Probleme de lenteur virus

lllollla -  
 lllollla -
Bonjour,
mon ordi bloque et tres lent il s'ouvre des fenetre de pub
ma config
vista sevice pack 2
AMD athlon 64X2 dual core processor 4200 2.20GHz
memoire vive 3Go
je vous envoie un rapport hijackthis
merci de votre aide
Configuration: Windows Vista / Firefox 3.6

24 réponses

  • 1
  • 2
  1. totobetourne Messages postés 5677 Statut Membre 65
     
    bonjour

    1)pour vista si infection.

    Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection: IMPORTANT A NE SURTOUT PAS OUBLIER):

    - Va dans démarrer puis panneau de configuration
    - Double Clique sur l'icône "Comptes d'utilisateurs"
    - Clique ensuite sur désactiver et valide.

    http://www.laboratoire-microsoft.org/tips-23933-desactiver-uac-vista.html

    2)on va analyser ton pc.

    Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

    -> http://images.malwareremoval.com/random/RSIT.exe

    ! Déconnecte toi et ferme toutes tes applications en cours !

    Double-clique sur " RSIT.exe " pour le lancer .

    -> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

    * Devant l'option "List files/folders created ..." , tu choisis : 2 months

    * clique ensuite sur " Continue " pour lancer l'analyse ...

    -> laisse faire le scan et ne touche pas au PC ...

    Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

    Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

    Important : poste un rapport, puis l'autre dans la réponse suivante
    Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum

    ( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
    0
  2. lllollla
     
    merci pour ton aide
    je t'envoie le rapport avec un peu de retard

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by laurent at 2010-03-07 11:08:08
    Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
    System drive C: has 89 GB (39%) free of 229 GB
    Total RAM: 2942 MB (69% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:08:10, on 07/03/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18882)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Users\laurent\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\system32\ctfmon.exe
    C:\Users\laurent\Desktop\RSIT.exe
    C:\Program Files\trend micro\laurent.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.gdark.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww38.my.freeze.com/search/simple_search.aspx?ProgramID=182&AcquisitionID=07fe1ff5-ef84-4b00-986e-585b06adcdd1&s=&ipc=&vintage=20091146&defaultBrowserId=8&productId=157&vendorId=5725&offerId=6123
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=FRN_FR&Sys=DTP&M=E4224
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.gdark.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.gdark.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://fr.gdark.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.gdark.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: HelloWorldBHO - {1C3B806C-C5DA-4F6E-BA43-B1FF982F0A02} - (no file)
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Shareware.Pro-FR Toolbar - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbShar.dll
    O2 - BHO: Smart-Shopper - {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Shareware.Pro-FR Toolbar - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbShar.dll
    O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\laurent\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{ACADF4AA-9401-4703-A580-0E8B7825E8C3}: NameServer = 80.10.246.1,81.253.149.2
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\2\FTRTSVC.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: Service Google Update (gupdate1ca07a254b84d94) (gupdate1ca07a254b84d94) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    0
  3. lllollla
     
    voici l'info txt

    info.txt logfile of random's system information tool 1.06 2010-03-07 10:36:06

    ======Uninstall list======

    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x40c -removeonly
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x40c -removeonly
    32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A92000000001}
    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    AliveColors Freeware-->"C:\Program Files\AliveColors FreeWare\uninst\unins000.exe"
    Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
    aTube Catcher 1.0-->"C:\Program Files\DsNET Corp\aTube Catcher 1.0\unins000.exe"
    avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
    barre d'outils Orange-->C:\Program Files\Orange\ToolbarFR\uninst.exe
    Belkin Wireless G Plus MIMO USB Network Adapter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Belkin\F5D9050\Setup.exe" -l0x9
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A}
    C-Dilla Licence Management System-->C:\C_DILLA\setup\cdunin16.exe
    Codeur Windows Media Série 9-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Codeur Windows Media Série 9-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
    Coffret de pilotes Logitech QuickCam-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress
    Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}
    Digital Media Reader-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61} /l1033
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    eMachines Recovery Center Installer-->MsiExec.exe /X{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}
    eMule-->"C:\Program Files\eMule\Uninstall.exe"
    Favorit-->c:\users\laurent\appdata\local\gfyrk.bat
    FormatFactory 2.20-->C:\Program Files\FreeTime\FormatFactory\uninst.exe
    Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}
    Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.0.249.89\Installer\setup.exe" --uninstall --system-level
    Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466}
    HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    Hotfix for Windows Media Encoder (KB929182)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={5406B219-A1AC-4BC4-8695-72292C8195AC} /qb
    HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
    HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
    HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
    HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
    HP Photosmart.All-In-One Driver Software 8.0 .A-->C:\Program Files\HP\Digital Imaging\{282E5AB2-8E47-4571-B6FA-6B512555B557}\setup\hpzscr01.exe -datfile hposcr18.dat -onestop -showdisconnect -forcereboot
    HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
    HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
    HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
    Indeo® software-->C:\Windows\IsUninst.exe -f"C:\Program Files\Intel\Indeo\Uninst.isu" -c"C:\Program Files\Intel\Indeo\SavedSystemFiles\indounin.dll"
    Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
    Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
    KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355}
    LG CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
    LG CyberLink PowerBackup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\Setup.exe" -uninstall
    LG CyberLink PowerDVD 7.0-->"C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
    LG CyberLink PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
    LG CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
    LG CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall
    LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
    LG Power Tools-->"C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall
    Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    Logitech Motion Detector Gadget-->MsiExec.exe /X{8D5B8F9D-00F6-4F71-87E0-C43C043A018E}
    Logitech SetPoint-->"C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l0x040c -removeonly
    Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}
    Logitech Webcam Software-->MsiExec.exe /I{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}
    Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B}
    Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
    Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
    Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (French)-->MsiExec.exe /X{95120000-00AF-040C-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
    Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
    Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
    Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Works-->MsiExec.exe /I{6B1CB38D-E2E4-4A30-933D-EFDEBA76AD9C}
    Mise à jour automatique du Firmware pour ODD LG-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6179550A-3E7C-499E-BCC9-9E8113E0A285}\Setup.exe"
    Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}
    Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}
    Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}
    Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}
    Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
    Mozilla Firefox (3.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
    MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    Norton Security Scan-->C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.3.0.44\InstStub.exe /X
    Notification Mail-->"C:\Program Files\Orange\MailNotifier\uninstallMailNotifier.exe"
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
    Orange - Logiciels Internet-->C:\Program Files\OrangeHSS\installation\core\Installgui.exe -u
    OrangeInstaller version 1.0.0.0-->RunDll32 C:\Windows\system32\advpack.dll,LaunchINFSection C:\Windows\INF\OrangeInstaller_1.0.0.0.inf,DefaultUninstall
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
    RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
    Runtime VB 5.0 fr-->C:\Windows\ST5UNST.EXE -n "C:\Windows\System32\ST5UNST.LOG"
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
    Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
    Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
    Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
    Shareware.Pro-FR Toolbar-->C:\PROGRA~1\SHAREW~1.PRO\UNWISE.EXE /U C:\PROGRA~1\SHAREW~1.PRO\INSTALL.LOG
    Skype web features-->MsiExec.exe /I{F1362843-0E0E-4F74-8662-724CF101ADCE}
    Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    SmartShopper-->C:\Program Files\Smart-Shopper\Uninst.exe
    SoftwareUpdate 1.0-->"C:\Users\laurent\AppData\Roaming\eoRezo\SoftwareUpdate\unins000.exe"
    Sony Picture Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x40c /removeonly uninstall -removeonly
    System Search Dispatcher-->"C:\Program Files\System Search Dispatcher\1.4.0.970\unins000.exe"
    Ulead PhotoImpact 5-->C:\Windows\ISUninst.exe -f"C:\Program Files\Ulead Systems\Ulead PhotoImpact 5\Uninst.isu" -c"C:\Program Files\Ulead Systems\Ulead PhotoImpact 5\IS32Inst.dll"
    Uniblue RegistryBooster 2010-->"C:\Program Files\Uniblue\RegistryBooster\unins000.exe"
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
    Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
    Update for Outlook 2007 Junk Email Fil
    0
  4. lllollla Messages postés 5 Statut Membre
     
    il y a plus personne?
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. totobetourne Messages postés 5677 Statut Membre 65
     
    toujours present.

    pas mal de petites infections.
    voila ce qui arrive avec le couple avast et pare feu windows.

    1)--> Télécharge UsbFix (de Chiquitine29) sur ton Bureau.
    http://pagesperso-orange.fr/NosTools/usbfix.html

    --> Branche tes sources de données externes à ton PC (clé USB, disque dur externe, carte SD, etc...) sans les ouvrir.

    --> Clique droit sur le raccourci UsbFix situé sur ton Bureau et choisis Exécuter en tant qu'administrateur.

    --> Choisis l'option 1 (recherche).

    --> Le PC va redémarrer.

    --> Après redémarrage, poste le rapport UsbFix.txt

    Note : le rapport UsbFix.txt est sauvegardé à la racine du disque.

    (Si le Bureau ne réapparaît pas, presse Ctrl+Alt+Suppr, Onglet "Fichier", "Nouvelle tâche", tape explorer.exe et valide)

    refais pareil mais en option 2 apres colle le rapport que tu obtiens.

    2)telecharge cela et fait le fonctionner en option S.colle le rapport.

    https://forums.commentcamarche.net/forum/affich-15890501-spam-tres-ennuyeux#16

    Déconnectes toi et fermes toutes applications en cours !

    Relances "Ad-remover" : au menu principal choisi l'option "L" .
    ? Ensuite coche: (le numero devant et entree)

    Boonty/Boonty Games
    eorezo
    .......
    Puis "S"

    le programme va travailler ...

    Postes le rapport qui apparait à la fin + un nouvel Hijackthis pour analyse ...

    ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

    /!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides) /!\

    3)passe cet antimalware, fait comme indique
    Telecharges malwaresbytes antimalwares(MBAM) : egalement tres util sur pb de pub mais pas tous malheureusement

    Malwarebytes Anti-Malware: http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    Tutoriel Malwarebytes Anti-Malware: https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm
    fais comme indique,mise a jour , scan complet et le rapport.
    COLLE LE RAPPORT APRES SUPPRESSION MERCI.

    garde le et lance un scan tout les mois comme indique.

    si tu as ad aware tu peux desinstalle car il ne reconnait plus grand chose.

    0
  7. lllollla
     
    voici le rapport usbfix

    ############################## | UsbFix V6.098 |

    User : laurent (Administrateurs) # PC-DE-LAURENT
    Update on 03/03/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 16:12:15 | 07/03/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18882
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local # 223,95 Go (85,85 Go free) # NTFS
    D:\ -> Disque fixe local # 8,93 Go (3,63 Go free) [Recovery] # NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque fixe local # 232,85 Go (106,02 Go free) # FAT32
    G:\ -> Disque amovible
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque amovible

    ################## | Elements infectieux |

    D:\autorun.inf

    ################## | Registre |

    ################## | Mountpoints2 |

    HKCU\..\..\Explorer\MountPoints2\{8349f446-f509-11dc-82d0-001921ddd7c3}
    shell\Auto\command =RavMon.exe
    shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMon.exe

    HKCU\..\..\Explorer\MountPoints2\{a38cc3cf-a6b5-11de-b349-001921ddd7c3}
    shell\AutoRun\command =

    HKCU\..\..\Explorer\MountPoints2\{bbeebc53-c6b2-11dd-b6d5-001921ddd7c3}
    shell\Auto\command =
    shell\AutoRun\command =C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\RavMon.exe

    ################## | Vaccin |

    ################## | ! Fin du rapport # UsbFix V6.098 ! |
    0
  8. lllollla Messages postés 5 Statut Membre
     
    j'ai refais l'option 2 mais c tres long a scanne je suis a 90% depuis 2 heures ca ne bouge plus bizarre
    0
  9. totobetourne Messages postés 5677 Statut Membre 65
     
    relance usb fix option 2 si le scan dure plus de 10 mn arrete le scan et fait le 2) puis le 3) apres on y reviendra.
    0
  10. lllollla
     
    voici l'option 2 ubifix
    ############################## | UsbFix V6.098 |

    User : laurent (Administrateurs) # PC-DE-LAURENT
    Update on 03/03/2010 by El Desaparecido , C_XX & Chimay8
    Start at: 16:43:20 | 07/03/2010
    Website : http://pagesperso-orange.fr/NosTools/index.html
    Contact : FindyKill.Contact@gmail.com

    AMD Athlon(tm) 64 X2 Dual Core Processor 4200+
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18882
    Windows Firewall Status : Enabled

    C:\ -> Disque fixe local # 223,95 Go (85,84 Go free) # NTFS
    D:\ -> Disque fixe local # 8,93 Go (3,63 Go free) [Recovery] # NTFS
    E:\ -> Disque CD-ROM
    F:\ -> Disque fixe local # 232,85 Go (106,02 Go free) # FAT32
    G:\ -> Disque amovible
    H:\ -> Disque amovible
    I:\ -> Disque amovible
    J:\ -> Disque amovible

    ################## | Elements infectieux |

    Supprimé ! C:\$Recycle.Bin\S-1-5-21-2152478756-3922319563-605102323-500
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1000
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1001
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1002
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1004
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1005
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-500
    Supprimé ! C:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-501
    Supprimé ! D:\autorun.inf
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1000
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1001
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1002
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1004
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-1005
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-500
    Supprimé ! D:\$Recycle.Bin\S-1-5-21-3194393847-3874797323-2902580910-501

    ################## | Registre |

    ################## | Mountpoints2 |

    Supprimé ! HKCU\...\Explorer\MountPoints2\{8349f446-f509-11dc-82d0-001921ddd7c3}\Shell\Auto\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{a38cc3cf-a6b5-11de-b349-001921ddd7c3}\Shell\AutoRun\Command
    Supprimé ! HKCU\...\Explorer\MountPoints2\{bbeebc53-c6b2-11dd-b6d5-001921ddd7c3}\Shell\Auto\Command

    ################## | Listing des fichiers présent |

    [18/09/2006 22:43|--a------|24] C:\autoexec.bat
    [07/08/2007 13:45|--a------|212] C:\BcBtRmv.log
    [11/04/2009 07:36|-rahs----|333257] C:\bootmgr
    [17/08/2007 16:52|-ra-s----|8192] C:\BOOTSECT.BAK
    [18/09/2006 22:43|--a------|10] C:\config.sys
    [07/12/2006 16:24|--a------|241664] C:\EMicon.dll
    [25/07/2009 12:57|--a------|8535] C:\error.log
    [?|?|?] C:\hiberfil.sys
    [03/08/2007 12:33|-rahs----|0] C:\IO.SYS
    [03/08/2007 12:33|-rahs----|0] C:\MSDOS.SYS
    [29/02/2004 16:44|--a------|52576] C:\orange.bmp
    [?|?|?] C:\pagefile.sys
    [20/03/2007 18:01|--a------|163] C:\power2go.log
    [20/03/2007 17:58|--a------|284] C:\RHDSetup.log
    [13/07/2009 17:10|--a------|594] C:\updatedatfix.log
    [07/03/2010 16:47|--a------|3164] C:\UsbFix.txt
    [20/03/2007 20:38|---hs----|238] D:\BATCH.LOG
    [13/10/2006 09:26|---hs----|256] D:\BATCH.OLD
    [30/08/2006 03:38|---hs----|435752] D:\BOOTMGR
    [04/10/2003 10:06|---hs----|102] D:\Desktop.ini
    [17/09/2004 06:31|---hs----|10136] D:\Folder.htt
    [20/03/2007 20:38|---hs----|0] D:\FULL
    [30/11/2004 07:01|---hs----|73728] D:\Info.exe
    [20/03/2007 20:43|--ahs----|320] D:\MASTER.LOG
    [07/11/2006 07:46|---hs----|189262] D:\MASTER.LOG.COPY
    [17/09/2004 06:31|---hs----|319701] D:\protect.ed
    [12/11/2006 02:31|---hs----|252] D:\USER
    [12/06/2003 12:43|---hs----|96774] D:\warning.bmp

    ################## | Vaccination |

    # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
    # D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
    # F:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

    ################## | Upload |

    Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_PC-de-laurent.zip : https://www.ionos.fr/?affiliate_id=77097
    Merci pour votre contribution .

    ################## | ! Fin du rapport # UsbFix V6.098 ! |
    0
  11. lllollla
     
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 05.02.2010 à 17:34
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 10:34:36, 08/03/2010 | Mode Normal | Option: SCAN
    Exécuté de: C:\Ad-Remover\
    Système d'exploitation: Microsoft® Windows Vista™ HomePremium Service Pack 2 v6.0.6002
    Nom du PC: PC-DE-LAURENT | Utilisateur actuel: laurent
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .

    C:\Users\laurent\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Casino-On-Net
    C:\Program Files\AskTBar
    C:\Program Files\DoubleD
    C:\Program Files\Smart-Shopper
    C:\Program Files\System Search Dispatcher
    C:\Users\laurent\AppData\Roaming\Desktopicon
    C:\Users\laurent\AppData\Roaming\EoRezo
    C:\Users\laurent\AppData\Roaming\ItsLabel
    C:\Users\laurent\AppData\LocalLow\Smart-Shopper
    C:\Users\kevin\AppData\Local\VirtualStore\Program Files\AskTBar
    C:\Users\kevin\AppData\LocalLow\AskToolbar
    C:\Users\kevin\AppData\LocalLow\Smart-Shopper
    .
    HKCU\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
    HKCU\software\casinoonnet
    HKCU\software\DoubleD
    HKCU\software\EoRezo
    HKCU\software\fcn
    HKCU\software\ItsLabel
    HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\software\microsoft\internet explorer\searchscopes\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
    HKLM\Software\Classes\AppID\{E97BE7A8-7FBA-49FA-A742-BCFB5DAA0ED5}
    HKLM\software\classes\appid\AxGifAnimator.DLL
    HKLM\software\classes\AxGifAnimator.GifAnimator
    HKLM\software\classes\AxGifAnimator.GifAnimator.1
    HKLM\Software\Classes\CLSID\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}
    HKLM\Software\Classes\CLSID\{4CF088BD-BE95-40A5-BE9B-677F8683EDEA}
    HKLM\Software\Classes\CLSID\{6FAC4823-815E-4361-836E-46D65ED2550B}
    HKLM\Software\Classes\CLSID\{8BCB5337-EC01-4E38-840C-A964F174255B}
    HKLM\Software\Classes\CLSID\{911F251E-34FD-465E-B6CE-DF00FF49A6BE}
    HKLM\Software\Classes\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
    HKLM\Software\Classes\CLSID\{FE4F1649-8909-49C0-87BA-24D65120DB46}
    HKLM\software\classes\ExplorerBar.FunRedirector
    HKLM\software\classes\ExplorerBar.FunRedirector.1
    HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
    HKLM\Software\Classes\Interface\{90F62EF7-58D1-4E8E-BB3E-CFB10BA9E47B}
    HKLM\Software\Classes\Interface\{B2B92BC9-E149-4EE8-A93E-0B8CFB329808}
    HKLM\Software\Classes\Interface\{E79B1445-DFEA-4BEF-A786-E0C0F33C863B}
    HKLM\Software\Classes\TypeLib\{022C671F-6CBA-4A03-A8F9-3B3A361B235A}
    HKLM\Software\Classes\TypeLib\{305C6CB1-9D31-4489-881D-5A8E2DC3FE14}
    HKLM\Software\Classes\TypeLib\{8AD815FC-607B-419F-8B70-D345A507A54E}
    HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
    HKLM\software\DoubleD
    HKLM\software\EoRezo
    HKLM\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKLM\software\microsoft\shared tools\msconfig\startupreg\SoftwareHelper
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper
    HKLM\software\microsoft\windows\currentversion\uninstall\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1
    HKLM\software\microsoft\windows\currentversion\uninstall\gfyrk
    HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
    HKU\s-1-5-21-3194393847-3874797323-2902580910-1000\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
    HKU\s-1-5-21-3194393847-3874797323-2902580910-1000\software\casinoonnet
    HKU\s-1-5-21-3194393847-3874797323-2902580910-1000\software\DoubleD
    HKU\s-1-5-21-3194393847-3874797323-2902580910-1000\software\EoRezo
    HKU\s-1-5-21-3194393847-3874797323-2902580910-1000\software\fcn
    HKU\s-1-5-21-3194393847-3874797323-2902580910-1000\software\ItsLabel
    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.6 [fr] *
    .
    Nom du profil: 46u9z4r4.default (laurent)
    .
    (laurent, prefs.js) Browser.startup.homepage, hxxp://www.orange.fr/
    (laurent, prefs.js) Extensions.enabledItems, {20a82645-c095-46ed-80e3-08825760534b}:1.1,{E6768F2A-D4C3-457D-A1A8-3472BF16267D}:Build 315,fsonlinescanner@f-secure.com:1.00,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6
    .
    .
    * Internet Explorer Version 8.0.6001.18882 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Do404Search: 01000000
    Enable Browser Extensions: yes
    Show_ToolBar: yes
    Use Search Asst:
    Use Custom Search URL: 1 (0x1)
    Search Bar:
    Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache_TIMESTAMP: 9a92b0353411ca01
    Start Page Redirect Cache AcceptLangs: fr
    Search Page:
    Default_Search_URL: hxxp://fr.gdark.com
    Start Page Restore: hxxp://home.desktopsmiley.com
    SearchAssistant:
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
    Search Page: hxxp://fr.gdark.com
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Default_Page_URL: hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=EM&Loc=FRN_FR&Sys=DTP&M=E4224
    Enable Browser Extensions: yes
    Use Search Asst: no
    Start Page: hxxp://fr.msn.com/
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .voici le rapport ad report
    Tabs: hxxp://y.lo.st
    .
    ===================================
    .
    6253 Octet(s) - C:\Ad-Report-SCAN[1].log
    .
    6549 Fichier(s) - C:\Users\laurent\AppData\Local\Temp
    4 Fichier(s) - C:\Windows\Temp
    52 Fichier(s) - C:\Windows\Prefetch
    .
    1 Fichier(s) - C:\Ad-Remover\BACKUP
    0 Fichier(s) - C:\Ad-Remover\QUARANTINE
    .
    Fin à: 10:44:28 | 08/03/2010 - SCAN[1]
    .
    ============== E.O.F ==============
    .
    0
  12. totobetourne Messages postés 5677 Statut Membre 65
     
    colle le rapport d ad remover en mode suppression.

    ensuite lance le scan complet avec malwarebyte , colle le rapport .
    merci
    0
  13. lllollla Messages postés 5 Statut Membre
     
    bonjour
    je fais le scan en mode supression par la lette L mais c 'est un peu long je dois ensuite faire le scan avec la lettre D ?
    0
  14. lllollla
     
    voici le rapport L encore merci beaucoup je continue la suite
    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 05.02.2010 à 17:34
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 12:28:44, 08/03/2010 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Ad-Remover\
    Système d'exploitation: Microsoft® Windows Vista™ HomePremium Service Pack 2 v6.0.6002
    Nom du PC: PC-DE-LAURENT | Utilisateur actuel: laurent
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .

    C:\Users\laurent\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Casino-On-Net
    C:\Program Files\AskTBar
    C:\Program Files\DoubleD
    C:\Program Files\Smart-Shopper
    C:\Program Files\System Search Dispatcher
    C:\Users\laurent\AppData\Roaming\Desktopicon
    C:\Users\laurent\AppData\Roaming\EoRezo
    C:\Users\laurent\AppData\Roaming\ItsLabel
    C:\Users\laurent\AppData\LocalLow\Smart-Shopper
    C:\Users\kevin\AppData\Local\VirtualStore\Program Files\AskTBar
    C:\Users\kevin\AppData\LocalLow\AskToolbar
    C:\Users\kevin\AppData\LocalLow\Smart-Shopper

    (!) -- Fichiers temporaires supprimés.

    .
    HKCU\software\casinoonnet
    HKCU\software\DoubleD
    HKCU\software\EoRezo
    HKCU\software\fcn
    HKCU\software\ItsLabel
    HKCU\software\microsoft\internet explorer\searchscopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    HKCU\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKCU\software\microsoft\internet explorer\searchscopes\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
    HKLM\Software\Classes\AppID\{E97BE7A8-7FBA-49FA-A742-BCFB5DAA0ED5}
    HKLM\software\classes\appid\AxGifAnimator.DLL
    HKLM\software\classes\AxGifAnimator.GifAnimator
    HKLM\software\classes\AxGifAnimator.GifAnimator.1
    HKLM\Software\Classes\CLSID\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}
    HKLM\Software\Classes\CLSID\{4CF088BD-BE95-40A5-BE9B-677F8683EDEA}
    HKLM\Software\Classes\CLSID\{6FAC4823-815E-4361-836E-46D65ED2550B}
    HKLM\Software\Classes\CLSID\{8BCB5337-EC01-4E38-840C-A964F174255B}
    HKLM\Software\Classes\CLSID\{911F251E-34FD-465E-B6CE-DF00FF49A6BE}
    HKLM\Software\Classes\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
    HKLM\Software\Classes\CLSID\{FE4F1649-8909-49C0-87BA-24D65120DB46}
    HKLM\software\classes\ExplorerBar.FunRedirector
    HKLM\software\classes\ExplorerBar.FunRedirector.1
    HKLM\Software\Classes\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
    HKLM\Software\Classes\Interface\{90F62EF7-58D1-4E8E-BB3E-CFB10BA9E47B}
    HKLM\Software\Classes\Interface\{B2B92BC9-E149-4EE8-A93E-0B8CFB329808}
    HKLM\Software\Classes\Interface\{E79B1445-DFEA-4BEF-A786-E0C0F33C863B}
    HKLM\Software\Classes\TypeLib\{022C671F-6CBA-4A03-A8F9-3B3A361B235A}
    HKLM\Software\Classes\TypeLib\{305C6CB1-9D31-4489-881D-5A8E2DC3FE14}
    HKLM\Software\Classes\TypeLib\{8AD815FC-607B-419F-8B70-D345A507A54E}
    HKLM\Software\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
    HKLM\software\DoubleD
    HKLM\software\EoRezo
    HKLM\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    HKLM\software\microsoft\shared tools\msconfig\startupreg\SoftwareHelper
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper
    HKLM\software\microsoft\windows\currentversion\uninstall\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1
    HKLM\software\microsoft\windows\currentversion\uninstall\gfyrk
    HKLM\software\microsoft\windows\currentversion\uninstall\SoftwareUpdate_is1
    HKU\s-1-5-21-3194393847-3874797323-2902580910-1000\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.6 [fr] *
    .
    Nom du profil: 46u9z4r4.default (laurent)
    .
    (laurent, prefs.js) Browser.startup.homepage, hxxp://www.orange.fr/
    (laurent, prefs.js) Extensions.enabledItems, {20a82645-c095-46ed-80e3-08825760534b}:1.1,{E6768F2A-D4C3-457D-A1A8-3472BF16267D}:Build 315,fsonlinescanner@f-secure.com:1.00,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6
    .
    .
    * Internet Explorer Version 8.0.6001.18882 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Do404Search: 01000000
    Enable Browser Extensions: yes
    Show_ToolBar: yes
    Use Search Asst:
    Use Custom Search URL: 1 (0x1)
    Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Start Page: hxxp://fr.msn.com/
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache_TIMESTAMP: 9a92b0353411ca01
    Start Page Redirect Cache AcceptLangs: fr
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchAssistant:
    Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Enable Browser Extensions: yes
    Use Search Asst: no
    Start Page: hxxp://fr.msn.com/
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    523 Octet(s) - C:\Ad-Report-CLEAN[1].log
    6119 Octet(s) - C:\Ad-Report-CLEAN[2].log
    6593 Octet(s) - C:\Ad-Report-SCAN[1].log
    .
    3876 Fichier(s) - C:\Users\laurent\AppData\Local\Temp
    4 Fichier(s) - C:\Windows\Temp
    9 Fichier(s) - C:\Windows\Prefetch
    .
    21 Fichier(s) - C:\Ad-Remover\BACKUP
    42 Fichier(s) - C:\Ad-Remover\QUARANTINE
    .
    Fin à: 13:28:57 | 08/03/2010 - CLEAN[2]
    .
    ============== E.O.F ==============
    .
    0
  15. lllollla
     
    .voila le rapport "s" merci j'envoi le hijackthis dés qu il est termine
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_J | UNIQUEMENT XP/VISTA/7 =======
    .
    Mis à jour par C_XX le 05.02.2010 à 17:34
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 14:16:26, 08/03/2010 | Mode Normal | Option: SCAN
    Exécuté de: C:\Ad-Remover\
    Système d'exploitation: Microsoft® Windows Vista™ HomePremium Service Pack 2 v6.0.6002
    Nom du PC: PC-DE-LAURENT | Utilisateur actuel: laurent
    .
    ============== ÉLÉMENT(S) TROUVÉ(S) ==============
    .

    .
    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.6 [fr] *
    .
    Nom du profil: 46u9z4r4.default (laurent)
    .
    (laurent, prefs.js) Browser.startup.homepage, hxxp://www.orange.fr/
    (laurent, prefs.js) Extensions.enabledItems, {20a82645-c095-46ed-80e3-08825760534b}:1.1,{E6768F2A-D4C3-457D-A1A8-3472BF16267D}:Build 315,fsonlinescanner@f-secure.com:1.00,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6
    .
    .
    * Internet Explorer Version 8.0.6001.18882 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Do404Search: 01000000
    Enable Browser Extensions: yes
    Show_ToolBar: yes
    Use Search Asst:
    Use Custom Search URL: 1 (0x1)
    Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    Start Page: hxxp://fr.msn.com/
    Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
    Start Page Redirect Cache_TIMESTAMP: 9a92b0353411ca01
    Start Page Redirect Cache AcceptLangs: fr
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchAssistant:
    Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Delete_Temp_Files_On_Exit: yes
    Local Page: C:\Windows\System32\blank.htm
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Enable Browser Extensions: yes
    Use Search Asst: no
    Start Page: hxxp://fr.msn.com/
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    523 Octet(s) - C:\Ad-Report-CLEAN[1].log
    6505 Octet(s) - C:\Ad-Report-CLEAN[2].log
    6593 Octet(s) - C:\Ad-Report-SCAN[1].log
    518 Octet(s) - C:\Ad-Report-SCAN[2].log
    518 Octet(s) - C:\Ad-Report-SCAN[3].log
    2469 Octet(s) - C:\Ad-Report-SCAN[4].log
    .
    3869 Fichier(s) - C:\Users\laurent\AppData\Local\Temp
    4 Fichier(s) - C:\Windows\Temp
    28 Fichier(s) - C:\Windows\Prefetch
    .
    24 Fichier(s) - C:\Ad-Remover\BACKUP
    42 Fichier(s) - C:\Ad-Remover\QUARANTINE
    .
    Fin à: 16:20:48 | 08/03/2010 - SCAN[4]
    .
    ============== E.O.F ==============
    .
    0
  16. lllollla
     
    voila maintenand le rapport hijackthis merci

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:30:29, on 08/03/2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18882)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files\RocketDock\RocketDock.exe
    c:\Users\laurent\Downloads\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.gdark.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: HelloWorldBHO - {1C3B806C-C5DA-4F6E-BA43-B1FF982F0A02} - (no file)
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Shareware.Pro-FR Toolbar - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbShar.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Shareware.Pro-FR Toolbar - {280b5d37-4a76-467a-b3d6-942fca90acde} - C:\Program Files\Shareware.Pro-FR\tbShar.dll
    O3 - Toolbar: barre d'outils Orange - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Orange\ToolbarFR\ToolbarContainer101000315.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{ACADF4AA-9401-4703-A580-0E8B7825E8C3}: NameServer = 80.10.246.1,81.253.149.2
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\2\FTRTSVC.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
    O23 - Service: Service Google Update (gupdate1ca07a254b84d94) (gupdate1ca07a254b84d94) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    0
  17. totobetourne Messages postés 5677 Statut Membre 65
     
    fait le 3) du message 5.

    merci
    0
  18. lllollla
     
    voila le rapport de malwaresbytes encore merci

    Malwarebytes' Anti-Malware 1.44
    Version de la base de données: 3836
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18882

    08/03/2010 17:34:23
    mbam-log-2010-03-08 (17-34-04).txt

    Type de recherche: Examen rapide
    Eléments examinés: 146216
    Temps écoulé: 35 minute(s), 19 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 33
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\idwbho2.idwbhocl (Adware.SpeedDownloader) -> No action taken.
    HKEY_CLASSES_ROOT\idwbho2.idwbhocl.1 (Adware.SpeedDownloader) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.hbax (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.hbax.1 (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.hbinfoband (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.hbinfoband.1 (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.iebutton (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.iebutton.1 (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.iebuttona (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.iebuttona.1 (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.iebuttonb (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.iebuttonb.1 (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.smrt-shprctrl (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\smart-shopper.smrt-shprctrl.1 (Adware.SmartShopper) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{1c3b806c-c5da-4f6e-ba43-b1ff982f0a02} (Adware.SpeedDownloader) -> No action taken.
    HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{8bcb5337-ec01-4e38-840c-a964f174255b} (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1c3b806c-c5da-4f6e-ba43-b1ff982f0a02} (Adware.SpeedDownloader) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8bcb5337-ec01-4e38-840c-a964f174255b} (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4a7c84e2-e95c-43c6-8dd3-03abcd0eb60e} (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8bcb5337-ec01-4e38-840c-a964f174255b} (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bebf} (Adware.SmartShopper) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3cc3d8fe-f0e0-4dd1-a69a-8c56bcc7bec0} (Adware.SmartShopper) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c3b806c-c5da-4f6e-ba43-b1ff982f0a02} (Adware.SpeedDownloader) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart-Shopper (Adware.SmartShopper) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\RegistryDoktorFrNE (Rogue.RegistryDoctor) -> No action taken.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\3wPlayer (Trojan.Downloader) -> No action taken.

    Fichier(s) infecté(s):
    C:\Users\laurent\downloads\registrydoktor-france-v04.exe (Rogue.Installer) -> No action taken.
    0
  19. lllollla Messages postés 5 Statut Membre
     
    faut'il faire autre chose?
    merci
    0
  20. lllollla Messages postés 5 Statut Membre
     
    totobetourne tu n'est plus la ?
    0
  21. totobetourne Messages postés 5677 Statut Membre 65
     
    tu m as montre le rapport avant suppression de malwarebyte colle moi le rapport apres suppression.

    ps:je ne reste pas tout le temps derriere mon pc.
    0
  • 1
  • 2