Rapport hijackthis
Fermé
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
-
17 juin 2010 à 22:12
BoTkilla Messages postés 4612 Date d'inscription jeudi 5 juillet 2007 Statut Contributeur Dernière intervention 1 juillet 2011 - 18 juin 2010 à 18:37
BoTkilla Messages postés 4612 Date d'inscription jeudi 5 juillet 2007 Statut Contributeur Dernière intervention 1 juillet 2011 - 18 juin 2010 à 18:37
A voir également:
- Rapport hijackthis
- Hijackthis windows 10 - Télécharger - Antivirus & Antimalwares
- Plan rapport de stage - Guide
- On vous a donné accès à un fichier rapport. il est partagé avec plusieurs personnes sur cet espace pix cloud. répondez aux questions - Forum Cloud
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant ✓ - Forum Excel
- Rapport d'erreur windows - Guide
15 réponses
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
17 juin 2010 à 22:16
17 juin 2010 à 22:16
slt c'est toi qui as mis un proxy?
colle un rapport de nettoyage avec AD REMOVER
colle un rapport de nettoyage avec AD REMOVER
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
17 juin 2010 à 22:22
17 juin 2010 à 22:22
non, rien toucher...
je viens juste de nettoyer ce que je pouvais mais ce n'est pas mon pc.
je scan et poste le rapport
merci de ton aide
je viens juste de nettoyer ce que je pouvais mais ce n'est pas mon pc.
je scan et poste le rapport
merci de ton aide
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
17 juin 2010 à 22:24
17 juin 2010 à 22:24
======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 =======
Updated by C_XX on 17/06/10 at 18:00
Contact: AdRemover.contact@gmail.com
website: http://pagesperso-orange.fr/NosTools/ad_remover.html
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 16:21:57 on 17/06/2010, Normal boot
Microsoft Windows XP Professional Service Pack 3 (X86)
Bock, BOCK-622F40D139 ( )
============== SEARCH ==============
0,File found: C:\WINDOWS\Downloaded Program Files\F3initialsetup1.0.1.1.inf
0,File found: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
0,File found: C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\searchplugins\mywebsearch.xml
0,Folder found: C:\Documents and Settings\Bock\Local Settings\Application Data\Conduit
0,Folder found: C:\Program Files\Conduit
0,Folder found: C:\Program Files\SGPSA
0,Folder found: C:\Documents and Settings\All Users\Application Data\Trymedia
-- File opened: C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\Prefs.js --
Line found: user_pref("ct2418376.searchengine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Line found: user_pref("ct2418376.searchfromaddressbarurl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT241...
Line found: user_pref("browser.search.defaultthis.enginename", "PageRage Customized Web Search");
Line found: user_pref("browser.search.defaultthis.enginename", "PageRage Customized Web Search");
Line found: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&Sea...
Line found: user_pref("browser.search.selectedengine", "PageRage Customized Web Search");
Line found: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2418376&SearchSource=13");
Line found: user_pref("communitytoolbar.searchfromaddressbarsavedurl", "hxxp://search.mywebsearch.com/mywebsearc...
Line found: user_pref("ct2418376.searchengine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Line found: user_pref("ct2418376.searchfromaddressbarurl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT241...
Line found: user_pref("extensions.mywebsearch.opensearchurl", "hxxp://search.mywebsearch.com/mywebsearch/opensea...
