PC très lent
Fermé
Bonjour amis internautes,
Mon ordinateur qui doit maintenant avoir 4 ou 5 ans est très lent, surement parce qu'il est trop rempli et plein de virus. Il met pas mal de temps à se mettre en route et bug facilement. Je ne sais pas trop par où commencer et comment m'y prendre pourriez vous m'aider s'il vous plait ?
Merci d'avance
Mon ordinateur qui doit maintenant avoir 4 ou 5 ans est très lent, surement parce qu'il est trop rempli et plein de virus. Il met pas mal de temps à se mettre en route et bug facilement. Je ne sais pas trop par où commencer et comment m'y prendre pourriez vous m'aider s'il vous plait ?
Merci d'avance
A voir également:
- PC très lent
- Pc tres lent - Guide
- Test performance pc - Guide
- Reinitialiser pc - Guide
- Mon mac est lent comment le nettoyer - Guide
- Audacity enregistrer son pc - Guide
16 réponses
Utilisateur anonyme
22 févr. 2011 à 21:04
22 févr. 2011 à 21:04
☯ bienvenu sur CCM, nous allons essayer de résoudre ton problème.
☯ attentions, voici quelques règles:
▨ les helpers ici sont volontaire et peuvent traiter plusieurs sujets donc, si une réponse se fait trop attendre, pas de panique, nous reviendrons sur ton sujet. (si une réponse ce fait trop attendre, contacter le helper par MP.)
▨ il est important de suivre la procédure jusqu'au bout! même si le pc va mieux, ne pas partir tant que le helpers n'a pas dit que c'est fini... il pourrait rester des infections!
▨ si tu as des questions, n'hésite pas a me les poser, ne reste pas dans le doute.
☯ bonne désinfection.
pour une analyse de ton système, fais ceci:
----->ZHPDIAG<-----
/!\ utilisateur de vista et seven, désactiver l'UAC./!\
/!\ utilisateur de vista et seven faite clique droit et "éxécuter en temps qu'administrateur/!\
▶ Télécharge zhpdiag (de Nicolas Coolman)
▶ Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
> /!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »/!\
▶ Clique sur la petite loupe en haut à gauche pour débuter l'analyse :
▶ attention, le scan peut durer un certain temps, ne touche a rien d'autre tant que le scan est en cour
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
@++
☯ attentions, voici quelques règles:
▨ les helpers ici sont volontaire et peuvent traiter plusieurs sujets donc, si une réponse se fait trop attendre, pas de panique, nous reviendrons sur ton sujet. (si une réponse ce fait trop attendre, contacter le helper par MP.)
▨ il est important de suivre la procédure jusqu'au bout! même si le pc va mieux, ne pas partir tant que le helpers n'a pas dit que c'est fini... il pourrait rester des infections!
▨ si tu as des questions, n'hésite pas a me les poser, ne reste pas dans le doute.
☯ bonne désinfection.
pour une analyse de ton système, fais ceci:
----->ZHPDIAG<-----
/!\ utilisateur de vista et seven, désactiver l'UAC./!\
/!\ utilisateur de vista et seven faite clique droit et "éxécuter en temps qu'administrateur/!\
▶ Télécharge zhpdiag (de Nicolas Coolman)
▶ Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
> /!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »/!\
▶ Clique sur la petite loupe en haut à gauche pour débuter l'analyse :
▶ attention, le scan peut durer un certain temps, ne touche a rien d'autre tant que le scan est en cour
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
@++
Utilisateur anonyme
23 févr. 2011 à 22:47
23 févr. 2011 à 22:47
Ad-Remover est un outil spécifique conçu par C_XX , son rôle est la suppression d'adwares comme Eorezo, MyWebSearch, Navipromo, Winsudate, Search Settings, ...
