Bonjour,
Voici le rapport du Pc de votre fille : très infectés
ZHPFix ne sert pas à scanner, mais à supprimé les infections
tu suis bien mais instruction ci-dessous et surtout n'essai pas les autres fonctions
télécharge ZHPFix 1.12.32
Voici le lien : http://telechargement.zebulon.fr/zhpfix.html
une fois installer tu clic sur l'icône > une fenêtre vas s'ouvrir > tu sélectionne les ligne en rouge ci-dessous puis copier et clic sur l'icône coller presse papier a coter de l’icône appareil photo et tu clic sur ok > un fois finit tous les passe, tu refait un scanne avec ZHPdiag et tu le met le rapport ici
Si il te demande de redémarrer, tu le feras après avoir tous supprimer
voici les infections ci-dessous : Première passe :
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe => Ludvig Strigeus%uTorrent
O4 - HKUS\S-1-5-21-1848024075-2976085690-544660173-1000\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe => Ludvig Strigeus%uTorrent
O4 - Global Startup: C:\Users\lara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM] -- uTorrent => µTorrent PeerToPeer
[HKCU\Software\BitTorrent] => Bittorent PeerToPeer
O43 - CFD: 13/09/2012 - 18:46:18 - [0,855] ----D C:\Program Files\uTorrent => µTorrent PeerToPeer
O43 - CFD: 19/09/2012 - 20:27:04 - [1,637] ----D C:\Users\lara\AppData\Roaming\uTorrent => µTorrent PeerToPeer
O87 - FAEL: "{F04A887E-0902-45AE-9C52-6EF9F2D4907D}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "{FB9696CD-CF10-4500-B45F-4B3536578B97}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
O2 - BHO: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} Clé orpheline => Toolbar.Conduit
O3 - Toolbar: (no name) - [HKLM]{4daac69c-cba7-45e2-9bc8-1044483d3352} . (...) -- (.not file.) => Toolbar.Conduit
O3 - Toolbar: (no name) - [HKLM]{30F9B915-B755-4826-820B-08FBA6BD249D} . (...) -- (.not file.) => Toolbar.Conduit
O3 - Toolbar: (no name) - [HKLM]{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (...) -- (.not file.) => Toolbar.Conduit
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine => Toolbar.Conduit
O42 - Logiciel: Softonic_France Toolbar - (.Softonic_France.) [HKLM] -- Softonic_France Toolbar => Toolbar.Conduit
O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM] -- uTorrentBar_FR Toolbar => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] => Toolbar.Conduit
voici les infections ci-dessous : Deuxième passe :
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Conduit] => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Smartbar] => Toolbar.Agent
[HKCU\Software\AppDataLow\Software\Softonic_France] => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine] => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] => Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar] => Toolbar.Conduit
[HKCU\Software\SweetIM] => Toolbar.SweetIM
[HKLM\Software\Conduit] => Toolbar.Conduit
[HKLM\Software\Softonic_France] => Toolbar.Conduit
[HKLM\Software\SweetIM] => Toolbar.SweetIM
[HKLM\Software\uTorrentBar_FR] => Toolbar.Conduit
O43 - CFD: 18/09/2012 - 14:25:06 - [0] ----D C:\ProgramData\Software => Toolbar.Agent
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com => Toolbar.Babylon
O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - (MyStart Search) - http://mystart.incredibar.com => Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] => Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] => Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}] => Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] => Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847}] => Toolbar.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine] => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Softonic_France] => Toolbar.Conduit
[HKCU\Software\SweetIM] => Toolbar.SweetIM
[HKCU\Software\AppDataLow\Toolbar] => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] => Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2851639]
voici les infections ci-dessous : Troisième passe :
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: (no name) - {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} Clé orpheline
O3 - Toolbar: (no name) - [HKLM]{D0F4A166-B8D4-48b8-9D63-80849FE137CB} . (...) -- (.not file.)
