Virus ou pas ?

Résolu
poesia Messages postés 233 Statut Membre -  
loloetseb Messages postés 5684 Statut Membre -
Bonjour,

voila ........j ai un souci avec mon ordinateur qui rame enormenent........que ce soit quand je le met en route , quand je surfe sur internet et surtout quand je veux l eteindre !!!!!
je suis connecté via le cable ethernet a un boitier "maitre".....c ets a dire qu en fait 3 ordinateurs son sur la meme "connection"......si c est bien le terme..... dont 1 en wi fi ........
l ordi de mon ami avait des trojans .......je pense avoir resolu le souci grace a l intervention d une personne de ce site .....seulement ......se pourrait il que les 2 autres ordi aient pu etre "infestés" de ce fait ou est ce un autre probleme ?
j ai lancer avast qui n a rien detecté ( je garde avast car c ets le seul antivirus que j arrive a gerer!!!!)....j avais zone alarm mais je l ai supprimé car j avais des soucis.....je l avait precedemment installé sur celui de mon ami .....je pense que les 2 etaient en conflit ........d ailleurs est ce qu il faut 1 pare feu par ordi ?j avais aussi spybot mais precedemment j ai fais des mauvaises manipe car je ne sais pas trop comment il fonctionne alors j ai preferé le supprimer aussi !!!!
certaines personnes me disent que c ets peut etre parce que mon ordi est pratiquement plein ......et que c ets juste une histoire de carte "memoire" je crois qu il faudrait que je rejoute !!!!! a vrai dire je n y comprend pas grand chose et j evite de supprimer quoi que ce soit de peur d enlever quelque chose de necessaire !!!!
voila......si quelqu un pouvait m aider et me repondre ce serait super ........
merci
A voir également:

248 réponses

Réponse 1 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
Salut,

Peux tu faire un scan hijack this,

Fais "do a scan and save a log",copies le rapport (ctrl+c) et postes le (ctrl+v) sur cette page


http://www.commentcamarche.net/telecharger/telecharger 159 hijackthis
0
Réponse 2 / 248
poesia Messages postés 233 Statut Membre 2
 
merci loloetseb

voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:58:15, on 05/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\acer\Acer eConsole\MediaServerService.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Acer\Acer eConsole\MediaSync.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Windows Desktop Search\WindowsSearchIndexer.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer optimisé pour MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\EoRezo\EoAdv\EOREZO~1.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\ADOBE\SHOCKW~1\SWHELP~2.EXE -Update -1100465 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; MSN Optimized;FR; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; MSN Optimized;FR)" -"http://www8.agame.com/games/shockwave/r/r-style_supreme/r-style_supreme_jeu_fr.htm"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} (PowerLoader Class) - https://www.jeu.fr/?utm_source=spildomains&utm_medium=redirect&utm_campaign=powersoccer.jeu.fr
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {97E71027-0BA2-44F2-97DB-F84D808ED0B6} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab55762.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bw+0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A04ABDAF-528F-48B5-B1E0-1F81E1406223} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 3 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
Bon belle infections,on commence par

Télécharge de AD-Remover de Cyrildu17 / C_XX) sur ton Bureau.

http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe

/!\ Déconnecte-toi et ferme toutes applications en cours /!\

- Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).
- Double-clique sur l'icône Ad-remover située sur ton Bureau.
- Au menu principal, choisis l'option "A".
- Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note :

"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 4 / 248
poesia Messages postés 233 Statut Membre 2
 
que dois je comprendre par..../!\ Déconnecte-toi et ferme toutes applications en cours /!\ ?
il faut que je ferme internet ?
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
Oui ferme internet et tous les autres logiciels qui sont en cours d'exercice sur ton bureau(word,excel,jeux,etc)
0
Réponse 6 / 248
poesia Messages postés 233 Statut Membre 2
 
bon je n ai pas attendu ta reponse et j ai tout fermé ....voici le rapport .....


------- LOGFILE OF AD-REMOVER 1.1.0.5 | ONLY XP/VISTA -------

Updated by C_XX on 04/02/2009 at 16:00

Start at: 1:21:35 | Jeu 05/02/2009 | Microsoft® Windows XP™ SP3 (V5.1.2600)
Boot mode: Normal
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Pc: COCO | User: corinne ( Current user is an administrator)
Drive(s):
- C:\ (File System: FAT32)
- D:\ (File System: FAT32)
- F:\ (File System: FAT32)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\

--- Running Processes: 54

+--------------------| Boonty/Boonty Games Elements Found:

.
.

+--------------------| Eorezo Elements Found:

HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKCR\Typelib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKCU\SOFTWARE\EoRezo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\EoRezo
HKLM\SOFTWARE\Classes\CLSID\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Classes\EoRezoBHO.EoBho
HKLM\SOFTWARE\Classes\EoRezoBHO.EoBho.1
HKLM\SOFTWARE\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}
HKLM\SOFTWARE\Classes\Interface\{B0D071A1-36B3-4757-A126-14C89C56013A}
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EoEngine
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
.
C:\Program Files\EoRezo
C:\Program Files\EoRezo\lang
C:\Program Files\EoRezo\EoAdv
C:\Program Files\EoRezo\EoAdv\tmp
C:\Documents and Settings\corinne\Application Data\EoRezo
C:\Documents and Settings\corinne\Application Data\EoRezo\db
C:\Documents and Settings\corinne\Application Data\EoRezo\eoDesktop
C:\Documents and Settings\corinne\Application Data\EoRezo\eoStats
C:\Documents and Settings\corinne\Cookies\corinne@scache3.eorezo[2].txt
C:\Documents and Settings\corinne\Cookies\corinne@scache0.eorezo[2].txt
C:\Documents and Settings\corinne\Cookies\corinne@eorezo[2].txt
C:\Documents and Settings\corinne\Cookies\corinne@scache1.eorezo[2].txt
C:\Documents and Settings\corinne\Cookies\corinne@scache.eorezo[1].txt
C:\Documents and Settings\corinne\Cookies\corinne@scache2.eorezo[1].txt
C:\Documents and Settings\corinne\Cookies\corinne@scache4.eorezo[1].txt

+--------------------| Infected Poker Softwares Elements Found:

.

