buckhulk
Participant
Nombre d'articles : 2398

Tu as deux antivirus , c’est pas bon !
pour supprimer Trend Micro : c’est ICI
pour supprimer Avast : C’est ICI

Il faut que tu en choisisses un seul !

Bon je te fais un script , après l’avoir passé , tu me referas un ZHPDiag pour vérification OK ??

  • Séléctionne et copie le script suivant :

    Script ZHPFix
    ShortcutFix
    G0 - GCSP: Preference [User DataDefault][HomePage] http://search.babylon.com =>PUP.Babylon
    G1 - GCS: Preference [User DataDefault] None => Google Chrome, Aucune page de recherche
    G0 - GCSP: Preference [User DataDefault][HomePage] 1A61EA23780A6481F7F27CF12C44507AD220C6CE2886FEA00ED4621C3CD3D450 =>PUP.Babylon
    G2 - GCE: Preference [User DataDefault] [ffhfoagmjcnkolneahbpagjcjjaeofbg] Browsers Apps v.1.26.23, (Désactivé) =>PUP.CrossRider
    G2 - GCE: Preference [User DataDefault] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick start v.4.5.8, (Désactivé) =>PUP.QuickStart
    P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:Program Files (x86)Pando NetworksMedia BoosternpPandoWebPlugin.dll
    R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 0 => Internet Explorer Proxy HTTP1.1 Disabled
    O2 - BHO: (no name) [64Bits] - {11111111-1111-1111-1111-110611171187} Clé orpheline => Infection PUP (PUP.CrossRider)
    O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:Program Files (x86)MicrosoftBingBarBingExt.dll" (.not file.) =>Toolbar.Bing
    O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.) => Toolbar.Avast
    O4 - HKCU..Run: [Akamai NetSession Interface] C:UsersEstelleAppDataLocalAkamainetsession_win.exe (.not file.)
    O4 - HKCU..Run: [{3E75652D-99B1-417E-B163-BEF33CAD3F16}] . (.Riot Games - This installer database contains the logic.) -- C:UsersEstelleDownloadsLeagueofLegends_EUW_Installer_06_12_13.exe
    O4 - HKCU..Run: [VirtualBrowseAloud] C:UsersEstelleDownloadsBrowsealoud.exe (.not file.) => Fichier absent
    OPT:O4 - HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:Program Files (x86)QuickTimeQTTask.exe
    OPT:O4 - HKLM..Wow6432NodeRun: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:Program Files (x86)iTunesiTunesHelper.exe
    O4 - HKUSS-1-5-21-425735600-932969765-193987402-1001..Run: [Akamai NetSession Interface] C:UsersEstelleAppDataLocalAkamainetsession_win.exe (.not file.)
    O4 - HKUSS-1-5-21-425735600-932969765-193987402-1001..Run: [{3E75652D-99B1-417E-B163-BEF33CAD3F16}] . (.Riot Games - This installer database contains the logic.) -- C:UsersEstelleDownloadsLeagueofLegends_EUW_Installer_06_12_13.exe
    O4 - HKUSS-1-5-21-425735600-932969765-193987402-1001..Run: [VirtualBrowseAloud] C:UsersEstelleDownloadsBrowsealoud.exe (.not file.) => Fichier absent
    OPT:O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:Program FilesBonjourmDNSResponder.exe
    [MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001Core] (...) -- C:UsersEstelleAppDataLocalFacebookUpdateFacebookUpdate.exe (.not file.) [0] => Facebook Update Task User
    [MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001UA] (...) -- C:UsersEstelleAppDataLocalFacebookUpdateFacebookUpdate.exe (.not file.) [0] => Facebook Update Task User
    [MD5.00000000000000000000000000000000] [APT] [temp_b4fe3039-bd40-4a78-8eb2-f21dbb71f3bc] (...) -- C:Program Files (x86)Browsers Appsb4fe3039-bd40-4a78-8eb2-f21dbb71f3bc.exe (.not file.) [0] =>PUP.CrossRider
    [MD5.081BBC081C1EF0AA809C15D483F7CF9F] [APT] [{5F1F6420-28BD-40B4-97F8-0DA10AC8AF49}] (.Naturalsoft limited.) -- C:UsersEstelleDownloadsstandardsetup.exe [19099064]
    [MD5.00000000000000000000000000000000] [APT] [{8ACE9BF7-B01C-403F-8CB4-C4AB4749773E}] (...) -- C:UsersEstelleDesktopTerraria.exe (.not file.) [0] => Fichier absent