O42 - Logiciel: Complitly - (.Complitly.) [HKLM] -- {4FFBB818-B13C-11E0-931D-B2664824019B}_is1
[HKLM\Software\Boonty] => Boonty Game
O43 - CFD: 02/07/2011 - 18:51:02 - [0,009] ----D C:\Program Files\BoontyGames => Boonty Game
O43 - CFD: 09/07/2012 - 20:40:53 - [0] ----D C:\Users\lara\AppData\Local\{01EDA123-09B7-4DF0-9640-BB12455B5BF5}
O43 - CFD: 13/08/2012 - 12:14:26 - [0] ----D C:\Users\lara\AppData\Local\{051FD039-2611-4306-9A7D-A7DCE65A6009}
O43 - CFD: 19/07/2012 - 22:59:08 - [0] ----D C:\Users\lara\AppData\Local\{06BF3B4F-C736-4D38-9FBB-7FA0A4DEA256}
O43 - CFD: 15/09/2012 - 22:54:23 - [0] ----D C:\Users\lara\AppData\Local\{0B8D7212-BB77-4F21-96E8-E57BEE6C8515}
O43 - CFD: 16/08/2012 - 11:17:41 - [0] ----D C:\Users\lara\AppData\Local\{0C3E726A-8EBF-4BD5-B1D2-BAA6A9C0C234}
O43 - CFD: 07/08/2012 - 10:18:44 - [0] ----D C:\Users\lara\AppData\Local\{0E5E5D4B-7B15-4D12-BA3B-C59570FAC121}
O43 - CFD: 13/07/2012 - 12:02:12 - [0] ----D C:\Users\lara\AppData\Local\{0E8B19BE-0C11-42C8-B654-5AAD197BF7BF}
O43 - CFD: 04/09/2012 - 21:06:42 - [0] ----D C:\Users\lara\AppData\Local\{1247C787-C561-4CB8-A4CC-C9511B8B5513}
O43 - CFD: 29/07/2012 - 18:39:40 - [0] ----D C:\Users\lara\AppData\Local\{1527DB2A-F814-4B17-898F-03D871517648}
O43 - CFD: 27/07/2012 - 10:00:21 - [0] ----D C:\Users\lara\AppData\Local\{1689274D-BA4C-4B08-877D-9F30329D14AE}
O43 - CFD: 19/08/2012 - 23:35:49 - [0] ----D C:\Users\lara\AppData\Local\{17EE7D00-9F08-4BE2-87F9-B39D56568C08}
O43 - CFD: 11/09/2012 - 20:24:56 - [0] ----D C:\Users\lara\AppData\Local\{18179952-9F4F-4CB4-B7D6-3890EC6E764A}
O43 - CFD: 20/08/2012 - 11:36:14 - [0] ----D C:\Users\lara\AppData\Local\{1834A40A-0D00-4F58-91F4-0EC8EBC63485}
O43 - CFD: 18/07/2012 - 11:43:30 - [0] ----D C:\Users\lara\AppData\Local\{1BDF968D-D2FE-447B-86A0-65581D8AD65E}
O43 - CFD: 27/07/2012 - 10:00:37 - [0] ----D C:\Users\lara\AppData\Local\{1D83EA8A-88BA-42FF-A35A-BA143B84BEEC}
O43 - CFD: 14/07/2012 - 09:39:31 - [0] ----D C:\Users\lara\AppData\Local\{1F363F62-9A61-4EAF-B11F-4960A4B1FC04}
O43 - CFD: 12/08/2012 - 00:02:04 - [0] ----D C:\Users\lara\AppData\Local\{207070B4-DAC0-4548-A94B-5ECEE203C8D2}
O43 - CFD: 09/08/2012 - 11:56:50 - [0] ----D C:\Users\lara\AppData\Local\{212951F8-A7C2-4AEB-9D4A-86AA72812B23}
O43 - CFD: 19/09/2012 - 13:14:19 - [0] ----D C:\Users\lara\AppData\Local\{29D9CDA0-A56F-432B-AB8F-3D73CD8E7EDE}
O43 - CFD: 16/09/2012 - 10:54:48 - [0] ----D C:\Users\lara\AppData\Local\{2C5BA674-01CD-4736-8972-DFFE206AD678}
O43 - CFD: 12/07/2012 - 09:15:51 - [0] ----D C:\Users\lara\AppData\Local\{2EE2B8A6-297B-48D5-91A9-7C3F09ACC125}
O43 - CFD: 18/07/2012 - 11:43:42 - [0] ----D C:\Users\lara\AppData\Local\{32549BE7-DF24-49A2-8DF1-934141BC3BC3}
