* /!\ Avertissement /!\,
* ce script est seulement valable pour ce pc, en cours du nettoyage, à ne pas utiliser sur un autre pc, risque de plantage !
* Lance ZHPFix via le raccourci sur ton Bureau, l'icône est sous forme de seringue.
Clique sur « importer »
Tu vas voir apparaitre un message d'avertissement, clique sur Ok.
* * Copie ( Ctrl + C ) et colle ( Ctrl + V ) les lignes suivantes en gras dans la fenêtre de Zhpfix :
---------------------------------------------------------
Script ZHPFix
O2 - BHO: specialsavings - {938958E8-355C-49FF-92B0-53C1B87ACEA9} . (.SpecialSavings.com - ScriptHost.) -- C:\Program Files\specialsavings\ScriptHost.dll
O23 - Service: BrowserDefendert (BrowserDefendert) . (...) - C:\Documents and Settings\All Users\Application Data\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (.not file.)
O42 - Logiciel: Speed Analysis 2 - (.SpeedAnalysis.com.) [HKLM] -- Speed Analysis 2
O42 - Logiciel: specialsavings - (.SpecialSavings.com.) [HKLM] -- specialsavings
[HKCU\Software\8e8d8fe53ce410]
[HKCU\Software\BabSolution]
[HKCU\Software\FileScout]
[HKCU\Software\Iminent]
[HKCU\Software\Speed Analysis 2]
[HKCU\Software\searchqutoolbar]
[HKCU\Software\specialsavings]
[HKLM\Software\8e8d8fe53ce410] => Infection PUP (Hijacker.Eazel)
[HKLM\Software\Iminent]
[HKLM\Software\SearchquMediabarTb]
O43 - CFD: 01/07/2013 - 12:42:42 - [2,765] ----D C:\Program Files\specialsavings
O43 - CFD: 12/07/2013 - 18:17:30 - [0] ----D C:\Documents and Settings\All Users\Application Data\Babylon
O43 - CFD: 12/09/2013 - 02:20:22 - [0] ----D C:\Documents and Settings\All Users\Application Data\BrowserDefender
O43 - CFD: 21/01/2013 - 14:13:49 - [0] ----D C:\Documents and Settings\lazovitch\Application Data\searchquband
O43 - CFD: 01/07/2013 - 12:42:35 - [0,067] ----D C:\Documents and Settings\lazovitch\Application Data\SpecialSavings
O47 - AAKE:Key Export SP - "C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" [Enabled] .(...) -- C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} - (Search Results) - http://dts.search-results.com
[HKCU\Software\8e8d8fe53ce410\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll"
[HKCU\Software\8e8d8fe53ce410\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:exeName="BrowserDefender.exe"
[HKCU\Software\8e8d8fe53ce410\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:folderName="BrowserDefender"
[HKCU\Software\8e8d8fe53ce410\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\8e8d8fe53ce410\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:serviceName="BrowserDefendert"
[HKCU\Software\8e8d8fe53ce410\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:version="2.6.1339.144"
[HKCU\Software\8e8d8fe53ce410]:version="2.6.1519.190"
[HKLM\Software\8e8d8fe53ce410]:version="2.6.1519.190"
SS - | Auto 10/07/1658 0 | (BrowserDefendert) . (...) - C:\Documents and Settings\All Users\Application Data\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9}]
[HKLM\SYSTEM\CurrentControlSet\Services\BrowserDefendert]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 2]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\specialsavings]
[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}]
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}]
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}]
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}]
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}]
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}]
[HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}]
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}]
[HKLM\Software\Classes\AppID\BrowserConnection.dll]
[HKLM\Software\Classes\AppID\DNSBHO.dll]
[HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}]
[HKCU\Software\Iminent]
[HKLM\Software\Iminent]
[HKLM\Software\SearchquMediabarTb]
[HKCU\Software\searchqutoolbar]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] [HKLM\Software\Classes\Prod.cap]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PC Performer_is1]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{938958E8-355C-49FF-92B0-53C1B87ACEA9}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{938958E8-355C-49FF-92B0-53C1B87ACEA9}]
[HKLM\Software\Classes\CLSID\{938958E8-355C-49FF-92B0-53C1B87ACEA9}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Searchqu Toolbar]
C:\Program Files\specialsavings
C:\Documents and Settings\All Users\Application Data\Babylon
C:\Documents and Settings\All Users\Application Data\BrowserDefender
C:\Documents and Settings\lazovitch\Application Data\searchquband
C:\Documents and Settings\lazovitch\Application Data\SpecialSavings
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\PC Performer
[HKCU\Software\BabSolution]
[HKCU\Software\FileScout]
[HKCU\Software\Speed Analysis 2]
[HKCU\Software\specialsavings]
[HKCU\Software\8e8d8fe53ce410\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll"
[MD5.3FD2D921EA76F7B64D4F362612B569E1] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1558480] [PID.196]
[MD5.D41231AECFEE88973D56AEC2EE5B962D] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [168400] [PID.300]
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - [HKLM]{41564952-412D-5637-00A7-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\AskPartnerNetwork]
O43 - CFD: 31/08/2013 - 09:14:11 - [9,093] ----D C:\Program Files\AskPartnerNetwork
O43 - CFD: 31/08/2013 - 09:13:16 - [0] ----D C:\Documents and Settings\All Users\Application Data\APN
O43 - CFD: 31/08/2013 - 09:14:11 - [2,360] ----D C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork
O43 - CFD: 15/09/2013 - 10:00:00 - [0,357] ----D C:\Documents and Settings\lazovitch\Local Settings\Application Data\AskPartnerNetwork
O64 - Services: CurCS - 26/07/2013 - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APNMCP) .(.APN LLC. - APN Updater.) - LEGACY_APNMCP
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - http://www1.delta-search.com
O90 - PUC: "25946514D2147365007A7A857BC02020" . (.Avira SearchFree Toolbar plus Web Protection.) -- C:\WINDOWS\Installer\{41564952-412D-5637-00A7-A758B70C0202}\ToolbarIcon.exe
[MD5.0DB5D5C093746E7AD272D7E3FD16B43B] [WIS][31/08/2013] (.Ask Partner Network - Avira SearchFree Toolbar plus Web Protection.) -- C:\Windows\Installer\58f5d.msi [755200]
SR - | Auto 26/07/2013 168400 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
[HKCU\Software\Softonic]
[HKLM\Software\Classes\AppID\AddonsFramework.DLL]
[HKLM\Software\Classes\AppID\ButtonSite.DLL]
[HKLM\Software\Classes\AppID\ScriptHost.DLL]
[HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}]
[HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}]
[HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}]
[HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}]
[HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}]
[HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}]
[HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}]
[HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}]
[HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}]
[HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}]
[HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}]
[HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}]
[HKCU\Software\AskPartnerNetwork]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh]
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{41564952-412D-5637-00A7-7A786E7484D7}
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:ApnTBMon
C:\Program Files\AskPartnerNetwork
C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork
C:\Documents and Settings\lazovitch\Local Settings\Application Data\AskPartnerNetwork
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Windows\Installer\58f5d.msi
ShortcutFix
Emptytemp
EmptyClsid
----------------------------------------------------------
- Clique sur le bouton « GO » pour lancer le nettoyage,
- confirme le nettoyage
-
- Héberge le rapport ZHPFIX.txt sur Cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
http://cjoint.com => http://www.commentcamarche.net/faq/29493-utiliser-cjoint
Tuto en bas de cette page :
http://nicolascoolman.webs.com/tutorials.htm