Vous pensez être infecté, des pubs s'affichent quand vous naviguez sur internet ?
Perte de données, ralentissement système, virus USB ?
Désinfectez votre ordinateur gratuitement !
  • Avatar du membre
  • Avatar du membre
Avatar du membre
par El Desaparecido
#12528
  • Séléctionne et copie le script suivant :
    Script ZHPFix
    G2 - GCE: Preference [User Data\Default] [cnmdgidklhhnmppphpohildcefnaaflp] Services x86 v.1.25.141, (Activé) =>PUP.CrossRider
    G2 - GCE: Preference [User Data\Default] [dbknnmebcajacipdbplichlbfjbjamlf] Facemoi v.2.3.0 (Désactivé) =>PUP.Facemoi
    G2 - GCE: Preference [User Data\Default] [dhkplhfnhceodhffomolpfigojocbpcb] Babylon Toolbar v.1.7 (Désactivé) =>Toolbar.Babylon
    G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.1 (Désactivé) =>Toolbar.DeltaSearch
    G2 - GCE: Preference [User Data\Default] [gaiilaahiahdejapggenmdmafpmbipje] DealPly v.3.3.7.2 (Désactivé) =>PUP.DealPly
    G2 - GCE: Preference [User Data\Default] [igdhbblpcellaljokkpfhcjlagemhgjl] Iminent v.4.43.0 (Désactivé) =>Adware.IMBooster
    G2 - GCE: Preference [User Data\Default] [bbjciahceamgodcoidkjpchnokgfpphh] Funmoods v.2.1.3 (Désactivé) =>PUP.Funmoods
    G2 - GCE: Preference [User Data\Default] [bdhffggcfjnkigeciffmipblemhphbjl] WhiteSmoke US v.2.3.15.10 (Désactivé) =>PUP.WhiteSmoke
    M2 - MFEP: prefs.js [audrey - xspioyw9.default\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com] [] Services x86 v (..) =>PUP.CrossRider
    M2 - MFEP: prefs.js [audrey - xspioyw9.default\zulagames@ZulaGames.com] [] Zula Games v1.0.0.6 (..) =>Adware.InstallBrain
    R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> =>Hijacker.Proxy
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
    O4 - GS\Program [Public]: Moovida.lnk . (...) -- C:\Program Files (x86)\Fluendo\Moovida\Moovida.exe (.not file.) =>Adware.SPointer
    [MD5.00000000000000000000000000000000] [APT] [{D1A3AD3D-BE56-474D-9B14-3B13CA5C6DC2}] (...) -- C:\Users\audrey\Downloads\Facemoods-setup.exe (.not file.) [0] =>Adware.Facemoods
    [MD5.9C77FDFE61DD216C0D33AA4E588FB590] [APT] [{EADB6B84-867D-499A-A1DC-1F6D3259E10D}] (.qbnut.com.) -- C:\Users\audrey\Downloads\TSO-BETA-2-Win32-Build63.exe [1866499]
    [HKCU\Software\Titan.fr]
    [HKCU\Software\qbnut]
    [HKLM\Software\Wow6432Node\MajEoRezo] =>PUP.Eorezo
    [HKLM\Software\Wow6432Node\ResultBrowser]
    [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
    O43 - CFD: 30/11/2012 - 20:18:32 - [0] ----D C:\Program Files (x86)\majeorezo =>PUP.Eorezo
    O43 - CFD: 30/11/2012 - 20:18:38 - [4,385] ----D C:\Program Files (x86)\majeorezo_fr_3 =>PUP.Eorezo
    O43 - CFD: 30/11/2012 - 20:18:24 - [4,383] ----D C:\Program Files (x86)\majpctuto_fr_6 =>PUP.AgenceExclusive
    O53 - SMSR:HKLM\...\startupreg\eorezo_fr_3 [Key] . (...) -- C:\Program Files (x86)\majeorezo_fr_3\eorezo_fr_3.exe =>PUP.Eorezo
    O53 - SMSR:HKLM\...\startupreg\Facemoi [Key] . (...) -- C:\Facemoi\facemoi.exe (.not file.) =>PUP.Facemoi
    O53 - SMSR:HKLM\...\startupreg\facemoods [Key] . (...) -- C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.1\facemoodssrv.exe (.not file.) =>Adware.Facemoods
    O53 - SMSR:HKLM\...\startupreg\GM4IE [Key] . (...) -- C:\Facemoi\facemoi.exe (.not file.) =>PUP.Facemoi
    O53 - SMSR:HKLM\...\startupreg\Iminent [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
    O53 - SMSR:HKLM\...\startupreg\IminentMessenger [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
    O53 - SMSR:HKLM\...\startupreg\pctuto_fr_6 [Key] . (...) -- C:\Program Files (x86)\majpctuto_fr_6\pctuto_fr_6.exe =>PUP.AgenceExclusive
    O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (...) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (.not file.) =>PUP.SweetIM
    O53 - SMSR:HKLM\...\startupreg\Tutorials [Key] . (...) -- C:\Program Files (x86)\Tuto4pc\tuto4pc.exe (.not file.) =>PUP.Eorezo
    O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
    O87 - FAEL: "{B8DF363A-97A4-4E3C-8C3B-E3724053C269}" |In - Public - P6 - TRUE | .(...) -- C:\Users\audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M3V857SX\Facemoods[1].exe (.not file.) =>Adware.Facemoods
    O87 - FAEL: "{CD3E586E-9F67-429C-9B26-C844C15332DC}" |In - Public - P17 - TRUE | .(...) -- C:\Users\audrey\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M3V857SX\Facemoods[1].exe (.not file.) =>Adware.Facemoods