O43 - CFD: 21/07/2012 - 21:10:42 - [0] ----D C:\Users\lara\AppData\Local\{3429A90C-9309-48D1-ADB3-DA188DD106EE}
O43 - CFD: 17/08/2012 - 13:29:28 - [0] ----D C:\Users\lara\AppData\Local\{357A2F14-1841-4EDE-9B52-045151A07122}
O43 - CFD: 10/08/2012 - 12:51:43 - [0] ----D C:\Users\lara\AppData\Local\{3F13EFEC-7756-404D-8C61-BBC473A5330D}
O43 - CFD: 09/09/2012 - 20:21:39 - [0] ----D C:\Users\lara\AppData\Local\{412618FB-F5B0-446B-BD3C-2D28A7BF8D46}
O43 - CFD: 14/08/2012 - 12:49:09 - [0] ----D C:\Users\lara\AppData\Local\{4ABB4B9E-CD9E-4FD8-8FB7-D2DF468FEABA}
O43 - CFD: 20/07/2012 - 16:19:12 - [0] ----D C:\Users\lara\AppData\Local\{4D3FC7B2-4220-4193-8EE7-47385EDC3738}
O43 - CFD: 06/08/2012 - 13:18:54 - [0] ----D C:\Users\lara\AppData\Local\{4DDB6DDD-CA53-40E6-87BB-53E55A7C990C}
O43 - CFD: 22/07/2012 - 13:15:51 - [0] ----D C:\Users\lara\AppData\Local\{4E8C3262-4E2B-46DE-8BBC-8059778CADF7}
O43 - CFD: 29/07/2012 - 18:53:18 - [0] ----D C:\Users\lara\AppData\Local\{4EA22E45-358A-4EBF-A31B-DA2B9498742B}
O43 - CFD: 20/07/2012 - 16:19:23 - [0] ----D C:\Users\lara\AppData\Local\{5028194E-8A09-4AB4-ADA7-D0A17CD128BE}
O43 - CFD: 25/07/2012 - 12:40:33 - [0] ----D C:\Users\lara\AppData\Local\{503EB929-A3AD-47F6-BBCC-6E75CBEE2AA6}
O43 - CFD: 13/08/2012 - 12:14:09 - [0] ----D C:\Users\lara\AppData\Local\{52DB263D-32A3-4C93-9551-4D2D77831FC6}
O43 - CFD: 19/08/2012 - 09:09:50 - [0] ----D C:\Users\lara\AppData\Local\{55FC2066-E68C-4275-BF97-36594411AD9D}
O43 - CFD: 19/07/2012 - 10:49:17 - [0] ----D C:\Users\lara\AppData\Local\{5C0F47BD-E359-469B-A2EE-B6A7B5837318}
O43 - CFD: 10/07/2012 - 20:09:34 - [0] ----D C:\Users\lara\AppData\Local\{5D798612-EA33-493E-9E32-4E5D7B18A0B8}
O43 - CFD: 15/08/2012 - 10:15:04 - [0] ----D C:\Users\lara\AppData\Local\{653F738B-B1E7-4444-8878-6643A90F7E64}
O43 - CFD: 31/07/2012 - 11:35:45 - [0] ----D C:\Users\lara\AppData\Local\{67749667-7FAE-4361-AAA6-3357063A1C4C}
O43 - CFD: 19/07/2012 - 22:59:35 - [0] ----D C:\Users\lara\AppData\Local\{684832E6-7728-4169-A409-648CF029F5A3}
O43 - CFD: 24/07/2012 - 11:45:13 - [0] ----D C:\Users\lara\AppData\Local\{69B02AE1-CA1A-47E3-BC0D-48CAAF267FC4}
O43 - CFD: 12/08/2012 - 00:02:15 - [0] ----D C:\Users\lara\AppData\Local\{6EEEA77E-DEFE-4C5D-B87E-294154C1E273}
O43 - CFD: 10/09/2012 - 14:38:15 - [0] ----D C:\Users\lara\AppData\Local\{711D4373-2E8C-4FE3-B838-E3D22A4CD97C}
O43 - CFD: 21/08/2012 - 20:06:58 - [0] ----D C:\Users\lara\AppData\Local\{73FF20F1-C3C1-48B4-9EB9-F17ECCA95992}
O43 - CFD: 07/08/2012 - 10:18:58 - [0] ----D C:\Users\lara\AppData\Local\{75A5ACD3-4AC6-4C45-A346-26DCF2BE03E1}
O43 - CFD: 06/08/2012 - 13:19:05 - [0] ----D C:\Users\lara\AppData\Local\{7A3CE96C-ED49-4E0A-A1B7-035C30390A81}
