Http://localhost:9000/proxy.pac virus?

link78 -  
jacques.gache Messages postés 34829 Statut Contributeur sécurité -
Bonjour,

je cherche à savoir comment me débarrasser de http://localhost:9000/proxy.pac qui se met à chaque fois que je redémarre mon ordinateur. Est-ce que c'est un virus? si oui est-il dangereux pounr mopn ordinateur et comment l'enlever?

4 réponses

  1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
     
    bonjour, tu fais adw-cleaner et puis tu nous postes un zhpdiag pour y voire plus claire !!

    1) passes adw-cleaner mode SUPPRESSION

    Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
    Lance le, clique sur [Suppression] puis patiente le temps du scan.
    Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.

    Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

    2) postes un zhpdiag

    Ouvre ce lien et télécharge ZHPDiag :

    https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html

    cliques sur télécharger "celui du bas"

    ou directement ici: ftp://zebulon.fr/ZHPDiag2.exe

    Enregistres le sur ton Bureau.

    Une fois le téléchargement achevé

    pour XP, double-clique sur ZHPDiag

    pour Vista,et seven tu fais un clic droit sur l'icône et exécute en tant qu'administrateur.

    N'oublies pas de cocher la case qui permet de mettre un raccourci sur le Bureau.

    /|\ l'outil a créé 2 icônes ZHPDiag et ZHPFix.

    Double cliques sur le raccourci ZHPDiag sur ton Bureau pour XP sinon clique droit et en tant que administrateur !!

    Cliques sur la loupe pour lancer l'analyse.

    si tu as un message te demandant la validation pour SIGCHECK acceptes avec OK cela est pour nous faire un rapport plus complet et pouvoir en faire une lecture plus approfondis

    Laisses l'outil travailler, il peut être assez long

    A la fin de l'analyse,clique sur l'appareil photo et enregistre le rapport sur ton Bureau.

    Fermes ZHPDiag en fin d'analyse.

    Pour me le transmettre clique sur ce lien :

    https://www.cjoint.com/

    Clique sur Parcourir et cherche le fichier C:\Documents and settings\le_nom_de_ta_session\bureau\.ZHPDiag.txt

    ou directement en choisissant bureau et ZHPDiag.txt clique dessus

    Clique sur Ouvrir.

    Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cj200905/cib7SU.txt

    est ajouté dans la page.

    Copie ce lien dans ta réponse.

    et si problème passe par celui ci : http://threat-rc.com/
    ou
    http://pjjoint.malekal.com/
    1
  2. jerome9359 Messages postés 782 Statut Membre 159
     
    Proxy.pac est un fichier de configuration proxy.

    Utilisez vous un proxy pour vous connecter à internet ? Avez vous toujours internet ?
    Je n'ai jamais vu de virus utilisant un fichier de configuration automatique de proxy (ou serveur mandataire).

    Où apparait ce message ? A quel endroit ?

    A votre Service !
    1
    1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      link78 , relances zhpfix et clique sue le bouton ProxyFix
      postes le rapport et rearde si tu as toujours la même chose !!
      0
  3. link78
     
    # AdwCleaner v1.606 - Logfile created 05/15/2012 at 12:18:08
    # Updated 10/05/2012 by Xplode
    # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
    # User : Hamadi - HAMADI
    # Running from : C:\Users\Hamadi\Downloads\adwcleaner.exe
    # Option [Search]

    ***** [Services] *****

    ***** [Files / Folders] *****

    Folder Found : C:\Users\Hamadi\AppData\Local\Conduit
    Folder Found : C:\Users\Hamadi\AppData\Local\OpenCandy
    Folder Found : C:\Users\Hamadi\AppData\Local\Temp\AskSearch
    Folder Found : C:\Users\Hamadi\AppData\Local\Temp\Iminent
    Folder Found : C:\Users\Hamadi\AppData\LocalLow\BabylonToolbar
    Folder Found : C:\Users\Hamadi\AppData\LocalLow\BittorrentBar_FR
    Folder Found : C:\Users\Hamadi\AppData\LocalLow\Conduit
    Folder Found : C:\Users\Hamadi\AppData\LocalLow\ConduitEngine
    Folder Found : C:\Users\Hamadi\AppData\LocalLow\facemoods.com
    Folder Found : C:\Users\Hamadi\AppData\LocalLow\searchquband
    Folder Found : C:\ProgramData\Anti-phishing Domain Advisor
    Folder Found : C:\Program Files\Conduit
    Folder Found : C:\Program Files\ConduitEngine
    Folder Found : C:\Program Files\Crawler
    Folder Found : C:\Program Files\Mozilla Firefox\Extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}
    Folder Found : C:\Program Files\SweetIM
    File Found : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
    File Found : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml

    ***** [Registry] *****

    [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2187673
    [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2542115
    [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2849852
    [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2865039
    Key Found : HKCU\Software\Conduit
    Key Found : HKCU\Software\DataMngr
    Key Found : HKCU\Software\Iminent
    Key Found : HKCU\Software\Offerbox
    Key Found : HKCU\Software\Softonic
    Key Found : HKCU\Software\AppDataLow\Toolbar
    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Found : HKCU\Software\AppDataLow\Software\Dealio
    Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbar
    Key Found : HKCU\Software\AppDataLow\Software\Toolbar
    Key Found : HKLM\SOFTWARE\Conduit
    Key Found : HKLM\SOFTWARE\conduitEngine
    Key Found : HKLM\SOFTWARE\Iminent
    Key Found : HKLM\SOFTWARE\Offerbox
    Key Found : HKLM\SOFTWARE\QuestBrowse
    Key Found : HKLM\SOFTWARE\SweetIM
    Key Found : HKLM\SOFTWARE\Cheat Engine\OpenCandy
    Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
    Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
    Key Found : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
    Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
    Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
    Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
    Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
    Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
    Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

    ***** [Registre - GUID] *****

    Key Found : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
    Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com
    [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchqu.com/414
    [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60347
    [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4

    -\\ Mozilla Firefox v11.0 (fr)

    Profile name : default
    File : C:\Users\Hamadi\AppData\Roaming\Mozilla\Firefox\Profiles\60kzvz6d.default\prefs.js

    [OK] File is clean.

    -\\ Google Chrome v18.0.1025.168

    File : C:\Users\Hamadi\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [9939 octets] - [15/05/2012 12:18:08]

    ########## EOF - C:\AdwCleaner[R1].txt - [10067 octets] ##########

    et http://cjoint.com/?BEpmCTqARDe

    Voilà,

    Merci de m'aider et de m'avoir répondu aussi vite.
    0
    1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      bonjour, as tu bien fais comme demander 1) passes adw-cleaner mode SUPPRESSION
      car le rapport est un de recherche # Option [Search]
      donc tu relances adw-cleaner et tu fais SUPPRESSION comme il semble que tu ais installer en anglais c'est peut être DELETE que tu as sur adw-cleaner !!
      tu me postes le rapport et puis un nouveau zhpdiag il sera moins charger !! lol !! Merci
      0
  4. link78
     
    voilà,

    # AdwCleaner v1.606 - Logfile created 05/15/2012 at 22:29:44
    # Updated 10/05/2012 by Xplode
    # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
    # User : Hamadi - HAMADI
    # Running from : C:\Users\Hamadi\Downloads\adwcleaner.exe
    # Option [Delete]

    ***** [Services] *****

    ***** [Files / Folders] *****

    Folder Deleted : C:\Users\Hamadi\AppData\Local\Conduit
    Folder Deleted : C:\Users\Hamadi\AppData\Local\OpenCandy
    Folder Deleted : C:\Users\Hamadi\AppData\Local\Temp\AskSearch
    Folder Deleted : C:\Users\Hamadi\AppData\Local\Temp\Iminent
    Folder Deleted : C:\Users\Hamadi\AppData\LocalLow\BabylonToolbar
    Folder Deleted : C:\Users\Hamadi\AppData\LocalLow\BittorrentBar_FR
    Folder Deleted : C:\Users\Hamadi\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Hamadi\AppData\LocalLow\ConduitEngine
    Folder Deleted : C:\Users\Hamadi\AppData\LocalLow\facemoods.com
    Folder Deleted : C:\Users\Hamadi\AppData\LocalLow\searchquband
    Folder Deleted : C:\ProgramData\Anti-phishing Domain Advisor
    Folder Deleted : C:\Program Files\Conduit
    Folder Deleted : C:\Program Files\ConduitEngine
    Folder Deleted : C:\Program Files\Crawler
    Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{d9adb0a8-7bfb-498d-9880-ee78a81ccfa0}
    Folder Deleted : C:\Program Files\SweetIM
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml

    ***** [Registry] *****

    [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2187673
    [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2542115
    [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2849852
    [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2865039
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\DataMngr
    Key Deleted : HKCU\Software\Iminent
    Key Deleted : HKCU\Software\Offerbox
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
    Key Deleted : HKCU\Software\AppDataLow\Software\Dealio
    Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
    Key Deleted : HKLM\SOFTWARE\Conduit
    Key Deleted : HKLM\SOFTWARE\conduitEngine
    Key Deleted : HKLM\SOFTWARE\Iminent
    Key Deleted : HKLM\SOFTWARE\Offerbox
    Key Deleted : HKLM\SOFTWARE\QuestBrowse
    Key Deleted : HKLM\SOFTWARE\SweetIM
    Key Deleted : HKLM\SOFTWARE\Cheat Engine\OpenCandy
    Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
    Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
    Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter
    Key Deleted : HKLM\SOFTWARE\Classes\ShopperReports.Reporter.1
    Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
    Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
    Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
    Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

    ***** [Registre - GUID] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7025E484-D4B0-441A-9F0B-69063BD679CE}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8258B35C-05B8-4C0E-9525-9BCCC70F8F2D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A89256AD-EC17-4A83-BEF5-4B8BC4F39306}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchqu.com/414 --> hxxp://www.google.fr
    Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60347 --> hxxp://www.google.fr
    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.fr

    -\\ Mozilla Firefox v11.0 (fr)

    Profile name : default
    File : C:\Users\Hamadi\AppData\Roaming\Mozilla\Firefox\Profiles\60kzvz6d.default\prefs.js

    C:\Users\Hamadi\AppData\Roaming\Mozilla\Firefox\Profiles\60kzvz6d.default\user.js ... Deleted !

    [OK] File is clean.

    -\\ Google Chrome v18.0.1025.168

    File : C:\Users\Hamadi\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [10069 octets] - [15/05/2012 12:18:08]
    AdwCleaner[S1].txt - [10467 octets] - [15/05/2012 22:29:44]

    ########## EOF - C:\AdwCleaner[S1].txt - [10596 octets] ##########

    par contre ça n'a toujours pas supprimé le localhost proxy pac
    0
    1. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      bonjour, relance zhpdiag et postes le nouveau rapport , merci
      0
    2. link78
       
      http://cjoint.com/?BErawH5f2qR


      voilà.
      J'ai vu qu'il y avait plein d'informations sur ma vie privée et sur les donnée de mon ordinateur c'est as dangereux?
      0
    3. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      bonjour, non pas de problème avec les choses dans le rapport !!

      tu fais zhpfix comme expliqué et après un redémarrage tu nous dira comment va le pc !!