    O39 - APT: FacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001Core - (...) -- C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001Core.job [914] => Facebook Update Task User
    O39 - APT: FacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001Core - (...) -- C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001Core [914] => Facebook Update Task User
    O39 - APT: FacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001UA - (...) -- C:WindowsTasksFacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001UA.job [936] => Facebook Update Task User
    O39 - APT: FacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001UA - (...) -- C:WindowsSystem32TasksFacebookUpdateTaskUserS-1-5-21-425735600-932969765-193987402-1001UA [936] => Facebook Update Task User
    O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {449CE12D-E2C7-4B97-B19E-55D163EA9435} =>Toolbar.Bing
    O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {D18E9DB2-AC98-4399-8878-C1059403144D} =>Adware.IMBooster
    O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan => McAfee, Inc
    O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E} => P2P.Pando*
    [HKCUSoftwareIncrediMail] => Messaging.Incredimail
    [HKCUSoftwareMCAFEE]
    [HKCUSoftwarePando Networks] => P2P.Pando
    [HKCUSoftwareeMule 0.50a] => P2P.eMule
    [HKCUSoftwareeMule Plus 1.2e] => P2P.eMule
    [HKLMSoftwareWow6432NodePando Networks] => P2P.Pando
    [HKLMSoftwareWow6432Nodef235e5aa-e898-4e7a-b1e5-bd2edf6bf078]
    O43 - CFD: 04/09/2014 - 08:24:10 - [] ----D C:Program Files (x86)McAfee Security Scan => McAfee, Inc
    O43 - CFD: 23/04/2014 - 18:32:00 - [] ----D C:Program Files (x86)Pando Networks => P2P.Pando
    O43 - CFD: 04/09/2014 - 08:17:29 - [] ----D C:Program Files (x86)Spybot - Search & Destroy => Safer Networking Ltd - Spybot S&D
    O43 - CFD: 03/09/2014 - 14:22:36 - [0] ----D C:ProgramDataeMule => P2P.eMule
    O43 - CFD: 04/09/2014 - 08:24:11 - [] ----D C:ProgramDataMcAfee
    O43 - CFD: 04/09/2014 - 08:24:12 - [] ----D C:ProgramDataMcAfee Security Scan => McAfee, Inc
    O43 - CFD: 02/07/2014 - 15:48:34 - [] ----D C:ProgramDataPMB Files =>P2P.Pando
    O43 - CFD: 04/09/2014 - 08:22:01 - [] ----D C:ProgramDataSpybot - Search & Destroy => Safer Networking Ltd - Spybot S&D
    O43 - CFD: 03/09/2014 - 14:22:37 - [] ----D C:UsersEstelleAppDataLocaleMule => P2P.eMule
    O43 - CFD: 20/08/2014 - 15:03:26 - [] ----D C:UsersEstelleAppDataLocalPMB Files =>P2P.Pando
    O90 - PUC: "2BD9E81D89CA993488871C50493041D4" . (.Iminent.) -- C:WindowsInstaller{D18E9DB2-AC98-4399-8878-C1059403144D}imbooster.ico =>Adware.IMBooster
    O90 - PUC: "D21EC9447C2E79B41BE9551D36AE4953" . (.Bing Bar.) -- C:WindowsInstaller{449CE12D-E2C7-4B97-B19E-55D163EA9435}icon_installer_ico =>Toolbar.Bing
    [MD5.7392F668FE327921951BD45F0B733950] [WIS][01/04/2011] (.Microsoft Corporation - Bing Bar.) -- C:WindowsInstaller1362fb.msi [4556800] =>Toolbar.Bing
    [MD5.9FE4DD679E62F2CA0E17D47E5D8E917B] [WIS][07/07/2012] (.Iminent - Iminent.) -- C:WindowsInstaller44e037.msi [8736768] =>Adware.IMBooster
    HKLMSOFTWAREMicrosoftTracingDomaIQ10_RASAPI32 =>Adware.DomaIQ
    HKLMSOFTWAREMicrosoftTracingDomaIQ10_RASMANCS =>Adware.DomaIQ
    HKLMSOFTWAREWow6432NodeMicrosoftTracingBingBar_RASAPI32 =>Toolbar.Bing
    HKLMSOFTWAREWow6432NodeMicrosoftTracingemule_RASAPI32 =>P2P.eMule
    HKLMSOFTWAREWow6432NodeMicrosoftTracingemule_RASMANCS =>P2P.eMule
    HKLMSOFTWAREWow6432NodeMicrosoftTracingfreeSoftToday_widget_RASAPI32 =>Adware.FreeSoftToday
    HKLMSOFTWAREWow6432NodeMicrosoftTracingfreeSoftToday_widget_RASMANCS =>Adware.FreeSoftToday
    HKLMSOFTWAREWow6432NodeMicrosoftTracinglly_istartsurf_RASAPI32 =>PUP.IsStart
    HKLMSOFTWAREWow6432NodeMicrosoftTracinglly_istartsurf_RASMANCS =>PUP.IsStart
