Rapport ZHPdiag.txt
aethely
-
heraultais34600 Messages postés 776 Statut Membre -
heraultais34600 Messages postés 776 Statut Membre -
Bonjour,
Suite à votre mail, comme vous me l'avez demandé, je vous transmet le lien pour le rapport ZHPdiag.txt :
http://pjjoint.malekal.com/files.php?id=ZHPDiag_t5o515u12i9s5u10y8y10m11q8p10z11h6p15g14y14e15z9r9
merci de vos conseils,
bien cordialement
aethely
Suite à votre mail, comme vous me l'avez demandé, je vous transmet le lien pour le rapport ZHPdiag.txt :
http://pjjoint.malekal.com/files.php?id=ZHPDiag_t5o515u12i9s5u10y8y10m11q8p10z11h6p15g14y14e15z9r9
merci de vos conseils,
bien cordialement
aethely
2 réponses
Bonjour,
Lance ZHPFix qui doit être sur ton bureau (clic droit dessus --> "Exécuter en tant qu'administrateur"
Copie le script ci-dessous en gras
[MD5.3CF9AEB1F63AF9E529F69C09B9E447D7] - (...) -- C:\Users\audrey\AppData\Roaming\cacaoweb\cacaoweb.exe [395264] [PID.4448]
M0 - MFSP: user.js [audrey - 8yltfhyo.default] http://ww10.seeearch.com
M2 - MFEP: prefs.js [audrey - 8yltfhyo.default\@FissaPlugin] [] Fissa v1.0 (.Secure Digital Services.)
M2 - MFEP: prefs.js [audrey - 8yltfhyo.default\FissaPlugin-trash] [] Fissa v1.0 (.Secure Digital Services.)
M2 - MFEP: prefs.js [audrey - 8yltfhyo.default\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] [] PriceGong v2.5.1 (.PriceGong Software Ltd..)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} . (.PriceGong - PriceGong Comparative Shopping Tool.) -- C:\Program Files\PriceGong\2.5.1\PriceGongIE.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files\OfferBox\OfferBoxBHO.dll
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\audrey\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKUS\S-1-5-21-1056841091-2382162785-29211700-1000\..\Run: [cacaoweb] . (...) -- C:\Users\audrey\AppData\Roaming\cacaoweb\cacaoweb.exe
O42 - Logiciel: PriceGong 2.5.1 - (.PriceGong.) [HKLM] -- PriceGong
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\FissaSearch]
[HKCU\Software\Spointer]
[HKCU\Software\Winsudate]
[HKCU\Software\cacaoweb]
[HKCU\Software\freeTVRadio]
[HKLM\Software\Winsudate]
O43 - CFD: 20/06/2010 - 06:37:26 - [0] ----D- C:\Program Files\Fluendo
O43 - CFD: 14/09/2010 - 18:04:36 - [0] ----D- C:\Program Files\freeTVRadio
O43 - CFD: 03/10/2011 - 07:05:38 - [171871] ----D- C:\Program Files\OfferBox
O43 - CFD: 31/10/2011 - 16:27:02 - [488451] ----D- C:\Program Files\PriceGong
O43 - CFD: 12/11/2011 - 09:47:58 - [395329] ----D- C:\Users\audrey\AppData\Roaming\cacaoweb
O43 - CFD: 30/01/2011 - 20:44:22 - [12174] ----D- C:\Users\audrey\AppData\Roaming\FissaSearch
O43 - CFD: 14/09/2010 - 17:50:56 - [677] ----D- C:\Users\audrey\AppData\Roaming\freeTVRadio
O43 - CFD: 19/06/2010 - 21:49:52 - [580370] ----D- C:\Users\audrey\AppData\Roaming\moovida-1
O43 - CFD: 08/06/2011 - 15:40:26 - [283206] ----D- C:\Users\audrey\AppData\Roaming\OfferBox
O43 - CFD: 14/09/2010 - 18:01:10 - [127775] ----D- C:\Users\audrey\AppData\Local\freetvradio Air
O43 - CFD: 20/06/2010 - 06:34:54 - [119227] ----D- C:\Users\audrey\AppData\Local\moovida Air
O87 - FAEL: "TCP Query User{E4D20CD0-97C7-40EC-94C3-7CEB710F1B5B}C:\users\audrey\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\audrey\appdata\roaming\cacaoweb\cacaoweb.exe
O87 - FAEL: "UDP Query User{928CFAFF-9CE0-403C-A81F-D55BC5462ACD}C:\users\audrey\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\audrey\appdata\roaming\cacaoweb\cacaoweb.exe
[HKLM\Software\Classes\AppID\PriceGongIE.DLL]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox Browser]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong]
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO]
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO.1]
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl]
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl.1]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}]
[HKLM\Software\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}]
[HKLM\Software\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom]
[HKCU\Software\freetvradio]
[HKLM\Software\Mozilla\Firefox\Extensions]:offerboxffx@offerbox.com
C:\Program Files\freeTVRadio
C:\Program Files\OfferBox
C:\Program Files\PriceGong
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
C:\Users\audrey\AppData\Roaming\cacaoweb
C:\Users\audrey\AppData\Roaming\FissaSearch
C:\Users\audrey\AppData\Roaming\freeTVRadio
C:\Users\audrey\AppData\Roaming\OfferBox
C:\Users\audrey\AppData\Local\freetvradio Air
C:\Users\audrey\AppData\Local\moovida air
C:\Users\audrey\AppData\LocalLow\PriceGong
C:\Users\audrey\AppData\Roaming\Mozilla\Firefox\Profiles\8yltfhyo.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk
firewareRAZ
Colle-le dans la zone blanche de ZHPFix en cliquant sur le deuxième bouton à droite (juste après l'appareil photo)
Clique sur le bouton "GO"
Laisse l'outil travailler, un rapport s'ouvrira
Envoie ce rapport ICI
@ bientôt.