    O87 - FAEL: "{C6130922-661A-4BDD-A7CF-A4FD8334747D}" |In - Public - P6 - TRUE | .(...) -- C:\Users\audrey\Downloads\SweetImSetup.exe (.not file.) =>PUP.SweetIM
    O87 - FAEL: "{BD8E7BDA-B38A-40AB-8425-017FFB729762}" |In - Public - P17 - TRUE | .(...) -- C:\Users\audrey\Downloads\SweetImSetup.exe (.not file.) =>PUP.SweetIM
    O87 - FAEL: "{CD2389F3-5217-4990-BA8C-0BC9B06F1A5D}" |In - Public - P6 - TRUE | .(...) -- C:\Users\audrey\Downloads\SweetImSetup (1).exe (.not file.) =>PUP.SweetIM
    O87 - FAEL: "{1627BEE8-AF62-4371-B57C-878CCB0798AB}" |In - Public - P17 - TRUE | .(...) -- C:\Users\audrey\Downloads\SweetImSetup (1).exe (.not file.) =>PUP.SweetIM
    O87 - FAEL: "{0C08AA63-1835-4346-9528-477CF24A6E7B}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
    O87 - FAEL: "{79CF03D4-C662-407A-8223-4F229D11B787}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows iLivid Toolbar\ToolBar\dtUser.exe (.not file.) =>Adware.Bandoo
    O87 - FAEL: "{D20481E1-509D-4223-AE86-0E28063770CE}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
    O87 - FAEL: "{2AE03AD2-B372-4AB9-AC52-E0BFB6013190}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
    O87 - FAEL: "TCP Query User{5AE7C389-C75B-40B9-A83B-68337CA74650}C:\users\audrey\appdata\roaming\nosibay\bubble dock\bubble dock.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\audrey\appdata\roaming\nosibay\bubble dock\bubble dock.exe (.not file.) =>PUP.BubbleDock
    O87 - FAEL: "UDP Query User{6485C073-41E4-4439-BCD0-315C30FB868E}C:\users\audrey\appdata\roaming\nosibay\bubble dock\bubble dock.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\audrey\appdata\roaming\nosibay\bubble dock\bubble dock.exe (.not file.) =>PUP.BubbleDock
    O87 - FAEL: "TCP Query User{1EB5B019-FAD0-4131-BDEB-04E87F27152A}C:\users\audrey\appdata\local\mediaget2\mediaget.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\audrey\appdata\local\mediaget2\mediaget.exe (.not file.) =>PUP.MediaGet
    O87 - FAEL: "UDP Query User{0031B1B2-723E-431B-A579-381A99004AAC}C:\users\audrey\appdata\local\mediaget2\mediaget.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\audrey\appdata\local\mediaget2\mediaget.exe (.not file.) =>PUP.MediaGet
    O87 - FAEL: "{B105958F-F073-4ED6-90F8-A7F8C3E03902}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
    O87 - FAEL: "{2EC8289E-FC9E-41D1-8D51-01117D72EB8D}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
    O87 - FAEL: "{95348F9F-EE70-42A5-B4B4-15D6088CB39E}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
    O87 - FAEL: "{6F6C73E1-4D5A-4915-8056-783AD6714A3A}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
    O87 - FAEL: "{FCD059A4-A60E-40C4-9D6A-2F5F3803FB9D}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
    O87 - FAEL: "{DA62EE66-1586-49F2-B568-9C0CBD12C89F}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
    [HKLM\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh] =>PUP.Funmoods^
    [HKLM\Software\Google\Chrome\Extensions\bdhffggcfjnkigeciffmipblemhphbjl] =>PUP.WhiteSmoke^
    [HKLM\Software\Google\Chrome\Extensions\cnmdgidklhhnmppphpohildcefnaaflp] =>PUP.CrossRider^
    [HKLM\Software\Google\Chrome\Extensions\dbknnmebcajacipdbplichlbfjbjamlf] =>PUP.Facemoi^
    [HKLM\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] =>Toolbar.Babylon^
    [HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
    [HKLM\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje] =>PUP.DealPly^
    [HKLM\Software\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl] =>Adware.IMBooster^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\eorezo_fr_3] =>PUP.Eorezo^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Facemoi] =>PUP.Facemoi^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\facemoods] =>Adware.Facemoods^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\GM4IE] =>PUP.Facemoi^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Iminent] =>Adware.IMBooster^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger] =>Adware.IMBooster^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\pctuto_fr_6] =>PUP.AgenceExclusive^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>PUP.SweetIM^
    [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Tutorials] =>PUP.Eorezo^
    [HKLM\Software\Classes\Installer\Features\7324911AA745d164DB449BB751477AAD] =>PUP.SweetIM
