Sujet Précédent Sujet Suivant

Ihavenet

Résolu/Fermé
klaudy Messages postés 4 Date d'inscription dimanche 13 janvier 2013 Statut Membre Dernière intervention 13 janvier 2013 - 13 janv. 2013 à 12:38
klaudy Messages postés 4 Date d'inscription dimanche 13 janvier 2013 Statut Membre Dernière intervention 13 janvier 2013 - 13 janv. 2013 à 17:33
Bonjour,
j'ai remarqué il y a qq jours que j'ai un probleme de redirection et je vois maintenant que c'est ce virus "ihavenet".
j'ai téléchargé AdwCleaner et lancé...
voici le rapport de la premiere recherche:

# AdwCleaner v2.105 - Logfile created 01/12/2013 at 21:03:53
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : klaudia - KLAUDIA-PC
# Boot Mode : Normal
# Running from : C:\Users\klaudia\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\uTorrentControl_v2
Folder Found : C:\Users\klaudia\AppData\Local\Conduit
Folder Found : C:\Users\klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Found : C:\Users\klaudia\AppData\Local\Temp\AskSearch
Folder Found : C:\Users\klaudia\AppData\Local\Temp\CT3220468
Folder Found : C:\Users\klaudia\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\klaudia\AppData\LocalLow\Conduit
Folder Found : C:\Users\klaudia\AppData\LocalLow\uTorrentControl_v2
Folder Found : C:\Users\klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\j09fc7x0.default\CT3220468
Folder Found : C:\Users\klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\j09fc7x0.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Folder Found : C:\Users\klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\j09fc7x0.default\Smartbar
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\Software\uTorrentControl_v2
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C87270B-1047-44D9-A9F6-735629266EDB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF9CA59E-CCF0-4465-A525-09561BF6DD38}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (hu)

File : C:\Users\klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\j09fc7x0.default\prefs.js

Found : user_pref("CT3220468.BT_Stats", "{\"last_log\":1346527355,\"uuid\":304224465015425,\"seq_id\":8,\"ss[...]
Found : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT3220468.Facebook_Mode", "2");
Found : user_pref("CT3220468.Facebook_User_Locale", "en");
Found : user_pref("CT3220468.FirstTime", "true");
Found : user_pref("CT3220468.FirstTimeFF3", "true");
Found : user_pref("CT3220468.LoginRevertSettingsEnabled", true);
Found : user_pref("CT3220468.RevertSettingsEnabled", true);
Found : user_pref("CT3220468.UserID", "UN42358744340255767");
Found : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT3220468.autoDisableScopes", -1);
Found : user_pref("CT3220468.cbcountry_001", "HU");
Found : user_pref("CT3220468.cbfirsttime", "Tue Aug 21 2012 11:29:47 GMT+0200");
Found : user_pref("CT3220468.defaultSearch", "FALSE");
Found : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT3220468.enableAlerts", "always");
Found : user_pref("CT3220468.enableSearchFromAddressBar", "FALSE");
Found : user_pref("CT3220468.firstTimeDialogOpened", "true");
Found : user_pref("CT3220468.fixPageNotFoundError", "true");
Found : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT3220468.fixUrls", true);
Found : user_pref("CT3220468.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES", "resizable=0,hscroll=0,vscro[...]
Found : user_pref("CT3220468.installId", "fft3FBE.tmp.exe");
Found : user_pref("CT3220468.installType", "XPE");
Found : user_pref("CT3220468.isCheckedStartAsHidden", true);
Found : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Found : user_pref("CT3220468.isNewTabEnabled", true);
Found : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Found : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT3220468.migrateAppsAndComponents", true);
Found : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Found : user_pref("CT3220468.openThankYouPage", "false");
Found : user_pref("CT3220468.openUninstallPage", "FALSE");
Found : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Found : user_pref("CT3220468.search.searchCount", "2");
Found : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Found : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357061489849");
Found : user_pref("CT3220468.serviceLayer_services_appTracking_lastUpdate", "1354242640773");
Found : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1357771156158");
Found : user_pref("CT3220468.serviceLayer_services_clientErrorLog_lastUpdate", "1349863853375");
Found : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1356684768279");
Found : user_pref("CT3220468.serviceLayer_services_login_10.10.20.14_lastUpdate", "1346098012525");
Found : user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1354602838148");
Found : user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357778357335");
Found : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1356684768421");
Found : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1357763372909");
Found : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1357754906897");
Found : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1356684768556");
Found : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1357778356591");
Found : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1357754907016");
Found : user_pref("CT3220468.settingsINI", true);
Found : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Found : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Found : user_pref("CT3220468.smartbar.Uninstall", "0");
Found : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Found : user_pref("CT3220468.startPage", "userChanged");
Found : user_pref("CT3220468.toolbarBornServerTime", "21-8-2012");
Found : user_pref("CT3220468.toolbarCurrentServerTime", "10-1-2013");
Found : user_pref("CT3220468.upgradeFromClearSBVersion", true);
Found : user_pref("CT3220468.url_history0001", "hxxp://www.facebook.com/?ref=tn_tnmn:::clickhandler:::134643[...]
Found : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\klaudia\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12755 octets] - [12/01/2013 21:03:53]

