- dim. 16 févr. 2014 20:51
#105353
Bonsoir à vous,
Zut de zut, je ne fais que des bêtises, cette fois j'ai clique sur un mauvais endroit !
Cet après-midi, je vous ai envoyé un message sans être inscrite = jamais 2 sans 3 ! Ce coup-ci sera-t-il le bon ?
Suite à une infection de nos ennemis communs (awesomehp + jollywallet), j'ai lu et relu vos pages et faits miens vos conseils.
Je vous colle ci-après les rapports reçus de JRT - sc.Cleaner et Malwarebytes.
MA QUESTION maintenant = que dois-je faire de TOUS les éléments qui ont été mis en QUARANTAINE (125 je crois) ; je suis trop néophyte et béotienne pour m'y retrouver et si mon ordi refonctionne bien, je suis "bloquée" par firefox lorsque je veux aller sur certains sites = regarder des émissions en replay (arte - nrj12----) ou quand ceux-là utilisent Java par exemple.
Les RAPPORTS par ordre chronologique =
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows Vista (TM) Business x86
Ran by Elisabeth on 14/02/2014 at 2:53:47,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3012103789-3567153561-2582335834-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3012103789-3567153561-2582335834-1000\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422772218}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\registrybooster.job
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Elisabeth\appdata\local\software"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
Successfully deleted: [Empty Folder] C:\Users\Elisabeth\appdata\local\{724F92A8-BD5A-4DAC-854B-4187F232C117}
~~~ FireFox
Successfully deleted the following from C:\Users\Elisabeth\AppData\Roaming\mozilla\firefox\profiles\03q530zc.default-1358167398489\prefs.js
user_pref("iminent.newtabredirect", "true");
user_pref("iminent.searchindex", "1");
user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome//iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.minibar.enabledAds", "false");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1372349292207");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1372334085328");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1372334085341");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1372334085358");
user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome//iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.sslminibar.enabledAds", "false");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1372332795562");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1372333187176");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent110", "1372333388433");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1372333187188");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1372333187343");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1372333187199");
Emptied folder: C:\Users\Elisabeth\AppData\Roaming\mozilla\firefox\profiles\03q530zc.default-1358167398489\minidumps [287 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/02/2014 at 2:56:23,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
http://www.malwarebytes.org
Version de la base de données: v2014.02.14.06
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Elisabeth :: PC-DE-ELISABETH [administrateur]
Protection: Désactivé
14/02/2014 15:52:24
MBAM-log-2014-02-14 (18-41-14).txt
Type d'examen: Examen complet (C:\|F:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 469394
Temps écoulé: 2 heure(s), 25 minute(s), 1 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 18
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0 (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0 (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\extensionData (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\extensionData\plugins (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\extensionData\userCode (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\icons (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\icons\actions (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\js (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\js\api (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\js\lib (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\js\lib\popupResource (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\ProgramData\IePluginService (PUP.Optional.IePluginService.A) - Aucune action effectuée.
C:\ProgramData\IePluginService\update (PUP.Optional.IePluginService.A) - Aucune action effectuée.
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Shortcut Cleaner 1.2.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows Vista (TM) Business Service Pack 2
Program started at: 02/14/2014 09:28:33 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk = C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk = C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk = C:\Program Files\Google\Chrome\Application\chrome.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
Searching C:\Users\Elisabeth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk = C:\Program Files\Google\Chrome\Application\chrome.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk = C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
Searching C:\Users\Public\Desktop\
* Shortcut Cleaned: C:\Users\Public\Desktop\Google Chrome.lnk = C:\Program Files\Google\Chrome\Application\chrome.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\Users\Public\Desktop\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
Searching C:\Users\Elisabeth\Desktop\Desktop\Desktop
9 bad shortcuts found.
Program finished at: 02/14/2014 09:28:39 PM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)
Bon cette foi, je suis attentive à vous saluer et à vous dire déjà merci d'avoir pu régler la plus grosse partie des problèmes avant de cliquer.
A bientôt, bonne soirée !
Oma
Zut de zut, je ne fais que des bêtises, cette fois j'ai clique sur un mauvais endroit !
Cet après-midi, je vous ai envoyé un message sans être inscrite = jamais 2 sans 3 ! Ce coup-ci sera-t-il le bon ?
Suite à une infection de nos ennemis communs (awesomehp + jollywallet), j'ai lu et relu vos pages et faits miens vos conseils.
Je vous colle ci-après les rapports reçus de JRT - sc.Cleaner et Malwarebytes.
MA QUESTION maintenant = que dois-je faire de TOUS les éléments qui ont été mis en QUARANTAINE (125 je crois) ; je suis trop néophyte et béotienne pour m'y retrouver et si mon ordi refonctionne bien, je suis "bloquée" par firefox lorsque je veux aller sur certains sites = regarder des émissions en replay (arte - nrj12----) ou quand ceux-là utilisent Java par exemple.
Les RAPPORTS par ordre chronologique =
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows Vista (TM) Business x86
Ran by Elisabeth on 14/02/2014 at 2:53:47,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3012103789-3567153561-2582335834-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3012103789-3567153561-2582335834-1000\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422772218}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\registrybooster.job
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Elisabeth\appdata\local\software"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
Successfully deleted: [Empty Folder] C:\Users\Elisabeth\appdata\local\{724F92A8-BD5A-4DAC-854B-4187F232C117}
~~~ FireFox
Successfully deleted the following from C:\Users\Elisabeth\AppData\Roaming\mozilla\firefox\profiles\03q530zc.default-1358167398489\prefs.js
user_pref("iminent.newtabredirect", "true");
user_pref("iminent.searchindex", "1");
user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome//iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.minibar.enabledAds", "false");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1372349292207");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1372334085328");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1372334085341");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1372334085358");
user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome//iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "0");
user_pref("iminent.webbooster.scripts.sslminibar.enabledAds", "false");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1372332795562");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1372333187176");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent110", "1372333388433");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1372333187188");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1372333187343");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1372333187199");
Emptied folder: C:\Users\Elisabeth\AppData\Roaming\mozilla\firefox\profiles\03q530zc.default-1358167398489\minidumps [287 files]
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Successfully deleted: [Folder] C:\Users\Elisabeth\appdata\local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14/02/2014 at 2:56:23,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Malwarebytes Anti-Malware (Essai) 1.75.0.1300
http://www.malwarebytes.org
Version de la base de données: v2014.02.14.06
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Elisabeth :: PC-DE-ELISABETH [administrateur]
Protection: Désactivé
14/02/2014 15:52:24
MBAM-log-2014-02-14 (18-41-14).txt
Type d'examen: Examen complet (C:\|F:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 469394
Temps écoulé: 2 heure(s), 25 minute(s), 1 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 18
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0 (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\api (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.25.9_0\js\lib\popupResource (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0 (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\extensionData (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\extensionData\plugins (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\extensionData\userCode (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\icons (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\icons\actions (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\js (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\js\api (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\js\lib (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\Users\Elisabeth\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjiibbppkaibndmgapooidfnmdjbecii\1.26.30_0\js\lib\popupResource (PUP.Optional.CrossRider.A) - Aucune action effectuée.
C:\ProgramData\IePluginService (PUP.Optional.IePluginService.A) - Aucune action effectuée.
C:\ProgramData\IePluginService\update (PUP.Optional.IePluginService.A) - Aucune action effectuée.
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Shortcut Cleaner 1.2.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows Vista (TM) Business Service Pack 2
Program started at: 02/14/2014 09:28:33 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk = C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk = C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk = C:\Program Files\Google\Chrome\Application\chrome.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
Searching C:\Users\Elisabeth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk = C:\Program Files\Google\Chrome\Application\chrome.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk = C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\Users\Elisabeth\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
Searching C:\Users\Public\Desktop\
* Shortcut Cleaned: C:\Users\Public\Desktop\Google Chrome.lnk = C:\Program Files\Google\Chrome\Application\chrome.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
* Shortcut Cleaned: C:\Users\Public\Desktop\Mozilla Firefox.lnk = C:\Program Files\Mozilla Firefox\firefox.exe http://www.awesomehp.com/?type=scts=139 ... 8734187341
Searching C:\Users\Elisabeth\Desktop\Desktop\Desktop
9 bad shortcuts found.
Program finished at: 02/14/2014 09:28:39 PM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)
Bon cette foi, je suis attentive à vous saluer et à vous dire déjà merci d'avoir pu régler la plus grosse partie des problèmes avant de cliquer.
A bientôt, bonne soirée !
Oma
Bonjour,