      . Copie les lignes suivantes en GRAS entre les deux lignes


      __________________________________________________________



      SysRestore
      FirewallRAZ
      EmptyFlash
      EmptyTemp
      O1 - Hosts: legendary-bot.razzfr.com 192.168.1.41
      O1 - Hosts: 192.168.1.41 legendary-bot.razzfr.com
      O4 - HKLM\..\Run: [svchost] C:\Users\Hamadi\Desktop\Bermuda's key\Bermuda's key\Bermuda's Keylogger.exe (.not file.)
      O4 - HKCU\..\Run: [Update] C:\Users\Hamadi\AppData\Roaming\Microsoft\Windows Update.exe (.not file.)
      O4 - HKCU\..\Run: [Google - musictune v1.0.95.21] C:\Users\Hamadi\AppData\Roaming\Google\musictune v1.0.95.21.exe (.not file.)
      O4 - HKCU\..\Run: [Google - musictune v1.0.95.25] C:\Users\Hamadi\AppData\Roaming\Google\musictune v1.0.95.25.exe (.not file.)
      O4 - HKCU\..\Run: [Google - rundll] C:\Users\Hamadi\AppData\Roaming\Google\rundll.exe (.not file.)
      O4 - HKCU\..\Run: [Google - stub] C:\Users\Hamadi\AppData\Roaming\Google\stub.exe (.not file.)
      O4 - HKUS\S-1-5-21-990016574-2351203218-1265340728-1001\..\Run: [Update] C:\Users\Hamadi\AppData\Roaming\Microsoft\Windows Update.exe (.not file.)
      O4 - HKUS\S-1-5-21-990016574-2351203218-1265340728-1001\..\Run: [Google - musictune v1.0.95.21] C:\Users\Hamadi\AppData\Roaming\Google\musictune v1.0.95.21.exe (.not file.)
      O4 - HKUS\S-1-5-21-990016574-2351203218-1265340728-1001\..\Run: [Google - musictune v1.0.95.25] C:\Users\Hamadi\AppData\Roaming\Google\musictune v1.0.95.25.exe (.not file.)
      O4 - HKUS\S-1-5-21-990016574-2351203218-1265340728-1001\..\Run: [Google - rundll] C:\Users\Hamadi\AppData\Roaming\Google\rundll.exe (.not file.)
      O4 - HKUS\S-1-5-21-990016574-2351203218-1265340728-1001\..\Run: [Google - stub] C:\Users\Hamadi\AppData\Roaming\Google\stub.exe (.not file.)
      O42 - Logiciel: JMHL Loader - (.JMHL Loader INC.) [HKLM] -- JMHL Loader
      O42 - Logiciel: OfferBox - (.Secure Digital Services.) [HKLM] -- {766A55D2-E428-4B7C-B5B3-92592F6B107C}
      [HKCU\Software\JP595IR86O]
      [HKCU\Software\XML]
      O43 - CFD: 14/03/2011 - 20:26:08 - [8,206] ----D C:\Program Files\JMHL Loader
      O43 - CFD: 25/04/2012 - 19:29:43 - [0,003] ----D C:\Program Files\rkfree
      O43 - CFD: 14/03/2011 - 20:26:08 - [0,002] ----D C:\Users\Hamadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JMHL Loader
      O87 - FAEL: "{BB6FC827-0359-43D9-9D8A-81391B538A4F}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)
      O87 - FAEL: "{9A21CA85-9363-4CEC-BAA3-D9B17B460E51}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.)
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{766A55D2-E428-4B7C-B5B3-92592F6B107C}]
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\JMHL Loader]
      [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\]
      C:\Program Files\JMHL Loader
      C:\Program Files\rkfree
      c:\users\hamadi\desktop\bermuda's key\bermuda's key\bermuda's keylogger.exe
      c:\users\hamadi\appdata\roaming\microsoft\windows update.exe
      c:\users\hamadi\appdata\roaming\google\musictune v1.0.95.21.exe
      c:\users\hamadi\appdata\roaming\google\musictune v1.0.95.25.exe
      c:\users\hamadi\appdata\roaming\google\rundll.exe
      c:\users\hamadi\appdata\roaming\google\stub.exe
      c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe
      OPT:SR - | Demand 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe



      ___________________________________________________________________



      . Lance ZHPFix de Nicolas Coolman qui se trouve sur ton bureau
      . Pour XP, double-clique sur ZHPFix
      . pour Vista et seven, faire un clic droit sur l'icône et exécute en tant qu'administrateur.
      . Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)

      Dans l'encadré principal tu verras donc les lignes que tu as copié précédemment apparaitrent .

      Vérifie que toutes les lignes que je t'ai demandé de copier (et seulement elles) sont dans la fenêtre.

      PS: si rien ne se colle clique sur l'icône en haut sur gauche celui juste à côté de l'appareil photos " coller le presse papier"

      !! Déconnecte toi, désactive tes défenses (anti-virus, anti-spyware ) et ferme bien toutes autres applications ( navigateurs compris ) !!



      . cliques sur OK
      . Clique sur « Tous », puis sur « Nettoyer »
      . Copie/colle la totalité du rapport dans ta prochaine réponse
      tu le trouveras dans le dossier de zhpdiag dans program files sous le nom de ZHPFixReport
      0
    4. link78
       
      Rapport de ZHPFix 1.2.05 par Nicolas Coolman, Update du 30/04/2012
      Fichier d'export Registre :
      Run by Hamadi at 17/05/2012 15:19:13
      Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)
      Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html
      Web site : http://nicolascoolman.skyrock.com/

      ========== Logiciel(s) ==========
      ABSENT Uninstall Process: c:\program files\jmhl loader\jmhl loader.exe
      SUPPRIME OfferBox

