Fenêtres de pub intempestives
Résolu
hrynchack
Messages postés
75
Date d'inscription
Statut
Membre
Dernière intervention
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Quelqu'un peut-il m'indiquer comment me débarasser des fenêtres internet de publicité qui s'ouvrent sans arrêt pendant et en dehors de la navigation ?
J'ai lancé OTL et je peux fournir le rapport
Merci beaucoup
Quelqu'un peut-il m'indiquer comment me débarasser des fenêtres internet de publicité qui s'ouvrent sans arrêt pendant et en dehors de la navigation ?
J'ai lancé OTL et je peux fournir le rapport
Merci beaucoup
A voir également:
- Fenêtres de pub intempestives
- Supprimer pub youtube - Accueil - Streaming
- Stop pub gratuit - Télécharger - Divers Utilitaires
- Supprimer la pub - Guide
- Netflix avec pub avis - Accueil - Streaming
- Clavier ouvre des fenetres ✓ - Forum Windows Vista
32 réponses
Voici le Pre script
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 2.1222 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Denis : Microsoft Windows XP (32 bits)
Switchs : https://gen-hackman.kanak.fr/
New restorepoint created
Script : 23:14:47
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ | Deletion | Drivers | Services
Service : LAVASOFT_AD-AWARE_SERVICE Not actif
Service : LAVASOFT_KERNEXPLORER Not actif
Service : PCSPEEDUPSERVICE Not actif
Deleted : [HKLM\..\CCS\..\Root\LEGACY_LAVASOFT_AD-AWARE_SERVICE]
Deleted : [HKLM\..\CS001\..\Root\LEGACY_LAVASOFT_AD-AWARE_SERVICE]
Not Deleted : [HKLM\..\CS002\..\Root\LEGACY_LAVASOFT_AD-AWARE_SERVICE]
Deleted : [HKLM\..\CS003\..\Root\LEGACY_LAVASOFT_AD-AWARE_SERVICE]
Deleted : [HKLM\..\CCS\..\Root\LEGACY_LAVASOFT_KERNEXPLORER]
Deleted : [HKLM\..\CS001\..\Root\LEGACY_LAVASOFT_KERNEXPLORER]
Not Deleted : [HKLM\..\CS002\..\Root\LEGACY_LAVASOFT_KERNEXPLORER]
Deleted : [HKLM\..\CS003\..\Root\LEGACY_LAVASOFT_KERNEXPLORER]
Deleted : [HKLM\..\CCS\..\Root\LEGACY_PCSPEEDUPSERVICE]
Deleted : [HKLM\..\CS003\..\Root\LEGACY_PCSPEEDUPSERVICE]
¤
¤¤¤¤¤¤¤¤¤¤ | Registry Deletions
Value Deleted : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NeroFilterCheck
Value Deleted : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_22
Value Deleted : [HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks]:
Value Deleted : [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCR\Applications\mediaget.exe
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\Elf_1.15
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\Freecorder
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\mediabarim
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\Softonic_France
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\uTorrentBar
Key Deleted : HKLM\Software\BrowserChoice
Key Deleted : HKLM\Software\Uniblue
Value Deleted : [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]:C:\Program Files\iMesh Applications\iMesh\iMesh.exe
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:2869:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:48113:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:48113:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10243:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10280:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10281:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10282:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10283:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10284:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:1900:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:139:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:445:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:137:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:138:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:5985:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:80:TCP
Key Deleted : HKCR\Installer\Products\7324911AA745d164DB449BB751477AAD
¤
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Paul\Local Settings\Application Data\MediaGet2
File Moved to quarantine successfully : |ASH| - G:\._autorun.inf
File Moved to quarantine successfully : |ASH| - G:\autorun.inf
File Moved to quarantine successfully : |ASH| - G:\desktop.ini
Folder Moved to quarantine successfully : |D| - C:\Program Files\majtuto4pc
File Moved to quarantine successfully : |A| - C:\install.res.1036.dll
File Moved to quarantine successfully : |A| - C:\vdicmdrv.dll
File Moved to quarantine successfully : |A| - C:\vdremote.dll
File Moved to quarantine successfully : |A| - C:\vdsvrlnk.dll
File Moved to quarantine successfully : |A| - C:\globdata.ini
File Moved to quarantine successfully : |A| - C:\install.ini
Folder Moved to quarantine successfully : |D| - C:\11a11a82a5fab43a0942
Folder Moved to quarantine successfully : |D| - C:\c359004cd280ff2a3910a983
Folder Moved to quarantine successfully : |D| - C:\extensions
Folder Moved to quarantine successfully : |D| - C:\f24bdd99ed7dcacb8216a1
Folder Moved to quarantine successfully : |D| - C:\plugins
Folder Moved to quarantine successfully : |D| - C:\WINDOWS\Installer\{A1194237-547A-461d-BD44-B97B1574A7DA}
File Moved to quarantine successfully : |A| - C:\Documents and Settings\Paul\Bureau\Softonic_France.exe
File Moved to quarantine successfully : |A| - C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Menu Démarrer\Programmes\Freecorder
File Moved to quarantine successfully : |ASH| - C:\Documents and Settings\Denis\Application Data\.zreglib
File Moved to quarantine successfully : |ASH| - C:\Documents and Settings\Marie Hélène\Application Data\.zreglib
File Moved to quarantine successfully : |ASH| - C:\Documents and Settings\Paul\Application Data\.zreglib
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\All Users\Application Data\150
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\LocalService\Local Settings\Application Data\MAJTuto
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\LocalService\Local Settings\Application Data\supt4pc_fr_22
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Local Settings\Application Data\Elf_1.15
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Local Settings\Application Data\Freecorder
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Local Settings\Application Data\Softonic_France
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Local Settings\Application Data\uTorrentBar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\Elf_1.15
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\Freecorder
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\Softonic_France
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\supt4pc_fr_22
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\tuto4pc_fr_22
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\uTorrentBar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Mathilde\Local Settings\Application Data\Freecorder
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Mathilde\Local Settings\Application Data\Softonic_France
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Mathilde\Local Settings\Application Data\tuto4pc_fr_22
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Mathilde\Local Settings\Application Data\uTorrentBar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Paul\Local Settings\Application Data\iMesh
C:\Documents and Settings\Paul\Local Settings\Application Data\MediaGet2 : Not Found !
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Paul\Local Settings\Application Data\tuto4pc_fr_22
C:\Program Files\majtuto4pc : Not Found !
Folder Moved to quarantine successfully : |D| - C:\Program Files\Spybot - Search & Destroy
File Moved to quarantine successfully : |A| - C:\WINDOWS\Tasks\prismShakeIcon.job
¤¤¤¤¤¤¤¤¤¤ | MBR
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000004d
Analysis of file "C:\Pre_Scan\MBR.bin":
Windows XP MBR code detected
¤
End : 23:15:24
¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Pre_Script | 2.1222 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Denis : Microsoft Windows XP (32 bits)
Switchs : https://gen-hackman.kanak.fr/
New restorepoint created
Script : 23:14:47
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤ | Deletion | Drivers | Services
Service : LAVASOFT_AD-AWARE_SERVICE Not actif
Service : LAVASOFT_KERNEXPLORER Not actif
Service : PCSPEEDUPSERVICE Not actif
Deleted : [HKLM\..\CCS\..\Root\LEGACY_LAVASOFT_AD-AWARE_SERVICE]
Deleted : [HKLM\..\CS001\..\Root\LEGACY_LAVASOFT_AD-AWARE_SERVICE]
Not Deleted : [HKLM\..\CS002\..\Root\LEGACY_LAVASOFT_AD-AWARE_SERVICE]
Deleted : [HKLM\..\CS003\..\Root\LEGACY_LAVASOFT_AD-AWARE_SERVICE]
Deleted : [HKLM\..\CCS\..\Root\LEGACY_LAVASOFT_KERNEXPLORER]
Deleted : [HKLM\..\CS001\..\Root\LEGACY_LAVASOFT_KERNEXPLORER]
Not Deleted : [HKLM\..\CS002\..\Root\LEGACY_LAVASOFT_KERNEXPLORER]
Deleted : [HKLM\..\CS003\..\Root\LEGACY_LAVASOFT_KERNEXPLORER]
Deleted : [HKLM\..\CCS\..\Root\LEGACY_PCSPEEDUPSERVICE]
Deleted : [HKLM\..\CS003\..\Root\LEGACY_PCSPEEDUPSERVICE]
¤
¤¤¤¤¤¤¤¤¤¤ | Registry Deletions
Value Deleted : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NeroFilterCheck
Value Deleted : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_22
Value Deleted : [HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks]:
Value Deleted : [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCR\Applications\mediaget.exe
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\Elf_1.15
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\Freecorder
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\mediabarim
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\Softonic_France
Key Deleted : HKU\S-1-5-21-2000478354-1004336348-682003330-1003\Software\uTorrentBar
Key Deleted : HKLM\Software\BrowserChoice
Key Deleted : HKLM\Software\Uniblue
Value Deleted : [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]:C:\Program Files\iMesh Applications\iMesh\iMesh.exe
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:2869:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:48113:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:48113:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10243:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10280:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10281:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10282:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10283:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:10284:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:1900:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:139:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:445:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:137:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:138:UDP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:5985:TCP
