Répondre à : supprimer aartemis 2016-09-08T13:23:29+00:00
kayali
Participant
Nombre d'articles : 3

Bonjour, voici le rapport, merci pour ton aide
¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module 03.12.2013.1 – g3n-h@ckm@n

16:15:14 – 06/12/2013

(760) — nvvsvc.exe
(1292) — spoolsv.exe
(1412) — armsvc.exe
(1512) — nvvsvc.exe
(1548) — ijplmsvc.exe
(1612) — mdm.exe
(1748) — NBService.exe
(1996) — explorer.exe
(2016) — taskhost.exe
(2228) — GoogleCrashHandler.exe
(2636) — GoogleCrashHandler64.exe
(2796) — SearchIndexer.exe
(3036) — wmpnetwk.exe
(2852) — RocketDock.exe
(3428) — jusched.exe
(1868) — CNSEMAIN.EXE
(1348) — splwow64.exe
(3976) — firefox.exe
(3868) — plugin-container.exe
(3992) — FlashPlayerPlugin_11_9_900_117.exe
(3000) — FlashPlayerPlugin_11_9_900_117.exe
(436) — SearchProtocolHost.exe
(3276) — SearchFilterHost.exe

¤¤¤¤¤¤¤¤¤¤ | Hijack Links

¤¤¤¤¤¤¤¤¤¤ | Hijack Internet Explorer

Repaired : [HKUS-1-5-21-3780318924-2480514567-3899797604-1000SoftwareMicrosoftInternet ExplorerMain]|[Start Page] : http://www.google.com” onclick=”window.open(this.href);return false; -> http://www.google.com/” onclick=”window.open(this.href);return false;
Repaired : [HKUS-1-5-21-3780318924-2480514567-3899797604-1000SoftwareMicrosoftInternet ExplorerMain]|[Local Page] : C:Windowssystem32blank.htm -> C:WindowsSysWOW64blank.htm
Repaired : [HKUS-1-5-21-3780318924-2480514567-3899797604-1000SoftwareMicrosoftInternet ExplorerMain]|[Search Page] : http://go.microsoft.com/fwlink/?LinkId=54896” onclick=”window.open(this.href);return false; -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch” onclick=”window.open(this.href);return false;
Repaired : [HKLMSoftwareMicrosoftInternet ExplorerMain]|[Start Page] : http://www.google.com” onclick=”window.open(this.href);return false; -> http://go.microsoft.com/fwlink/?LinkId=69157” onclick=”window.open(this.href);return false;
Repaired : [HKLMSoftwareMicrosoftInternet ExplorerMain]|[Default_Search_URL] : http://www.google.com” onclick=”window.open(this.href);return false; -> http://go.microsoft.com/fwlink/?LinkId=54896” onclick=”window.open(this.href);return false;
Repaired : [HKLMSoftwareMicrosoftInternet ExplorerMain]|[Default_Page_URL] : http://www.google.com” onclick=”window.open(this.href);return false; -> http://go.microsoft.com/fwlink/?LinkId=69157” onclick=”window.open(this.href);return false;
Repaired : [HKLMSoftwareMicrosoftInternet ExplorerMain]|[Search Page] : http://www.google.com” onclick=”window.open(this.href);return false; -> http://go.microsoft.com/fwlink/?LinkId=54896” onclick=”window.open(this.href);return false;
Repaired : [HKUS-1-5-21-3780318924-2480514567-3899797604-1000SoftwareMicrosoftWindowsCurrentVersionInternet settings]|[WarnonZoneCrossing] : 0 -> 1

¤¤¤¤¤¤¤¤¤¤ | Hijack Google Chrome

[LECAS] Successfull reset : SearchURL
[LECAS] Successfull reset : Preferences

¤¤¤¤¤¤¤¤¤¤ | Hijack Firefox

[LECAS] Replaced : user_pref(“browser.search.defaultenginename”, “Ask Search”); -> user_pref(“browser.search.defaultenginename”, “google”);
[LECAS] Replaced : user_pref(“browser.search.selectedEngine”, “Ask Search”); -> user_pref(“browser.search.selectedEngine”, “google”);
[LECAS] Replaced : user_pref(“browser.startup.homepage”, “http://fr-mg42.mail.yahoo.com/neo/launch?.rand=ddmp6gf7c5fc9”); -> user_pref(“browser.startup.homepage”, “http://www.google.fr”);
[LECAS] Replaced : user_pref(“browser.search.order.1”, “Ask Search”); -> user_pref(“browser.search.order.1”, “google.com”);
[LECAS] Replaced : user_pref(“browser.search.defaultengine”, “Ask Search”); -> user_pref(“browser.search.defaultengine”, “google.com”);
[LECAS] Replaced : user_pref(“browser.search.order.1”, “Ask Search”); -> user_pref(“browser.search.order.1”, “google.com”);
[LECAS] Replaced : user_pref(“browser.startup.homepage”, “http://fr-mg42.mail.yahoo.com/neo/launch?.rand=5k8lr235u7oji”); -> user_pref(“browser.startup.homepage”, “http://www.google.fr”);
[LECAS] Replaced : user_pref(“browser.search.defaultenginename”, “Ask Search”); -> user_pref(“browser.search.defaultenginename”, “google”);
[LECAS] Replaced : user_pref(“browser.search.selectedEngine”, “Ask Search”); -> user_pref(“browser.search.selectedEngine”, “google”);
[LECAS] Replaced : user_pref(“browser.startup.homepage”, “http://fr-mg42.mail.yahoo.com/neo/launch?.rand=ddmp6gf7c5fc9”); -> user_pref(“browser.startup.homepage”, “http://www.google.fr”);
[LECAS] Replaced : user_pref(“browser.search.order.1”, “Ask Search”); -> user_pref(“browser.search.order.1”, “google.com”);
[LECAS] Replaced : user_pref(“browser.search.defaultengine”, “Ask Search”); -> user_pref(“browser.search.defaultengine”, “google.com”);

¤¤¤¤¤¤¤¤¤¤ | Hijack StartMenuInternet

Repaired : [HKLMSoftwareClientsStartMenuInternetIExplore.exeshellopencommand] : C:Program Files (x86)Internet Exploreriexplore.exe -> “C:Program Files (x86)Internet Exploreriexplore.exe”

¤¤¤¤¤¤¤¤¤¤ | TEMP Files

[Default User] TEMP Files deleted : 0 Ko
[All Users] TEMP Files deleted : 0 Ko
[Default] TEMP Files deleted : 0 Ko
[Administrator] TEMP Files deleted : 0 Ko
[Public] TEMP Files deleted : 0 Ko
[LECAS] TEMP Files deleted : 306882 Ko

¤¤¤¤¤¤¤¤¤¤ |EOF| ¤¤¤¤¤¤¤¤¤¤