> Tous les forums > Forum Sécurité
 attaquée par: cheval de troie, URL malveillantes..Sujet résolu
Ajouter un message à la discussion
Pages : [1] 2 3 4 ... Fin
Page 1 sur 4 [Fin]
Panacotta
  Posté le 05/04/2011 @ 19:25 
Aller en bas de la page 
Petite astucienne

Bonsoir,

Dimanche soir, avast a commencé à me détecter à la chaine un tas de problèmes: des "menaces", des URL malveillantes, un cheval de troie...

Mon ordi a complètement planté. J'ai fait un scan avec avast et supprimé 2 éléments infectés.

Plus de problèmes, mais exactement toutes les 10mn j'avais une alerte concernant un cheval de troie initié par le processus svchost.exe qui se matérialisait dans mon répertoire Windows\temp.

J'ai fait un scan avec Malwarebytes anti malware (102 éléments infectés).

Malgré ça, mon ordi a refusé de démarrer ce matin, j'ai encore eu une alerte pour le cheval de troie (une seule cette fois ci). J'ai fini par faire une restauration du système avec un point pris samedi.

Comment désinfecter correctement mon ordinateur ???

Merci d'avance pour votre aide.

P.S: je suis sous vista avec avast.

Publicité
patogas
 Posté le 05/04/2011 à 19:37 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

bonsoir panacotta

Une bienvenue sur PCA

Tu as gardé ton rapport malwareBytes????

Si oui postes le s'il te plait, merçi

@+

Panacotta
 Posté le 05/04/2011 à 19:41 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Bonsoir patogas, merci pour ta réponse.

Voilà le rapport:

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Version de la base de données: 6264

Windows 6.0.6002 Service Pack 2

Internet Explorer 7.0.6002.18005

04/04/2011 23:59:52

mbam-log-2011-04-04 (23-59-52).txt

Type d'examen: Examen complet (C:\|D:\|E:\|G:\|)

Elément(s) analysé(s): 316966

Temps écoulé: 1 heure(s), 37 minute(s), 18 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 2

Clé(s) du Registre infectée(s): 63

Valeur(s) du Registre infectée(s): 4

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 11

Fichier(s) infecté(s): 22

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

c:\program files\shopperreports3\bin\3.1.22.0\shopperreports.dll (Adware.ShopperReports) -> Delete on reboot.

c:\program files\shopperreports3\bin\3.1.22.0\Pltfrm.dll (Adware.ShopperReports) -> Delete on reboot.

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{2721A8E5-BFDB-4562-9912-9E0531CA616C} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{5FE0CEAE-CB69-40AF-A323-40F94257DACB} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{65A16874-2ED0-460E-A547-5FE2EC3A13A7} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.MozillaPSExecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{396CFC12-932D-496b-A0A8-5D7201E105E1} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{573F4ABB-A1A2-44ED-9BA9-A8DAD40AAC46} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{71E02280-5212-45C3-B174-4D5A35DA254F} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.MozillaNvgtnTrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{74C22317-5B90-471f-9AD2-FEC049870A16} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.Scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.Scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{DEE758B4-C3FB-4a5b-9939-848B9C77A2FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.Stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.Stock (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{CDCA70D8-C6A6-49EE-9BED-7429D6C477A2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{D136987F-E1C4-4CCC-A220-893DF03EC5DF} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5428486-50A0-4A02-9D20-520B59A9F9B3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.AsyncReporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.Dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.Dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.HbAx (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.HbAx.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.HbGuru (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.HbGuru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.HbInfoBand.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.IEButton (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.IEButton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.IEButtonA (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.IEButtonA.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.ReportData (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.ReportData.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.Reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.Reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.RprtCtrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.TriggerImmidiateOrRandomTS.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\ShopperReports.TriggerOnceInDay.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Vmuju (Trojan.Agent.U) -> Value: Vmuju -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\ShopperReports 3.1.22.0 (Adware.HotBar) -> Value: ShopperReports 3.1.22.0 -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\SRS_IT_E879047EB4765E543EA991 (Malware.Trace) -> Value: SRS_IT_E879047EB4765E543EA991 -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\ShopperReports@ShopperReports.com (ShopperReports) -> Value: ShopperReports@ShopperReports.com -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

c:\Users\Marine\AppData\Roaming\shopperreports3 (Adware.ShopperReports) -> Delete on reboot.

c:\program files\shopperreports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0 (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\shopperreports (Adware.ShopperReports) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):

c:\program files\shopperreports3\bin\3.1.22.0\shopperreports.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\Pltfrm.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\mozillaps.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\CmndFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\shopperreportsuninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\programdata\alwil software\Avast5\arpot\6c2551fe-2e8-1.dat (Rootkit.Bubnix) -> Delete on reboot.

c:\Users\Marine\documents\azureus downloads\nero 7.10.1.0\Keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

c:\zrpt.xml (Malware.Trace) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\launchhelp.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\InfoPane.xul (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\browserextensionff.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\program files\shopperreports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\browserextensionff.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\customer support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

c:\programdata\microsoft\Windows\start menu\Programs\shopperreports\shopperreports uninstall instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

Panacotta
 Posté le 05/04/2011 à 20:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Je viens d'avoir une nouvelle alerte d'avast pour "URL malveillante"

:(

patogas
 Posté le 05/04/2011 à 20:44 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

RE

AVAST te donnes l'adresse URL malveillance ou c'est quand tu veux aller sur un site ou autre?

@+

Panacotta
 Posté le 05/04/2011 à 20:46 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Non je ne veux aller nulle part, j'ai l'impression que j'ai quelque chose qui essaye de se connecter tout seul.

J'en ai eu 4 depuis tout à l'heure.

patogas
 Posté le 05/04/2011 à 20:52 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

OK

  • Télécharger TDSSkiller de Kaspersky,
  • Extraire de l'archive téléchargée le fichier TDSSKiller.exe et le placer sur le Bureau,
  • Faire un double clic sur TDSSKiller.exe pour le lancer.

  • Cliquer sur Start scan pour lancer l'analyse,
  • Lorsque l'outil a terminé son travail d'inspection, si des nuisibles Image IPB ("Malicious objects") ont été trouvés, vérifier que l'option Image IPB (Cure) est sélectionnée,
  • Si des objects suspects ("Suspicious objects") ont été détectés, sur l'écran de demande de confirmation, modifier l'action à entreprendre et indiquer Quarantine (au lieu de Skip),
  • Puis cliquer sur le bouton Image IPB (Continue),
  • Attendre l'affichage du fichier rapport.
  • Si l'outil a besoin d'un redémarrage pour finaliser le nettoyage, cliquer sur le bouton Image IPB (Reboot computer).
  • Envoyer en réponse : le rapport de TDSSKiller (contenu du fichier SystemDrive\TDSSKiller.Version_Date_Heure_log.txt)
    [SystemDrive représente la partition sur laquelle est installé le système, généralement C:]

  • @+

Panacotta
 Posté le 05/04/2011 à 21:04 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Panacotta
 Posté le 05/04/2011 à 21:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Re

J'ai fait la manip et posté le rapport. Tu arrives à y accéder ?

Publicité
patogas
 Posté le 05/04/2011 à 21:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

re

J'ai le rapport.

Tu as bien rebooter ton PC?? si non fais le.

@+

Panacotta
 Posté le 05/04/2011 à 21:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Oui j'ai rebooté à la fin du scan

patogas
 Posté le 05/04/2011 à 21:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

OK impeccable

Passes les 2 outils de ce lien s'il te plait.

https://forum.pcastuces.com/aide_au_diagnostic_un_pc_infecte_pcastuces-f25s17490.htm

@+

Panacotta
 Posté le 05/04/2011 à 21:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Alors, voilà le premier rapport

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Version de la base de données: 6280

Windows 6.0.6002 Service Pack 2

Internet Explorer 7.0.6002.18005

05/04/2011 21:56:48

mbam-log-2011-04-05 (21-56-48).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 162814

Temps écoulé: 10 minute(s), 20 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 94

Valeur(s) du Registre infectée(s): 4

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 10

Fichier(s) infecté(s): 15

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\shopperreports.asyncreporter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.asyncreporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbguru (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbguru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{573f4abb-a1a2-44ed-9ba9-a8dad40aac46} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{71e02280-5212-45c3-b174-4d5a35da254f} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{396cfc12-932d-496b-a0a8-5d7201e105e1} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{74c22317-5b90-471f-9ad2-fec049870a16} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{5fe0ceae-cb69-40af-a323-40f94257dacb} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{65a16874-2ed0-460e-a547-5fe2ec3a13a7} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{2721a8e5-bfdb-4562-9912-9e0531ca616c} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reportdata (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reportdata.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.stock (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{dee758b4-c3fb-4a5b-9939-848b9c77a2fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggeronceinday (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggeronceinday.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{21ba420e-161c-413a-b21e-4e42ae1f4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{453db0c5-f41c-4d97-8dd6-cc72ecd5f699} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{4afc07d0-59bb-46b8-b097-1a46e88eef71} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{6511ce4c-4722-40d0-ad3d-4afa2f50978a} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{b86d82bf-d39f-439a-a07c-43eddc6f6ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{da6305b9-0869-4235-8c1d-533a65e639e5} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e25da6d6-c365-46cf-abaf-dc5893135d7a} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{f8b4ec8a-2407-4be0-aee2-0f430d65a90d} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{09325003-167c-483d-a4ba-8b3122abb432} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{6dd76b7b-6423-4df0-9a07-84a6cad973a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7f6cfb6a-9227-4bb8-b941-f2b067e76f51} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ab0ee208-df60-4fa7-a617-c4269760033e} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e12aeab6-7d12-4c07-8e36-5892efb4dafb} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e2f2c137-a782-4fb5-81af-086156f5eb0a} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{f1d06c9f-51f0-4476-bede-5ddf91be304e} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{f3a32df2-7413-4fb1-b575-1ac920a17b76} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{acc62306-9a63-4864-bd2f-c8825d2d7ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{f1a1892c-2a6c-4817-98b4-ff81443cba20} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89f88394-3828-4d03-a0cf-8203604c3da6} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d4233f04-1789-483c-a137-731e8f113dd5} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vmuju (Trojan.Agent.U) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\shopperreports 3.1.22.0 (Adware.HotBar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\srs_it_e879047eb4765e543ea991 (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\shopperreports@shopperreports.com (ShopperReports) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

C:\Program Files\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0 (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports (Adware.ShopperReports) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):

C:\Program Files\ShopperReports3\bin\3.1.22.0\ShopperReports.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\CmndFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\mozillaps.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Users\Marine\AppData\Local\Temp\aonrwxscme.exe (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\LaunchHelp.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\ShopperReportsUninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\chrome\content\infopane.js (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files\ShopperReports3\bin\3.1.22.0\firefox\firefoxtoolbar\extensions\components\BrowserExtensionFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

Panacotta
 Posté le 05/04/2011 à 21:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Fichier joint : ZHPDiag.txt

patogas
 Posté le 05/04/2011 à 22:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

re

Merçi fais un nouveau scan ZHP et postes le rapport ZHPDiag

@+

Panacotta
 Posté le 05/04/2011 à 22:19 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

C'est fait.

Panacotta
 Posté le 05/04/2011 à 22:19 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Fichier joint : ZHPDiag2

Publicité
Panacotta
 Posté le 05/04/2011 à 22:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

C'est bizarre, il n'est pas au format texte comme le premier rapport.

patogas
 Posté le 05/04/2011 à 22:28 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Re,

Je ne peux ouvrir ton dernier rapportn il y a dû avoir une mauvaise manip.

Essaies de nouveau merçi.

@+

Panacotta
 Posté le 05/04/2011 à 22:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Dsl, je ne sais pas ce qui s'est passé. J'espère que tu vas pouvoir ouvrir celui-ci.

Panacotta
 Posté le 05/04/2011 à 22:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Fichier joint : ZHPDiag2.txt

patogas
 Posté le 05/04/2011 à 22:58 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Du boulot de chef

On continu


Téléchargez AD-Remover sur le bureau
image

Déconnectez-vous et fermez toutes les applications en cours
Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .
Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel
Cliquez sur "OUI"
Double cliquer sur l'icône Ad-remover sur le bureau
image
Au menu principal choisir l'optionScanner et Validez

Patientez pendant le travail de l'outil.
Poster le rapport qui apparait à la fin .
Il est sauvegardé aussi sous C:\Ad-report.log

Panacotta
 Posté le 05/04/2011 à 23:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Je m'y mets tout de suite.

J'espère que la situation n'est pas trop désespérée :-S

patogas
 Posté le 05/04/2011 à 23:08 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

Re,

Non pas trop mais on reviendra sur l'utilisation du P2P, il n'y a pas de fumée sans feu.

@+

Panacotta
 Posté le 05/04/2011 à 23:09 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 04/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 23:07:12 le 05/04/2011, Mode normal

Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2 (X86)

Marine@PC-DE-MARINE (Sony Corporation VGN-NS12M_W)

============== RECHERCHE ==============

Dossier trouvé: C:\Programs\PartyGaming

Fichier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\PartyPoker.lnk

Dossier trouvé: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartyPoker

Dossier trouvé: C:\Users\Marine\AppData\LocalLow\Conduit

Dossier trouvé: C:\Program Files\Conduit

Dossier trouvé: C:\Users\Marine\AppData\LocalLow\ShopperReports3

Dossier trouvé: C:\Users\Marine\AppData\LocalLow\Sky-Banners

Dossier trouvé: C:\Users\Marine\AppData\LocalLow\Street-Ads

Clé trouvée: HKLM\Software\Classes\Interface\{299C0BBF-8D14-431C-9E58-5BE8F786721F}

Clé trouvée: HKLM\Software\Classes\Toolbar.CT2504091

Clé trouvée: HKLM\Software\Conduit

Clé trouvée: HKCU\Software\Conduit

Clé trouvée: HKCU\Software\Grand Virtual

Clé trouvée: HKCU\Software\PartyGaming

Clé trouvée: HKCU\Software\AppDataLow\Toolbar

Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit

Clé trouvée: HKCU\Software\AppDataLow\Software\ShopperReports3

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\Everest Poker

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\PartyPoker

Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShopperReportsSA

Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}

============== SCAN ADDITIONNEL ==============

**** Google Chrome Version [10.0.648.204] ****

-- C:\Users\Marine\AppData\Local\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Activé: true) (?)

Preferences - homepage: hxxp://www.google.fr/

Preferences - homepage_is_newtabpage: false

Plugin - "DivX Player" (Activé: true)

Plugin - "DivX Player Netscape Plugin" (Activé: true)

Plugin - "Picasa" (Activé: true)

========================================

**** Internet Explorer Version [7.0.6002.18005] ****

HKCU_Main|Default_Page_URL - hxxp://www.club-vaio.com

HKCU_Main|Search bar - hxxp://www.google.com/ie

HKCU_Main|Search Page - hxxp://www.google.com

HKCU_Main|Start Page - hxxp://www.google.fr/

HKLM_Main|Default_Page_URL - hxxp://www.club-vaio.com

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157

HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll)

HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll)

HKCU_SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} - "Google Desktop" (hxxp://127.0.0.1:4664/search&s=67_vBY6zQRfHhPm_WurFTIjRnGg?q={searchTerms})

HKCU_SearchScopes\{B76E7A85-7322-428b-AB33-19A6A5FD1E73} - "BS.Player Search" (hxxp://www.bsplayer-search.com/search?q={searchTerms})

HKCU_Toolbar\WebBrowser|{2C688203-7EB3-4327-9995-1CB417BA23F9} (C:\Program Files\BS.Player ControlBar\BSToolbar.dll)

HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\tbVuze.dll)

HKLM_Toolbar|{0BF43445-2F28-4351-9252-17FE6E806AA0} (x)

HKLM_Toolbar|{2C688203-7EB3-4327-9995-1CB417BA23F9} (C:\Program Files\BS.Player ControlBar\BSToolbar.dll)

HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\tbVuze.dll)

HKLM_ElevationPolicy\6c861d3b-4030-4058-b486-e4a37a205e64 - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?)

HKLM_ElevationPolicy\{74351F14-5437-4d87-805B-04D409B09976} - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)

HKLM_Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - "PartyPoker.com" (C:\Programs\PartyGaming\PartyPoker\images\ppicon.ico)

BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)

BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)

BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll)

BHO\{CA6319C0-31B7-401E-A518-A07C3DB8F777} - "CBrowserHelperObject Object" (C:\PROGRA~1\GOOGLE~1\BAE.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 1 Fichier(s)

C:\Ad-Report-SCAN[1].txt - 05/04/2011 23:07:27 (4904 Octet(s))

Fin à: 23:08:52, 05/04/2011

============== E.O.F ==============

Panacotta
 Posté le 05/04/2011 à 23:11 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

du P2P ? étrange, ça fait un moment que j'ai arrêté. Ma seule utilisation depuis des mois c'était pour échanger des photos avec des amis.

Publicité
Pages : [1] 2 3 4 ... Fin
Page 1 sur 4 [Fin]

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
-15 €15 € de réduction à partir de 149 € chez Cdiscount avec le code 15EUROS
Valable jusqu'au 30 Juillet

Cdiscount propose actuellement 15 € de réduction à partir de 149 € d'achats. Pour profiter de l'offre, utilisez le code promo 15EUROS .


> Voir l'offre
749,99 €Ultra portable Asus Zenbook UX325JA (Core i5, FullHD OLED, 8 Go, SSD 512 Go) à 749,99 €
Valable jusqu'au 31 Juillet

Fnac fait une promotion sur l'ordinateur portable Asus Zenbook UX325JA-2 qui passe à 749,99 € livré gratuitement. Cet ultra portable dispose d'une dalle Full HD (1920x1080) OLED de 13,3 pouces, d'un processeur Intel Core i5-1035G4, de 8 Go de RAM, d'un SSD de 512 Go et ne pèse que 1,1 kg. Le tout tourne sous Windows 10 et offre une autonomie réelle de 7 à 8 heures. Les traditionnels WiFi, Bluetooth, lecteur de carte mémoire et Webcam HD sont de la partie.


> Voir l'offre
164,99 €Ecran PC 24 pouces Samsung Odyssey G3 (FHD, 144 Hz, 1 ms) à 164,99 €
Valable jusqu'au 30 Juillet

Cdiscount fait une promotion sur l'écran PC Samsung 24 pouces Samsung Odyssey G3 à 164,99 € avec le code promo 15EUROS. Cet écran de 24 pouces offre une définition FHD de 1920x1080 pixels et est compatible FreeSync Premium avec un taux de réponse de 1 ms et un rafraichissement de 144 Hz. Connectiques HDMI, VGA et DP.


> Voir l'offre

Sujets relatifs
comment supprimer Un cheval de troie ks/kryptyk.l
pc infecte par cheval de troie et autres
infection cheval de troie
Divers adwares, cheval de Troie
une variante de Win32/Agent.SZW cheval de troie
Cheval de Troie bloqué invisible dans la quarantaine
cheval de troie pour cameyo
Cheval de Troie : Generic_s.ABP
question sur cheval de troie
cheval de troie
Plus de sujets relatifs à attaquée par: cheval de troie, URL malveillantes..
 > Tous les forums > Forum Sécurité