518836B1-32A9-4516-BACA-6FCBD5FE7DF8} O43 - CFD: 21/09/2011 - 14:44:38 - [0] ----D- C:\Users\Propietari@\AppData\Local\{54196477-B650-4B0D-9F6E-B11AF2876757} O43 - CFD: 20/07/2011 - 19:39:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{56915CD6-D051-4825-9B71-D0BE29ED0BE2} O43 - CFD: 29/06/2011 - 10:23:56 - [0] ----D- C:\Users\Propietari@\AppData\Local\{570D97C3-E510-453F-ACF5-DC24DAEBEC8E} O43 - CFD: 29/06/2011 - 10:35:48 - [0] ----D- C:\Users\Propietari@\AppData\Local\{5CDA2150-B2BB-41A8-8761-85F2C58AD6B8} O43 - CFD: 08/07/2011 - 22:30:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{63339D59-41C9-497E-9F63-B3D14FD494AB} O43 - CFD: 27/11/2011 - 23:31:20 - [0] ----D- C:\Users\Propietari@\AppData\Local\{685F5DFD-8AE8-4878-A814-15DCD3A57F49} O43 - CFD: 21/09/2011 - 14:43:54 - [0] ----D- C:\Users\Propietari@\AppData\Local\{6AD0AA9A-F7DC-493B-93B7-C04764D70D53} O43 - CFD: 31/10/2011 - 23:13:04 - [0] ----D- C:\Users\Propietari@\AppData\Local\{6B9DC6BD-8AC3-4423-B2EB-AD9CA9D0A598} O43 - CFD: 04/08/2011 - 13:46:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{71421A35-CE30-4EF3-8159-7B785EF6400D} O43 - CFD: 29/06/2011 - 13:50:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{75796355-9A55-42FB-BFBE-3BC27D022F18} O43 - CFD: 10/01/2012 - 22:27:02 - [0] ----D- C:\Users\Propietari@\AppData\Local\{7785B063-7CB6-40FC-9211-F7DDC11C0C10} O43 - CFD: 09/04/2011 - 14:17:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{7AE6AE87-AD5E-4398-A574-5037F6328622} O43 - CFD: 27/07/2011 - 14:31:26 - [0] ----D- C:\Users\Propietari@\AppData\Local\{7F1B528D-0E3D-4E9D-AF0E-EFC293D8BF0F} O43 - CFD: 18/07/2011 - 21:01:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{80F57CF1-F2D0-46C7-9752-77C2053A0135} O43 - CFD: 10/04/2011 - 8:45:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{816F5F5E-F396-481E-A12A-69F36CC813ED} O43 - CFD: 03/09/2011 - 22:27:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{826CF207-4726-4ACE-9785-1F04F80FC853} O43 - CFD: 09/02/2012 - 22:45:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{8587F8B0-4F1A-4426-91E2-9444E1F5C0E0} O43 - CFD: 04/08/2011 - 13:48:46 - [0] ----D- C:\Users\Propietari@\AppData\Local\{8E0DC750-6AFF-45C5-AEF8-D5943160FB4E} O43 - CFD: 09/01/2012 - 22:04:18 - [0] ----D- C:\Users\Propietari@\AppData\Local\{8F878C35-2C5B-456D-8C79-03DF6AFDA75C} O43 - CFD: 22/12/2011 - 22:08:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{8F8B059A-49D1-49D1-98AE-76BE9D7027A9} O43 - CFD: 25/02/2012 - 17:05:12 - [0] ----D- C:\Users\Propietari@\AppData\Local\{901090C8-0C89-4744-8555-2D5BFA493D0A} O43 - CFD: 18/05/2011 - 14:33:34 - [0] ----D- C:\Users\Propietari@\AppData\Local\{93626FB8-A95C-442A-9D6E-8BADC8A2C464} O43 - CFD: 04/07/2011 - 17:51:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{9850EC8D-7A05-44C4-B46A-539236FD89B7} O43 - CFD: 12/04/2011 - 10:26:22 - [0] ----D- C:\Users\Propietari@\AppData\Local\{9E9FAAC8-7C60-44F9-B4EC-277974E61AE5} O43 - CFD: 07/04/2011 - 15:26:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{9EF5FFB3-90FB-4BA1-AB2F-E92FD5F78493} O43 - CFD: 12/02/2012 - 22:31:02 - [0] ----D- C:\Users\Propietari@\AppData\Local\{9FD16684-5773-479A-97D3-A9D219719BE6} O43 - CFD: 14/01/2012 - 12:36:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{A6D292F6-B0C9-405F-BC34-75676E9EB546} O43 - CFD: 07/11/2011 - 16:55:00 - [0] ----D- C:\Users\Propietari@\AppData\Local\{A769C17E-E239-4874-B31D-EF1AEE79221C} O43 - CFD: 31/05/2011 - 13:56:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{A7EA7A42-0BF1-4784-8A4A-59C5FCA8B41C} O43 - CFD: 26/02/2012 - 16:42:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{AB2F1A9B-91A6-4A0F-AB15-D0ADEEE204AA} O43 - CFD: 11/05/2011 - 14:55:52 - [0] ----D- C:\Users\Propietari@\AppData\Local\{AD66E02E-9FD8-4F42-A620-37A5BBCA5C7E} O43 - CFD: 27/11/2011 - 23:31:30 - [0] ----D- C:\Users\Propietari@\AppData\Local\{AE46CB18-73E7-4C1B-B763-C94BB545343B} O43 - CFD: 19/07/2011 - 20:09:22 - [0] ----D- C:\Users\Propietari@\AppData\Local\{B7EAFB58-B20A-4F70-8215-966FCDF1721E} O43 - CFD: 09/02/2012 - 22:45:26 - [0] ----D- C:\Users\Propietari@\AppData\Local\{BCA81EE6-906B-4A42-9518-900B17092EE9} O43 - CFD: 31/10/2011 - 22:10:06 - [0] ----D- C:\Users\Propietari@\AppData\Local\{C35B60FE-F61D-4765-B533-65E123F81176} O43 - CFD: 31/12/2011 - 14:42:18 - [0] ----D- C:\Users\Propietari@\AppData\Local\{C716BDE8-695E-4308-93BB-129EF409AEAA} O43 - CFD: 06/01/2012 - 20:51:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{CC1294F4-36B8-4A1C-93CF-7C97F105971C} O43 - CFD: 09/01/2012 - 22:03:06 - [0] ----D- C:\Users\Propietari@\AppData\Local\{CE230DFC-9D6C-405A-A94C-56B717956196} O43 - CFD: 08/04/2011 - 20:17:38 - [0] ----D- C:\Users\Propietari@\AppData\Local\{CE91D3A5-3608-4DC4-856A-A75CB695599D} O43 - CFD: 22/12/2011 - 22:08:42 - [0] ----D- C:\Users\Propietari@\AppData\Local\{D6BAF67B-2B66-4CE7-909C-FFD13C92DD36} O43 - CFD: 14/01/2012 - 12:37:00 - [0] ----D- C:\Users\Propietari@\AppData\Local\{D92E3AE5-979D-49EB-9F88-B366A039B16E} O43 - CFD: 19/07/2011 - 13:37:08 - [0] ----D- C:\Users\Propietari@\AppData\Local\{DB571477-06F0-465D-9996-F46BF4D32CBD} O43 - CFD: 11/02/2012 - 22:23:26 - [0] ----D- C:\Users\Propietari@\AppData\Local\{DCF4B814-4940-4FA9-BAA2-19A124EF47DF} O43 - CFD: 01/07/2011 - 7:35:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{DE6C21A0-6C08-44A1-9D12-76CA6127846D} O43 - CFD: 06/01/2012 - 20:51:48 - [0] ----D- C:\Users\Propietari@\AppData\Local\{DEBD0B36-892D-4339-B24F-9328E112B755} O43 - CFD: 12/01/2012 - 22:33:44 - [0] ----D- C:\Users\Propietari@\AppData\Local\{E05509BD-C2B9-48B2-8938-4180C7AE29B8} O43 - CFD: 16/06/2011 - 22:16:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F1A31567-A759-4CB7-B942-4F279F392617} O43 - CFD: 30/10/2011 - 21:52:50 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F1E3665E-2DFB-4DB9-B9CB-05054E381ACE} O43 - CFD: 29/06/2011 - 20:19:16 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F1F45D59-2423-4F4B-9094-C675A6C3A4F0} O43 - CFD: 30/06/2011 - 10:56:20 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F38D9797-12B7-45F3-8297-F49B71AE47B7} O43 - CFD: 31/12/2011 - 14:42:08 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F4ED5A19-1975-494C-B7E2-A0109EB755EB} O43 - CFD: 10/06/2011 - 18:30:56 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F5FCDF1C-D96A-49E9-B644-3064E95E1739} O43 - CFD: 01/06/2011 - 10:35:58 - [0] ----D- C:\Users\Propietari@\AppData\Local\{F77290A1-669F-43AD-A084-66A64A0DA93D} O43 - CFD: 11/02/2012 - 22:23:36 - [0] ----D- C:\Users\Propietari@\AppData\Local\{FB1F8F45-2A49-4198-A654-AC28E7BBD745} O43 - CFD: 27/06/2011 - 13:45:34 - [0] ----D- C:\Users\Propietari@\AppData\Local\{FB67456D-D902-451E-8CF9-6F9C981E4843} FirewallRAZ EmptyTemp EmptyFlash
Puis Lance ZHPFix depuis le raccourci du bureau .