      ========== Clé(s) du Registre ==========
      SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JMHL Loader]
      SUPPRIME [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{766A55D2-E428-4B7C-B5B3-92592F6B107C}]
      SUPPRIME Key*: HKCU\Software\JP595IR86O
      SUPPRIME Key*: HKCU\Software\XML
      ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{766A55D2-E428-4B7C-B5B3-92592F6B107C}
      ABSENT Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\JMHL Loader
      SUPPRIME Key*: Service: Bonjour Service

      ========== Valeur(s) du Registre ==========
      ABSENT Valeur Standard Profile: FirewallRaz :
      ABSENT Valeur Domain Profile: FirewallRaz :
      SUPPRIME FirewallRaz (Private) : TCP Query User{6B9C7351-8451-42C0-820A-ECBDE4082EDC}C:\program files\limewire\limewire.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{03C40F1A-DEF4-4F22-86AA-40416B523B79}C:\program files\limewire\limewire.exe
      SUPPRIME FirewallRaz (Private) : TCP Query User{E9E8550D-9456-4EEE-B52F-362A59C9F0B9}C:\users\hamadi\appdata\local\temp\6216064128161.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{4F739F11-49D3-4A6D-AA6F-895C423FDB8B}C:\users\hamadi\appdata\local\temp\6216064128161.exe
      SUPPRIME FirewallRaz (Private) : TCP Query User{53EC0F1E-32D8-45C7-9927-4B08F700DB4E}C:\program files\spyware terminator\spywareterminatorupdate.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{F185D613-72E6-41F3-8C8A-2458F53AAC68}C:\program files\spyware terminator\spywareterminatorupdate.exe
      SUPPRIME FirewallRaz (Public) : TCP Query User{B73A0F71-F2D9-4667-A615-54040BCAB886}C:\program files\spyware terminator\spywareterminatorupdate.exe
      SUPPRIME FirewallRaz (Public) : UDP Query User{A21AC72B-CDAA-4391-827B-1975779B06B3}C:\program files\spyware terminator\spywareterminatorupdate.exe
      SUPPRIME FirewallRaz (Private) : TCP Query User{7728013E-A955-4AF6-8383-598883A8CD65}C:\users\hamadi\appdata\local\temp\6412213414335.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{0458BF9C-8622-4A36-85EC-6683AA151103}C:\users\hamadi\appdata\local\temp\6412213414335.exe
      SUPPRIME FirewallRaz (Private) : {BB0EC77E-89E9-434F-9C60-D6E8187D2B53}
      SUPPRIME FirewallRaz (Private) : {3C522291-68D2-4E70-BFEB-21EFE368C70A}
      SUPPRIME FirewallRaz (Private) : {16A92B9B-CD75-420C-B58F-C3B989AB6019}
      SUPPRIME FirewallRaz (Private) : {14D918BE-CCBA-4C57-BDAF-7F05849AB016}
      SUPPRIME FirewallRaz (Private) : TCP Query User{71CEE904-46DB-4F66-A00F-A5F02F2B5015}C:\users\hamadi\desktop\zaknology pack\server 3.3.3a\server\mysql\bin\mysqld.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{4C0738D5-AD23-4828-B473-2EC444585DBB}C:\users\hamadi\desktop\zaknology pack\server 3.3.3a\server\mysql\bin\mysqld.exe
      SUPPRIME FirewallRaz (Private) : TCP Query User{C91C06EF-2044-43EC-95F9-83156211BB2D}C:\users\hamadi\desktop\hamid\grim's server\grim's repack v4.6\server\apache\bin\apache.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{48DA938F-D815-42F3-B588-C43D00C82E90}C:\users\hamadi\desktop\hamid\grim's server\grim's repack v4.6\server\apache\bin\apache.exe
      SUPPRIME FirewallRaz (Public) : TCP Query User{CEFA614B-E81C-423E-AB32-B45019572D04}C:\users\hamadi\desktop\hamid\grim's server\grim's repack v4.6\server\mysql\bin\mysqld.exe
      SUPPRIME FirewallRaz (Public) : UDP Query User{4F825AF2-81F4-4B60-9F9B-66B62A7D9F49}C:\users\hamadi\desktop\hamid\grim's server\grim's repack v4.6\server\mysql\bin\mysqld.exe
      SUPPRIME FirewallRaz (Private) : TCP Query User{3E375FD4-EBEB-40E7-A46E-64AD2800EF37}C:\users\hamadi\appdata\local\temp\pyld316.tmp\pyrun.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{85F27A22-9510-4C01-B7D0-451DC6F1A672}C:\users\hamadi\appdata\local\temp\pyld316.tmp\pyrun.exe
      SUPPRIME FirewallRaz (Private) : TCP Query User{B5C53260-9A72-46AB-AC36-11C485159148}C:\users\hamadi\appdata\local\temp\pyl2155.tmp\pyrun.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{EA48CD45-2346-4327-9A05-796DA39551BB}C:\users\hamadi\appdata\local\temp\pyl2155.tmp\pyrun.exe