----->AD-REMOVER<-----
▨ Télécharge ad-remover(de C_XX) sur ton Bureau
▨ Déconnecte toi et ferme toutes les applications en cours
▨ Double-clique sur l'icône AD-Remover
▨ Au menu principal, clique sur "NETTOYER"
▨ Confirme le lancement de l'analyse et laisse l'outil travailler
▨ Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
----->AD-REMOVER<-----
▨ Télécharge ad-remover(de C_XX) sur ton Bureau
▨ Déconnecte toi et ferme toutes les applications en cours
▨ Double-clique sur l'icône AD-Remover
▨ Au menu principal, clique sur "NETTOYER"
▨ Confirme le lancement de l'analyse et laisse l'outil travailler
▨ Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
le rapport d'ad-remover
======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 21/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:29:25 le 23/02/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
Michel@PORT_MICHEL ( )
============== ACTION(S) ==============
Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Fichier supprimé: C:\WINDOWS\pack.epk
Fichier supprimé: C:\WINDOWS\Temp\msksetup.log
Dossier supprimé: C:\Program Files\Ask.com
Dossier supprimé: C:\Program Files\AskBarDis
Dossier supprimé: C:\Documents and Settings\Michel.PORT_MICHEL\Local Settings\Application Data\AskToolbar
Dossier supprimé: C:\Program Files\Everest Casino
Dossier supprimé: C:\Program Files\Hotbar
Dossier supprimé: C:\Program Files\SpiderMessenger
Erreur suppression dossier: C:\Documents and Settings\All Users\Application Data\Starware*
Erreur suppression dossier: C:\Program Files\Starware*
Dossier supprimé: C:\Documents and Settings\Michel.PORT_MICHEL\Application Data\EoRezo
Dossier supprimé: C:\Documents and Settings\Michel.PORT_MICHEL\Local Settings\Application Data\EoRezo
Dossier supprimé: C:\Program Files\EoRezo
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\Michel.PORT_MICHEL\Application Data\Mozilla\FireFox\Profiles\a7q70ljm.default\Prefs.js --
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://www.lo.st");
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\Ask.com
Clé supprimée: HKCU\Software\AskToolbar
Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Everest Casino
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EoRezo
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eonet
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eocomputer
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Softwarehelper
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [Impossible d'obtenir la version] ****
FIREFOX.EXE\Shell\Open\Command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
Plugins\npdivx32.dll (DivX,Inc.)
Plugins\NPSWF32.dll (?)
Searchplugins\MediaDICO-fr.xml (hxxp://www.dictionnaire-mediadico.com/dictionnaires.asp)
Components\jar50.dll (Mozilla Foundation)
Components\jsd3250.dll (Mozilla Foundation)
Components\myspell.dll (Mozilla Foundation)
Components\nsBookmarkTransactionManager.js
Components\nsCloseAllWindows.js
Components\nsDictionary.js
Components\nsPostUpdateWin.js
Components\nsUrlClassifierTable.js
Components\nsXmlRpcClient.js
Components\spellchk.dll (Mozilla Foundation)
Components\xpinstal.dll (Mozilla Foundation)
Extensions\real-networks@partners.mozilla.com (Real Networks Settings)
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
HKLM_Extensions|SpiderMessengerHelper@spidermessenger.com (x)
-- C:\Documents and Settings\Michel.PORT_MICHEL\Application Data\Mozilla\FireFox\Profiles\a7q70ljm.default --
Prefs.js - browser.search.defaultenginename, Google
Prefs.js - browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1.6
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
HKCU_Toolbar\WebBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
HKCU_ElevationPolicy\{D3DE705E-0BB6-47E6-AB61-6FF78BE040A0} - C:\Program Files\Internet Explorer\minftnet.exe (Synersoft)
HKLM_Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - "Skype add-on for Internet Explorer" (C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "AcroIEHlprObj Class" (C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 715 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 23/02/2011 22:31:30 (6321 Octet(s))
Fin à: 22:42:32, 23/02/2011
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.2,E | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 21/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 22:29:25 le 23/02/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
Michel@PORT_MICHEL ( )
============== ACTION(S) ==============
Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
Fichier supprimé: C:\Program Files\Mozilla FireFox\Components\AskSearch.js
Fichier supprimé: C:\WINDOWS\pack.epk
Fichier supprimé: C:\WINDOWS\Temp\msksetup.log
Dossier supprimé: C:\Program Files\Ask.com
Dossier supprimé: C:\Program Files\AskBarDis
Dossier supprimé: C:\Documents and Settings\Michel.PORT_MICHEL\Local Settings\Application Data\AskToolbar
Dossier supprimé: C:\Program Files\Everest Casino
Dossier supprimé: C:\Program Files\Hotbar
Dossier supprimé: C:\Program Files\SpiderMessenger
Erreur suppression dossier: C:\Documents and Settings\All Users\Application Data\Starware*
Erreur suppression dossier: C:\Program Files\Starware*
Dossier supprimé: C:\Documents and Settings\Michel.PORT_MICHEL\Application Data\EoRezo
Dossier supprimé: C:\Documents and Settings\Michel.PORT_MICHEL\Local Settings\Application Data\EoRezo
Dossier supprimé: C:\Program Files\EoRezo
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\Michel.PORT_MICHEL\Application Data\Mozilla\FireFox\Profiles\a7q70ljm.default\Prefs.js --
Ligne supprimée: user_pref("browser.startup.homepage", "hxxp://www.lo.st");
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}
Clé supprimée: HKLM\Software\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}
Clé supprimée: HKLM\Software\Classes\TypeLib\{18AF7201-4F14-4BCF-93FE-45617CF259FF}
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO
Clé supprimée: HKLM\Software\Classes\EoEngineBHO.EOBHO.1
Clé supprimée: HKLM\Software\Classes\AppID\EoEngineBHO.DLL
Clé supprimée: HKLM\Software\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}
Clé supprimée: HKLM\Software\EoRezo
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\Ask.com
Clé supprimée: HKCU\Software\AskToolbar
Clé supprimée: HKCU\Software\AppDataLow\AskToolbarInfo
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Everest Casino
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\EoRezo
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EoRezo_is1
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eonet
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eocomputer
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Eorezo
Valeur supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Softwarehelper
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC}
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [Impossible d'obtenir la version] ****
FIREFOX.EXE\Shell\Open\Command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
Plugins\npdivx32.dll (DivX,Inc.)
Plugins\NPSWF32.dll (?)
Searchplugins\MediaDICO-fr.xml (hxxp://www.dictionnaire-mediadico.com/dictionnaires.asp)
Components\jar50.dll (Mozilla Foundation)
Components\jsd3250.dll (Mozilla Foundation)
Components\myspell.dll (Mozilla Foundation)
Components\nsBookmarkTransactionManager.js
Components\nsCloseAllWindows.js
Components\nsDictionary.js
Components\nsPostUpdateWin.js
Components\nsUrlClassifierTable.js
Components\nsXmlRpcClient.js
Components\spellchk.dll (Mozilla Foundation)
Components\xpinstal.dll (Mozilla Foundation)
Extensions\real-networks@partners.mozilla.com (Real Networks Settings)
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
HKLM_Extensions|SpiderMessengerHelper@spidermessenger.com (x)
-- C:\Documents and Settings\Michel.PORT_MICHEL\Application Data\Mozilla\FireFox\Profiles\a7q70ljm.default --
Prefs.js - browser.search.defaultenginename, Google
Prefs.js - browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1.6
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_Toolbar|{1E796980-9CC5-11D1-A83F-00C04FC99D61} (x)
HKCU_Toolbar\WebBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
HKCU_ElevationPolicy\{D3DE705E-0BB6-47E6-AB61-6FF78BE040A0} - C:\Program Files\Internet Explorer\minftnet.exe (Synersoft)
HKLM_Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - "Skype add-on for Internet Explorer" (C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "AcroIEHlprObj Class" (C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 715 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 13 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 23/02/2011 22:31:30 (6321 Octet(s))
Fin à: 22:42:32, 23/02/2011
============== E.O.F ==============
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
23 févr. 2011 à 23:27
23 févr. 2011 à 23:27
ok, ensuite:
MBAM est un scanner généraliste qui détecte et supprime beaucoup d'infections:
MBAM :
▣ Télécharge MBAM
▣ Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.
▣ Fais la mise à jour du logiciel /!\(elle se fait normalement à l'installation)/!\
▣ A l'apparition de la fenêtre de MBAM, clique sur «exécuter un examen complet»
▣ Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"
> L'analyse peut durer un plusieurs heures...
▣ Une fois l'analyse terminée, clique sur "OK" puis sur "Afficher les résultats"
▣ Vérifie que tout est bien coché et clique sur "Supprimer la sélection" => et ensuite sur "OK"
▣ Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum > Si le logiciel te demande de redémarrer, fais le en cliquant sur « OUI » »
MBAM est un scanner généraliste qui détecte et supprime beaucoup d'infections:
MBAM :
▣ Télécharge MBAM
▣ Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.
▣ Fais la mise à jour du logiciel /!\(elle se fait normalement à l'installation)/!\
▣ A l'apparition de la fenêtre de MBAM, clique sur «exécuter un examen complet»
▣ Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"
> L'analyse peut durer un plusieurs heures...
▣ Une fois l'analyse terminée, clique sur "OK" puis sur "Afficher les résultats"
▣ Vérifie que tout est bien coché et clique sur "Supprimer la sélection" => et ensuite sur "OK"
▣ Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum > Si le logiciel te demande de redémarrer, fais le en cliquant sur « OUI » »
Voici le rapport de Malwarebytes', ça a mis 22 heures au total.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 5857
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
25/02/2011 05:12:57
mbam-log-2011-02-25 (05-12-57).txt
Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 390622
Temps écoulé: 22 heure(s), 49 minute(s), 53 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 38
Fichier(s) infecté(s): 94
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
c:\documents and settings\all users\application data\starware370 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\contexts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\browsersearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\configurator (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\errorsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\lyrics_fr (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\music_search_fr (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\relatedsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarlogo (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\AV9 (Rogue.AntiVirus2009) -> Quarantined and deleted successfully.
c:\program files\sudoplanet (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\sudoplanet\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\programmes\sudoplanet (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\antivirus 2009 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\program files\ad-remover\quarantine\C\documents and settings\michel.port_michel\application data\EoRezo\softwareupdate\softwareupdate.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\documents and settings\michel.port_michel\application data\EoRezo\softwareupdate\softwareupdatehp.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\EoRezo\eorezobho.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\everest casino\cstart.exe.vir (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\everest casino\everest casino.exe.vir (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\spidermessenger\spidermessenger.exe.vir (Spyware.AgenceExclusive) -> Quarantined and deleted successfully.
c:\program files\sudoplanet\sudoplanet.dll (Rogue.SudoPlanet) -> Quarantined and deleted successfully.
c:\program files\ZHPDiag\catchme.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\ie passview\iepv.exe (PUP.PSW.Passview) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0055738.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0055751.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0055765.exe (Spyware.AgenceExclusive) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0056303.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0056300.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0056301.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\microsoft\internet explorer\quick launch\antivirus 2009.lnk (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
c:\WINDOWS\bm0afc0da7.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\bm0afc0da7.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem24E.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem25B.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem266.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem268.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem26A.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem26D.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem27A.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem29F.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem2C6.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem394.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem3D7.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem3EA.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\findit_music.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\highlighthot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\lyrics.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\music_search.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\radio.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\contexts\travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\productmessagingconfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\productmessagingconfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\simpleupdateconfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\simpleupdateconfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\timermanagerconfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\timermanagerconfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Tem11B.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Tem2D6.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Tem2E7.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Tem2FE.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\browsersearch\browsersearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\browsersearch\browsersearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\configurator\configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\configurator\configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\errorsearch\errorsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\errorsearch\errorsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\gamesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\gamesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Layouts\toolbarlayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Layouts\toolbarlayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\lyrics_fr\lyrics_froptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\lyrics_fr\lyrics_froptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Manager\manageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Manager\manageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\marketing4options.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\marketing4options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\images\active\marketing40.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\moviesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\moviesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\music_search_fr\music_search_froptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\music_search_fr\music_search_froptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Radio_FR\radio_froptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Radio_FR\radio_froptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\relatedsearch\relatedsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\relatedsearch\relatedsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\images\active\screensaversmarketingsitepager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Toolbar\tbproductsoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Toolbar\tbproductsoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarlogo\toolbarlogooptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarlogo\toolbarlogooptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarsearch\toolbarsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarsearch\toolbarsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\sudoplanet\sudoplanet.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\programmes\sudoplanet\sudoplanet.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\programmes\sudoplanet\Website.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\antivirus 2009\antivirus 2009.lnk (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\antivirus 2009\uninstall antivirus 2009.lnk (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Version de la base de données: 5857
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
25/02/2011 05:12:57
mbam-log-2011-02-25 (05-12-57).txt
Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 390622
Temps écoulé: 22 heure(s), 49 minute(s), 53 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 38
Fichier(s) infecté(s): 94
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogoff (PUM.Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Dossier(s) infecté(s):
c:\documents and settings\all users\application data\starware370 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\contexts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\browsersearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\configurator (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\errorsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Layouts (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\lyrics_fr (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Manager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4 (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\music_search_fr (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Radio_FR (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\relatedsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\images (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\images\active (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\images\default (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Toolbar (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarlogo (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarsearch (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\AV9 (Rogue.AntiVirus2009) -> Quarantined and deleted successfully.
c:\program files\sudoplanet (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\program files\sudoplanet\updates (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\programmes\sudoplanet (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\antivirus 2009 (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\program files\ad-remover\quarantine\C\documents and settings\michel.port_michel\application data\EoRezo\softwareupdate\softwareupdate.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\documents and settings\michel.port_michel\application data\EoRezo\softwareupdate\softwareupdatehp.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\EoRezo\eorezobho.dll.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\everest casino\cstart.exe.vir (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\everest casino\everest casino.exe.vir (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\spidermessenger\spidermessenger.exe.vir (Spyware.AgenceExclusive) -> Quarantined and deleted successfully.
c:\program files\sudoplanet\sudoplanet.dll (Rogue.SudoPlanet) -> Quarantined and deleted successfully.
c:\program files\ZHPDiag\catchme.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files\ie passview\iepv.exe (PUP.PSW.Passview) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0055738.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0055751.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0055765.exe (Spyware.AgenceExclusive) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0056303.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0056300.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b8687c25-491c-4b92-a950-d228172f494f}\RP516\A0056301.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\microsoft\internet explorer\quick launch\antivirus 2009.lnk (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
c:\WINDOWS\bm0afc0da7.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\bm0afc0da7.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem24E.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem25B.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem266.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem268.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem26A.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem26D.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem27A.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem29F.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem2C6.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem394.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem3D7.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\Tem3EA.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\findit_music.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\highlight.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\highlighthot.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\highlighthotxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\highlightxp.png (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\lyrics.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\music_search.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\radio.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\contexts\error.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\contexts\Related.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\contexts\travel.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\productmessagingconfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\productmessagingconfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\simpleupdateconfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\simpleupdateconfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\timermanagerconfig.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\starware370\simpleupdate\timermanagerconfig.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Tem11B.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Tem2D6.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Tem2E7.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Tem2FE.tmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\browsersearch\browsersearch.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\browsersearch\browsersearch.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\configurator\configurator.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\configurator\configurator.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\errorsearch\errorsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\errorsearch\errorsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\gamesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\gamesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Games\images\active\Games0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Layouts\toolbarlayout.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Layouts\toolbarlayout.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\lyrics_fr\lyrics_froptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\lyrics_fr\lyrics_froptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Manager\manageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Manager\manageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\marketing4options.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\marketing4options.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\marketing4\images\active\marketing40.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\moviesoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\moviesoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Movies\images\active\Movies0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\music_search_fr\music_search_froptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\music_search_fr\music_search_froptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Radio_FR\radio_froptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Radio_FR\radio_froptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\relatedsearch\relatedsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\relatedsearch\relatedsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\screensaversmarketingsitepageroptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\screensaversmarketingsitepager\images\active\screensaversmarketingsitepager0.bmp (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Toolbar\tbproductsoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\Toolbar\tbproductsoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarlogo\toolbarlogooptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarlogo\toolbarlogooptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarsearch\toolbarsearchoptions.xml (Adware.Starware) -> Quarantined and deleted successfully.
c:\documents and settings\michel\application data\starware370\toolbarsearch\toolbarsearchoptions.xml.backup (Adware.Starware) -> Quarantined and deleted successfully.
c:\program files\sudoplanet\sudoplanet.url (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\programmes\sudoplanet\sudoplanet.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\programmes\sudoplanet\Website.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\antivirus 2009\antivirus 2009.lnk (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
c:\documents and settings\michel\menu démarrer\antivirus 2009\uninstall antivirus 2009.lnk (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
Bonjour,
Pourriez-vous m'aider sur la suite de la procédure, je ne sais pas trop quoi faire?
Merci d'avance
Pourriez-vous m'aider sur la suite de la procédure, je ne sais pas trop quoi faire?
Merci d'avance
Utilisateur anonyme
27 févr. 2011 à 16:42
27 févr. 2011 à 16:42
> /!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »/!\
▶ Clique sur la petite loupe en haut à gauche pour débuter l'analyse :
▶ attention, le scan peut durer un certain temps, ne touche a rien d'autre tant que le scan est en cour
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
@++
▶ Clique sur la petite loupe en haut à gauche pour débuter l'analyse :
▶ attention, le scan peut durer un certain temps, ne touche a rien d'autre tant que le scan est en cour
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
@++
Utilisateur anonyme
Modifié par 91300 le 27/02/2011 à 20:54
Modifié par 91300 le 27/02/2011 à 20:54
Ad-Remover est un outil spécifique conçu par C_XX , son rôle est la suppression d'adwares comme Eorezo, MyWebSearch, Navipromo, Winsudate, Search Settings, ...
----->AD-REMOVER<-----
▨ Télécharge ad-remover(de C_XX) sur ton Bureau
▨ Déconnecte toi et ferme toutes les applications en cours
▨ Double-clique sur l'icône AD-Remover
▨ Au menu principal, clique sur "RECHERCHER"
▨ Confirme le lancement de l'analyse et laisse l'outil travailler
▨ Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
▶▶▶ CONTRIBUTEUR SÉCURITÉ ◀◀◀
Qualification Helper sur HELPER FORMATION.
----->AD-REMOVER<-----
▨ Télécharge ad-remover(de C_XX) sur ton Bureau
▨ Déconnecte toi et ferme toutes les applications en cours
▨ Double-clique sur l'icône AD-Remover
▨ Au menu principal, clique sur "RECHERCHER"
▨ Confirme le lancement de l'analyse et laisse l'outil travailler
▨ Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
▶▶▶ CONTRIBUTEUR SÉCURITÉ ◀◀◀
Qualification Helper sur HELPER FORMATION.
Voici le rapport :
======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 26/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:02:19 le 27/02/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
Adrien@PORT_MICHEL ( )
============== ACTION(S) ==============
Dossier supprimé: C:\Documents and Settings\Adrien\Local Settings\Application Data\AskToolbar
Erreur suppression dossier: C:\Program Files\Starware*
Dossier supprimé: C:\Documents and Settings\Adrien\Local Settings\Application Data\EoRezo
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\AskToolbar
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|SpiderMessengerHelper@spidermessenger.com
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [Impossible d'obtenir la version] ****
FIREFOX.EXE\Shell\Open\Command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
Plugins\npdivx32.dll (DivX,Inc.)
Plugins\NPSWF32.dll (?)
Components\jar50.dll (Mozilla Foundation)
Components\jsd3250.dll (Mozilla Foundation)
Components\myspell.dll (Mozilla Foundation)
Components\nsBookmarkTransactionManager.js
Components\nsCloseAllWindows.js
Components\nsDictionary.js
Components\nsPostUpdateWin.js
Components\nsUrlClassifierTable.js
Components\nsXmlRpcClient.js
Components\spellchk.dll (Mozilla Foundation)
Components\xpinstal.dll (Mozilla Foundation)
Extensions\real-networks@partners.mozilla.com (Real Networks Settings)
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
-- C:\Documents and Settings\Adrien\Application Data\Mozilla\FireFox\Profiles\6s9r034y.default --
Prefs.js - browser.search.defaultenginename, Google
Prefs.js - browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1.6
-- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\zfn27qbz.default --
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
Extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D} (Megaupload Toolbar)
Searchplugins\LiveSearch.xml (?)