O43 - CFD: 06/09/2012 - 10:45:48 - [0] ----D C:\Users\lara\AppData\Local\{7DCC93A3-6BBE-4701-B426-6A5DCBDAB6E0}
O43 - CFD: 02/08/2012 - 15:19:34 - [0] ----D C:\Users\lara\AppData\Local\{8524C4AF-FF6C-418C-B3A4-077518451347}
O43 - CFD: 08/09/2012 - 20:20:57 - [0] ----D C:\Users\lara\AppData\Local\{8C23E6F4-42F7-4470-8D5A-7CA1D33DFBD0}
O43 - CFD: 26/07/2012 - 13:13:57 - [0] ----D C:\Users\lara\AppData\Local\{8D82D2D5-95D4-4647-A051-99FF9A5F478A}
O43 - CFD: 26/08/2012 - 21:42:56 - [0] ----D C:\Users\lara\AppData\Local\{8FBD1414-7758-43E8-9CD0-FFD3082E72C4}
O43 - CFD: 15/08/2012 - 10:15:18 - [0] ----D C:\Users\lara\AppData\Local\{902BCEDE-15B5-48C5-A6C3-F4AC759CE695}
O43 - CFD: 26/07/2012 - 13:13:45 - [0] ----D C:\Users\lara\AppData\Local\{933E01AA-8405-4CE7-A6FD-BE6844EE2838}
O43 - CFD: 05/08/2012 - 16:46:01 - [0] ----D C:\Users\lara\AppData\Local\{94C61D93-684A-4C7F-816C-89CD9194CE2A}
O43 - CFD: 09/08/2012 - 11:56:38 - [0] ----D C:\Users\lara\AppData\Local\{958C9511-6453-4DF4-87E6-E720589BD6E2}
O43 - CFD: 27/08/2012 - 10:02:48 - [0] ----D C:\Users\lara\AppData\Local\{95E95911-8C8C-4289-AF4E-A445745F05B1}
O43 - CFD: 05/08/2012 - 16:45:50 - [0] ----D C:\Users\lara\AppData\Local\{972ED08A-12DC-4A82-A257-18E5553AA612}
O43 - CFD: 17/08/2012 - 13:29:15 - [0] ----D C:\Users\lara\AppData\Local\{9734D24E-3067-4946-A51F-9CF9C9B302DA}
O43 - CFD: 18/09/2012 - 09:51:38 - [0] ----D C:\Users\lara\AppData\Local\{9AB44B34-AFA6-4D9C-BC31-DF8E2CBAE00B}
O43 - CFD: 16/09/2012 - 22:55:13 - [0] ----D C:\Users\lara\AppData\Local\{A41154C4-3C13-43F9-8994-51FDFAF184A6}
O43 - CFD: 30/07/2012 - 13:47:14 - [0] ----D C:\Users\lara\AppData\Local\{A564A5C3-63B2-4657-9F1D-A9F4B4B6B227}
O43 - CFD: 16/08/2012 - 23:24:03 - [0] ----D C:\Users\lara\AppData\Local\{A56F1C44-CF37-4B78-9126-4D2AC2CE9FD6}
O43 - CFD: 24/07/2012 - 11:45:26 - [0] ----D C:\Users\lara\AppData\Local\{ABD8F121-D2F4-4565-8FA7-651D7AFF9180}
O43 - CFD: 10/07/2012 - 20:09:45 - [0] ----D C:\Users\lara\AppData\Local\{AC1B9CE8-3656-4071-A521-D80965508359}
O43 - CFD: 12/08/2012 - 17:05:12 - [0] ----D C:\Users\lara\AppData\Local\{B1B15C0A-2DCD-48B4-A824-0C2EB2D455B9}
O43 - CFD: 11/07/2012 - 11:50:32 - [0] ----D C:\Users\lara\AppData\Local\{B288C264-DF95-4FA8-AF25-F455592071A5}
O43 - CFD: 07/09/2012 - 09:11:25 - [0] ----D C:\Users\lara\AppData\Local\{B3321DD0-BC8F-4BA5-AC5E-51C0BCC55A7C}
O43 - CFD: 11/08/2012 - 12:01:37 - [0] ----D C:\Users\lara\AppData\Local\{B3ABB60F-2BBA-48F4-A595-B33AC4B4C17B}
O43 - CFD: 05/09/2012 - 22:45:24 - [0] ----D C:\Users\lara\AppData\Local\{B6EEE095-50B5-4DFD-AE0B-D7E287A38F6E}
