Aller au contenu

oxyde de fer

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    5

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par oxyde de fer

  1. oxyde de fer
    Me voilà donc débarrassé de cet hôte encombrant. Merci beaucoup pour votre aide et pour tout le temps que vous m'avez consacré.
  2. oxyde de fer
    Non, non, c'était pure naïveté, il me semblait que c'était terminé. Voici donc le rapport : Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-12-11-2012-12-58-45.txt Run by Collégien at 12/11/2012 12:58:44 Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002) ========== Clé(s) du Registre ========== SUPPRIME Key: CLSID BHO: {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} ========== Valeur(s) du Registre ========== SUPPRIME {180D6544-6F63-4D45-87CF-43723745A061} SUPPRIME {FB3B71E4-2E55-4B0D-B022-FE13914A638D} ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : ProxyFix : Configuration proxy supprimée avec succès SUPPRIME ProxyServer Value SUPPRIME ProxyEnable Value SUPPRIME EnableHttp1_1 Value SUPPRIME ProxyHttp1.1 Value SUPPRIME ProxyOverride Value ========== Dossier(s) ========== SUPPRIME Folder: C:\ProgramData\Browser Manager SUPPRIME Folder: C:\Users\Collégien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Fichier(s) ========== ABSENT Folder/File: c:\programdata\browser manager SUPPRIME File: c:\users\collégien\desktop\aller sur msn.fr.lnk SUPPRIME File: c:\nospam.log SUPPRIME Flash Cookies: SUPPRIME Temporaires Windows: ========== Tache planifiée ========== SUPPRIME Task: {4CEB4556-0626-466B-9458-B7C0CBA97FB4} ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Récapitulatif ========== 1 : Clé(s) du Registre 10 : Valeur(s) du Registre 4 : Dossier(s) 5 : Fichier(s) 1 : Tache planifiée 1 : Restauration Système End of clean in 00mn 29s
  3. oxyde de fer
    merci encore. j'imagine que maintennt je n'ai plus besoin de mettre ici les rapports ?
  4. oxyde de fer
    Merci pour votre réponse rapide. Le rapport zhp diag se trouve ici : pjjoint.malekal.com - Submit a file et voici le rapport ADW cleaner : # AdwCleaner v2.007 - Rapport créé le 11/11/2012 à 20:08:14 # Mis à jour le 06/11/2012 par Xplode # Système d'exploitation : Windows Vista Home Basic Service Pack 2 (32 bits) # Nom d'utilisateur : Collégien - WIN-8NE1YWGZ73Z # Mode de démarrage : Normal # Exécuté depuis : C:\Users\Collégien\Downloads\adwcleaner.exe # Option [suppression] ***** [services] ***** Arrêté & Supprimé : Browser Manager ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\ProgramData\Babylon Dossier Supprimé : C:\ProgramData\IBUpdaterService Dossier Supprimé : C:\Users\Collégien\AppData\Roaming\Babylon Dossier Supprimé : C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\4aqc9tvz.default\Smartbar Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml Supprimé au redémarrage : C:\ProgramData\Browser Manager ***** [Registre] ***** Clé Supprimée : HKCU\Software\AppDataLow\Software\Crossrider Clé Supprimée : HKCU\Software\AppDataLow\Software\SmartBar Clé Supprimée : HKCU\Software\Ask.com Clé Supprimée : HKCU\Software\DataMngr Clé Supprimée : HKCU\Software\DataMngr_Toolbar Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Clé Supprimée : HKCU\Software\Softonic Clé Supprimée : HKLM\Software\Babylon Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap Clé Supprimée : HKLM\Software\DataMngr Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph Clé Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Clé Supprimée : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Clé Supprimée : HKU\S-1-5-21-2179446787-200863755-593299043-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Donnée Supprimée : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\24897~1.175\{61d8b~1\browse~1.dll Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}] ***** [Navigateurs] ***** -\\ Internet Explorer v8.0.6001.19328 Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=114508&tt=4312_2&babsrc=HP_clro&mntrId=1cc48b2900000000000050e5491d229f --> hxxp://www.google.com Supprimée : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] -\\ Mozilla Firefox v16.0.2 (fr) Nom du profil : default Fichier : C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\4aqc9tvz.default\prefs.js C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\4aqc9tvz.default\user.js ... Supprimé ! Supprimée : user_pref("browser.startup.homepage", "hxxp://www.claro-search.com/?affID=114508&tt=4312_2&babsrc=HP[...] Supprimée : user_pref("extensions.claro.admin", false); Supprimée : user_pref("extensions.claro.aflt", "babsst"); Supprimée : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}"); Supprimée : user_pref("extensions.claro.dfltLng", "en"); Supprimée : user_pref("extensions.claro.excTlbr", false); Supprimée : user_pref("extensions.claro.id", "1cc48b2900000000000050e5491d229f"); Supprimée : user_pref("extensions.claro.instlDay", "15635"); Supprimée : user_pref("extensions.claro.instlRef", "sst"); Supprimée : user_pref("extensions.claro.prdct", "claro"); Supprimée : user_pref("extensions.claro.prtnrId", "claro"); Supprimée : user_pref("extensions.claro.tlbrId", "claro"); Supprimée : user_pref("extensions.claro.tlbrSrchUrl", ""); Supprimée : user_pref("extensions.claro.vrsn", "1.8.3.10"); Supprimée : user_pref("extensions.claro.vrsni", "1.8.3.10"); Supprimée : user_pref("extensions.claro_i.smplGrp", "none"); Supprimée : user_pref("extensions.claro_i.vrsnTs", "1.8.3.109:23:35"); -\\ Google Chrome v [impossible d'obtenir la version] Fichier : C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [4699 octets] - [11/11/2012 20:07:18] AdwCleaner[R2].txt - [4759 octets] - [11/11/2012 20:07:25] AdwCleaner[s1].txt - [4677 octets] - [11/11/2012 20:08:14] ########## EOF - C:\AdwCleaner[s1].txt - [4737 octets] ##########