    [HKLM\Software\Classes\Installer\Products\7324911AA745d164DB449BB751477AAD] =>PUP.SweetIM
    [HKLM\Software\Wow6432Node\Classes\Installer\Features\7324911AA745d164DB449BB751477AAD] =>PUP.SweetIM
    [HKLM\Software\Wow6432Node\Classes\Installer\Products\7324911AA745d164DB449BB751477AAD] =>PUP.SweetIM
    [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
    [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
    [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
    [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
    [HKLM\Software\Classes\Installer\Features\426EA07F14B2F674CBC9A0F751C8F351] =>PUP.SweetIM
    [HKLM\Software\Classes\Installer\Products\426EA07F14B2F674CBC9A0F751C8F351] =>PUP.SweetIM
    [HKLM\Software\Wow6432Node\Classes\Installer\Features\426EA07F14B2F674CBC9A0F751C8F351] =>PUP.SweetIM
    [HKLM\Software\Wow6432Node\Classes\Installer\Products\426EA07F14B2F674CBC9A0F751C8F351] =>PUP.SweetIM
    [HKLM\Software\Classes\Installer\Features\112C48061A10E464790A9077E221B205] =>Adware.SPointer
    [HKLM\Software\Classes\Installer\Products\112C48061A10E464790A9077E221B205] =>Adware.SPointer
    [HKLM\Software\Wow6432Node\Classes\Installer\Features\112C48061A10E464790A9077E221B205] =>Adware.SPointer
    [HKLM\Software\Wow6432Node\Classes\Installer\Products\112C48061A10E464790A9077E221B205] =>Adware.SPointer
    [HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220222702296}] =>PUP.CrossRider
    [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211701196}] =>PUP.CrossRider
    [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110211701196}] =>PUP.CrossRider
    [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
    C:\Users\audrey\AppData\Roaming\Mozilla\Firefox\Profiles\xspioyw9.default\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com =>PUP.CrossRider^
    C:\Users\audrey\AppData\Roaming\Mozilla\Firefox\Profiles\xspioyw9.default\zulagames@ZulaGames.com =>Adware.InstallBrain^
    C:\Program Files (x86)\majeorezo =>PUP.Eorezo^
    C:\Program Files (x86)\majeorezo_fr_3 =>PUP.Eorezo^
    C:\Program Files (x86)\majpctuto_fr_6 =>PUP.AgenceExclusive^
    C:\Program Files (x86)\ResultBrowser =>Adware.QuestScan
    C:\Users\audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnmdgidklhhnmppphpohildcefnaaflp =>PUP.CrossRider
    C:\Users\audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh =>PUP.Funmoods^
    C:\Users\audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdhffggcfjnkigeciffmipblemhphbjl =>PUP.WhiteSmoke^
    C:\Users\audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbknnmebcajacipdbplichlbfjbjamlf =>PUP.Facemoi^
    C:\Users\audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb =>Toolbar.Babylon^
    C:\Users\audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
    C:\Users\audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje =>PUP.DealPly^
    C:\Users\audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl =>Adware.IMBooster^
    [HKLM\Software\Wow6432Node\MajEoRezo] =>PUP.Eorezo^
    C:\Windows\Installer\21fa03.msi =>Adware.IMBooster^
    C:\Windows\Installer\21fa0a.msi =>Adware.IMBooster^
    C:\Windows\Installer\5967ffc.msi =>Adware.Boxore^
    C:\Windows\Installer\bd2449.msi =>Adware.Facemoods^
    C:\Windows\Installer\cb3568.msi =>Adware.SPointer^
    C:\Windows\Installer\dfba63.msi =>Adware.Bandoo^
    EmptyCLSID
    Emptytemp
    EmptyFlash
    Sysrestore
  • Lances ZHPFix, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
    1. Clique sur Importer
    2. Les lignes précedemment copiées doivent être collées dans le cadre
    3. Si c'est le cas, Clic sur "GO"
    Image

    Image
  • Confirmes les nettoyages des données en cliquant sur "Oui"
  • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à  été crée.
  • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.
  • Pour supprimer les outils de désinfections utilisés :
  • Télécharges Delfix sur ton Bureau.
  • Lance Delfix, exécuter en tant qu'administrateur sous Windows : 7/8 et Vista
  • Coche la case suivantes :
    • Supprimer les outils de désinfection
    • Purger la restauration système

      Image

bonsoir oki pour la fermeture je m'en charge car[…]

how to clean junk files

Hello don't use this program , it's a bullshit :)

Bonjour https://www.aht.li/3213847/AdsFix.exe b[…]

De rien Bon WE :)