Problème avec y.lo.st
gboule
-
NicoVA Messages postés 817 Date d'inscription Statut Contributeur sécurité Dernière intervention -
NicoVA Messages postés 817 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
Je suis infecté pat y.lo.st.
J'ai utilisé AD-R, fait le scan, et il me conseille de vous faire parvenir le log avant de continuer.
Voici le log en question =, en vous remerciant d'avance.
____________________________________
======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 07/05/10 à 16:50
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 18:46:32 le 17/05/2010 | Mode normal | Option: SCAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft® Windows Vista(TM) HomePremium - X86
Nom du PC: PC-DE-BUREAU (TOSHIBA Satellite P200)
Utilisateur actuel: christelle
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
.
C:\Program Files\AskSBar
C:\Program Files\GamesBar
C:\Program Files\Soft2PC
C:\ProgramData\iWin
C:\ProgramData\Trymedia
C:\Users\christelle\AppData\Local\Soft2PC
C:\Users\christelle\AppData\LocalLow\AskSBar
C:\Users\christelle\AppData\Roaming\iWin
C:\Users\christelle\AppData\Roaming\Soft2PC
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
HKCU\Software\soft2PC
HKLM\Software\Classes\AppID\{AB67D16D-3824-4683-B81A-D66DBA61B1AF}
HKLM\Software\Classes\AppID\Soft2PCBHO.DLL
HKLM\Software\Classes\CLSID\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
HKLM\Software\Classes\CLSID\{B15FD82E-85BC-430d-90CB-65DB1B030510}
HKLM\Software\Classes\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Classes\CLSID\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Classes\CLSID\{F0D4B23B-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Classes\Interface\{CC883F50-95BB-4A25-9DBF-B801506F1BC4}
HKLM\Software\Classes\SoftwareBHO.SOFT2PCBHO
HKLM\Software\Classes\SoftwareBHO.SOFT2PCBHO.1
HKLM\Software\Classes\TypeLib\{B52F3553-49FA-4599-81A4-F98951E0B53B}
HKLM\Software\GamesBarSetup
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0D4B23B-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Soft2PC_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
HKLM\Software\soft2PC
HKLM\Software\Trymedia Systems
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Run|HWSetup
HKLM\Software\Microsoft\Windows\CurrentVersion\Run|soft2PC
HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SVPWUTIL
.
.
============== SCAN ADDITIONNEL ==============
.
.
* Internet Explorer Version 7.0.6000.17037 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: hxxp://orange.fr/
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm.
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Ad-Remover\Backup: 0 Fichier(s)
.
C:\Ad-Report-SCAN[1].txt - 4037 Octet(s)
C:\Ad-Report-SCAN[2].txt - 3922 Octet(s)
.
Fin à: 18:51:30, 17/05/2010
.
============== E.O.F - SCAN[2] ==============
En vous remerciant à nouveau
Je suis infecté pat y.lo.st.
J'ai utilisé AD-R, fait le scan, et il me conseille de vous faire parvenir le log avant de continuer.
Voici le log en question =, en vous remerciant d'avance.
____________________________________
======= RAPPORT D'AD-REMOVER 2.0.0.0,D | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 07/05/10 à 16:50
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 18:46:32 le 17/05/2010 | Mode normal | Option: SCAN
Exécuté de: C:\Ad-Remover\ADR.exe
SE: Microsoft® Windows Vista(TM) HomePremium - X86
Nom du PC: PC-DE-BUREAU (TOSHIBA Satellite P200)
Utilisateur actuel: christelle
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
.
C:\Program Files\AskSBar
C:\Program Files\GamesBar
C:\Program Files\Soft2PC
C:\ProgramData\iWin
C:\ProgramData\Trymedia
C:\Users\christelle\AppData\Local\Soft2PC
C:\Users\christelle\AppData\LocalLow\AskSBar
C:\Users\christelle\AppData\Roaming\iWin
C:\Users\christelle\AppData\Roaming\Soft2PC
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
HKCU\Software\soft2PC
HKLM\Software\Classes\AppID\{AB67D16D-3824-4683-B81A-D66DBA61B1AF}
HKLM\Software\Classes\AppID\Soft2PCBHO.DLL
HKLM\Software\Classes\CLSID\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
HKLM\Software\Classes\CLSID\{B15FD82E-85BC-430d-90CB-65DB1B030510}
HKLM\Software\Classes\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Classes\CLSID\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Classes\CLSID\{F0D4B23B-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Classes\Interface\{CC883F50-95BB-4A25-9DBF-B801506F1BC4}
HKLM\Software\Classes\SoftwareBHO.SOFT2PCBHO
HKLM\Software\Classes\SoftwareBHO.SOFT2PCBHO.1
HKLM\Software\Classes\TypeLib\{B52F3553-49FA-4599-81A4-F98951E0B53B}
HKLM\Software\GamesBarSetup
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3475D2C4-BBD1-4255-A70D-4125A4D30956}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F0D4B23B-DA4B-4daf-81E4-DFEE4931A4AA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AskSBar Uninstall
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Soft2PC_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Software_is1
HKLM\Software\soft2PC
HKLM\Software\Trymedia Systems
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
HKLM\Software\Microsoft\Internet Explorer\Toolbar|{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
HKLM\Software\Microsoft\Windows\CurrentVersion\Run|HWSetup
HKLM\Software\Microsoft\Windows\CurrentVersion\Run|soft2PC
HKLM\Software\Microsoft\Windows\CurrentVersion\Run|SVPWUTIL
.
.
============== SCAN ADDITIONNEL ==============
.
.
* Internet Explorer Version 7.0.6000.17037 *
.
[HKCU\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\Windows\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Show_ToolBar: yes
Start Page: hxxp://orange.fr/
.
[HKLM\Software\Microsoft\Internet Explorer\Main]
.
AutoHide: yes
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: %SystemRoot%\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
.
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm.
Blank: res://mshtml.dll/blank.htm
.
========================================
.
C:\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Ad-Remover\Backup: 0 Fichier(s)
.
C:\Ad-Report-SCAN[1].txt - 4037 Octet(s)
C:\Ad-Report-SCAN[2].txt - 3922 Octet(s)
.
Fin à: 18:51:30, 17/05/2010
.
============== E.O.F - SCAN[2] ==============
En vous remerciant à nouveau
+