  5. oxyde de fer
    Bonjour, mon ordinateur est infecté par un cheval de Troie, Claro Search. J'ai réalisé un diagnostic ZHP DIAG consultable ci-dessous. Merci d'avance pour votre aide. Oxyde de fer Rapport de ZHPDiag v1.31.39 par Nicolas Coolman, Update du 09/11/2012 Run by Collégien at 11/11/2012 17:58:58 State : Version à jour. UAC : Not Found or deactivate by user ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.19328 MFIE: Mozilla Firefox 16.0.2 v16.0.2 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_COA_SLP channel Windows ID Activation : OK ~ Windows Partial Key : V6PDC Windows License : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1934 MB (58% free) System Restore: Activé (Enable) System drive C: has 77 GB (55%) free of 139 GB ---\\ Logged in mode ~ Computer Name: WIN-8NE1YWGZ73Z ~ User Name: Collégien ~ All Users Names: Collégien, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Collégien\AppData\Roaming\ ~ %Desktop% : C:\Users\Collégien\Desktop\ ~ %Favorites% : C:\Users\Collégien\Favorites\ ~ %LocalAppData% : C:\Users\Collégien\AppData\Local\ ~ %StartMenu% : C:\Users\Collégien\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 77 Go of 139 Go) D:\ CD-ROM drive (Free 0 Go of 8 Go) ---\\ Security Center & Tools Informations ~ UAC deactivate by user [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.69D83FEF59F46E9EBF06E805547DB534] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/08/2012 - 12:50:39.) -- C:\Windows\system32\wininet.dll [916992] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880] [MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192] [MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/04/2009 - 07:32:55.) -- C:\Windows\system32\Drivers\volsnap.sys [226280] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/5032 ~ Mes musiques (My Musics) : 1/34 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/32 ~ Mes Documents (My Documents) : 4/441 ~ Mon Bureau (My Desktop) : 0/149 ~ Menu demarrer (Programs) : 1/28 ~ Scan Hidden Files in 00mn 01s ---\\ Processus lancés [MD5.A3333663E400B6327E0A0B98CAD20A24] - (...) -- C:\ProgramData\Browser Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe [2400800] [PID.] [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.4216] [MD5.B386987854E926A9808EB57CA6432B30] - (.G Data Software AG - G Data Security Software.) -- C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe [995352] [PID.648] [MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.3860] [MD5.7DA77557B339A4CDC6EAB9327331E321] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe [142616] [PID.860] [MD5.293DC71B22A0C2FAE3FB759BB208FFC8] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10959464] [PID.4808] [MD5.64D8130561103132AA131BE7CD247CAD] - (.G Data Software AG - G Data Personal Firewall.) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1470968] [PID.4768] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.5876] [MD5.300F9215FCE15E1CC5DA78C9AD4BBE2E] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [3770368] [PID.4840] [MD5.110C6DC36EA9F5DA664A584756B1B297] - (.G Data Software AG - G Data AntiVirus Scan Server.) -- C:\Program Files\Common Files\G DATA\GDScan\GDScan.exe [470008] [PID.] [MD5.6BBEF99B9A4DA3568ECCF32FCB10C6FE] - (.G Data Software AG - G Data Filesystem Monitor Service.) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [1584112] [PID.] [MD5.B081773B209C3ABF6C4360F3CC0A351D] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [565248] [PID.] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.] [MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.] [MD5.C48176DA44D0298A7075D3C5CF8C3D8D] - (...) -- C:\Program Files\Common Files\G DATA\AVKProxy\AVKProxy.exe [1542680] [PID.] [MD5.29DA2D5958B352022A1BB5CE6FDB427C] - (...) -- C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [468472] [PID.] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.] [MD5.28B3162EC8D01114313D7F447D8E157E] - (.Intel® Corporation - Intel® Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [423136] [PID.] [MD5.92DB7D70D029C6C8584EBFABF18F8D3C] - (...) -- C:\Program Files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280] [PID.] [MD5.166FC0B36842135BC2D3C32DF70ED0D6] - (.Intel Corporation - Intel® Dynamic Application Loader Host In.) -- C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560] [PID.] [MD5.2AF094B1CE4725E4551F38FDA2348637] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\Cyberlink\Shared Files\RichVideo.exe [171040] [PID.] [MD5.EB4D63C618555024DAC54F619859AD92] - (.G Data Software AG - G Data Persoonlijke Firewall.) -- C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [1899816] [PID.] [MD5.A1545B731579895D8CC44FC0481C1192] - (.Microsoft Corporation - Service de la passerelle de la couche Appli.) -- C:\Windows\System32\alg.exe [59392] [PID.] [MD5.C56E64BA70DC822B84D100A6F8D690D3] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [277784] [PID.] [MD5.0F9E1BC7E2BEA1A4108EC9736CF0C2D9] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [363800] [PID.] ~ Scan Processes Running in 00mn 11s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Collégien\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [user Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Premier utilisateur" v. () ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\4aqc9tvz.default\prefs.js C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\4aqc9tvz.default\user.js M3 - MFPP: Plugins - [Collégien] -- C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\4aqc9tvz.default\searchplugins\bing.xml M3 - MFPP: Plugins - [Collégien] -- C:\Users\Collégien\AppData\Roaming\Mozilla\Firefox\Profiles\4aqc9tvz.default\searchplugins\wiseconvert-15-customized-web-search.xml M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\babylon.xml M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Collégien] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [Collégien - 4aqc9tvz.default] Claro Search M2 - MFEP: prefs.js [Collégien - 4aqc9tvz.default\firefox@ghostery.com] [] Ghostery v2.8.3 (.Evidon, Inc..) M2 - MFEP: prefs.js [Collégien - 4aqc9tvz.default\fr-FR@dictionaries.addons.mozilla.org] [] Dictionnaire français «Classique» v3.5 (.Olivier R..) M2 - MFEP: prefs.js [Collégien - 4aqc9tvz.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [Collégien - 4aqc9tvz.default\{77b819fa-95ad-4f2c-ac7c-486b356188a9}] [] IE Tab v2.0.20120203 (.Hong Jen Yee (PCMan).) M2 - MFEP: prefs.js [Collégien - 4aqc9tvz.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus v2.1.2 (.Wladimir Palantr</em:contributor><em:contributor>Fabrice Desré</em:contributor><em:contributor>Hubird</em:contributor><em:contr M2 - MFEP: prefs.js [Collégien - 4aqc9tvz.default\{eef03057-e4c4-4cbe-bdd3-9b21ce8e7ac2}] [] GeckoMenu v2.1.2 (.Philippe.) M2 - MFEP: prefs.js [Collégien - 4aqc9tvz.default\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}] [] Adblock Edge v2.0 (.Wladimir Palant (Original ABP 2.1.2 Author), Adstomper (Adblock Edge Author)r</em:contributor><em:contributor>Fabrice Desré</em:contributor> P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll P2 - FPN:Firefox Plugin Navigator . (.Foxit Software Company - Foxit Reader Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\npFoxitReaderPlugin.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 6.0.12.69.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.0.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@canon.com/EPPEX] - (.CANON INC. - CANON iMAGE GATEWAY Album Plugin Utility Module for IJ.) -- C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@google.com/npPicasa2,version=2.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Picasa2\npPicasa2.dll P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Picasa2\npPicasa3.dll P2 - FPN: [HKLM] [@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52] - (.Intel Corporation - Intel web components for Intel® Identity Protection Technology.) -- C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll P2 - FPN: [HKLM] [@intel-webapi.intel.com/Intel WebAPI updater] - (.Intel Corporation - Intel web components updater - Installs and updates the Intel web comp.) -- C:\Program Files\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.7.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Windows\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.9.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.9.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.69] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.69] - (.RealNetworks, Inc. - 6.0.12.69.) -- C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.1] - (.the VideoLAN Team - Version 1.1.1, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Claro Search R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Nec R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.the VideoLAN Team - Version 1.1.1, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) (No version) -- (.not file.) ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,c:\program files\g data\internetsecurity\avkkid\avkcks.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} Clé orpheline O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline O2 - BHO: (no name) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} Clé orpheline O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} . (...) -- (.not file.) O3 - Toolbar: (no name) - [HKLM]{9E131A93-EED7-4BEB-B015-A0ADB30B5646} . (...) -- (.not file.) ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] . (.G Data Software AG - G Data Security Software.) -- C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Progra -édit- Ce rapport n'est pas complet. Lance-le à nouveau, et fais héberger le rapport, trop volumineux pour être directement copié/collé sur ce forum…
×
×
  • Créer...