Lance ZHPFix qui doit être sur ton bureau (clic droit dessus --> "Exécuter en tant qu'administrateur"
Copie le script ci-dessous en gras
[MD5.3CF9AEB1F63AF9E529F69C09B9E447D7] - (...) -- C:\Users\audrey\AppData\Roaming\cacaoweb\cacaoweb.exe [395264] [PID.4448]
M0 - MFSP: user.js [audrey - 8yltfhyo.default] http://ww10.seeearch.com
M2 - MFEP: prefs.js [audrey - 8yltfhyo.default\@FissaPlugin] [] Fissa v1.0 (.Secure Digital Services.)
M2 - MFEP: prefs.js [audrey - 8yltfhyo.default\FissaPlugin-trash] [] Fissa v1.0 (.Secure Digital Services.)
M2 - MFEP: prefs.js [audrey - 8yltfhyo.default\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] [] PriceGong v2.5.1 (.PriceGong Software Ltd..)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} . (.PriceGong - PriceGong Comparative Shopping Tool.) -- C:\Program Files\PriceGong\2.5.1\PriceGongIE.dll
O2 - BHO: OfferBox - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} . (.Secure Digital Services Limited - OfferBox.) -- C:\Program Files\OfferBox\OfferBoxBHO.dll
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\audrey\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKUS\S-1-5-21-1056841091-2382162785-29211700-1000\..\Run: [cacaoweb] . (...) -- C:\Users\audrey\AppData\Roaming\cacaoweb\cacaoweb.exe
O42 - Logiciel: PriceGong 2.5.1 - (.PriceGong.) [HKLM] -- PriceGong
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\FissaSearch]
[HKCU\Software\Spointer]
[HKCU\Software\Winsudate]
[HKCU\Software\cacaoweb]
[HKCU\Software\freeTVRadio]
[HKLM\Software\Winsudate]
O43 - CFD: 20/06/2010 - 06:37:26 - [0] ----D- C:\Program Files\Fluendo
O43 - CFD: 14/09/2010 - 18:04:36 - [0] ----D- C:\Program Files\freeTVRadio
O43 - CFD: 03/10/2011 - 07:05:38 - [171871] ----D- C:\Program Files\OfferBox
O43 - CFD: 31/10/2011 - 16:27:02 - [488451] ----D- C:\Program Files\PriceGong
O43 - CFD: 12/11/2011 - 09:47:58 - [395329] ----D- C:\Users\audrey\AppData\Roaming\cacaoweb
O43 - CFD: 30/01/2011 - 20:44:22 - [12174] ----D- C:\Users\audrey\AppData\Roaming\FissaSearch
O43 - CFD: 14/09/2010 - 17:50:56 - [677] ----D- C:\Users\audrey\AppData\Roaming\freeTVRadio
O43 - CFD: 19/06/2010 - 21:49:52 - [580370] ----D- C:\Users\audrey\AppData\Roaming\moovida-1
O43 - CFD: 08/06/2011 - 15:40:26 - [283206] ----D- C:\Users\audrey\AppData\Roaming\OfferBox
O43 - CFD: 14/09/2010 - 18:01:10 - [127775] ----D- C:\Users\audrey\AppData\Local\freetvradio Air
O43 - CFD: 20/06/2010 - 06:34:54 - [119227] ----D- C:\Users\audrey\AppData\Local\moovida Air
O87 - FAEL: "TCP Query User{E4D20CD0-97C7-40EC-94C3-7CEB710F1B5B}C:\users\audrey\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\audrey\appdata\roaming\cacaoweb\cacaoweb.exe
O87 - FAEL: "UDP Query User{928CFAFF-9CE0-403C-A81F-D55BC5462ACD}C:\users\audrey\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\audrey\appdata\roaming\cacaoweb\cacaoweb.exe
[HKLM\Software\Classes\AppID\PriceGongIE.DLL]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox Browser]
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\pricegong]
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO]
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO.1]
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl]
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl.1]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}]
[HKLM\Software\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}]
[HKLM\Software\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}]
[HKLM\Software\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKLM\Software\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom]
[HKCU\Software\freetvradio]
[HKLM\Software\Mozilla\Firefox\Extensions]:offerboxffx@offerbox.com
C:\Program Files\freeTVRadio
C:\Program Files\OfferBox
C:\Program Files\PriceGong
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
C:\Users\audrey\AppData\Roaming\cacaoweb
C:\Users\audrey\AppData\Roaming\FissaSearch
C:\Users\audrey\AppData\Roaming\freeTVRadio
C:\Users\audrey\AppData\Roaming\OfferBox
C:\Users\audrey\AppData\Local\freetvradio Air
C:\Users\audrey\AppData\Local\moovida air
C:\Users\audrey\AppData\LocalLow\PriceGong
C:\Users\audrey\AppData\Roaming\Mozilla\Firefox\Profiles\8yltfhyo.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur OfferBox.lnk
firewareRAZ
Colle-le dans la zone blanche de ZHPFix en cliquant sur le deuxième bouton à droite (juste après l'appareil photo)
Clique sur le bouton "GO"
Laisse l'outil travailler, un rapport s'ouvrira
Envoie ce rapport ICI
@ bientôt.
