Sujet Précédent Sujet Suivant

Est ce que c'est un virus ???

gassouma Messages postés 6 Statut Membre -  
gassouma Messages postés 6 Statut Membre -
Bonjour,

sa fait une semaine sur mon pc portable ( sous windows 7 ) une application s'auto-execute pendant une fraction de seconde ( interruption du jeu que je joue et un retour au bureau ) et le mm trucs recommence apres 3 4 minutes . j'ai fait un scan avec avast il n'a rien dectecté :s Aidez moi svp sa devient chiant :s
A voir également:

9 réponses

Réponse 1 / 9
Utilisateur anonyme
 
Salut,

A faire :

http://www.security-helpzone.com/Thread-ZHPDiag-Generer-un-rapport

Uniquement durant le jeu ?
0
Réponse 2 / 9
gassouma Messages postés 6 Statut Membre
 
non pas que dans le jeu :S
0
Réponse 3 / 9
Utilisateur anonyme
 
Ok :)
0
Réponse 4 / 9
gassouma Messages postés 6 Statut Membre
 
voila le rapport : https://www.cjoint.com/?BJdsd1EzIxl
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
gassouma Messages postés 6 Statut Membre
 
alors ??? une solution a mon probleme ?
0
Réponse 6 / 9
Utilisateur anonyme
 
Hey j'suis pas un robot !

Copie cela et suis la procédure grâce au lien ci-dessous. 

F3 - REG:win.ini: load=C:\Users\jarir\LOCALS~1\Temp\msilrsr.bat
Emptytemp
[HKLM\Software\Wow6432Node\S3R521]
FirewallRAZ
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: Modified    => Infection Diverse (Trojan.Dropper)
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.facemoods.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com
[HKCU\Software\AppDataLow\Software\PriceGong]    => Infection BT (Adware.PriceGong)
[HKCU\Software\GamePlayLabs]    => Infection BT (Spyware.GamePlayLabs)
[HKCU\Software\Spointer]    => Infection BT (Adware.SPointer)
[HKCU\Software\facemoods.com]
[HKLM\Software\Wow6432Node\facemoods.com]
O43 - CFD: 02/01/2012 - 18:42:04 - [0,096] ----D C:\Program Files (x86)\Widestream6    => Infection BT (Adware.SPointer)
O43 - CFD: 26/04/2011 - 18:36:09 - [0,556] ----D C:\Users\jarir\AppData\Roaming\moovida-1    => Infection BT (Adware.SPointer)
O43 - CFD: 26/04/2011 - 18:36:11 - [0,016] ----D C:\Users\jarir\AppData\Local\moovida Air    => Infection BT (Adware.SPointer)
O43 - CFD: 02/01/2012 - 18:42:04 - [0,096] ----D C:\Program Files (x86)\Widestream6    => Infection BT (Adware.SPointer)
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.tlbrSrchUrl","http://start.facemoods.com/?a=bf1&f=3");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.hmpgUrl", "http://start.facemoods.com/?a=bf1");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.id", "3e96c610000000000000904ce5261787");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.sid", "07244a944c7c435aaed2f618ee79a861");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.instlDay", "15229");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.vrsn", "1.4.17.11");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.prtnrId", "facemoods.com");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.aflt", "bf1");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.DNSErrUrl","http://start.facemoods.com/?a=bf1&f=5");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.mntz","");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.hmpg", true);
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.dfltSrch", true);
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.searchProviderAdded", true);
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.dnsErr", true);
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.newTab", true);
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.newTabUrl", "http://start.facemoods.com/?a=bf1&f=2");
O69 - SBI: prefs.js [jarir - 5eytmtgh.default] user_pref("extensions.facemoods.firstRun", true);
O69 - SBI: SearchScopes [HKCU] {0D7562AE-8EF6-416d-A838-AB665251703A} - (Facemoods Search) - http://start.facemoods.com    => Infection PUP (Adware.Facemoods)
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}]    => Infection BT (Adware.Agent)
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}]    => Infection PUP (Adware.Facemoods)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]    => Infection BT (Adware.PredictAd)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]    => Infection BT (Adware.PredictAd)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{258c9770-1713-4021-8d7e-1f184a2bd754}]    => Infection BT (Adware.SmartShopper)
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\CLSID\{761f6a83-f007-49e4-8eac-cdb6808ef06f}]    => Infection BT (Adware.2Search)
[HKLM\Software\Wow6432Node\Classes\CLSID\{76c45b18-a29e-43ea-aaf8-af55c2e1ae17}]    => Infection PUP (PUP.Eorezo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{7cd74aff-3433-4e34-92e2-d98dfdb30754}]    => Infection PUP (PUP.Eorezo)
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\CLSID\{96ef404c-24c7-43d0-9096-4ccc8bb7ccac}]    => Infection PUP (PUP.Eorezo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{97720195-206a-42ae-8e65-260b9ba5589f}]    => Infection PUP (PUP.Eorezo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{97d69524-bb57-4185-9c7f-5f05593b771a}]    => Infection PUP (PUP.Eorezo)
[HKLM\Software\Wow6432Node\Classes\CLSID\{986f7a5a-9676-47e1-8642-f41f8c3fcf82}]    => Infection PUP (PUP.Eorezo)
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}]    => Infection BT (Adware.Softomate)
[HKLM\Software\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}]    => Infection BT (Adware.Facemoods)
[HKLM\Software\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}]    => Infection BT (Adware.Facemoods)
[HKLM\Software\Wow6432Node\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}]    => Infection BT (Adware.Facemoods)
[HKLM\Software\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]    => Infection BT (Toolbar.Babylon)
[HKLM\Software\Wow6432Node\Classes\CLSID\{b18788a4-92bd-440e-a4d1-380c36531119}]    => Infection PUP (PUP.Eorezo)
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}]    => Infection BT (Hijacker.Seeearch)
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}]    => Infection BT (Adware.SocialSkinz)
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}]
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}]    => Infection BT (Hijacker.Seeearch)
[HKLM\Software\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}]    => Infection BT (Toolbar.Babylon)
[HKLM\Software\Wow6432Node\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}]    => Infection BT (Toolbar.Babylon)
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}]    => Infection BT (Adware.SocialSkinz)
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif]
[HKCU\Software\facemoods.com]
[HKLM\Software\Wow6432Node\facemoods.com]
[HKCU\Software\facemoods.com]
[HKLM\Software\Wow6432Node\facemoods.com]
[HKCU\Software\GamePlayLabs]    => Infection BT (Spyware.GamePlayLabs)
[HKCU\Software\AppDataLow\Software\PriceGong]    => Infection BT (Adware.PriceGong)
[HKCU\Software\Spointer]    => Infection BT (Adware.SPointer)
C:\Program Files (x86)\Widestream6    => Infection BT (Adware.SPointer)
C:\Users\jarir\AppData\Local\moovida air    => Infection BT (Adware.SPointer)
C:\Users\jarir\AppData\LocalLow\PriceGong    => Infection BT (Adware.PriceGong)
C:\Users\jarir\AppData\LocalLow\Toolbar4    => Infection BT (Adware.SocialSkinz)
EmptyCLSID
[MD5.00000000000000000000000000000000] [APT] [{46B37509-BD2C-4093-9BCA-1F5CD121958B}] (...) -- F:\setup.exe (.not file.)    => Existe aussi en malware DELF-CA.Troj
O51 - MPSK:{056272c6-12b5-11e1-b156-00269e947cba}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)    => Microsoft Windows NT or Infection USB
O51 - MPSK:{056272d3-12b5-11e1-b156-00269e947cba}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)    => Microsoft Windows NT or Infection USB
O51 - MPSK:{19e3dc9e-d247-11e1-a430-00269e947cba}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{22f7a998-fcf4-11e1-bdd0-00269e947cba}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{495a3be7-d1df-11e1-ab83-001e101f1f81}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{a24181fa-ece0-11e1-bcda-00269e947cba}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{a2418204-ece0-11e1-bcda-00269e947cba}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\AutoRun.exe