      SUPPRIME FirewallRaz (Private) : TCP Query User{93B71403-8E6C-41C4-A467-4EC1563CFB57}C:\users\hamadi\appdata\local\temp\pyl5502.tmp\pyrun.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{4924CE9F-DEDE-4102-847A-FD434BEB423D}C:\users\hamadi\appdata\local\temp\pyl5502.tmp\pyrun.exe
      SUPPRIME FirewallRaz (Private) : TCP Query User{366E60BB-A38C-4993-80D9-D6C7C8E89E28}C:\users\hamadi\appdata\local\temp\pyl5a7e.tmp\pyrun.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{30F9F8F8-B727-445C-B226-CE533AB12173}C:\users\hamadi\appdata\local\temp\pyl5a7e.tmp\pyrun.exe
      SUPPRIME FirewallRaz (Private) : TCP Query User{523992AC-3048-40C8-A5F3-16E47CF3AEEA}C:\program files\musicbrainz picard\picard.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{A648227D-A1B2-4C45-B46C-E9B302F04A08}C:\program files\musicbrainz picard\picard.exe
      SUPPRIME FirewallRaz (Private) : {44C6BE65-C8E9-4877-AD51-47E3D32B4965}
      SUPPRIME FirewallRaz (Private) : {933BA409-5E7E-417F-A647-3AAEC4AC04D4}
      SUPPRIME FirewallRaz (Private) : TCP Query User{FA79F4B5-6284-4316-A696-2E3F30CBDFCE}C:\program files\analogx\proxy\proxy.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{EBA95B75-1B8A-44D0-841A-78B91444022B}C:\program files\analogx\proxy\proxy.exe
      SUPPRIME FirewallRaz (Private) : {BB6FC827-0359-43D9-9D8A-81391B538A4F}
      SUPPRIME FirewallRaz (Private) : {9A21CA85-9363-4CEC-BAA3-D9B17B460E51}
      SUPPRIME FirewallRaz (None) : {5BDE39E2-CCD6-4131-8E06-0570AAA2C449}
      SUPPRIME FirewallRaz (Private) : TCP Query User{37A1C9BA-C962-4FA7-83E0-3A0F5B4E459C}C:\users\hamadi\downloads\downloader_diablo2_engb.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{E08B242D-D974-4A5B-AFB1-D687425B821A}C:\users\hamadi\downloads\downloader_diablo2_engb.exe
      SUPPRIME FirewallRaz (Public) : {B44C918F-A129-4083-9CC2-ADD5B82D773D}
      SUPPRIME FirewallRaz (Public) : {29FC20C3-5E98-4B5E-B353-D09DC17EF73B}
      SUPPRIME FirewallRaz (Private) : TCP Query User{94B942DD-BAC7-4DA3-8EBD-F51EB84D19B2}C:\users\hamadi\downloads\downloader_diablo2_lord_of_destruction_engb.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{9F4A304F-F479-4D63-A910-11F4987A74B9}C:\users\hamadi\downloads\downloader_diablo2_lord_of_destruction_engb.exe
      SUPPRIME FirewallRaz (Public) : {C54EEDE3-97CB-4EFB-9A5F-38ED45803795}
      SUPPRIME FirewallRaz (Public) : {64EF2EF8-96F1-4904-817C-4FA8F167CFE8}
      SUPPRIME FirewallRaz (Private) : TCP Query User{7E642367-8896-4E40-9AF9-2C3FED081412}C:\users\hamadi\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
      SUPPRIME FirewallRaz (Private) : UDP Query User{40451EF2-0A75-4E40-883E-81CCAB316496}C:\users\hamadi\downloads\downloader_warcraft3_the_frozen_throne_engb.exe
      SUPPRIME FirewallRaz (Public) : {FDBCADEB-644A-488D-BFCC-67A8DDDF21EC}
      SUPPRIME FirewallRaz (Public) : {871311F8-E248-45B6-BA64-EEFA8CE91898}
      SUPPRIME FirewallRaz (Public) : TCP Query User{0B6D693D-1BBA-4A5D-B3F3-251520DF24DE}C:\warcraft iii\war3.exe
      SUPPRIME FirewallRaz (Public) : UDP Query User{5EBE4186-6D61-4946-B4C5-DBFC649846FA}C:\warcraft iii\war3.exe
      SUPPRIME FirewallRaz (Public) : {8ACDC91C-A219-44A5-AB4F-1E8A1DC04634}
      SUPPRIME FirewallRaz (Public) : {9DD66849-FFDD-4BCD-B632-9706DD014D4A}
      SUPPRIME RunValue: svchost
      SUPPRIME RunValue: Update
      SUPPRIME RunValue: Google - musictune v1.0.95.21
      SUPPRIME RunValue: Google - musictune v1.0.95.25
      SUPPRIME RunValue: Google - rundll
      SUPPRIME RunValue: Google - stub
      ABSENT RunValue: Update
      ABSENT RunValue: Google - musictune v1.0.95.21
      ABSENT RunValue: Google - musictune v1.0.95.25
      ABSENT RunValue: Google - rundll
      ABSENT RunValue: Google - stub
      ABSENT {BB6FC827-0359-43D9-9D8A-81391B538A4F}
      ABSENT {9A21CA85-9363-4CEC-BAA3-D9B17B460E51}