Line found: user_pref("extensions.mywebsearch.prevkwdenabled", true);
Line found: user_pref("extensions.mywebsearch.prevkwdurl", "data:text/plain);
-- File closed --
1,Key found: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
1,Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Key found: HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
1,Key found: HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
1,Key found: HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
1,Key found: HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
1,Key found: HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
1,Key found: HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
0,Key found: HKLM\Software\Classes\AskIBar.PopSwatterBarButton
0,Key found: HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
0,Key found: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
0,Key found: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
0,Key found: HKLM\Software\Classes\AskToolBar.SettingsPlugin
0,Key found: HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
0,Key found: HKLM\Software\Classes\ComObject.DeskbarEnabler
0,Key found: HKLM\Software\Classes\ComObject.DeskbarEnabler.1
0,Key found: HKLM\Software\Conduit
0,Key found: HKLM\Software\Trymedia Systems
0,Key found: HKCU\Software\Conduit
0,Key found: HKCU\Software\PopCap
0,Key found: HKCU\Software\AppDataLow\AskBarDis
3,Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
3,Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36BC6ED0-E6B8-4937-BCD7-62942532A3FB}
3,Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CCEFEED-2374-4d5a-87D7-46DC4E81B3CA}
0,Key found: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
0,Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
0,Value found: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
0,Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
0,Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
============== ADDITIONNAL SCAN ==============
** Mozilla Firefox Version [3.5.2 (en-US)] **
-- C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\Prefs.js --
browser.search.defaultenginename, Google
browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}
browser.search.selectedengine, PageRage Customized Web Search
browser.search.selectedengine, Dogpile Search!
browser.startup.homepage, hxxp://search.conduit.com/?ctid=CT2418376&SearchSource=13
browser.startup.homepage_override.mstone, rv:1.9.1.2
keyword.url, hxxp://ws.infospace.com/playsushi_tbard/ws/redir?_iceUrl=true& user_id=&tool_id=60231&qkw=
========================================
** Internet Explorer Version [8.0.6001.18702] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
SearchAssistant:
Search bar:
Search Page:
Show_ToolBar: yes
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 2 File(s)
C:\Program Files\Ad-Remover\Backup: 2 File(s)
C:\Ad-Report-SCAN[1].txt - 17/06/2010 (4995 Byte(s))
End at: 16:24:04, 17/06/2010
============== E.O.F ==============
Updated by C_XX on 17/06/10 at 18:00
Contact: AdRemover.contact@gmail.com
website: http://pagesperso-orange.fr/NosTools/ad_remover.html
C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 16:21:57 on 17/06/2010, Normal boot
Microsoft Windows XP Professional Service Pack 3 (X86)
Bock, BOCK-622F40D139 ( )
============== SEARCH ==============
0,File found: C:\WINDOWS\Downloaded Program Files\F3initialsetup1.0.1.1.inf
0,File found: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
0,File found: C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\searchplugins\mywebsearch.xml
0,Folder found: C:\Documents and Settings\Bock\Local Settings\Application Data\Conduit
0,Folder found: C:\Program Files\Conduit
0,Folder found: C:\Program Files\SGPSA
0,Folder found: C:\Documents and Settings\All Users\Application Data\Trymedia
-- File opened: C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\Prefs.js --
Line found: user_pref("ct2418376.searchengine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Line found: user_pref("ct2418376.searchfromaddressbarurl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT241...
Line found: user_pref("browser.search.defaultthis.enginename", "PageRage Customized Web Search");
Line found: user_pref("browser.search.defaultthis.enginename", "PageRage Customized Web Search");
Line found: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&Sea...
Line found: user_pref("browser.search.selectedengine", "PageRage Customized Web Search");
Line found: user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT2418376&SearchSource=13");
Line found: user_pref("communitytoolbar.searchfromaddressbarsavedurl", "hxxp://search.mywebsearch.com/mywebsearc...
Line found: user_pref("ct2418376.searchengine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER...
Line found: user_pref("ct2418376.searchfromaddressbarurl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT241...
Line found: user_pref("extensions.mywebsearch.opensearchurl", "hxxp://search.mywebsearch.com/mywebsearch/opensea...
Line found: user_pref("extensions.mywebsearch.prevkwdenabled", true);
Line found: user_pref("extensions.mywebsearch.prevkwdurl", "data:text/plain);
-- File closed --
1,Key found: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
1,Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Key found: HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
1,Key found: HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
1,Key found: HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
1,Key found: HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
1,Key found: HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
1,Key found: HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
0,Key found: HKLM\Software\Classes\AskIBar.PopSwatterBarButton
0,Key found: HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
0,Key found: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
0,Key found: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
0,Key found: HKLM\Software\Classes\AskToolBar.SettingsPlugin
0,Key found: HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
0,Key found: HKLM\Software\Classes\ComObject.DeskbarEnabler
0,Key found: HKLM\Software\Classes\ComObject.DeskbarEnabler.1
0,Key found: HKLM\Software\Conduit
0,Key found: HKLM\Software\Trymedia Systems
0,Key found: HKCU\Software\Conduit
0,Key found: HKCU\Software\PopCap
0,Key found: HKCU\Software\AppDataLow\AskBarDis
3,Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
3,Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36BC6ED0-E6B8-4937-BCD7-62942532A3FB}
3,Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CCEFEED-2374-4d5a-87D7-46DC4E81B3CA}
0,Key found: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
0,Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
0,Value found: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
0,Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
0,Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
============== ADDITIONNAL SCAN ==============
** Mozilla Firefox Version [3.5.2 (en-US)] **
-- C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\Prefs.js --
browser.search.defaultenginename, Google
browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}
browser.search.selectedengine, PageRage Customized Web Search
browser.search.selectedengine, Dogpile Search!
browser.startup.homepage, hxxp://search.conduit.com/?ctid=CT2418376&SearchSource=13
browser.startup.homepage_override.mstone, rv:1.9.1.2
keyword.url, hxxp://ws.infospace.com/playsushi_tbard/ws/redir?_iceUrl=true& user_id=&tool_id=60231&qkw=
========================================
** Internet Explorer Version [8.0.6001.18702] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
SearchAssistant:
Search bar:
Search Page:
Show_ToolBar: yes
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start Page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 2 File(s)
C:\Program Files\Ad-Remover\Backup: 2 File(s)
C:\Ad-Report-SCAN[1].txt - 17/06/2010 (4995 Byte(s))
End at: 16:24:04, 17/06/2010
============== E.O.F ==============
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
17 juin 2010 à 22:47
17 juin 2010 à 22:47
quelqu'un svp c'est assez urgent.
merci
merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
18 juin 2010 à 17:48
18 juin 2010 à 17:48
up
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 juin 2010 à 17:50
18 juin 2010 à 17:50
j'attends toujours le rapport de suppression de AD REMOVER....
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
18 juin 2010 à 17:56
18 juin 2010 à 17:56
regarde au dessus (4 post).
c'est le seul rapport que ad-remover m'a donne
c'est le seul rapport que ad-remover m'a donne
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
18 juin 2010 à 18:04
18 juin 2010 à 18:04
desole, pas vu avant:
======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 =======
Updated by C_XX on 17/06/10 at 18:00
Contact: AdRemover.contact@gmail.com
website: http://pagesperso-orange.fr/NosTools/ad_remover.html
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 11:57:50 on 18/06/2010, Normal boot
Microsoft Windows XP Professional Service Pack 3 (X86)
Bock, BOCK-622F40D139 ( )
============== ACTION(S) ==============
0,File deleted: C:\WINDOWS\Downloaded Program Files\F3initialsetup1.0.1.1.inf
0,File deleted: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
0,File deleted: C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\searchplugins\mywebsearch.xml
0,Folder deleted: C:\Documents and Settings\Bock\Local Settings\Application Data\Conduit
0,Folder deleted: C:\Program Files\Conduit
0,Folder deleted: C:\Program Files\SGPSA
0,Folder deleted: C:\Documents and Settings\All Users\Application Data\Trymedia
(!) -- Temporary files deleted.
-- File opened: C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\Prefs.js --
-- File closed --
1,Key deleted: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Key deleted: HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
1,Key deleted: HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
1,Key deleted: HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
1,Key deleted: HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
1,Key deleted: HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
1,Key deleted: HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
0,Key deleted: HKLM\Software\Classes\AskIBar.PopSwatterBarButton
0,Key deleted: HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
0,Key deleted: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
0,Key deleted: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
0,Key deleted: HKLM\Software\Classes\AskToolBar.SettingsPlugin
0,Key deleted: HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
0,Key deleted: HKLM\Software\Classes\ComObject.DeskbarEnabler
0,Key deleted: HKLM\Software\Classes\ComObject.DeskbarEnabler.1
0,Key deleted: HKLM\Software\Conduit
0,Key deleted: HKLM\Software\Trymedia Systems
0,Key deleted: HKCU\Software\Conduit
0,Key deleted: HKCU\Software\PopCap
0,Key deleted: HKCU\Software\AppDataLow\AskBarDis
3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36BC6ED0-E6B8-4937-BCD7-62942532A3FB}
3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CCEFEED-2374-4d5a-87D7-46DC4E81B3CA}
0,Key deleted: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
0,Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
0,Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
============== ADDITIONNAL SCAN ==============
** Mozilla Firefox Version [3.5.2 (en-US)] **
-- C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\Prefs.js --
browser.search.defaultenginename, Google
browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}
browser.search.selectedengine, PageRage Customized Web Search
browser.search.selectedengine, Dogpile Search!
browser.startup.homepage, hxxp://search.conduit.com/?ctid=CT2418376&SearchSource=13
browser.startup.homepage_override.mstone, rv:1.9.1.2
keyword.url, hxxp://ws.infospace.com/playsushi_tbard/ws/redir?_iceUrl=true& user_id=&tool_id=60231&qkw=
========================================
** Internet Explorer Version [8.0.6001.18702] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
SearchAssistant:
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 13 File(s)
C:\Program Files\Ad-Remover\Backup: 16 File(s)
C:\Ad-Report-CLEAN[1].txt - 18/06/2010 (1164 Byte(s))
C:\Ad-Report-SCAN[1].txt - 17/06/2010 (6911 Byte(s))
End at: 11:59:36, 18/06/2010
============== E.O.F ==============
======= REPORT FROM AD-REMOVER | ONLY XP/VISTA/7 =======
Updated by C_XX on 17/06/10 at 18:00
Contact: AdRemover.contact@gmail.com
website: http://pagesperso-orange.fr/NosTools/ad_remover.html
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 11:57:50 on 18/06/2010, Normal boot
Microsoft Windows XP Professional Service Pack 3 (X86)
Bock, BOCK-622F40D139 ( )
============== ACTION(S) ==============
0,File deleted: C:\WINDOWS\Downloaded Program Files\F3initialsetup1.0.1.1.inf
0,File deleted: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
0,File deleted: C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\searchplugins\mywebsearch.xml
0,Folder deleted: C:\Documents and Settings\Bock\Local Settings\Application Data\Conduit
0,Folder deleted: C:\Program Files\Conduit
0,Folder deleted: C:\Program Files\SGPSA
0,Folder deleted: C:\Documents and Settings\All Users\Application Data\Trymedia
(!) -- Temporary files deleted.
-- File opened: C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\Prefs.js --
-- File closed --
1,Key deleted: HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
1,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}
1,Key deleted: HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
1,Key deleted: HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
1,Key deleted: HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
1,Key deleted: HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
1,Key deleted: HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
1,Key deleted: HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
0,Key deleted: HKLM\Software\Classes\AskIBar.PopSwatterBarButton
0,Key deleted: HKLM\Software\Classes\AskIBar.PopSwatterBarButton.1
0,Key deleted: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl
0,Key deleted: HKLM\Software\Classes\AskIBar.PopSwatterSettingsControl.1
0,Key deleted: HKLM\Software\Classes\AskToolBar.SettingsPlugin
0,Key deleted: HKLM\Software\Classes\AskToolBar.SettingsPlugin.1
0,Key deleted: HKLM\Software\Classes\ComObject.DeskbarEnabler
0,Key deleted: HKLM\Software\Classes\ComObject.DeskbarEnabler.1
0,Key deleted: HKLM\Software\Conduit
0,Key deleted: HKLM\Software\Trymedia Systems
0,Key deleted: HKCU\Software\Conduit
0,Key deleted: HKCU\Software\PopCap
0,Key deleted: HKCU\Software\AppDataLow\AskBarDis
3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
3,Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36BC6ED0-E6B8-4937-BCD7-62942532A3FB}
3,Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CCEFEED-2374-4d5a-87D7-46DC4E81B3CA}
0,Key deleted: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
0,Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyWebSearch bar Uninstall
0,Value deleted: HKLM\Software\Mozilla\Firefox\Extensions|m3ffxtbr@mywebsearch.com
0,Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
0,Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{3041D03E-FD4B-44E0-B742-2D9B88305F98}
============== ADDITIONNAL SCAN ==============
** Mozilla Firefox Version [3.5.2 (en-US)] **
-- C:\Documents and Settings\Bock\Application Data\Mozilla\FireFox\Profiles\xg0uqcsz.default\Prefs.js --
browser.search.defaultenginename, Google
browser.search.defaulturl, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}
browser.search.selectedengine, PageRage Customized Web Search
browser.search.selectedengine, Dogpile Search!