O51 - MPSK:{c1244bbd-87b1-11e1-bcfb-00269e947cba}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)    => Microsoft Windows NT or Infection USB
O51 - MPSK:{de086ea7-9f9a-11e1-b7f1-00269e947cba}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\autorun.exe
O51 - MPSK:{e22a9841-75b8-11e1-b77c-00269e947cba}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)    => Microsoft Windows NT or Infection USB
O51 - MPSK:{e69b56f8-f1e1-11e1-9547-00269e947cba}\AutoRun\command. (.Pas de propriétaire - AutoRun.) -- F:\AutoRun.exe
M2 - MFEP: prefs.js [jarir - 5eytmtgh.default\ffxtlbr@Facemoods.com] [] Facemoods v1.4.1 (.Volo-Net.)    => Toolbar.Facemoods
M2 - MFEP: prefs.js [jarir - 6u6u5ob3.default\ffxtlbra@softonic.com] [] Softonic Toolbar v1.5.0 (.Softonic.)    => Toolbar.Conduit
M2 - MFEP: prefs.js [jarir - 6u6u5ob3.default\{e5a1e26f-0d1d-4307-868f-fbd9a374ab54}] [] ooVoo Video Chat Community Toolbar v3.15.1.0 (.Conduit Ltd..)    => Toolbar.Conduit
O2 - BHO: (no name) [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} Clé orpheline    => Toolbar.Conduit
O3 - Toolbar: (no name) [64Bits] - [HKLM]{32099AAC-C132-4136-9E9A-4E364A424E17} . (...) --  (.not file.)    => Toolbar.DAEMON Tools
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM][64Bits] -- conduitEngine    => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]    => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Conduit]    => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Smartbar]    => Toolbar.Agent
[HKCU\Software\AppDataLow\Software\Softonic_France]    => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine]    => Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar]    => Toolbar.Conduit
[HKCU\Software\Conduit]    => Toolbar.Conduit
[HKLM\Software\Wow6432Node\Conduit]    => Toolbar.Conduit
O43 - CFD: 27/04/2012 - 11:11:46 - [0,609] ----D C:\Program Files (x86)\Conduit    => Toolbar.Conduit
O43 - CFD: 07/08/2011 - 21:42:17 - [3,800] ----D C:\Program Files (x86)\ConduitEngine    => Toolbar.Conduit
O43 - CFD: 17/11/2011 - 20:41:07 - [0,060] ----D C:\Users\jarir\AppData\Roaming\teamspeak2    => Toolbar.Conduit
O43 - CFD: 23/07/2012 - 17:49:02 - [0] ----D C:\Users\jarir\AppData\Local\Conduit    => Toolbar.Conduit
O43 - CFD: 27/04/2012 - 11:11:46 - [0,609] ----D C:\Program Files (x86)\Conduit    => Toolbar.Conduit
O43 - CFD: 07/08/2011 - 21:42:17 - [3,800] ----D C:\Program Files (x86)\ConduitEngine    => Toolbar.Conduit
O69 - SBI: SearchScopes [HKCU] {18EAB056-9057-F224-FD4C-1F6569C4D8D2} - (Ask) - http://www.plusnetwork.com    => Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {4BA2D09B-8766-4C5F-B13B-061C3CD8C623} - (ooVoo Video Chat Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - (Search) - http://ww1.bigseekpro.com    => Toolbar.Agent
[MD5.1C1D673FB3EFC0643271226EA42A25D9] [SPRF][27/03/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\jarir\AppData\Local\Temp\tbooVo.dll   [4398376]
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL]
[HKLM\Software\Classes\AppID\TbHelper.EXE]
[HKLM\Software\Classes\Conduit.Engine]
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{18EAB056-9057-F224-FD4C-1F6569C4D8D2}]    => Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}]    => Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}]    => Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}]    => Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]    => Toolbar.Conduit
[HKLM\Software\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}]    => Toolbar.Facemoods
[HKLM\Software\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}]    => Toolbar.Facemoods
[HKLM\Software\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}]    => Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}]    => Toolbar.Babylon
[HKLM\Software\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}]    => Toolbar.Facemoods
[HKLM\Software\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}]    => Toolbar.Facemoods
[HKLM\Software\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}]    => Toolbar.Facemoods
[HKLM\Software\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}]    => Toolbar.Facemoods
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}]    => Toolbar.Agent
[HKLM\Software\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}]    => Toolbar.Facemoods
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]    => AVG Security Toolbar
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]    => AVG Security Toolbar
[HKLM\Software\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]    => Toolbar.Conduit
[HKLM\Software\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}]    => Toolbar.Facemoods
[HKLM\Software\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}]    => Toolbar.Facemoods
[HKLM\Software\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}]    => Toolbar.Facemoods
[HKLM\Software\Wow6432Node\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}]    => Toolbar.Facemoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]    => AnchorFree Inc - Hotspot Shield
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]    => AnchorFree Inc - Hotspot Shield
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssSrv]
[HKCU\Software\AppDataLow\Software\conduitEngine]    => Toolbar.Conduit
[HKLM\Software\Wow6432Node\conduitEngine]    => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]    => Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Softonic_France]    => Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar]    => Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{30F9B915-B755-4826-820B-08FBA6BD249D}    => Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826-820B-08FBA6BD249D}    => Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17}    => Toolbar.DaemonTools
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17}    => Toolbar.DaemonTools
C:\Program Files (x86)\Conduit    => Toolbar.Conduit
C:\Program Files (x86)\ConduitEngine    => Toolbar.Conduit
C:\Users\jarir\AppData\Local\Conduit    => Toolbar.Conduit
C:\Users\jarir\AppData\LocalLow\Conduit    => Toolbar.Conduit
C:\Users\jarir\AppData\LocalLow\ConduitEngine    => Toolbar.Conduit
C:\Users\jarir\AppData\LocalLow\facemoods.com    => Toolbar.Facemoods
C:\Users\jarir\AppData\LocalLow\Softonic_France    => Toolbar.Conduit
C:\Users\jarir\AppData\LocalLow\Vuze_Remote    => Toolbar.Conduit


http://www.security-helpzone.com/Thread-ZHPFix-Script

Ensuite, suis ceci :

https://www.security-helpzone.com/2013/02/24/securite-adware-adwcleaner_suprimer_logiciels_indesirables/
0
Réponse 7 / 9
gassouma Messages postés 6 Statut Membre
 
le Rapport de ZHPFIX https://www.cjoint.com/?BJdvPiDHiKF

le Rapport de AdwCleaner : https://www.cjoint.com/?BJdvGloyJrC

pas de rapport pour le Ad remover
0
Réponse 8 / 9
Utilisateur anonyme
 
Regarde dans C:\

Pour Ad-Remover,

Refais un ZHPdiag,
0
Réponse 9 / 9
gassouma Messages postés 6 Statut Membre
 
voila pour le ad-r : https://www.cjoint.com/?BJdv01woDqg

le rapport ZHPdiag https://www.cjoint.com/?BJdv7RON89F
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
Erreur 0x800700E1
Didiervd -
Viktimz -

11 réponses