Value Deleted : [HKLM\System\CurrentControlSet\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]:80:TCP
Key Deleted : HKCR\Installer\Products\7324911AA745d164DB449BB751477AAD
¤
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Paul\Local Settings\Application Data\MediaGet2
File Moved to quarantine successfully : |ASH| - G:\._autorun.inf
File Moved to quarantine successfully : |ASH| - G:\autorun.inf
File Moved to quarantine successfully : |ASH| - G:\desktop.ini
Folder Moved to quarantine successfully : |D| - C:\Program Files\majtuto4pc
File Moved to quarantine successfully : |A| - C:\install.res.1036.dll
File Moved to quarantine successfully : |A| - C:\vdicmdrv.dll
File Moved to quarantine successfully : |A| - C:\vdremote.dll
File Moved to quarantine successfully : |A| - C:\vdsvrlnk.dll
File Moved to quarantine successfully : |A| - C:\globdata.ini
File Moved to quarantine successfully : |A| - C:\install.ini
Folder Moved to quarantine successfully : |D| - C:\11a11a82a5fab43a0942
Folder Moved to quarantine successfully : |D| - C:\c359004cd280ff2a3910a983
Folder Moved to quarantine successfully : |D| - C:\extensions
Folder Moved to quarantine successfully : |D| - C:\f24bdd99ed7dcacb8216a1
Folder Moved to quarantine successfully : |D| - C:\plugins
Folder Moved to quarantine successfully : |D| - C:\WINDOWS\Installer\{A1194237-547A-461d-BD44-B97B1574A7DA}
File Moved to quarantine successfully : |A| - C:\Documents and Settings\Paul\Bureau\Softonic_France.exe
File Moved to quarantine successfully : |A| - C:\Documents and Settings\All Users\Bureau\Ad-Aware.lnk
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Menu Démarrer\Programmes\Freecorder
File Moved to quarantine successfully : |ASH| - C:\Documents and Settings\Denis\Application Data\.zreglib
File Moved to quarantine successfully : |ASH| - C:\Documents and Settings\Marie Hélène\Application Data\.zreglib
File Moved to quarantine successfully : |ASH| - C:\Documents and Settings\Paul\Application Data\.zreglib
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\All Users\Application Data\150
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\LocalService\Local Settings\Application Data\MAJTuto
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\LocalService\Local Settings\Application Data\supt4pc_fr_22
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Local Settings\Application Data\Elf_1.15
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Local Settings\Application Data\Freecorder
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Local Settings\Application Data\Softonic_France
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Denis\Local Settings\Application Data\uTorrentBar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\Elf_1.15
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\Freecorder
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\Softonic_France
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\supt4pc_fr_22
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\tuto4pc_fr_22
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Marie Hélène\Local Settings\Application Data\uTorrentBar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Mathilde\Local Settings\Application Data\Freecorder
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Mathilde\Local Settings\Application Data\Softonic_France
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Mathilde\Local Settings\Application Data\tuto4pc_fr_22
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Mathilde\Local Settings\Application Data\uTorrentBar
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Paul\Local Settings\Application Data\iMesh
C:\Documents and Settings\Paul\Local Settings\Application Data\MediaGet2 : Not Found !
Folder Moved to quarantine successfully : |D| - C:\Documents and Settings\Paul\Local Settings\Application Data\tuto4pc_fr_22
C:\Program Files\majtuto4pc : Not Found !
Folder Moved to quarantine successfully : |D| - C:\Program Files\Spybot - Search & Destroy
File Moved to quarantine successfully : |A| - C:\WINDOWS\Tasks\prismShakeIcon.job
¤¤¤¤¤¤¤¤¤¤ | MBR
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000004d
Analysis of file "C:\Pre_Scan\MBR.bin":
Windows XP MBR code detected
¤
End : 23:15:24
¤¤¤¤¤¤¤¤¤¤ ( EOF ) ¤¤¤¤¤¤¤¤¤¤
fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
▶ Télécharge ici :
Malwarebytes
▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
▶ Lance Malwarebyte's .
Fais un examen dit "Complet" .
▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
▶ Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
▶ Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
▶ Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
▶ Télécharge ici :
Malwarebytes
▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
▶ Lance Malwarebyte's .
Fais un examen dit "Complet" .
▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
▶ Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
▶ Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
▶ Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
Voici le rapport :
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Version de la base de données: v2012.12.24.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Denis :: MAISON-032A5A75 [administrateur]
24/12/2012 09:23:19
mbam-log-2012-12-24 (09-23-19).txt
Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 534411
Temps écoulé: 2 heure(s), 29 minute(s), 31 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 5
C:\System Volume Information\_restore{A244E8B0-2C50-4240-9ACC-C7FB446DB34A}\RP389\A0170376.exe (PUP.Tuto4PC) -> Mis en quarantaine et supprimé avec succès.
C:\System Volume Information\_restore{A244E8B0-2C50-4240-9ACC-C7FB446DB34A}\RP389\A0170377.exe (PUP.Tuto4PC) -> Mis en quarantaine et supprimé avec succès.
C:\System Volume Information\_restore{A244E8B0-2C50-4240-9ACC-C7FB446DB34A}\RP389\A0170379.exe (Trojan.Eorezo) -> Mis en quarantaine et supprimé avec succès.
C:\System Volume Information\_restore{A244E8B0-2C50-4240-9ACC-C7FB446DB34A}\RP389\A0170381.exe (PUP.Tuto4PC) -> Mis en quarantaine et supprimé avec succès.
C:\Documents and Settings\Denis\Bureau\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Mis en quarantaine et supprimé avec succès.
(fin)
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Version de la base de données: v2012.12.24.02
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Denis :: MAISON-032A5A75 [administrateur]
24/12/2012 09:23:19
mbam-log-2012-12-24 (09-23-19).txt
Type d'examen: Examen complet (C:\|)
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 534411
Temps écoulé: 2 heure(s), 29 minute(s), 31 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 5
C:\System Volume Information\_restore{A244E8B0-2C50-4240-9ACC-C7FB446DB34A}\RP389\A0170376.exe (PUP.Tuto4PC) -> Mis en quarantaine et supprimé avec succès.
C:\System Volume Information\_restore{A244E8B0-2C50-4240-9ACC-C7FB446DB34A}\RP389\A0170377.exe (PUP.Tuto4PC) -> Mis en quarantaine et supprimé avec succès.
C:\System Volume Information\_restore{A244E8B0-2C50-4240-9ACC-C7FB446DB34A}\RP389\A0170379.exe (Trojan.Eorezo) -> Mis en quarantaine et supprimé avec succès.
C:\System Volume Information\_restore{A244E8B0-2C50-4240-9ACC-C7FB446DB34A}\RP389\A0170381.exe (PUP.Tuto4PC) -> Mis en quarantaine et supprimé avec succès.
C:\Documents and Settings\Denis\Bureau\winlogon.exe (Heuristics.Reserved.Word.Exploit) -> Mis en quarantaine et supprimé avec succès.
(fin)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Voici le rapport de Delfix
# DelFix v9.2 - Rapport créé le 25/12/2012 à 10:22:25
# Mis à jour le 11/11/2012 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Denis - MAISON-032A5A75
# Exécuté depuis : C:\Documents and Settings\Denis\Local Settings\Temporary Internet Files\Content.IE5\J9O3VGBH\delfix[1].exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
Non Supprimé : C:\pre_scan
Non Supprimé : C:\Pre_Scan
~~~~~~ Fichier(s) ~~~~~~
~~~~~~ Registre ~~~~~~
~~~~~~ Autres ~~~~~~
-> Prefetch Vidé
*************************
DelFix[S1].txt - [587 octets] - [25/12/2012 10:22:25]
DelFix[S2].txt - [1762 octets] - [25/12/2012 10:23:54]
########## EOF - C:\DelFix[S1].txt - [766 octets] ##########
# DelFix v9.2 - Rapport créé le 25/12/2012 à 10:22:25
# Mis à jour le 11/11/2012 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Denis - MAISON-032A5A75
# Exécuté depuis : C:\Documents and Settings\Denis\Local Settings\Temporary Internet Files\Content.IE5\J9O3VGBH\delfix[1].exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
Non Supprimé : C:\pre_scan
Non Supprimé : C:\Pre_Scan
~~~~~~ Fichier(s) ~~~~~~
~~~~~~ Registre ~~~~~~
~~~~~~ Autres ~~~~~~
-> Prefetch Vidé
*************************
DelFix[S1].txt - [587 octets] - [25/12/2012 10:22:25]
DelFix[S2].txt - [1762 octets] - [25/12/2012 10:23:54]
########## EOF - C:\DelFix[S1].txt - [766 octets] ##########
C'est plutôt ce rapport car je l'ai lancé 2 fois...