browser.startup.homepage, hxxp://search.conduit.com/?ctid=CT2418376&SearchSource=13
browser.startup.homepage_override.mstone, rv:1.9.1.2
keyword.url, hxxp://ws.infospace.com/playsushi_tbard/ws/redir?_iceUrl=true& user_id=&tool_id=60231&qkw=
========================================
** Internet Explorer Version [8.0.6001.18702] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
SearchAssistant:
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 13 File(s)
C:\Program Files\Ad-Remover\Backup: 16 File(s)
C:\Ad-Report-CLEAN[1].txt - 18/06/2010 (1164 Byte(s))
C:\Ad-Report-SCAN[1].txt - 17/06/2010 (6911 Byte(s))
End at: 11:59:36, 18/06/2010
============== E.O.F ==============
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
Modifié par jlpjlp le 18/06/2010 à 18:07
Modifié par jlpjlp le 18/06/2010 à 18:07
scan avec malwarebyte après l'avoir mis à jour, fais un scan rapide et colle le rapport obtenu et vire ce qui est trouvé:
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
______________________
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
rs: avast en est à la version 5
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
______________________
Télécharge ici :
http://images.malwareremoval.com/random/RSIT.exe
random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.
Double-clique sur RSIT.exe afin de lancer RSIT.
Clique Continue à l'écran Disclaimer.
Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.
Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
NB : Les rapports sont sauvegardés dans le dossier C:\rsit
rs: avast en est à la version 5
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
18 juin 2010 à 18:23
18 juin 2010 à 18:23
rapport malwarebytes:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4052
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
6/18/2010 12:22:52 PM
mbam-log-2010-06-18 (12-22-52).txt
Scan type: Quick scan
Objects scanned: 130152
Time elapsed: 8 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4052
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
6/18/2010 12:22:52 PM
mbam-log-2010-06-18 (12-22-52).txt
Scan type: Quick scan
Objects scanned: 130152
Time elapsed: 8 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 juin 2010 à 18:25
18 juin 2010 à 18:25
malwarebyte n'a pas été mis à jour avant l'analyse ...
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
18 juin 2010 à 18:30
18 juin 2010 à 18:30
tu veux toujours le log de rsit??
ou j'attend de reposter analyse malwarebytes??
ou j'attend de reposter analyse malwarebytes??
jlpjlp
Messages postés
51580
Date d'inscription
vendredi 18 mai 2007
Statut
Contributeur sécurité
Dernière intervention
3 mai 2022
5 040
18 juin 2010 à 18:32
18 juin 2010 à 18:32
je veux bien les deux
RSIT après le rapport de malwarebyte
RSIT après le rapport de malwarebyte
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
18 juin 2010 à 18:32
18 juin 2010 à 18:32
ok merci de ton aide
BoTkilla
Messages postés
4612
Date d'inscription
jeudi 5 juillet 2007
Statut
Contributeur
Dernière intervention
1 juillet 2011
264
18 juin 2010 à 18:37
18 juin 2010 à 18:37
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4212
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
6/18/2010 12:36:06 PM
mbam-log-2010-06-18 (12-36-06).txt
Scan type: Quick scan
Objects scanned: 137512
Time elapsed: 6 minute(s), 26 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
www.malwarebytes.org
Database version: 4212
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
6/18/2010 12:36:06 PM
mbam-log-2010-06-18 (12-36-06).txt
Scan type: Quick scan
Objects scanned: 137512
Time elapsed: 6 minute(s), 26 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)