      ========== Dossier(s) ==========
      SUPPRIME Flash Cookies:
      SUPPRIME Temporaires Windows:
      SUPPRIME Folder: C:\Program Files\JMHL Loader
      SUPPRIME Folder: C:\Program Files\rkfree
      SUPPRIME Folder: C:\Users\Hamadi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JMHL Loader

      ========== Fichier(s) ==========
      SUPPRIME Flash Cookies:
      SUPPRIME Temporaires Windows:
      ABSENT File: c:\users\hamadi\desktop\bermuda's key\bermuda's key\bermuda's keylogger.exe
      ABSENT File: c:\users\hamadi\appdata\roaming\microsoft\windows update.exe
      ABSENT File: c:\users\hamadi\appdata\roaming\google\musictune v1.0.95.21.exe
      ABSENT File: c:\users\hamadi\appdata\roaming\google\musictune v1.0.95.25.exe
      ABSENT File: c:\users\hamadi\appdata\roaming\google\rundll.exe
      ABSENT File: c:\users\hamadi\appdata\roaming\google\stub.exe
      ABSENT Folder/File: c:\program files\jmhl loader
      ABSENT Folder/File: c:\program files\rkfree
      ABSENT Folder/File: c:\users\hamadi\desktop\bermuda's key\bermuda's key\bermuda's keylogger.exe
      ABSENT Folder/File: c:\users\hamadi\appdata\roaming\microsoft\windows update.exe
      ABSENT Folder/File: c:\users\hamadi\appdata\roaming\google\musictune v1.0.95.21.exe
      ABSENT Folder/File: c:\users\hamadi\appdata\roaming\google\musictune v1.0.95.25.exe
      ABSENT Folder/File: c:\users\hamadi\appdata\roaming\google\rundll.exe
      ABSENT Folder/File: c:\users\hamadi\appdata\roaming\google\stub.exe
      ABSENT Folder/File: c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe

      ========== Restauration Système ==========
      Point de restauration du système créé avec succès


      ========== Récapitulatif ==========
      7 : Clé(s) du Registre
      68 : Valeur(s) du Registre
      5 : Dossier(s)
      17 : Fichier(s)
      2 : Logiciel(s)
      1 : Restauration Système


      End of clean in 01mn 05s

      ========== Chemin de fichier rapport ==========
      C:\ZHP\ZHPFix[R1].txt - 17/05/2012 15:19:13 [9954]


      Voilà
      0
    5. jacques.gache Messages postés 34829 Statut Contributeur sécurité 1 645
       
      bonjour, tu relances zhpfix et tu cliques sur le bouton HostFix il est sur droite ! tu postes le rapport et tu nous donnes des nouvelles de ton pc et de problème !!!
      0