O43 - CFD: 17/09/2012 - 10:55:41 - [0] ----D C:\Users\lara\AppData\Local\{B8398C86-F950-46EB-90FE-D16144CB8BCE}
O43 - CFD: 14/09/2012 - 21:49:54 - [0] ----D C:\Users\lara\AppData\Local\{BAA134BA-617D-4C85-BDDC-A3210C283704}
O43 - CFD: 08/09/2012 - 08:20:45 - [0] ----D C:\Users\lara\AppData\Local\{BAB1923F-182E-454F-8156-4E34BF04133F}
O43 - CFD: 31/07/2012 - 18:00:20 - [0] ----D C:\Users\lara\AppData\Local\{BB6AF8FA-56E1-4370-A8D9-8112018E2C03}
O43 - CFD: 22/07/2012 - 13:15:39 - [0] ----D C:\Users\lara\AppData\Local\{BE91F190-DA9A-41E6-862D-3801F1A565D1}
O43 - CFD: 18/08/2012 - 09:12:50 - [0] ----D C:\Users\lara\AppData\Local\{BFF401F9-13E6-4766-8D32-1F7905CB816B}
O43 - CFD: 11/08/2012 - 12:01:25 - [0] ----D C:\Users\lara\AppData\Local\{C03A94BD-8447-4FAD-9FB7-13081B9D67CA}
O43 - CFD: 16/08/2012 - 23:23:52 - [0] ----D C:\Users\lara\AppData\Local\{C291D9CF-ED35-4A9E-9B2D-56F8D7097D97}
O43 - CFD: 11/07/2012 - 11:50:47 - [0] ----D C:\Users\lara\AppData\Local\{C3B3FD87-97A8-4533-B425-EA922F7C88E0}
O43 - CFD: 25/07/2012 - 12:40:22 - [0] ----D C:\Users\lara\AppData\Local\{C8C4BFFE-DEFC-4C5A-9CB7-82CDE7A8267A}
O43 - CFD: 21/08/2012 - 08:06:46 - [0] ----D C:\Users\lara\AppData\Local\{CAD5B56A-B3B7-4AAC-9C8B-B20874E5738F}
O43 - CFD: 12/08/2012 - 17:05:01 - [0] ----D C:\Users\lara\AppData\Local\{CF967FBB-A2B5-48A9-AFAB-5BF5725390FF}
O43 - CFD: 21/07/2012 - 21:10:54 - [0] ----D C:\Users\lara\AppData\Local\{D69DF242-2F5E-4C97-B917-431FCDA09FF5}
O43 - CFD: 05/09/2012 - 10:44:59 - [0] ----D C:\Users\lara\AppData\Local\{DE83D92B-5D96-4052-9FC0-EA12A070BF9F}
O43 - CFD: 14/08/2012 - 12:49:21 - [0] ----D C:\Users\lara\AppData\Local\{E01DCEAF-FF10-4121-885F-D4A2C09C95D1}
O43 - CFD: 22/08/2012 - 18:54:10 - [0] ----D C:\Users\lara\AppData\Local\{E45D7039-DA9A-4E5C-955D-FC29440C1FB3}
O43 - CFD: 13/07/2012 - 12:02:28 - [0] ----D C:\Users\lara\AppData\Local\{E9C84334-C770-4BCF-9E75-801D4FFB7925}
O43 - CFD: 13/09/2012 - 08:32:23 - [0] ----D C:\Users\lara\AppData\Local\{EC5E9E5E-77DB-480D-98D3-C49D11B191FE}
O43 - CFD: 23/08/2012 - 19:05:15 - [0] ----D C:\Users\lara\AppData\Local\{F0DF3C53-6C34-4C7C-A639-7F005D45932E}
O43 - CFD: 10/08/2012 - 12:51:27 - [0] ----D C:\Users\lara\AppData\Local\{FD3B5995-635B-4238-9356-1C15CBE93744}
O43 - CFD: 09/07/2012 - 20:40:02 - [0] ----D C:\Users\lara\AppData\Local\{FD7BFC2F-1247-4926-A1F1-E24DD1E2480F}
O43 - CFD: 25/08/2012 - 12:06:22 - [0] ----D C:\Users\lara\AppData\Local\{FE32512D-2C50-4AB2-A7AA-F1F70C6AF0A7}
O43 - CFD: 18/08/2012 - 09:10:51 - [0] ----D C:\Users\lara\AppData\Local\{FEB208F5-8A28-4505-AB83-7477BDC89DFF}
O51 - MPSK:{bfc89664-125c-11e0-9e2d-00217071a723}\AutoRun\command. (...) -- F:\pokazemo\\samosvima.exe (.not file.)
O51 - MPSK:{efd5a8cc-da3b-11e1-b543-00217071a723}\AutoRun\command. (...) -- F:\laucher.exe (.not file.)
voici les infections ci-dessous : Quatrième passe :
O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} Clé orpheline => Infection BT (Adware.PredictAd)
O2 - BHO: (no name) - {1185823F-F22F-4027-80E5-4F68ACD5DE5E} Clé orpheline => Infection BT (Adware.Agent)
O2 - BHO: (no name) - {1631550F-191D-4826-B069-D9439253D926} Clé orpheline => Infection BT (Adware.PriceGong)
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} Clé orpheline => Infection BT (Toolbar.Babylon)
O2 - BHO: (no name) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Clé orpheline => Infection PUP (PUP.DealPly)
O42 - Logiciel: 2YourFace 1.0 - (.2YourFace.com.) [HKLM] -- 2YourFace => Infection BT (Adware.Agent)
O42 - Logiciel: DealPly - (.DealPly Technologies Ltd.) [HKLM] -- DealPly => Infection PUP (PUP.DealPly)
O42 - Logiciel: PriceGong 2.6.1 - (.PriceGong.) [HKLM] -- PriceGong => Infection BT (Adware.PriceGong)
[HKCU\Software\AppDataLow\Software\PriceGong] => Infection BT (Adware.PriceGong)
[HKCU\Software\iMesh] => Infection PUP (PUP.iMesh)
[HKLM\Software\Babylon] => Infection BT (Toolbar.Babylon)
[HKLM\Software\Boxore] => Infection Diverse (Spyware.Boxore)
[HKLM\Software\OfferBox] => Infection PUP (PUP.OfferBox)
O43 - CFD: 03/02/2012 - 19:05:40 - [4,371] ----D C:\Program Files\iMesh Applications => Infection PUP (PUP.iMesh)
O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (.iMesh, Inc - Data Manager.) -- C:\Program Files\iMesh Applications\MediaBar\Datamngr\datamngrUI.exe => Infection PUP (PUP.iMesh)
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - http://dts.search-results.com => Infection PUP (Adware.Bandoo)
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] => Infection BT (Adware.MyWebSearch)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] => Infection BT (Adware.PredictAd)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] => Infection BT (Adware.PredictAd)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}] => Infection BT (Adware.Agent)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1185823F-F22F-4027-80E5-4F68ACD5DE5E}] => Infection BT (Adware.Agent)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}] => Infection BT (Adware.PriceGong)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}] => Infection BT (Adware.PriceGong)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] => Infection PUP (PUP.iMesh)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-e3f9-4ed7-860c-11e69af4a8a0}] => Infection PUP (PUP.iMesh)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] => Infection BT (Toolbar.Babylon)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] => Infection BT (Toolbar.Babylon)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] => Infection BT (Adware.Bandoo)
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] => Infection PUP (Adware.Bandoo)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] => Infection PUP (PUP.DealPly)
[HKCU\Software\iMesh] => Infection PUP (PUP.iMesh)
[HKCU\Software\AppDataLow\Software\PriceGong] => Infection BT (Adware.PriceGong)
[HKLM\Software\Classes\Toolbar.CT2542115]
C:\Program Files\iMesh Applications => Infection PUP (PUP.iMesh)
Le logiciel ci-dessous vas supprimer les malwares
Télécharge le logiciel AdwCleaner Version:1.703
Voici le lien ci-dessous :
http://general-changelog-team.fr/fr/d ... ls-de-xplode/2-adwcleaner
une fois télécharger tu met le logiciel sur le bureau et clic sur l'icône, une fois installait clic sur supprimer
refait un scanne avec ZHPDiag
tiens-nous infomés
anthony0371 @ Plus