* Une fois l'outil ZHPFix ouvert , clique sur le bouton [ H ] ( "coller les lignes Helper" ) .
* Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .
Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.
Clique sur le bouton GO
Copie/Colle le rapport à l'écran dans ton prochain message.
@+
Afabus
Messages postés
9
Date d'inscription
lundi 5 mars 2012
Statut
Membre
Dernière intervention
6 mars 2012
5 mars 2012 à 22:25
5 mars 2012 à 22:25
Bsr, quand je clique sur GO, s'affiche en anglais (YOU CONFIRM THE CLEANING OF THE DATA) je cliques sur OUI ou sur NON?
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
6 mars 2012 à 05:41
6 mars 2012 à 05:41
Bonjour,
Clique sur "OUI"
@+
Clique sur "OUI"
@+
Afabus
Messages postés
9
Date d'inscription
lundi 5 mars 2012
Statut
Membre
Dernière intervention
6 mars 2012
6 mars 2012 à 13:22
6 mars 2012 à 13:22
Voiçi le rapport :
Rapport de ZHPFix 1.12.3380 par Nicolas Coolman, Update du 05/02/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-06-03-2012-13-16-25.txt
Run by Propietari@ at 06/03/2012 13:16:25
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Software ==========
NOT FOUND Software Key: {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
========== Registry Key ==========
NOT FOUND SearchScopes :{11474CF4-133F-4646-ADEE-081A09D64BE1}
NOT FOUND Key: HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF
NOT FOUND Key: HKCU\Software\luckyacecasino
========== Registry Value ==========
NOT FOUND TCP Query User{82BA2762-BF31-4228-B64E-895B57C17A31}C:/programdata/6618dae/ms6618.exe
NOT FOUND UDP Query User{9D43DBD3-975F-46D6-8E5C-35D07BC95624}C:/programdata/6618dae/ms6618.exe
No Value in Standard Profile Register Key FirewallRaz :
No Value in Domain Profile Register Key FirewallRaz :
DELETED FirewallRaz (None) : {3B38E851-3AF9-496C-B415-35AB7DEE50BF}
DELETED FirewallRaz (Public) : TCP Query User{4A6CD651-D1DC-42B2-995D-652D19589113}C:\program files\tvuplayer\tvuplayer.exe
DELETED FirewallRaz (Public) : UDP Query User{E2BD53E8-37C1-4D11-8811-B0735BD4123E}C:\program files\tvuplayer\tvuplayer.exe
DELETED FirewallRaz (Public) : TCP Query User{5424E6CE-77FE-495F-BDCF-ECDDF001ECAF}C:\program files\sopcast\adv\sopadver.exe
DELETED FirewallRaz (Public) : UDP Query User{E38F2B4B-F621-414C-B509-7B7F4549D673}C:\program files\sopcast\adv\sopadver.exe
DELETED FirewallRaz (Public) : TCP Query User{73CE04A8-4174-4215-BEF9-7BA471D876A0}C:\program files\voipcheapcom.com\voipcheapcom\voipcheapcom.exe
DELETED FirewallRaz (Public) : UDP Query User{775F3DD1-164D-4854-BB73-2F3978EC2320}C:\program files\voipcheapcom.com\voipcheapcom\voipcheapcom.exe
DELETED FirewallRaz (Public) : TCP Query User{E3101E74-DC2E-4585-B7BE-8DF51393798D}C:\program files\sony\media go\mediago.exe
DELETED FirewallRaz (Public) : UDP Query User{7A001C63-2C29-4C97-BB90-FA54E8E995A4}C:\program files\sony\media go\mediago.exe
DELETED FirewallRaz (Public) : TCP Query User{3B719075-6404-4A0D-B49B-A3DB0F166C99}C:\program files\nokia\nokia software updater\nsu_ui_client.exe
DELETED FirewallRaz (Public) : UDP Query User{08819BCB-8DE0-4DCD-902F-AEAE3AAE38C1}C:\program files\nokia\nokia software updater\nsu_ui_client.exe
DELETED FirewallRaz (Public) : TCP Query User{524255AD-4C91-4889-A814-8118645BCB15}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
DELETED FirewallRaz (Public) : UDP Query User{6D3D614A-3115-44FF-A55C-D2C199597395}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
DELETED FirewallRaz (Public) : TCP Query User{116E8C90-FF68-49E6-BA8B-1CBA3CB0FC9A}C:\program files\spyware terminator\spywareterminatorupdate.exe
DELETED FirewallRaz (Public) : UDP Query User{E54C2229-3E81-4BE6-B9E9-CDCC8178F04B}C:\program files\spyware terminator\spywareterminatorupdate.exe
DELETED FirewallRaz (Public) : TCP Query User{EA01E298-7998-4E5A-B6F6-966DDBE53F5D}C:\program files\voipbuster.com\voipbuster\voipbuster.exe
DELETED FirewallRaz (Public) : UDP Query User{D5B95BF5-6ED1-45CC-B628-5A9048BF0DD2}C:\program files\voipbuster.com\voipbuster\voipbuster.exe
DELETED FirewallRaz (Public) : TCP Query User{7019B9FE-8862-4810-948E-9BE155ABCFEC}C:\program files\sopcast\sopcast.exe
DELETED FirewallRaz (Public) : UDP Query User{C80BDB6D-C2E8-48A0-A972-B5C3660B17ED}C:\program files\sopcast\sopcast.exe
========== Repertory ==========
NOT FOUND C:\ProgramData\6618dae
NOT FOUND C:\Users\Propietari@\AppData\Roaming\moovida-1
NOT FOUND C:\Users\Propietari@\AppData\Local\moovida Air
NOT FOUND C:\ProgramData\MSCDDFAAUAE
DELETE on Reboot Folder**: C:\Program Files\Spybot - Search & Destroy
DELETED Folder: C:\ProgramData\MGS
DELETED Folder: C:\ProgramData\Spybot - Search & Destroy
DELETED Folder: C:\Users\Propietari@\AppData\Local\BingoCafe
DELETED Folder: C:\Users\Propietari@\AppData\Local\Historial
DELETED Folder: C:\Users\Propietari@\AppData\Local\{08E96943-F6FC-47FB-84DF-6E766578B828}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{0DB5260D-E4CD-4D50-93C2-145098D13670}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{118CFBA6-1307-4AA2-94FD-BE270D2A81D0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{13FD3C44-F920-4291-8B23-C40C108A54AD}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{1418B06F-B194-4870-AAB4-442EA0F703F0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{14B3896F-67A9-4DC0-BA51-6CCB229D6ACD}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{198CBDEE-C49F-4AA0-9C00-E181FA3EC800}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{1F9C7BD3-C4D4-4B23-B2DF-83B332C25804}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{2C65668B-ECF0-44D8-A7BA-766D01A22F25}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{2DD120EE-2B14-4FC6-B448-ECC47AC68E78}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{2FFDD21A-7A5F-42D6-931A-2A8E350FD7F1}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{30123F91-1C25-4A03-AFDD-43851CD234CF}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{3017A2AB-65C3-4F00-84AE-083B7F190B65}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{33A48990-FC6A-4F0C-9EF7-62954DA271FA}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{3418B091-1133-40ED-84F3-69EE02E57D74}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{445D2BFD-BAA4-443B-BD7D-3B2327AF42F9}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{467F14E1-E2C0-4F50-89C4-7EC5863F8896}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{4C710CC6-90B7-42A1-AD87-66F424D60499}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{4D141584-DA03-4AB6-8774-F95A0DED65D5}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{518836B1-32A9-4516-BACA-6FCBD5FE7DF8}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{54196477-B650-4B0D-9F6E-B11AF2876757}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{56915CD6-D051-4825-9B71-D0BE29ED0BE2}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{570D97C3-E510-453F-ACF5-DC24DAEBEC8E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{5CDA2150-B2BB-41A8-8761-85F2C58AD6B8}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{63339D59-41C9-497E-9F63-B3D14FD494AB}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{685F5DFD-8AE8-4878-A814-15DCD3A57F49}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{6AD0AA9A-F7DC-493B-93B7-C04764D70D53}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{6B9DC6BD-8AC3-4423-B2EB-AD9CA9D0A598}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{71421A35-CE30-4EF3-8159-7B785EF6400D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{75796355-9A55-42FB-BFBE-3BC27D022F18}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{7785B063-7CB6-40FC-9211-F7DDC11C0C10}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{7AE6AE87-AD5E-4398-A574-5037F6328622}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{7F1B528D-0E3D-4E9D-AF0E-EFC293D8BF0F}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{80F57CF1-F2D0-46C7-9752-77C2053A0135}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{816F5F5E-F396-481E-A12A-69F36CC813ED}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{826CF207-4726-4ACE-9785-1F04F80FC853}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8587F8B0-4F1A-4426-91E2-9444E1F5C0E0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8E0DC750-6AFF-45C5-AEF8-D5943160FB4E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8F878C35-2C5B-456D-8C79-03DF6AFDA75C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8F8B059A-49D1-49D1-98AE-76BE9D7027A9}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{901090C8-0C89-4744-8555-2D5BFA493D0A}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{93626FB8-A95C-442A-9D6E-8BADC8A2C464}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9850EC8D-7A05-44C4-B46A-539236FD89B7}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9E9FAAC8-7C60-44F9-B4EC-277974E61AE5}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9EF5FFB3-90FB-4BA1-AB2F-E92FD5F78493}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9FD16684-5773-479A-97D3-A9D219719BE6}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{A6D292F6-B0C9-405F-BC34-75676E9EB546}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{A769C17E-E239-4874-B31D-EF1AEE79221C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{A7EA7A42-0BF1-4784-8A4A-59C5FCA8B41C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{AB2F1A9B-91A6-4A0F-AB15-D0ADEEE204AA}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{AD66E02E-9FD8-4F42-A620-37A5BBCA5C7E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{AE46CB18-73E7-4C1B-B763-C94BB545343B}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{B7EAFB58-B20A-4F70-8215-966FCDF1721E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{BCA81EE6-906B-4A42-9518-900B17092EE9}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{C35B60FE-F61D-4765-B533-65E123F81176}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{C716BDE8-695E-4308-93BB-129EF409AEAA}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{CC1294F4-36B8-4A1C-93CF-7C97F105971C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{CE230DFC-9D6C-405A-A94C-56B717956196}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{CE91D3A5-3608-4DC4-856A-A75CB695599D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{D6BAF67B-2B66-4CE7-909C-FFD13C92DD36}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{D92E3AE5-979D-49EB-9F88-B366A039B16E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DB571477-06F0-465D-9996-F46BF4D32CBD}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DCF4B814-4940-4FA9-BAA2-19A124EF47DF}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DE6C21A0-6C08-44A1-9D12-76CA6127846D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DEBD0B36-892D-4339-B24F-9328E112B755}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{E05509BD-C2B9-48B2-8938-4180C7AE29B8}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F1A31567-A759-4CB7-B942-4F279F392617}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F1E3665E-2DFB-4DB9-B9CB-05054E381ACE}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F1F45D59-2423-4F4B-9094-C675A6C3A4F0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F38D9797-12B7-45F3-8297-F49B71AE47B7}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F4ED5A19-1975-494C-B7E2-A0109EB755EB}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F5FCDF1C-D96A-49E9-B644-3064E95E1739}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F77290A1-669F-43AD-A084-66A64A0DA93D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{FB1F8F45-2A49-4198-A654-AC28E7BBD745}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{FB67456D-D902-451E-8CF9-6F9C981E4843}
DELETED Window Temporary: : 78
DELETED Flash Cookies: 1
========== File ==========
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\moovida air
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\cl9wtpld\pdfcreator-1.2.3-setup
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\38f7f87j\ct3080215_chatvibes
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\kkhmrwbz\rbp_setup
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\1srtiwlv\rbp_setup
DELETED Window Temporary: : 477
DELETED Flash Cookies: 0
========== Task ==========
NOT FOUND Task: {04559F9A-81AF-457C-828A-72E5F878B50C}
NOT FOUND Task: {C4E9CDCB-8363-44AE-9D58-48B485BC07C4}
NOT FOUND Task: {D92A3880-815D-4ED8-AFED-D104188A14EA}
NOT FOUND Task: {F1BBBA99-4E25-4B3E-BF3B-424A0DFEAF3E}
========== Summary ==========
3 : Registry Key
23 : Registry Value
86 : Repertory
7 : File
1 : Software
4 : Task
End of clean in 04mn 48s
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 06/03/2012 13:16:25 [12126]
Rapport de ZHPFix 1.12.3380 par Nicolas Coolman, Update du 05/02/2011
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-06-03-2012-13-16-25.txt
Run by Propietari@ at 06/03/2012 13:16:25
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
Web site : http://nicolascoolman.skyrock.com/
========== Software ==========
NOT FOUND Software Key: {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
========== Registry Key ==========
NOT FOUND SearchScopes :{11474CF4-133F-4646-ADEE-081A09D64BE1}
NOT FOUND Key: HKLM\Software\Classes\Installer\Features\5B4758C25396ECF468E04F8E063287FF
NOT FOUND Key: HKCU\Software\luckyacecasino
========== Registry Value ==========
NOT FOUND TCP Query User{82BA2762-BF31-4228-B64E-895B57C17A31}C:/programdata/6618dae/ms6618.exe
NOT FOUND UDP Query User{9D43DBD3-975F-46D6-8E5C-35D07BC95624}C:/programdata/6618dae/ms6618.exe