Searchplugins\MyStart Search.xml (?)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\michel\\Mes documents
Prefs.js - browser.search.defaultenginename, MyStart Rechercher
Prefs.js - browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
Prefs.js - browser.search.selectedEngine, MyStart Rechercher
Prefs.js - browser.startup.homepage, hxxp://mystart.incredimail.com/french/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1.6
Prefs.js - keyword.URL, hxxp://mystart.incredimail.com/?loc=ff_address_bar&search=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "?" (?)
HKCU_Toolbar\WebBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "AcroIEHlprObj Class" (C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 718 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 26 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 23/02/2011 22:31:30 (4416 Octet(s))
Fin à: 21:08:06, 27/02/2011
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.2,F | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 26/02/11
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:02:19 le 27/02/2011, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
Adrien@PORT_MICHEL ( )
============== ACTION(S) ==============
Dossier supprimé: C:\Documents and Settings\Adrien\Local Settings\Application Data\AskToolbar
Erreur suppression dossier: C:\Program Files\Starware*
Dossier supprimé: C:\Documents and Settings\Adrien\Local Settings\Application Data\EoRezo
(!) -- Fichiers temporaires supprimés.
Clé supprimée: HKCU\Software\EoRezo
Clé supprimée: HKCU\Software\AskToolbar
Valeur supprimée: HKLM\Software\Mozilla\Firefox\Extensions|SpiderMessengerHelper@spidermessenger.com
Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
============== SCAN ADDITIONNEL ==============
**** Mozilla Firefox Version [Impossible d'obtenir la version] ****
FIREFOX.EXE\Shell\Open\Command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
Plugins\npdivx32.dll (DivX,Inc.)
Plugins\NPSWF32.dll (?)
Components\jar50.dll (Mozilla Foundation)
Components\jsd3250.dll (Mozilla Foundation)
Components\myspell.dll (Mozilla Foundation)
Components\nsBookmarkTransactionManager.js
Components\nsCloseAllWindows.js
Components\nsDictionary.js
Components\nsPostUpdateWin.js
Components\nsUrlClassifierTable.js
Components\nsXmlRpcClient.js
Components\spellchk.dll (Mozilla Foundation)
Components\xpinstal.dll (Mozilla Foundation)
Extensions\real-networks@partners.mozilla.com (Real Networks Settings)
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
-- C:\Documents and Settings\Adrien\Application Data\Mozilla\FireFox\Profiles\6s9r034y.default --
Prefs.js - browser.search.defaultenginename, Google
Prefs.js - browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
Prefs.js - browser.search.selectedEngine, Google
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1.6
-- C:\Documents and Settings\Michel\Application Data\Mozilla\FireFox\Profiles\zfn27qbz.default --
Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} (Google Toolbar for Firefox)
Extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D} (Megaupload Toolbar)
Searchplugins\LiveSearch.xml (?)
Searchplugins\MyStart Search.xml (?)
Prefs.js - browser.download.lastDir, C:\\Documents and Settings\\michel\\Mes documents
Prefs.js - browser.search.defaultenginename, MyStart Rechercher
Prefs.js - browser.search.defaulturl, hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
Prefs.js - browser.search.selectedEngine, MyStart Rechercher
Prefs.js - browser.startup.homepage, hxxp://mystart.incredimail.com/french/
Prefs.js - browser.startup.homepage_override.mstone, rv:1.8.1.6
Prefs.js - keyword.URL, hxxp://mystart.incredimail.com/?loc=ff_address_bar&search=
========================================
**** Internet Explorer Version [8.0.6001.18702] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "?" (?)
HKCU_Toolbar\WebBrowser|{C4069E3A-68F1-403E-B40E-20066696354B} (x)
HKLM_Extensions\{e2e2dd38-d088-4134-82b7-f2ba38496583} - "?" (?)
BHO\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - "AcroIEHlprObj Class" (C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll)
BHO\{5C255C8A-E604-49b4-9D64-90988571CECB} (?)
BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll)
========================================
C:\Program Files\Ad-Remover\Quarantine: 718 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 26 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 23/02/2011 22:31:30 (4416 Octet(s))
Fin à: 21:08:06, 27/02/2011
============== E.O.F ==============
Utilisateur anonyme
28 févr. 2011 à 21:33
28 févr. 2011 à 21:33
bonsoir,
> /!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »/!\
▶ Clique sur la petite loupe en haut à gauche pour débuter l'analyse :
▶ attention, le scan peut durer un certain temps, ne touche a rien d'autre tant que le scan est en cour
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
@++
> /!\Utilisateur de Vista et Seven : Clique droit sur le logo de ZHPdiag, « exécuter en tant qu'Administrateur »/!\
▶ Clique sur la petite loupe en haut à gauche pour débuter l'analyse :
▶ attention, le scan peut durer un certain temps, ne touche a rien d'autre tant que le scan est en cour
▶ Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
▶ Héberge le rapport ZHPDiag.txt sur cjoint, puis copie/colle le lien fourni dans ta prochaine réponse sur le forum.
@++
Utilisateur anonyme
3 mars 2011 à 21:04
3 mars 2011 à 21:04
tu dois faire super attention... tu as réussis a te réinfecter!!!
Ad-Remover est un outil spécifique conçu par C_XX , son rôle est la suppression d'adwares comme Eorezo, MyWebSearch, Navipromo, Winsudate, Search Settings, ...
----->AD-REMOVER<-----
▨ Télécharge ad-remover(de C_XX) sur ton Bureau
▨ Déconnecte toi et ferme toutes les applications en cours
▨ Double-clique sur l'icône AD-Remover
▨ Au menu principal, clique sur "NETTOYER"
▨ Confirme le lancement de l'analyse et laisse l'outil travailler
▨ Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
ensuite,
MBAM est un scanner généraliste qui détecte et supprime beaucoup d'infections:
MBAM :
▣ Télécharge MBAM
▣ Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.
▣ Fais la mise à jour du logiciel /!\(elle se fait normalement à l'installation)/!\
▣ A l'apparition de la fenêtre de MBAM, clique sur «exécuter un examen complet»
▣ Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"
> L'analyse peut durer un plusieurs heures...
▣ Une fois l'analyse terminée, clique sur "OK" puis sur "Afficher les résultats"
▣ Vérifie que tout est bien coché et clique sur "Supprimer la sélection" => et ensuite sur "OK"
▣ Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum > Si le logiciel te demande de redémarrer, fais le en cliquant sur « OUI » »
Ad-Remover est un outil spécifique conçu par C_XX , son rôle est la suppression d'adwares comme Eorezo, MyWebSearch, Navipromo, Winsudate, Search Settings, ...
----->AD-REMOVER<-----
▨ Télécharge ad-remover(de C_XX) sur ton Bureau
▨ Déconnecte toi et ferme toutes les applications en cours
▨ Double-clique sur l'icône AD-Remover
▨ Au menu principal, clique sur "NETTOYER"
▨ Confirme le lancement de l'analyse et laisse l'outil travailler
▨ Poste le rapport qui apparait à la fin (il est aussi sauvegardé sous C:\Ad-report-CLEAN.txt )
ensuite,
MBAM est un scanner généraliste qui détecte et supprime beaucoup d'infections:
MBAM :
▣ Télécharge MBAM
▣ Tu auras un tutoriel à ta disposition pour l'installer et l'utiliser correctement.
▣ Fais la mise à jour du logiciel /!\(elle se fait normalement à l'installation)/!\
▣ A l'apparition de la fenêtre de MBAM, clique sur «exécuter un examen complet»
▣ Sélectionne les disques que tu veux analyser et clique sur "Lancer l'examen"
> L'analyse peut durer un plusieurs heures...
▣ Une fois l'analyse terminée, clique sur "OK" puis sur "Afficher les résultats"
▣ Vérifie que tout est bien coché et clique sur "Supprimer la sélection" => et ensuite sur "OK"
▣ Un rapport va s'ouvrir dans le bloc note... Fais un copié/collé du rapport dans ta prochaine réponse sur le forum > Si le logiciel te demande de redémarrer, fais le en cliquant sur « OUI » »
23 févr. 2011 à 13:03
https://www.cjoint.com/?0cxnb6VJRbv
Que dois-je faire maintenant ?