Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013 Fichier d'export Registre : Run by family at 01/04/2013 10:29:44 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée ========== Logiciel(s) ========== ABSENT Uninstall Process: c:\program files (x86)\uninstall information\ib\97\3867\ib_uninstall.exe ABSENT Software Key: {889DF117-14D1-44EE-9F31-C5FB5D47F68B} ========== Processus mémoire ========== SUPPRIME Reboot Memory Process: C:\Users\family\AppData\Roaming\Yontoo\YontooDesktop.exe SUPPRIME Reboot Memory Process: C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe SUPPRIME Memory Process: C:\ProgramData\IBUpdaterService\ibsvc.exe SUPPRIME Memory Process: C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe SUPPRIME Memory Process: C:\Users\family\AppData\Roaming\BabSolution\Shared\BabMaint.exe SUPPRIME Memory Process: C:\Users\family\AppData\Local\Temp\SetupDataMngr_searchqu.exe ========== Clé(s) du Registre ========== SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service] SUPPRIME Key: CLSID BHO: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} SUPPRIME Key: Service: BrowserProtect SUPPRIME Key: Service: IBUpdaterService SUPPRIME Key: Service: Yontoo Desktop Updater SUPPRIME Key: HKCU\Software\5f538c8ce13eba15 SUPPRIME Key: HKCU\Software\BabylonToolbar ERREUR Key****: HKCU\Software\DataMngr SUPPRIME Key*: HKCU\Software\DataMngr_Toolbar SUPPRIME Key: HKCU\Software\Zugo SUPPRIME Key: HKLM\Software\Wow6432Node\5f538c8ce13eba15 SUPPRIME Key*: HKLM\Software\Wow6432Node\DataMngr SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{043C5167-00BB-4324-AF7E-62013FAEDACF} SUPPRIME Key: HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} ERREUR Key****: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9} SUPPRIME Key*: HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} SUPPRIME Key*: HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{416ae1cb-7257-484a-b912-aebc7fdad4ce} SUPPRIME Key: HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} SUPPRIME Key: HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} SUPPRIME Key: HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} SUPPRIME Key: HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} SUPPRIME Key: HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} SUPPRIME Key: HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} SUPPRIME Key: HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} ABSENT Key: HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} SUPPRIME Key: HKLM\Software\Classes\AppID\escort.dll SUPPRIME Key: HKLM\Software\Classes\AppID\escortapp.dll SUPPRIME Key: HKLM\Software\Classes\AppID\escorteng.dll SUPPRIME Key: HKLM\Software\Classes\AppID\esrv.EXE SUPPRIME Key: HKLM\Software\Classes\escort.escortIEPane SUPPRIME Key: HKLM\Software\Classes\escort.escortIEPane.1 SUPPRIME Key: HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater ABSENT Key: HKLM\Software\Classes\AppID\ESRV.EXE SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Api SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Api.1 SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Layers SUPPRIME Key: HKLM\Software\Classes\YontooIEClient.Layers.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\escort.escortIEPane ABSENT Key: HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1 ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers ABSENT Key: HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1 ABSENT Key: HKLM\Software\Classes\AppID\escort.DLL ABSENT Key: HKLM\Software\Classes\AppID\escortApp.DLL ABSENT Key: HKLM\Software\Classes\AppID\escortEng.DLL SUPPRIME Key: HKLM\Software\Classes\AppID\escorTlbr.DLL SUPPRIME Key: HKLM\Software\Classes\AppID\YontooIEClient.DLL ABSENT Key: Service: BrowserProtect ABSENT Key: Service: IBUpdaterService ABSENT Key: Service: Yontoo Desktop Updater ========== Valeur(s) du Registre ========== SUPPRIME RunValue: Yontoo Desktop ABSENT TCP Query User{524AFDD7-A89E-4413-8457-ED1B7457178B}C:/program files (x86)/freetvradio/freetvradio.exe ABSENT UDP Query User{31FE9F82-074A-4E5E-B465-35F416F4ADA4}C:/program files (x86)/freetvradio/freetvradio.exe SUPPRIME [HKCU\Software\Mozilla\Firefox\Extensions]:{0F827075-B026-42F3-885D-98981EE7B1AE} ABSENT [HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:Yontoo Desktop ABSENT [HKCU\Software\5f538c8ce13eba15]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" ABSENT [HKCU\Software\5f538c8ce13eba15]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKCU\Software\5f538c8ce13eba15]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKCU\Software\5f538c8ce13eba15]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKCU\Software\5f538c8ce13eba15]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKCU\Software\5f538c8ce13eba15]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKCU\Software\5f538c8ce13eba15]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKCU\Software\5f538c8ce13eba15]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKCU\Software\5f538c8ce13eba15]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKCU\Software\5f538c8ce13eba15]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKCU\Software\5f538c8ce13eba15]:INSTALL_FOLDER_NAME="BrowserProtect" ABSENT [HKCU\Software\5f538c8ce13eba15]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKCU\Software\5f538c8ce13eba15]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKCU\Software\5f538c8ce13eba15]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKCU\Software\5f538c8ce13eba15]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" ABSENT [HKCU\Software\5f538c8ce13eba15]:NTFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKCU\Software\5f538c8ce13eba15]:NTFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKCU\Software\5f538c8ce13eba15]:NTFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKCU\Software\5f538c8ce13eba15]:PROTECTOR_DLL_NAME="BrowserProtect.dll" ABSENT [HKCU\Software\5f538c8ce13eba15]:PROTECT_EXE_NAME="BrowserProtect.exe" ABSENT [HKCU\Software\5f538c8ce13eba15]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKCU\Software\5f538c8ce13eba15]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKCU\Software\5f538c8ce13eba15]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKCU\Software\5f538c8ce13eba15]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKCU\Software\5f538c8ce13eba15]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKCU\Software\5f538c8ce13eba15]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKCU\Software\5f538c8ce13eba15]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKCU\Software\5f538c8ce13eba15]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKCU\Software\5f538c8ce13eba15]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKCU\Software\5f538c8ce13eba15]:SERVICE_NAME="BrowserProtect" ABSENT [HKCU\Software\5f538c8ce13eba15]:usrcheckbox="0" ABSENT [HKCU\Software\5f538c8ce13eba15]:version="2.6.1125.80" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:INSTALL_FOLDER_NAME="BrowserProtect" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:NTFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:NTFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:NTFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:PROTECTOR_DLL_NAME="BrowserProtect.dll" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:PROTECT_EXE_NAME="BrowserProtect.exe" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig==" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U=" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:SERVICE_NAME="BrowserProtect" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:usrcheckbox="0" ABSENT [HKLM\Software\Wow6432Node\5f538c8ce13eba15]:version="2.6.1125.80" ========== Dossier(s) ========== SUPPRIME Folder: C:\Program Files (x86)\Yontoo SUPPRIME Reboot Folder**: C:\ProgramData\BrowserProtect SUPPRIME Folder: C:\ProgramData\IBUpdaterService SUPPRIME Folder: C:\Users\family\AppData\Roaming\BabSolution SUPPRIME Folder: C:\Users\family\AppData\Roaming\SpecialSavings SUPPRIME Folder: C:\Users\family\AppData\Roaming\Yontoo SUPPRIME Folder: C:\Users\family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect SUPPRIME Folder: c:\users\family\appdata\local\google\chrome\user data\default\extensions\niapdbllcanepiiimjjndipklodoedlc SUPPRIME Folder: c:\users\family\appdata\local\google\chrome\user data\default\extensions\pgafcinpmmpklohkojmllohdhomoefph ========== Fichier(s) ========== SUPPRIME File*: c:\programdata\ibupdaterservice\ibsvc.exe SUPPRIME File***: c:\program files (x86)\yontoo\y2desktop.updater.exe SUPPRIME File: c:\program files (x86)\yontoo\yontooieclient.dll SUPPRIME File: c:\users\family\appdata\roaming\yontoo\yontoodesktop.exe SUPPRIME Reboot c:\programdata\browserprotect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserprotect.exe ABSENT File: c:\programdata\ibupdaterservice\ibsvc.exe ABSENT File: c:\program files (x86)\yontoo\y2desktop.updater.exe SUPPRIME File*: c:\users\family\appdata\roaming\babsolution\shared\babmaint.exe SUPPRIME Reboot c:\users\family\appdata\roaming\mozilla\extensions\specialsavings@specialsavings.com ABSENT File: c:\users\family\appdata\roaming\yontoo\dat\desktop.os.dll ABSENT File: c:\users\family\appdata\roaming\yontoo\dat\heartbeat.dat ABSENT File: c:\users\family\appdata\roaming\yontoo\plugins.cache ABSENT File: c:\users\family\appdata\roaming\babsolution\shared\busolution.dll ABSENT File: c:\users\family\appdata\roaming\babsolution\shared\chu.js SUPPRIME File*: c:\users\family\appdata\local\temp\setupdatamngr_searchqu.exe ABSENT Folder/File: c:\program files (x86)\yontoo ABSENT Folder/File: c:\programdata\ibupdaterservice ABSENT Folder/File: c:\users\family\appdata\roaming\yontoo ABSENT Folder/File: c:\users\family\appdata\roaming\specialsavings ABSENT Folder/File: c:\users\family\appdata\roaming\babsolution SUPPRIME File: C:\Users\family\AppData\Local\Temp\searchqu.ini SUPPRIME File*: c:\users\family\appdata\local\temp\searchqu.ini ABSENT Folder/File: c:\users\family\appdata\local\temp\setupdatamngr_searchqu.exe ========== Tache planifiée ========== SUPPRIME Task: EPUpdater ========== Autre ========== NON TRAITE Malware (190) ========== Récapitulatif ========== 6 : Processus mémoire 72 : Clé(s) du Registre 69 : Valeur(s) du Registre 9 : Dossier(s) 23 : Fichier(s) 2 : Logiciel(s) 1 : Tache planifiée 1 : Autre End of clean in 00mn 31s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 31/03/2013 14:47:21 [13784] C:\ZHP\ZHPFix[R2].txt - 01/04/2013 10:29:44 [17173]