(Résolu) Fentres internet
Dernière réponse : dans Sécurité
Bonjour tout le monde
Je rencontre moi aussi ce soucis, je suis pourtant trés prudent sur la toile, pas assez apparement.
Donc, j'ai telechergé et utilisé AD-R
et voici le rapport affiché automatiquement aprés le scan :
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 10:06:23 le 23/04/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
sony@SONY-VAIO (Sony Corporation VPCF11M1E)
============== RECHERCHE ==============
Dossier trouvé: C:\Users\sony\AppData\Roaming\PCtuto
Dossier trouvé: C:\Users\sony\AppData\LocalLow\Conduit
Dossier trouvé: C:\Users\sony\AppData\Local\EoRezo
Dossier trouvé: C:\Program Files (x86)\EoRezo
Dossier trouvé: C:\Users\sony\AppData\Local\PCTuto
Dossier trouvé: C:\Program Files (x86)\PCTuto
-- Fichier ouvert: C:\Users\sony\AppData\Roaming\Mozilla\FireFox\Profiles\4cr0ssxz.default\Prefs.js --
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé trouvée: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé trouvée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2851639
Clé trouvée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\EoRezo
Clé trouvée: HKLM\Software\Freeze.com
Clé trouvée: HKCU\Software\EoRezo
Clé trouvée: HKCU\Software\MediaHoldings
Clé trouvée: HKCU\Software\PlayMP3
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0 (fr)] ****
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
-- C:\Users\sony\AppData\Roaming\Mozilla\FireFox\Profiles\4cr0ssxz.default --
Prefs.js - browser.startup.homepage, hxxp://y.lo.st
Prefs.js - browser.startup.homepage_override.buildID, 20110318052756
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
HKCU_Main|First Home Page - hxxp://y.lo.st
HKCU_Main|Start Page - hxxp://y.lo.st
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://home.sweetim.com
HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x)
HKCU_SearchScopes\{319976E8-0327-4EE0-A4F6-9918301D6E8E} - "Zinio" (hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search)
HKCU_SearchScopes\{61F9545F-4BC8-48CE-9FFE-1C7AB300A03D} - "Shopping.com" (hxxp://fr.shopping.com/?linkin_id=8056351)
HKCU_SearchScopes\{730611A7-7337-41D0-A7F4-C800065C4984} - "eBay" (hxxp://rover.ebay.com/rover/1/709-42536-16445-8/4?satitle={searchTerms})
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "uTorrentBar_FR Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_SearchScopes\{CE6E986D-D705-4450-5B17-7041CFB97514} - "Find Stuff" (hxxp://www.findstuff.biz/search.cgi?q={searchTerms})
HKCU_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "uTorrentBar_FR Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (x)
HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
HKCU_Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} (x)
HKCU_ElevationPolicy\{18325BA8-C755-4F2E-A701-707DC8F5F395} - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{64DA00B7-88FE-49a8-8515-68A5C8C305DB} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A39C536A-A41F-492f-B784-08D5A6DCF091} - C:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe (Evernote)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{E6856B61-272B-4e4f-AADE-1D73054BCAD1} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{ED4ABFF1-2CA0-4476-98EB-E9208D434752} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F3CD2902-C553-4d6a-B139-934BED1FAADF} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F7897EF1-FE28-4f1a-9615-E45744D29F15} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Send To Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{E0B8C461-F8FB-49b4-8373-FE32E92528A6} - "Add to Evernote" (C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll,1001)
BHO\{293A63F7-C3B6-423a-9845-901AC0A7EE6E} - "PCTBHO Class" (C:\Program Files (x86)\PCTuto\pctutoBHO.dll)
BHO\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - "EOBHO Class" (C:\Program Files (x86)\EoRezo\EoRezoBHO.dll)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 23/04/2011 10:08:10 (7775 Octet(s))
Fin à: 10:08:50, 23/04/2011
============== E.O.F ==============
Merci de me dire ce que je doit faire maintenant, merci encore
Je rencontre moi aussi ce soucis, je suis pourtant trés prudent sur la toile, pas assez apparement.
Donc, j'ai telechergé et utilisé AD-R
et voici le rapport affiché automatiquement aprés le scan :
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 10:06:23 le 23/04/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
sony@SONY-VAIO (Sony Corporation VPCF11M1E)
============== RECHERCHE ==============
Dossier trouvé: C:\Users\sony\AppData\Roaming\PCtuto
Dossier trouvé: C:\Users\sony\AppData\LocalLow\Conduit
Dossier trouvé: C:\Users\sony\AppData\Local\EoRezo
Dossier trouvé: C:\Program Files (x86)\EoRezo
Dossier trouvé: C:\Users\sony\AppData\Local\PCTuto
Dossier trouvé: C:\Program Files (x86)\PCTuto
-- Fichier ouvert: C:\Users\sony\AppData\Roaming\Mozilla\FireFox\Profiles\4cr0ssxz.default\Prefs.js --
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé trouvée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé trouvée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé trouvée: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé trouvée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé trouvée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2851639
Clé trouvée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé trouvée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\EoRezo
Clé trouvée: HKLM\Software\Freeze.com
Clé trouvée: HKCU\Software\EoRezo
Clé trouvée: HKCU\Software\MediaHoldings
Clé trouvée: HKCU\Software\PlayMP3
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur trouvée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0 (fr)] ****
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
-- C:\Users\sony\AppData\Roaming\Mozilla\FireFox\Profiles\4cr0ssxz.default --
Prefs.js - browser.startup.homepage, hxxp://y.lo.st
Prefs.js - browser.startup.homepage_override.buildID, 20110318052756
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
HKCU_Main|First Home Page - hxxp://y.lo.st
HKCU_Main|Start Page - hxxp://y.lo.st
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://home.sweetim.com
HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x)
HKCU_SearchScopes\{319976E8-0327-4EE0-A4F6-9918301D6E8E} - "Zinio" (hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search)
HKCU_SearchScopes\{61F9545F-4BC8-48CE-9FFE-1C7AB300A03D} - "Shopping.com" (hxxp://fr.shopping.com/?linkin_id=8056351)
HKCU_SearchScopes\{730611A7-7337-41D0-A7F4-C800065C4984} - "eBay" (hxxp://rover.ebay.com/rover/1/709-42536-16445-8/4?satitle={searchTerms})
HKCU_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "uTorrentBar_FR Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKCU_SearchScopes\{CE6E986D-D705-4450-5B17-7041CFB97514} - "Find Stuff" (hxxp://www.findstuff.biz/search.cgi?q={searchTerms})
HKCU_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKLM_SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} - "uTorrentBar_FR Customized Web Search" (hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT...)
HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (x)
HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
HKCU_Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D} (x)
HKCU_ElevationPolicy\{18325BA8-C755-4F2E-A701-707DC8F5F395} - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{64DA00B7-88FE-49a8-8515-68A5C8C305DB} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A39C536A-A41F-492f-B784-08D5A6DCF091} - C:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe (Evernote)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{E6856B61-272B-4e4f-AADE-1D73054BCAD1} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{ED4ABFF1-2CA0-4476-98EB-E9208D434752} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F3CD2902-C553-4d6a-B139-934BED1FAADF} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F7897EF1-FE28-4f1a-9615-E45744D29F15} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Send To Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{E0B8C461-F8FB-49b4-8373-FE32E92528A6} - "Add to Evernote" (C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll,1001)
BHO\{293A63F7-C3B6-423a-9845-901AC0A7EE6E} - "PCTBHO Class" (C:\Program Files (x86)\PCTuto\pctutoBHO.dll)
BHO\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8} - "EOBHO Class" (C:\Program Files (x86)\EoRezo\EoRezoBHO.dll)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 23/04/2011 10:08:10 (7775 Octet(s))
Fin à: 10:08:50, 23/04/2011
============== E.O.F ==============
Merci de me dire ce que je doit faire maintenant, merci encore
Autres pages sur : resolu fentres internet
Lassé par la pub ? Créez un compte
Merci de ton aide,
Voici le rapport aprés nettoyage
Apparement, les fenteres ne s'ouvrent plus !cool
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 13:28:56 le 23/04/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
sony@SONY-VAIO (Sony Corporation VPCF11M1E)
============== ACTION(S) ==============
Dossier supprimé: C:\Users\sony\AppData\Roaming\PCtuto
Dossier supprimé: C:\Users\sony\AppData\LocalLow\Conduit
Dossier supprimé: C:\Users\sony\AppData\Local\EoRezo
Dossier supprimé: C:\Program Files (x86)\EoRezo
Dossier supprimé: C:\Users\sony\AppData\Local\PCTuto
Dossier supprimé: C:\Program Files (x86)\PCTuto
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Users\sony\AppData\Roaming\Mozilla\FireFox\Profiles\4cr0ssxz.default\Prefs.js --
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé supprimée: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2851639
Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKLM\Software\Freeze.com
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\MediaHoldings
Clé supprimée: HKCU\Software\PlayMP3
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0 (fr)] ****
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
-- C:\Users\sony\AppData\Roaming\Mozilla\FireFox\Profiles\4cr0ssxz.default --
Prefs.js - browser.startup.homepage_override.buildID, 20110318052756
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x)
HKCU_SearchScopes\{319976E8-0327-4EE0-A4F6-9918301D6E8E} - "Zinio" (hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search)
HKCU_SearchScopes\{61F9545F-4BC8-48CE-9FFE-1C7AB300A03D} - "Shopping.com" (hxxp://fr.shopping.com/?linkin_id=8056351)
HKCU_SearchScopes\{730611A7-7337-41D0-A7F4-C800065C4984} - "eBay" (hxxp://rover.ebay.com/rover/1/709-42536-16445-8/4?satitle={searchTerms})
HKCU_SearchScopes\{CE6E986D-D705-4450-5B17-7041CFB97514} - "Find Stuff" (hxxp://www.findstuff.biz/search.cgi?q={searchTerms})
HKCU_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (x)
HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
HKCU_ElevationPolicy\{18325BA8-C755-4F2E-A701-707DC8F5F395} - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{64DA00B7-88FE-49a8-8515-68A5C8C305DB} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A39C536A-A41F-492f-B784-08D5A6DCF091} - C:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe (Evernote)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{E6856B61-272B-4e4f-AADE-1D73054BCAD1} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{ED4ABFF1-2CA0-4476-98EB-E9208D434752} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F3CD2902-C553-4d6a-B139-934BED1FAADF} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F7897EF1-FE28-4f1a-9615-E45744D29F15} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Send To Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{E0B8C461-F8FB-49b4-8373-FE32E92528A6} - "Add to Evernote" (C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll,1001)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 19 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 23/04/2011 13:29:03 (7399 Octet(s))
C:\Ad-Report-SCAN[1].txt - 23/04/2011 10:08:10 (7913 Octet(s))
Fin à: 13:30:15, 23/04/2011
============== E.O.F ==============
Voici le rapport aprés nettoyage
Apparement, les fenteres ne s'ouvrent plus !cool
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 13:28:56 le 23/04/2011, Mode normal
Microsoft Windows 7 Édition Familiale Premium (X64)
sony@SONY-VAIO (Sony Corporation VPCF11M1E)
============== ACTION(S) ==============
Dossier supprimé: C:\Users\sony\AppData\Roaming\PCtuto
Dossier supprimé: C:\Users\sony\AppData\LocalLow\Conduit
Dossier supprimé: C:\Users\sony\AppData\Local\EoRezo
Dossier supprimé: C:\Program Files (x86)\EoRezo
Dossier supprimé: C:\Users\sony\AppData\Local\PCTuto
Dossier supprimé: C:\Program Files (x86)\PCTuto
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Users\sony\AppData\Roaming\Mozilla\FireFox\Profiles\4cr0ssxz.default\Prefs.js --
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{293A63F7-C3B6-423a-9845-901AC0A7EE6E}
Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé supprimée: HKLM\Software\Classes\TypeLib\{0BF73E27-2734-4F7B-925A-4BBB1457F5FA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé supprimée: HKLM\Software\Classes\Conduit.Engine
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2851639
Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKLM\Software\Freeze.com
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\MediaHoldings
Clé supprimée: HKCU\Software\PlayMP3
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|PCTuto
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [4.0 (fr)] ****
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Components\browsercomps.dll (Mozilla Foundation)
-- C:\Users\sony\AppData\Roaming\Mozilla\FireFox\Profiles\4cr0ssxz.default --
Prefs.js - browser.startup.homepage_override.buildID, 20110318052756
Prefs.js - browser.startup.homepage_override.mstone, rv:2.0
========================================
**** Internet Explorer Version [8.0.7600.16385] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (x)
HKCU_SearchScopes\{319976E8-0327-4EE0-A4F6-9918301D6E8E} - "Zinio" (hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search)
HKCU_SearchScopes\{61F9545F-4BC8-48CE-9FFE-1C7AB300A03D} - "Shopping.com" (hxxp://fr.shopping.com/?linkin_id=8056351)
HKCU_SearchScopes\{730611A7-7337-41D0-A7F4-C800065C4984} - "eBay" (hxxp://rover.ebay.com/rover/1/709-42536-16445-8/4?satitle={searchTerms})
HKCU_SearchScopes\{CE6E986D-D705-4450-5B17-7041CFB97514} - "Find Stuff" (hxxp://www.findstuff.biz/search.cgi?q={searchTerms})
HKCU_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKLM_SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} - "SweetIM Search" (hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms})
HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (x)
HKCU_Toolbar\WebBrowser|{EEE6C35B-6118-11DC-9C72-001320C79847} (x)
HKCU_ElevationPolicy\{18325BA8-C755-4F2E-A701-707DC8F5F395} - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{64DA00B7-88FE-49a8-8515-68A5C8C305DB} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A39C536A-A41F-492f-B784-08D5A6DCF091} - C:\Program Files (x86)\Evernote\Evernote3.5\Evernote.exe (Evernote)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
HKLM_ElevationPolicy\{E6856B61-272B-4e4f-AADE-1D73054BCAD1} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{ED4ABFF1-2CA0-4476-98EB-E9208D434752} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F3CD2902-C553-4d6a-B139-934BED1FAADF} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_ElevationPolicy\{F7897EF1-FE28-4f1a-9615-E45744D29F15} - C:\Program Files\Sony\VAIO Personalization Manager\VpmIfBroker.exe (Sony Corporation)
HKLM_Extensions\{CCA281CA-C863-46ef-9331-5C8D4460577F} - "Send To Bluetooth" (C:\Program Files\WIDCOMM\Bluetooth Software\bt_cold_icon.ico)
HKLM_Extensions\{E0B8C461-F8FB-49b4-8373-FE32E92528A6} - "Add to Evernote" (C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll,1001)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 19 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 23/04/2011 13:29:03 (7399 Octet(s))
C:\Ad-Report-SCAN[1].txt - 23/04/2011 10:08:10 (7913 Octet(s))
Fin à: 13:30:15, 23/04/2011
============== E.O.F ==============
http://www.malekal.com/2010/11/12/tutorial-malwarebyte-...
Voila, aprés avoir désinstaller AD-R et suivi la procedure de malware, voici le rapport de l'analyse complete du PC:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6424
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
23/04/2011 15:52:47
mbam-log-2011-04-23 (15-52-47).txt
Type d'examen: Examen complet (C:\|G:\|)
Elément(s) analysé(s): 375245
Temps écoulé: 1 heure(s), 14 minute(s), 54 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
c:\Windows\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> 4880 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{5A2C5CE8-6FE1-E99E-3DAE-3192C7F0B2DA} (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ImproveROISystemTool.ImproveROISystemTool (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ImproveROISystemTool.ImproveROISystemTool.1 (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ImproveROISystemTool.DLL (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\DC3_FEXEC (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ImproveROISystemTool (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Users\sony\documents\nouveau dossier\illustrator cs5\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
g:\logiciels\adobe photoshop cs5 extended by blackwolf-a6\adobe photoshop cs5 extended\Keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
g:\logiciels\adobe premiere pro cs5\Keygen\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
g:\logiciels\adobe premiere pro cs5\Keygen\keygen_plugin.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
g:\logiciels\cinema 4d 12 ml hybrid\Keygen\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
g:\logiciels\winrar v3.90 final\winrar.v3.90.final_keygen-fff\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\sony\AppData\Roaming\data.dat (Stolen.Data) -> Quarantined and deleted successfully.
c:\Windows\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
c:\Users\sony\AppData\Local\Temp\dclogs.sys (Stolen.Data) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 6424
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
23/04/2011 15:52:47
mbam-log-2011-04-23 (15-52-47).txt
Type d'examen: Examen complet (C:\|G:\|)
Elément(s) analysé(s): 375245
Temps écoulé: 1 heure(s), 14 minute(s), 54 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 7
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 9
Processus mémoire infecté(s):
c:\Windows\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> 4880 -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{5A2C5CE8-6FE1-E99E-3DAE-3192C7F0B2DA} (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ImproveROISystemTool.ImproveROISystemTool (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ImproveROISystemTool.ImproveROISystemTool.1 (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ImproveROISystemTool.DLL (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\DC3_FEXEC (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ImproveROISystemTool (Adware.ImproveROISystemTool) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Users\sony\documents\nouveau dossier\illustrator cs5\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
g:\logiciels\adobe photoshop cs5 extended by blackwolf-a6\adobe photoshop cs5 extended\Keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
g:\logiciels\adobe premiere pro cs5\Keygen\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
g:\logiciels\adobe premiere pro cs5\Keygen\keygen_plugin.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
g:\logiciels\cinema 4d 12 ml hybrid\Keygen\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
g:\logiciels\winrar v3.90 final\winrar.v3.90.final_keygen-fff\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
c:\Users\sony\AppData\Roaming\data.dat (Stolen.Data) -> Quarantined and deleted successfully.
c:\Windows\Temp\svhost.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
c:\Users\sony\AppData\Local\Temp\dclogs.sys (Stolen.Data) -> Quarantined and deleted successfully.
Pour finir :
1/
Télécharge et installe CCleaner.
Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
2/
Il est nécessaire de supprimer les points de restauration.
==Prévention==
Voici un dossier sur la prévention et sécurité sur Internet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
Clique, dans ton premier message, sur le bouton Editer ![]()
.
Ajoute la mention [Résolu] devant le titre.
Clique ensuite sur Valider votre message.
![;)]( ";)")
1/
2/
==Prévention==
Voici un dossier sur la prévention et sécurité sur Internet (A lire avec Adobe Reader ou Foxit Reader) : Lien
==Problème résolu ?==
--> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumMalware résolu
- ForumFentres pop up qui apparaissent
- solutionsFentres qui empeches acces compte credit agricole
- ForumBureau du résolu
- ForumCsrss.exe résolu
- ForumFentres publicitaire qui s'ouvre toutes seule
- ForumFentres qui s'ouvrent au demarrage
- ForumDailymotion résolu
- ForumLifeframe résolu
- Voir plus