No Value in Standard Profile Register Key FirewallRaz :
No Value in Domain Profile Register Key FirewallRaz :
DELETED FirewallRaz (None) : {3B38E851-3AF9-496C-B415-35AB7DEE50BF}
DELETED FirewallRaz (Public) : TCP Query User{4A6CD651-D1DC-42B2-995D-652D19589113}C:\program files\tvuplayer\tvuplayer.exe
DELETED FirewallRaz (Public) : UDP Query User{E2BD53E8-37C1-4D11-8811-B0735BD4123E}C:\program files\tvuplayer\tvuplayer.exe
DELETED FirewallRaz (Public) : TCP Query User{5424E6CE-77FE-495F-BDCF-ECDDF001ECAF}C:\program files\sopcast\adv\sopadver.exe
DELETED FirewallRaz (Public) : UDP Query User{E38F2B4B-F621-414C-B509-7B7F4549D673}C:\program files\sopcast\adv\sopadver.exe
DELETED FirewallRaz (Public) : TCP Query User{73CE04A8-4174-4215-BEF9-7BA471D876A0}C:\program files\voipcheapcom.com\voipcheapcom\voipcheapcom.exe
DELETED FirewallRaz (Public) : UDP Query User{775F3DD1-164D-4854-BB73-2F3978EC2320}C:\program files\voipcheapcom.com\voipcheapcom\voipcheapcom.exe
DELETED FirewallRaz (Public) : TCP Query User{E3101E74-DC2E-4585-B7BE-8DF51393798D}C:\program files\sony\media go\mediago.exe
DELETED FirewallRaz (Public) : UDP Query User{7A001C63-2C29-4C97-BB90-FA54E8E995A4}C:\program files\sony\media go\mediago.exe
DELETED FirewallRaz (Public) : TCP Query User{3B719075-6404-4A0D-B49B-A3DB0F166C99}C:\program files\nokia\nokia software updater\nsu_ui_client.exe
DELETED FirewallRaz (Public) : UDP Query User{08819BCB-8DE0-4DCD-902F-AEAE3AAE38C1}C:\program files\nokia\nokia software updater\nsu_ui_client.exe
DELETED FirewallRaz (Public) : TCP Query User{524255AD-4C91-4889-A814-8118645BCB15}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
DELETED FirewallRaz (Public) : UDP Query User{6D3D614A-3115-44FF-A55C-D2C199597395}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe
DELETED FirewallRaz (Public) : TCP Query User{116E8C90-FF68-49E6-BA8B-1CBA3CB0FC9A}C:\program files\spyware terminator\spywareterminatorupdate.exe
DELETED FirewallRaz (Public) : UDP Query User{E54C2229-3E81-4BE6-B9E9-CDCC8178F04B}C:\program files\spyware terminator\spywareterminatorupdate.exe
DELETED FirewallRaz (Public) : TCP Query User{EA01E298-7998-4E5A-B6F6-966DDBE53F5D}C:\program files\voipbuster.com\voipbuster\voipbuster.exe
DELETED FirewallRaz (Public) : UDP Query User{D5B95BF5-6ED1-45CC-B628-5A9048BF0DD2}C:\program files\voipbuster.com\voipbuster\voipbuster.exe
DELETED FirewallRaz (Public) : TCP Query User{7019B9FE-8862-4810-948E-9BE155ABCFEC}C:\program files\sopcast\sopcast.exe
DELETED FirewallRaz (Public) : UDP Query User{C80BDB6D-C2E8-48A0-A972-B5C3660B17ED}C:\program files\sopcast\sopcast.exe
========== Repertory ==========
NOT FOUND C:\ProgramData\6618dae
NOT FOUND C:\Users\Propietari@\AppData\Roaming\moovida-1
NOT FOUND C:\Users\Propietari@\AppData\Local\moovida Air
NOT FOUND C:\ProgramData\MSCDDFAAUAE
DELETE on Reboot Folder**: C:\Program Files\Spybot - Search & Destroy
DELETED Folder: C:\ProgramData\MGS
DELETED Folder: C:\ProgramData\Spybot - Search & Destroy
DELETED Folder: C:\Users\Propietari@\AppData\Local\BingoCafe
DELETED Folder: C:\Users\Propietari@\AppData\Local\Historial
DELETED Folder: C:\Users\Propietari@\AppData\Local\{08E96943-F6FC-47FB-84DF-6E766578B828}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{0DB5260D-E4CD-4D50-93C2-145098D13670}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{118CFBA6-1307-4AA2-94FD-BE270D2A81D0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{13FD3C44-F920-4291-8B23-C40C108A54AD}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{1418B06F-B194-4870-AAB4-442EA0F703F0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{14B3896F-67A9-4DC0-BA51-6CCB229D6ACD}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{198CBDEE-C49F-4AA0-9C00-E181FA3EC800}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{1F9C7BD3-C4D4-4B23-B2DF-83B332C25804}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{2C65668B-ECF0-44D8-A7BA-766D01A22F25}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{2DD120EE-2B14-4FC6-B448-ECC47AC68E78}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{2FFDD21A-7A5F-42D6-931A-2A8E350FD7F1}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{30123F91-1C25-4A03-AFDD-43851CD234CF}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{3017A2AB-65C3-4F00-84AE-083B7F190B65}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{33A48990-FC6A-4F0C-9EF7-62954DA271FA}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{3418B091-1133-40ED-84F3-69EE02E57D74}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{445D2BFD-BAA4-443B-BD7D-3B2327AF42F9}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{467F14E1-E2C0-4F50-89C4-7EC5863F8896}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{4C710CC6-90B7-42A1-AD87-66F424D60499}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{4D141584-DA03-4AB6-8774-F95A0DED65D5}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{518836B1-32A9-4516-BACA-6FCBD5FE7DF8}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{54196477-B650-4B0D-9F6E-B11AF2876757}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{56915CD6-D051-4825-9B71-D0BE29ED0BE2}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{570D97C3-E510-453F-ACF5-DC24DAEBEC8E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{5CDA2150-B2BB-41A8-8761-85F2C58AD6B8}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{63339D59-41C9-497E-9F63-B3D14FD494AB}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{685F5DFD-8AE8-4878-A814-15DCD3A57F49}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{6AD0AA9A-F7DC-493B-93B7-C04764D70D53}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{6B9DC6BD-8AC3-4423-B2EB-AD9CA9D0A598}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{71421A35-CE30-4EF3-8159-7B785EF6400D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{75796355-9A55-42FB-BFBE-3BC27D022F18}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{7785B063-7CB6-40FC-9211-F7DDC11C0C10}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{7AE6AE87-AD5E-4398-A574-5037F6328622}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{7F1B528D-0E3D-4E9D-AF0E-EFC293D8BF0F}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{80F57CF1-F2D0-46C7-9752-77C2053A0135}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{816F5F5E-F396-481E-A12A-69F36CC813ED}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{826CF207-4726-4ACE-9785-1F04F80FC853}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8587F8B0-4F1A-4426-91E2-9444E1F5C0E0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8E0DC750-6AFF-45C5-AEF8-D5943160FB4E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8F878C35-2C5B-456D-8C79-03DF6AFDA75C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{8F8B059A-49D1-49D1-98AE-76BE9D7027A9}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{901090C8-0C89-4744-8555-2D5BFA493D0A}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{93626FB8-A95C-442A-9D6E-8BADC8A2C464}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9850EC8D-7A05-44C4-B46A-539236FD89B7}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9E9FAAC8-7C60-44F9-B4EC-277974E61AE5}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9EF5FFB3-90FB-4BA1-AB2F-E92FD5F78493}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{9FD16684-5773-479A-97D3-A9D219719BE6}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{A6D292F6-B0C9-405F-BC34-75676E9EB546}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{A769C17E-E239-4874-B31D-EF1AEE79221C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{A7EA7A42-0BF1-4784-8A4A-59C5FCA8B41C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{AB2F1A9B-91A6-4A0F-AB15-D0ADEEE204AA}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{AD66E02E-9FD8-4F42-A620-37A5BBCA5C7E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{AE46CB18-73E7-4C1B-B763-C94BB545343B}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{B7EAFB58-B20A-4F70-8215-966FCDF1721E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{BCA81EE6-906B-4A42-9518-900B17092EE9}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{C35B60FE-F61D-4765-B533-65E123F81176}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{C716BDE8-695E-4308-93BB-129EF409AEAA}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{CC1294F4-36B8-4A1C-93CF-7C97F105971C}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{CE230DFC-9D6C-405A-A94C-56B717956196}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{CE91D3A5-3608-4DC4-856A-A75CB695599D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{D6BAF67B-2B66-4CE7-909C-FFD13C92DD36}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{D92E3AE5-979D-49EB-9F88-B366A039B16E}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DB571477-06F0-465D-9996-F46BF4D32CBD}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DCF4B814-4940-4FA9-BAA2-19A124EF47DF}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DE6C21A0-6C08-44A1-9D12-76CA6127846D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{DEBD0B36-892D-4339-B24F-9328E112B755}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{E05509BD-C2B9-48B2-8938-4180C7AE29B8}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F1A31567-A759-4CB7-B942-4F279F392617}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F1E3665E-2DFB-4DB9-B9CB-05054E381ACE}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F1F45D59-2423-4F4B-9094-C675A6C3A4F0}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F38D9797-12B7-45F3-8297-F49B71AE47B7}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F4ED5A19-1975-494C-B7E2-A0109EB755EB}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F5FCDF1C-D96A-49E9-B644-3064E95E1739}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{F77290A1-669F-43AD-A084-66A64A0DA93D}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{FB1F8F45-2A49-4198-A654-AC28E7BBD745}
DELETED Folder: C:\Users\Propietari@\AppData\Local\{FB67456D-D902-451E-8CF9-6F9C981E4843}
DELETED Window Temporary: : 78
DELETED Flash Cookies: 1
========== File ==========
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\moovida air
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\cl9wtpld\pdfcreator-1.2.3-setup
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\38f7f87j\ct3080215_chatvibes
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\kkhmrwbz\rbp_setup
NOT FOUND Folder/File: c:\users\propietari@\appdata\local\microsoft\windows\temporary internet files\content.ie5\1srtiwlv\rbp_setup
DELETED Window Temporary: : 477
DELETED Flash Cookies: 0
========== Task ==========
NOT FOUND Task: {04559F9A-81AF-457C-828A-72E5F878B50C}
NOT FOUND Task: {C4E9CDCB-8363-44AE-9D58-48B485BC07C4}
NOT FOUND Task: {D92A3880-815D-4ED8-AFED-D104188A14EA}
NOT FOUND Task: {F1BBBA99-4E25-4B3E-BF3B-424A0DFEAF3E}
========== Summary ==========
3 : Registry Key
23 : Registry Value
86 : Repertory
7 : File
1 : Software
4 : Task
End of clean in 04mn 48s
========== Report File ==========
C:\ZHP\ZHPFix[R1].txt - 06/03/2012 13:16:25 [12126]
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
Modifié par Fish66 le 6/03/2012 à 13:32
Modifié par Fish66 le 6/03/2012 à 13:32
Re,
1/
Je te conseille de désinstaller : Microsoft Antimalware , Malwarebytes est suffisant
2/
* Telecharge et install link officiel : >>>USBFix ICI<<<
ou : >>> ICI <<<
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
* Double clique sur le raccourci UsbFix sur ton Bureau (clique droit avec la souris
:exécuter en tant qu'administrateur pour vista/seven), l'installation se fera
automatiquement
* Clique sur "Recherche"
* Laisse travailler l'outil
* A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse (il est aussi sauvegardé a la racine du disque dur : C:\UsbFix.txt )
@+
_ _ _ Fish66_ _ _ I''"""""I_ _ membre contributeur sécurité_ _I''"""""I_ _ _
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
1/
Je te conseille de désinstaller : Microsoft Antimalware , Malwarebytes est suffisant
2/
* Telecharge et install link officiel : >>>USBFix ICI<<<
ou : >>> ICI <<<
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
* Double clique sur le raccourci UsbFix sur ton Bureau (clique droit avec la souris
:exécuter en tant qu'administrateur pour vista/seven), l'installation se fera
automatiquement
* Clique sur "Recherche"
* Laisse travailler l'outil
* A la fin, le rapport va s'afficher : poste le dans ta prochaine réponse (il est aussi sauvegardé a la racine du disque dur : C:\UsbFix.txt )
@+
_ _ _ Fish66_ _ _ I''"""""I_ _ membre contributeur sécurité_ _I''"""""I_ _ _
¤¤¤ Le meilleur remède pour tous les problèmes, c'est la patience.... ¤¤¤
Afabus
Messages postés
9
Date d'inscription
lundi 5 mars 2012
Statut
Membre
Dernière intervention
6 mars 2012
6 mars 2012 à 15:32
6 mars 2012 à 15:32
Sincèrement je n'arrive pas a suivre.Merçi commeme pour ton aide
Fish66
Messages postés
17505
Date d'inscription
dimanche 24 juillet 2011
Statut
Contributeur sécurité
Dernière intervention
16 juin 2021
1 318
6 mars 2012 à 19:26
6 mars 2012 à 19:26
Re,
Quel est le problème exactement ? je peux encore t'aider :-)
@+
Quel est le problème exactement ? je peux encore t'aider :-)
@+
Afabus
Messages postés
9
Date d'inscription
lundi 5 mars 2012
Statut
Membre
Dernière intervention
6 mars 2012
6 mars 2012 à 23:57
6 mars 2012 à 23:57
Sayé j'ai déjà solutionné le problème,mon pc marche très très bien.
Merci pour votre Aide.
Merci pour votre Aide.