########## EOF - C:\AdwCleaner[R1].txt - [12816 octets] ##########


et celui qui a apparu apres "Suppression":

# AdwCleaner v2.105 - Logfile created 01/12/2013 at 21:08:19
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : klaudia - KLAUDIA-PC
# Boot Mode : Normal
# Running from : C:\Users\klaudia\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\Users\klaudia\AppData\Local\Conduit
Folder Deleted : C:\Users\klaudia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\klaudia\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\klaudia\AppData\Local\Temp\CT3220468
Folder Deleted : C:\Users\klaudia\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\klaudia\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\klaudia\AppData\LocalLow\uTorrentControl_v2
Folder Deleted : C:\Users\klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\j09fc7x0.default\CT3220468
Folder Deleted : C:\Users\klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\j09fc7x0.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Folder Deleted : C:\Users\klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\j09fc7x0.default\Smartbar
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C87270B-1047-44D9-A9F6-735629266EDB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF9CA59E-CCF0-4465-A525-09561BF6DD38}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (hu)

File : C:\Users\klaudia\AppData\Roaming\Mozilla\Firefox\Profiles\j09fc7x0.default\prefs.js

Deleted : user_pref("CT3220468.BT_Stats", "{\"last_log\":1346527355,\"uuid\":304224465015425,\"seq_id\":8,\"ss[...]
Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3220468.Facebook_Mode", "2");
Deleted : user_pref("CT3220468.Facebook_User_Locale", "en");
Deleted : user_pref("CT3220468.FirstTime", "true");
Deleted : user_pref("CT3220468.FirstTimeFF3", "true");
Deleted : user_pref("CT3220468.LoginRevertSettingsEnabled", true);
Deleted : user_pref("CT3220468.RevertSettingsEnabled", true);
Deleted : user_pref("CT3220468.UserID", "UN42358744340255767");
Deleted : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3220468.autoDisableScopes", -1);
Deleted : user_pref("CT3220468.cbcountry_001", "HU");
Deleted : user_pref("CT3220468.cbfirsttime", "Tue Aug 21 2012 11:29:47 GMT+0200");
Deleted : user_pref("CT3220468.defaultSearch", "FALSE");
Deleted : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3220468.enableAlerts", "always");
Deleted : user_pref("CT3220468.enableSearchFromAddressBar", "FALSE");
Deleted : user_pref("CT3220468.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3220468.fixPageNotFoundError", "true");
Deleted : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3220468.fixUrls", true);
Deleted : user_pref("CT3220468.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES", "resizable=0,hscroll=0,vscro[...]
Deleted : user_pref("CT3220468.installId", "fft3FBE.tmp.exe");
Deleted : user_pref("CT3220468.installType", "XPE");
Deleted : user_pref("CT3220468.isCheckedStartAsHidden", true);
Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Deleted : user_pref("CT3220468.isNewTabEnabled", true);
Deleted : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3220468.migrateAppsAndComponents", true);
Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Deleted : user_pref("CT3220468.openThankYouPage", "false");
Deleted : user_pref("CT3220468.openUninstallPage", "FALSE");
Deleted : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Deleted : user_pref("CT3220468.search.searchCount", "2");
Deleted : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3220468.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357061489849");
Deleted : user_pref("CT3220468.serviceLayer_services_appTracking_lastUpdate", "1354242640773");
Deleted : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1357771156158");
Deleted : user_pref("CT3220468.serviceLayer_services_clientErrorLog_lastUpdate", "1349863853375");
Deleted : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1356684768279");
Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.20.14_lastUpdate", "1346098012525");
Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.27.6_lastUpdate", "1354602838148");
Deleted : user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357778357335");
Deleted : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1356684768421");
Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1357763372909");
Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1357754906897");
Deleted : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1356684768556");
Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1357778356591");
Deleted : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1357754907016");
Deleted : user_pref("CT3220468.settingsINI", true);
Deleted : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Deleted : user_pref("CT3220468.smartbar.Uninstall", "0");
Deleted : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Deleted : user_pref("CT3220468.startPage", "userChanged");
Deleted : user_pref("CT3220468.toolbarBornServerTime", "21-8-2012");
Deleted : user_pref("CT3220468.toolbarCurrentServerTime", "10-1-2013");
Deleted : user_pref("CT3220468.upgradeFromClearSBVersion", true);
Deleted : user_pref("CT3220468.url_history0001", "hxxp://www.facebook.com/?ref=tn_tnmn:::clickhandler:::134643[...]
Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\klaudia\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [12878 octets] - [12/01/2013 21:03:53]
AdwCleaner[R2].txt - [12939 octets] - [12/01/2013 21:04:19]
AdwCleaner[R3].txt - [13000 octets] - [12/01/2013 21:04:44]
AdwCleaner[R4].txt - [13061 octets] - [12/01/2013 21:06:41]
AdwCleaner[S1].txt - [13283 octets] - [12/01/2013 21:08:19]

########## EOF - C:\AdwCleaner[S1].txt - [13344 octets] ##########

comment continuer?
merci d'avance

6 réponses

Réponse 1 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
13 janv. 2013 à 12:42
Salut,

Faire AdwCleaner en suppression puis :


Faire un scan OTL pour diagnostiquer les programmes qui tournent et déceler des infections :

Tu peux suivre les indications de cette page pour t'aider : https://www.malekal.com/tutorial-otl/

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

Dans le cas d'Avast!, ne pas lancer le programme dans la Sandbox (voir lien d'aide ci-dessus).

* Lance OTL
* En haut à droite de Analyse rapide, coche "tous les utilisateurs"
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :



netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\consrv.dll
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32 /s
HKEY_LOCAL_MACHINE\SYSTEM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList /s
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs



* Clique sur le bouton Analyse.

NE PAS COPIER/COLLER LE RAPPORT ICI - LIRE JUSQU'AU BOUT
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent), donne le ou les liens pjjoint qui pointent vers ces rapports ici dans un nouveau message.
1
Réponse 2 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
13 janv. 2013 à 17:20
Sécurise ton PC !

Important - ton infection est venue par un exploit sur site web :

Un exploit sur site WEB permet l'infection de ton ordinateur de manière automatiquement à la visite d'un site WEB qui a été hacké, il tire partie du fait que tu as des logiciels (Java, Adobe Reader etc) qui sont pas à jour et possèdent des vulnérabilités qui permettent l'execution de code (malicieux dans notre cas) à ton insu.
Le fait de ne pas avoir des logiciels à jour et qui ont potentiellement des vulnérabilités permettent donc d'infecter ton système.
Exemple avec : Exploit Java

Il faut donc impérativement maintenir tes logiciels à jour afin de ne pas voir ces portes d'entrée sur ton système.
Tant que ces logiciels ne seront pas à jour, ton PC est vulnérable et les infections peuvent s'installer facilement.

IMPORTANT : mettre à jour tes programmes notamment Java/Adobe Reader et Flash :
/faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite
https://forum.malekal.com/viewtopic.php?t=15960&start=

Passe le mot à tes amis !

~~

Filtrer les PUPs/Adwares les plus fréquents avec HOSTS Anti-PUPs/Adwares : http://www.malekal.com/2012/01/10/hosts-anti-pupsadware/

~~

Le reste de la sécurité : http://forum.malekal.com/comment-securiser-son-ordinateur.html

1
Réponse 3 / 6
klaudy Messages postés 4 Date d'inscription dimanche 13 janvier 2013 Statut Membre Dernière intervention 13 janvier 2013
13 janv. 2013 à 13:26
https://pjjoint.malekal.com/files.php?id=20130113_u13h6c7m13p5
0
Réponse 4 / 6
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 651
13 janv. 2013 à 15:02
Je pense que tu es parvenu à le virer :)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
klaudy Messages postés 4 Date d'inscription dimanche 13 janvier 2013 Statut Membre Dernière intervention 13 janvier 2013
13 janv. 2013 à 17:18
oui, il me semble que le probleme est résolu :)
merci!!!
0
Réponse 6 / 6
klaudy Messages postés 4 Date d'inscription dimanche 13 janvier 2013 Statut Membre Dernière intervention 13 janvier 2013
13 janv. 2013 à 17:33
tres bien, merci!
0