    HKLMSOFTWAREWow6432NodeMicrosoftTracingQtraxInstaller_RASAPI32 =>P2P.Qtrax
    HKLMSOFTWAREWow6432NodeMicrosoftTracingQtraxInstaller_RASMANCS =>P2P.Qtrax
    HKLMSOFTWAREWow6432NodeMicrosoftTracingupfst_fr_354_RASAPI32 =>Adware.FreeSoftToday
    HKLMSOFTWAREWow6432NodeMicrosoftTracingupfst_fr_354_RASMANCS =>Adware.FreeSoftToday
    HKLMSOFTWAREWow6432NodeMicrosoftTracingupt4pc_fr_33_RASAPI32 =>PUP.Eorezo
    HKLMSOFTWAREWow6432NodeMicrosoftTracingupt4pc_fr_33_RASMANCS =>PUP.Eorezo
    HKLMSOFTWAREWow6432NodeMicrosoftTracingYontooSetup-S-1B14_RASAPI32 =>Adware.Yontoo
    HKLMSOFTWAREWow6432NodeMicrosoftTracingYontooSetup-S-1B14_RASMANCS =>Adware.Yontoo
    SS - | Demand 01/04/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:Program Files (x86)MicrosoftBingBarBBSvc.exe =>Toolbar.Bing
    SS - | Demand 05/09/2012 234776 | (McComponentHostService) . (.McAfee, Inc..) - C:Program Files (x86)McAfee Security Scan3.0.285McCHSvc.exe => McAfee, Inc
    OPT:SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:Program FilesBonjourmDNSResponder.exe
    SR - | Auto 28/03/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:Program Files (x86)MicrosoftBingBarSeaPort.exe =>Toolbar.Bing
    [HKLMSoftwareGoogleChromeExtensionsffhfoagmjcnkolneahbpagjcjjaeofbg] =>PUP.CrossRider^
    [HKLMSoftwareGoogleChromeExtensionspelmeidfhdlhlbjimpabfcbnnojbboma] =>PUP.QuickStart^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] =>Toolbar.Bing^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{449CE12D-E2C7-4B97-B19E-55D163EA9435}] =>Toolbar.Bing^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{D18E9DB2-AC98-4399-8878-C1059403144D}] =>Adware.IMBooster^
    [HKLMSoftwareWow6432NodeMicrosoftTracingBingBar_RASAPI32] =>Toolbar.Bing
    [HKLMSoftwareClassesInstallerFeatures2BD9E81D89CA993488871C50493041D4] =>Adware.IMBooster
    [HKLMSoftwareClassesInstallerProducts2BD9E81D89CA993488871C50493041D4] =>Adware.IMBooster
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products2BD9E81D89CA993488871C50493041D4] =>Adware.IMBooster
    [HKLMSoftwareWow6432NodeClassesInstallerFeatures2BD9E81D89CA993488871C50493041D4] =>Adware.IMBooster
    [HKLMSoftwareWow6432NodeClassesInstallerProducts2BD9E81D89CA993488871C50493041D4] =>Adware.IMBooster
    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionUninstall{D18E9DB2-AC98-4399-8878-C1059403144D}] =>Adware.IMBooster
    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExtPreApproved{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
    [HKLMSoftwareWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{11111111-1111-1111-1111-110611171187}] =>PUP.CrossRider
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
    [HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
    C:UsersEstelleAppDataLocalGoogleChromeUser DataDefaultExtensionsffhfoagmjcnkolneahbpagjcjjaeofbg =>PUP.CrossRider^
    C:UsersEstelleAppDataLocalGoogleChromeUser DataDefaultExtensionspelmeidfhdlhlbjimpabfcbnnojbboma =>PUP.QuickStart^
    C:ProgramDataPMB Files =>P2P.Pando^
    C:UsersEstelleAppDataLocalPMB Files =>P2P.Pando^
    C:WindowsInstaller1362fb.msi =>Toolbar.Bing^
    C:WindowsInstaller44e037.msi =>Adware.IMBooster^
    ProxyFix
    EmptyPrefetch
    EmptyFlash
    SysRestore
    FirewallRAZ
    EmptyTemp

  • Lances ZHPFix, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista

    1. Clique sur Importer
    2. Les lignes précedemment copiées doivent être collées dans le cadre
    3. Si c’est le cas, Clic sur “GO


    exemple :

  • Confirmes les nettoyages des données en cliquant sur “Oui
  • Une fois le scan terminé rends toi sur le bureau, le fichier ZHPFixReport à été crée.
  • Héberge le rapport ZHPFixReport sur SosUpload, puis copie/colle le lien fourni dans ta prochaine réponse.

:merci2: