Ordinateur infecté

Résolu/Fermé
TB83000 - 14 janv. 2010 à 21:35
crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 - 14 janv. 2010 à 21:37
Bonjour,

Voici le scan ad-remover:
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_F | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 26.12.2009 à 20:47
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 21:11:08, 14/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: MONTANA | Utilisateur actuel: White

Bonnes fêtes de fin d'année à vous tous :)
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: WinSvc

C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
C:\DOCUME~1\White\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\Titan Poker.lnk
C:\DOCUME~1\White\LOCALS~1\Temp\AskSearch
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\Titan Poker
C:\Program Files\Ask.com
C:\Program Files\PartyGaming
C:\Program Files\Winsudate
C:\Documents and Settings\White\Local Settings\Application Data\AskToolbar
C:\DOCUME~1\White\Bureau\Music\Installation de PartyPoker.lnk
C:\DOCUME~1\White\Bureau\Music\PartyPoker.lnk

(!) -- Fichiers temporaires supprimés.

.
HKCU\software\appdatalow\AskBarDis
HKCU\software\appdatalow\AskHomepage
HKCU\software\appdatalow\AskToolbarInfo
HKCU\software\Ask.com
HKCU\software\AskToolbar
HKCU\software\fcn
HKCU\software\Grand Virtual
HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\WinUsr
HKCU\software\PartyGaming
HKCU\software\Titan Poker
HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
HKLM\software\classes\appid\GenericAskToolbar.DLL
HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\classes\GenericAskToolbar.ToolbarWnd
HKLM\software\classes\GenericAskToolbar.ToolbarWnd.1
HKLM\software\classes\installer\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{49783ED4-258D-4f9f-BE11-137C18D3E543}
HKLM\Software\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
HKLM\software\microsoft\windows\currentversion\installer\userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
HKLM\software\Titan Poker
HKLM\SYSTEM\ControlSet003\Services\winsvc
.
============== Scan additionnel ==============
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Do404Search: 01000000
Local Page: C:\WINDOWS\system32\blank.htm
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Enable Browser Extensions: yes
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Use Search Asst: no
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: 5cf020e88f67ca01
Start Page Redirect Cache AcceptLangs: fr
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials, ...) ==============
.
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobKeyGenerator.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobKeyGenerator1.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobKeyGenerator2.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobKeyGenerator3.zip
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobKeyGenerator4.zip
.
===================================
.
2091 Octet(s) - C:\AD-report-Clean-12.01.2009.log
5945 Octet(s) - C:\Ad-Report-CLEAN[1].log
1876 Octet(s) - C:\AD-report-Scan-12.01.2009.log
3951 Octet(s) - C:\Ad-Report-SCAN[1].log
3994 Octet(s) - C:\Ad-Report-SCAN[2].log
4037 Octet(s) - C:\Ad-Report-SCAN[3].log
.
2 Fichier(s) - C:\DOCUME~1\White\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
8 Fichier(s) - C:\WINDOWS\Prefetch
.
22 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
454 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 21:24:32 | 14/01/2010 - CLEAN[1]
.
============== E.O.F ==============
.
A voir également:

1 réponse

crapoulou Messages postés 28160 Date d'inscription mercredi 28 novembre 2007 Statut Modérateur, Contributeur sécurité Dernière intervention 21 mai 2024 7 998
14 janv. 2010 à 21:37
Bonsoir,
Merci de poursuivre sur ce fil de discussion :
https://forums.commentcamarche.net/forum/affich-16054456-probleme-virus
Bonne continuation.
Crapoulou.
0