Bonjour,
J'aimerai savoir comment supprimer ce virus. J'ai déjà affectué le scan d'Ad-Remover dont voici le rapport
Merci d'avance.
======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 12/04/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web:
http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 23:22:02 le 24/08/2011, Mode normal
Microsoft® Windows Vista(TM) Édition Familiale Premium (X86)
delisle--foscolo@PC-DE-DELISLE-- (FUJITSU SIEMENS AMILO La1703)
============== RECHERCHE ==============
Dossier trouvé: C:\Users\delisle--foscolo\AppData\Roaming\Mozilla\FireFox\Profiles\ul4pwnzz.default\extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Dossier trouvé: C:\Users\delisle--foscolo\AppData\LocalLow\Conduit
Dossier trouvé: C:\Program Files\Conduit
Dossier trouvé: C:\Users\delisle--foscolo\AppData\LocalLow\ConduitEngine
Dossier trouvé: C:\Program Files\ConduitEngine
Dossier trouvé: C:\Users\delisle--foscolo\AppData\LocalLow\PriceGong
-- Fichier ouvert: C:\Users\delisle--foscolo\AppData\Roaming\Mozilla\FireFox\Profiles\ul4pwnzz.default\Prefs.js --
Ligne trouvée: user_pref("browser.startup.homepage", "hxxp://www.searchqu.com//406");
Ligne trouvée: user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q=");
-- Fichier Fermé --
Clé trouvée: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Clé trouvée: HKLM\Software\Classes\CLSID\{67273AD3-B90F-4DA0-A814-F9C0535D0790}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{67273AD3-B90F-4DA0-A814-F9C0535D0790}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{67273AD3-B90F-4DA0-A814-F9C0535D0790}
Clé trouvée: HKLM\Software\Classes\CLSID\{7F8B69B6-39C8-482C-BA74-E46A034A9607}
Clé trouvée: HKLM\Software\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7}
Clé trouvée: HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}
Clé trouvée: HKLM\Software\Classes\Conduit.Engine
Clé trouvée: HKLM\Software\Classes\Toolbar.CT2851639
Clé trouvée: HKLM\Software\Conduit
Clé trouvée: HKLM\Software\conduitEngine
Clé trouvée: HKLM\Software\DataMngr
Clé trouvée: HKLM\Software\SearchquMediabarTb
Clé trouvée: HKCU\Software\DataMngr
Clé trouvée: HKCU\Software\AppDataLow\Toolbar
Clé trouvée: HKCU\Software\AppDataLow\Software\Conduit
Clé trouvée: HKCU\Software\AppDataLow\Software\conduitEngine
Clé trouvée: HKCU\Software\AppDataLow\Software\PriceGong
Clé trouvée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Clé trouvée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A05408C-82FB-4525-BDF2-1240066A6392}
Clé trouvée: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Clé trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Valeur trouvée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|DataMngr
Valeur trouvée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [6.0 (fr)] ****
Searchplugins\bing.xml ( hxxp://www.bing.com/search)
Searchplugins\SearchResults.xml ( hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q={searchTerms}/)
Components\browsercomps.dll (Mozilla Foundation)
Extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} (Skype extension )
-- C:\Users\delisle--foscolo\AppData\Roaming\Mozilla\FireFox\Profiles\ul4pwnzz.default --
Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} (Searchqu Toolbar)
Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} (DVDVideoSoft Menu)
Searchplugins\SearchResults.xml ( hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q={searchTerms}/)
Prefs.js - browser.download.lastDir, D:\\alexandre\\cinquième nouveau programme\\histoire nouveau programme
Prefs.js - browser.search.defaultenginename, Web Search
Prefs.js - browser.search.selectedEngine, Web Search
Prefs.js - browser.startup.homepage, hxxp://www.searchqu.com//406
Prefs.js - browser.startup.homepage_override.buildID, 20110811165603
Prefs.js - browser.startup.homepage_override.mstone, rv:6.0
Prefs.js - keyword.URL, hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q=
========================================
**** Internet Explorer Version [7.0.6000.16982] ****
HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKCU_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157
HKCU_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files\uTorrentBar_FR\tbuTor.dll)
HKLM_URLSearchHooks|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files\uTorrentBar_FR\tbuTor.dll)
HKCU_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Web Search" (hxxp://www.searchqu.com/web?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms})
HKLM_SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - "Web Search" (hxxp://www.searchqu.com/web?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms})
HKCU_Toolbar\WebBrowser|{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} (C:\Program Files\uTorrentBar_FR\tbuTor.dll)
HKLM_Toolbar|{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} (C:\Program Files\uTorrentBar_FR\tbuTor.dll)
HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files\ConduitEngine\ConduitEngine.dll)
HKLM_Toolbar|{327C2873-E90D-4c37-AA9D-10AC9BABA46C} (C:\Program Files\Canon\Easy-WebPrint\Toolband.dll)
HKLM_Toolbar|{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
HKLM_Toolbar|{99079a25-328f-4bd4-be04-00955acaa0a7} (C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll)
HKLM_ElevationPolicy\{4689449B-8BB7-467A-A641-8D6B211AE24A} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\dtUser.exe (Visicom Media Inc.)
HKLM_ElevationPolicy\{5A05408C-82FB-4525-BDF2-1240066A6392} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (?)
HKLM_ElevationPolicy\{8200011B-2D33-4A49-98FB-486984221948} - C:\Program Files\uTorrentBar_FR\uTorrentBar_FRToolbarHelper.exe (?)
HKLM_ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\uninstall.exe (?)
BHO\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - "uTorrentBar_FR Toolbar" (C:\Program Files\uTorrentBar_FR\tbuTor.dll)
BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll)
BHO\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - "avast! WebRep" (C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll)
BHO\{99079a25-328f-4bd4-be04-00955acaa0a7} - "Searchqu Toolbar" (C:\PROGRA~1\WI371A~1\Datamngr\ToolBar\searchqudtx.dll)
BHO\{9D717F81-9148-4f12-8568-69135F087DB0} - "Loader Class" (C:\PROGRA~1\WI371A~1\Datamngr\BROWSE~1.DLL)
========================================
C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 0 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 24/08/2011 23:22:13 (8012 Octet(s))
Fin à: 23:23:03, 24/08/2011
============== E.O.F ==============
Afficher la suite