# DelFix v9.2 - Rapport créé le 25/12/2012 à 10:23:54
# Mis à jour le 11/11/2012 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Denis - MAISON-032A5A75
# Exécuté depuis : C:\Documents and Settings\Denis\Bureau\delfix.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
Non Supprimé : C:\pre_scan
Non Supprimé : C:\Pre_Scan
Supprimé : C:\Program Files\Ad-Remover
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\Ad-Report-CLEAN[1].txt
Supprimé : C:\AdwCleaner[R1].txt
Supprimé : C:\AdwCleaner[R2].txt
Supprimé : C:\AdwCleaner[R3].txt
Supprimé : C:\AdwCleaner[S1].txt
Supprimé : C:\AdwCleaner[S2].txt
Supprimé : C:\AdwCleaner[S3].txt
Supprimé : C:\Pre_Diag_22_12_2012_21_22_03.txt
Supprimé : C:\Pre_Diag_23_12_2012_17_57_51.txt
Supprimé : C:\Pre_Scan_22_12_2012_15_47_16.txt
Supprimé : C:\Documents and Settings\Denis\Bureau\AD-R.lnk
Supprimé : C:\Documents and Settings\Denis\Bureau\adwcleaner.exe
Supprimé : C:\Documents and Settings\Denis\Bureau\Extras.Txt
Supprimé : C:\Documents and Settings\Denis\Bureau\OTL.Txt
Supprimé : C:\Documents and Settings\Denis\Bureau\OTL.exe
Supprimé : C:\Documents and Settings\Denis\Bureau\Pre_script.txt
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKCU\Software\Ad-Remover
Clé Supprimée : HKCU\Software\g3n-h@ckm@n
Clé Supprimée : HKLM\SOFTWARE\OldTimer Tools
Clé Supprimée : HKLM\SOFTWARE\AdwCleaner
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover
~~~~~~ Autres ~~~~~~
-> Prefetch Vidé
*************************
DelFix[S1].txt - [398 octets] - [25/12/2012 10:22:25]
DelFix[S2].txt - [1641 octets] - [25/12/2012 10:23:54]
########## EOF - C:\DelFix[S2].txt - [1765 octets] ##########
# DelFix v9.2 - Rapport créé le 25/12/2012 à 10:23:54
# Mis à jour le 11/11/2012 par Xplode
# Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits)
# Nom d'utilisateur : Denis - MAISON-032A5A75
# Exécuté depuis : C:\Documents and Settings\Denis\Bureau\delfix.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
Non Supprimé : C:\pre_scan
Non Supprimé : C:\Pre_Scan
Supprimé : C:\Program Files\Ad-Remover
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\Ad-Report-CLEAN[1].txt
Supprimé : C:\AdwCleaner[R1].txt
Supprimé : C:\AdwCleaner[R2].txt
Supprimé : C:\AdwCleaner[R3].txt
Supprimé : C:\AdwCleaner[S1].txt
Supprimé : C:\AdwCleaner[S2].txt
Supprimé : C:\AdwCleaner[S3].txt
Supprimé : C:\Pre_Diag_22_12_2012_21_22_03.txt
Supprimé : C:\Pre_Diag_23_12_2012_17_57_51.txt
Supprimé : C:\Pre_Scan_22_12_2012_15_47_16.txt
Supprimé : C:\Documents and Settings\Denis\Bureau\AD-R.lnk
Supprimé : C:\Documents and Settings\Denis\Bureau\adwcleaner.exe
Supprimé : C:\Documents and Settings\Denis\Bureau\Extras.Txt
Supprimé : C:\Documents and Settings\Denis\Bureau\OTL.Txt
Supprimé : C:\Documents and Settings\Denis\Bureau\OTL.exe
Supprimé : C:\Documents and Settings\Denis\Bureau\Pre_script.txt
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKCU\Software\Ad-Remover
Clé Supprimée : HKCU\Software\g3n-h@ckm@n
Clé Supprimée : HKLM\SOFTWARE\OldTimer Tools
Clé Supprimée : HKLM\SOFTWARE\AdwCleaner
Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ad-Remover
~~~~~~ Autres ~~~~~~
-> Prefetch Vidé
*************************
DelFix[S1].txt - [398 octets] - [25/12/2012 10:22:25]
DelFix[S2].txt - [1641 octets] - [25/12/2012 10:23:54]
########## EOF - C:\DelFix[S2].txt - [1765 octets] ##########