+--------------------| FunWebProducts/MyWay/MyWebSearch/MyGlobalSearch Elements Found:

.
.

+--------------------| It's TV Elements Found:

.

+--------------------| Sweetim Elements Found:

HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKCR\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKCR\MgMediaPlayer.GifAnimator
HKCR\MgMediaPlayer.GifAnimator.1
HKCU\SOFTWARE\SweetIM
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5549C19D-46FE-4975-AD54-5B37E87FF6E2}
HKLM\SOFTWARE\SweetIM
HKCR\Installer\Products\D91C9455EF645794DA45B5738EF76F2E
HKLM\Software\Classes\Installer\Products\D91C9455EF645794DA45B5738EF76F2E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\D91C9455EF645794DA45B5738EF76F2E
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
.
C:\WINDOWS\Installer\9ce573a.msi
C:\Program Files\SweetIM
C:\Program Files\SweetIM\Messenger
C:\Program Files\SweetIM\Messenger\resources
C:\Program Files\SweetIM\Messenger\resources\images
C:\Documents and Settings\All Users\Application Data\SweetIM
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\logs
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\update
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\data\contentdb
C:\Documents and Settings\All Users\Application Data\SweetIM\Messenger\conf\users
C:\Documents and Settings\corinne\Cookies\corinne@www.sweetim[1].txt
C:\Documents and Settings\corinne\Cookies\corinne@sweetim[2].txt

+--------------------| Added Scan:

---- Mozilla FireFox Version [Unable to get version] ----

ProfilePath: zxsfmjw9.default
.
Prefs.js: Browser.Startup.HomePage: "http://www.lo.st"
.
(Prefs.js) FOUND: user_pref("browser.startup.homepage", "http://www.lo.st");
.
.
.
.

---- Internet Explorer Version 7.0.5730.13 ----

+--[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.google.fr/

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home

+--[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: hxxp://www.lo.st/?tabs

+---------------------------------------------------------------------------+

[~10537 Bytes] - "C:\Ad-Report-Scan-05.02.2009.log"
-

End at: 1:25:27 | 05/02/2009
.
+--------------------| E.O.F - 156 Lines
0
Réponse 7 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
Désactive le contrôle des comptes utilisateurs
(tu le réactiveras après ta désinfection):

* Va dans démarrer puis panneau de configuration
* Double Clique sur l'icône "Comptes d'utilisateurs"
* Clique ensuite sur désactiver et valide.

Relance ad remover,cliques sur b,puis sur a ,un rapport s'affichera,postes le moi
0
Réponse 8 / 248
poesia Messages postés 233 Statut Membre 2
 
je ne vois pas ou est ecrit desactiver !!!! arggggggggg
0
Réponse 9 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
Pas d'inquietude tu es sous xp ,c 'est sous vista que cela se desactive!!!!
0
Réponse 10 / 248
poesia Messages postés 233 Statut Membre 2
 
donc je ne touche a rien et je Relance ad remover je clique sur b puis puis sur a ?
0
Réponse 11 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
yes
0
Réponse 12 / 248
poesia Messages postés 233 Statut Membre 2
 
j ai cliqué B ensuite sur A mais rien ne se produit et la fenetre est toujours la !!!!! que dois je faire !?
0
Réponse 13 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
Fermes ta fenetre internet et cliques sur S et postes moi le rapport
0
Réponse 14 / 248
poesia Messages postés 233 Statut Membre 2
 
je reprend sur l ordi de mon ami car sur le mien je n ai plus d image de fond et l ordi beug avec la fenetre Ad sur scan additionel depuis 1h54 !!!! que dois je faire ?
0
Réponse 15 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
Ca mets du temps,c'est normal,tu as beaucoup de fichiers infectés
0
Réponse 16 / 248
poesia Messages postés 233 Statut Membre 2
 
a ce point là ?......tu pourrai me dire si ce sont des sites visités qui ont fait que j ai eu ces infections ,.....parce que je me demande si c ets pas mon fils qui surfe sur des sites de jeux....bon j ai bien vu poker donc j en deduit cela ......mais est ce seulement ça ?
n empeche presque 20 minutes c ets vraiment long !!!! lol
0
Réponse 17 / 248
poesia Messages postés 233 Statut Membre 2
 
toujours rien !!!!! es tu sur que ça ne beug pas ?
0
Réponse 18 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
Ca m'embete de te le faire arretter en plein nettoyage (car si on le relance,on n'aura q'un resultat partiel de la desinfection.Bon encore 2.3 minutes et ensuite tu arrettes si c'est pas terminé,on va faire une procedure pas a pas
0
Réponse 19 / 248
loloetseb Messages postés 5684 Statut Membre 174
 
Bon si ad remover,n'est pas terminé ,tu l'arrettes,ca va beuger

Ensuite relances le,tu cliques sur B,puis 2,puis 6,puis S et tu me postes le rapport
0
Réponse 20 / 248
poesia Messages postés 233 Statut Membre 2
 
j ai plus rien sur mon ordi ........pas de poste de travail ni de fond d ecran ........riennnnn......tout est bleu !!!! snifffffffffff
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses