Virus firefox

ledoufi Messages postés 37 Date d'inscription   Statut Membre -  
 Utilisateur anonyme -
Bonjour, j'ai firefox, je le lance j'arrive sur google et si je fais une recherche sa cherche pendant une heure si je tape dans la barre d'adresse http://wwww.commentcamarche.net hop j'y suis tous de suite Pourquoi ??. J'ai poster un topic dans le forum internet et docsteph
m'a dit que j'ai surement un virus ou un mal ware. Si c'est que dois-je faire ??
Configuration: Windows XP
Firefox 3.0

6 réponses

  1. VIRUS_KILLER Messages postés 2075 Statut Contributeur 68
     
    Bonjour,
    Oui il pourai bien s'agir d'un Virus.
    Verifions ca.
    Pour commencer :
    Telecharge Hijackthis et installe Hijackthis > Poste nous un rapport

    http://download.hijackthis.eu/HJTInstall.exe

    Suit le guide sur mon Forum :

    https://informatique-123.superforum.fr/t5-tutorial-hijackthis
    0
    1. ledoufi Messages postés 37 Date d'inscription   Statut Membre
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 16:56:13, on 13/07/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
      C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\Program Files\Java\jre1.5.0\bin\jusched.exe
      C:\WINDOWS\system32\igfxtray.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\WINDOWS\system32\igfxpers.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
      C:\WINDOWS\system32\Rundll32.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
      C:\documents and settings\grasseler herve\local settings\application data\cueaeym.exe
      C:\Program Files\Logitech\SetPoint\SetPoint.exe
      C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
      C:\WINDOWS\explorer.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O3 - Toolbar: Adssite Toolbar - {41C29B07-6F91-4966-91BE-2E2841643C83} - C:\Program Files\Adssite Advanced Toolbar\toolbar.dll
      O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
      O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
      O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
      O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O6 "USB002" /M "Stylus D88"
      O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
      O4 - HKLM\..\Run: [448fe0cf] rundll32.exe "C:\WINDOWS\system32\apaqgfqi.dll",b
      O4 - HKLM\..\Run: [BM47bcd353] Rundll32.exe "C:\WINDOWS\system32\wqrprtes.dll",s
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [Videos] "C:\Program Files\laughnetwork\update.exe" /background
      O4 - HKCU\..\Run: [L'Assistant DartyBox] C:\Program Files\Assistant Dartybox\Upgrade_Manager.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [cueaeym] c:\documents and settings\grasseler herve\local settings\application data\cueaeym.exe cueaeym
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Logitech SetPoint.lnk = ?
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
      O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O18 - Protocol: bw+0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: offline-8876480 - {739E8C2E-5B88-433D-A877-C812D07CCB8B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
      O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
      O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      0
  2. VIRUS_KILLER Messages postés 2075 Statut Contributeur 68
     
    1) Télécharge et installe Malwarebyte's Anti-Malware

    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK

    Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.

    Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK

    Laisse les Mises à jour se télécharger

    *** Referme le programme ***

    2) Redémarre en "Mode sans échec"

    Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
    Sélectionner "Mode sans échec" et appuie sur [Entrée]
    Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
    Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm

    Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

    3) Scan avec Malwarebyte's Anti-Malware

    Lance Malwarebyte's Anti-Malware
    Onglet "Recherche" >>> coche Exécuter un examen complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
    A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
    Suppression des éléments détectés >>>> clique sur Supprimer la sélection
    S'il t'es demandé de redémarrer >>> clique sur "Yes"

    --> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.

    Mode sans échec:

    Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparait rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
    Sélectionner "Mode sans échec" et appuie sur [Entrée]
    Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
    Regarde ici si besoin : http://pageperso.aol.fr/loraline60/mode_sans_echec.htm
    0
    1. ledoufi Messages postés 37 Date d'inscription   Statut Membre
       
      Voila enfin !! ton rapport.

      Malwarebytes' Anti-Malware 1.20
      Version de la base de données: 945
      Windows 5.1.2600 Service Pack 2

      20:19:49 13/07/2008
      mbam-log-7-13-2008 (20-19-49).txt

      Type de recherche: Examen complet (C:\|D:\|)
      Eléments examinés: 111647
      Temps écoulé: 2 hour(s), 9 minute(s), 11 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 2
      Clé(s) du Registre infectée(s): 30
      Valeur(s) du Registre infectée(s): 4
      Elément(s) de données du Registre infecté(s): 2
      Dossier(s) infecté(s): 2
      Fichier(s) infecté(s): 21

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      C:\WINDOWS\system32\yaywwXpo.dll (Trojan.Vundo) -> Unloaded module successfully.
      C:\WINDOWS\system32\ddcYspqq.dll (Trojan.Vundo) -> Unloaded module successfully.

      Clé(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rightonadz (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\laughnetwork (Hijacker.Searchnut) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssitesearchassistant (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adssite (Adware.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ee601e19-fbf7-45e4-91ab-6fa2ddb1bdf6} (Trojan.Vundo) -> Delete on reboot.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c738f3d2-1891-449d-ae67-d1969094f1df} (Trojan.Vundo) -> Delete on reboot.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9c8a568e-4201-478a-8536-526cf371d2e2} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\yaywwxpo (Trojan.Vundo) -> Delete on reboot.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\laughnetwork (Hijacker.Searchnut) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\adssite (Adware.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\optimizer.adssite2.1 (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\optimizer.adssite2 (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp.1 (Adware.RightOnAds) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp (Adware.RightOnAds) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{b4094603-dda9-4caf-9b13-0ad1034c9c53} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Typelib\{3160f356-e8c3-4de2-a698-92eeeb3d3400} (Adware.RightOnAds) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{c1a6d8b8-93c3-4186-9dd1-13983f9f1d9b} (Adware.RightOnAds) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\Interface\{48dc6ffb-64d7-42e8-949d-8ef2641eb73a} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{ee601e19-fbf7-45e4-91ab-6fa2ddb1bdf6} (Trojan.Vundo) -> Delete on reboot.
      HKEY_CLASSES_ROOT\CLSID\{c738f3d2-1891-449d-ae67-d1969094f1df} (Trojan.Vundo) -> Delete on reboot.
      HKEY_CLASSES_ROOT\CLSID\{9c8a568e-4201-478a-8536-526cf371d2e2} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm47bcd353 (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\448fe0cf (Trojan.Vundo) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{c738f3d2-1891-449d-ae67-d1969094f1df} (Trojan.Vundo) -> Delete on reboot.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\videos (Hijacker.Searchnut) -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\ddcyspqq -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\ddcyspqq -> Delete on reboot.

      Dossier(s) infecté(s):
      C:\Program Files\laughnetwork\Temp (Hijacker.Searchnut) -> Quarantined and deleted successfully.
      C:\Program Files\laughnetwork (Hijacker.Searchnut) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\WINDOWS\system32\yaywwXpo.dll (Trojan.Vundo) -> Delete on reboot.
      C:\WINDOWS\system32\wqrprtes.dll (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\vtUmMgDW.dll (Trojan.vundo) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\rightonadz-uninst.exe (Adware.BHO) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\qqpsYcdd.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\qqpsYcdd.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\iqfgqapa.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\ddcYspqq.dll (Trojan.Vundo) -> Delete on reboot.
      C:\WINDOWS\system32\apaqgfqi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\adssite-remove.exe (Adware.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\WhoisCL.exe (Adware.BHO) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\Adssite_sidebar_uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
      C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
      C:\WINDOWS\BM47bcd353.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\WINDOWS\BM47bcd353.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
      C:\Program Files\laughnetwork\update.exe (Hijacker.Searchnut) -> Quarantined and deleted successfully.
      C:\Program Files\laughnetwork\Uninst.exe (Hijacker.Searchnut) -> Quarantined and deleted successfully.
      C:\Program Files\laughnetwork\Temp\license.txt (Hijacker.Searchnut) -> Quarantined and deleted successfully.
      C:\Program Files\NetBattle\virtual.drv (Adware.Winad) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Grasseler Herve\Application Data\urlredir.cfg (Adware.RightOnAds) -> Quarantined and deleted successfully.


      PS : Pour le moment ça remarche mais ça ma déjà fait cela hier. Il ne marchait pas la journée et le soir ça à marcher.
      0
  3. VIRUS_KILLER Messages postés 2075 Statut Contributeur 68
     
    et ben,
    ton PC est super bien infecter !
    Supprime tout ce que il a trouver
    Ensuite resposte un nouveau rapport Hijackthis.
    0
    1. ledoufi Messages postés 37 Date d'inscription   Statut Membre
       
      Comment je supprime ??
      0
    2. VIRUS_KILLER Messages postés 2075 Statut Contributeur 68 > ledoufi Messages postés 37 Date d'inscription   Statut Membre
       
      Il fallai que tu les supprimer quand l'analyse etais terminer
      0
    3. ledoufi Messages postés 37 Date d'inscription   Statut Membre > VIRUS_KILLER Messages postés 2075 Statut Contributeur
       
      Avec supprimmer Sélection ??
      0
    4. VIRUS_KILLER Messages postés 2075 Statut Contributeur 68 > ledoufi Messages postés 37 Date d'inscription   Statut Membre
       
      Oui voila c'est bien ca.
      Et n'oubli pas de poster un nouveau rapport Hijackthis.
      0
    5. ledoufi Messages postés 37 Date d'inscription   Statut Membre > VIRUS_KILLER Messages postés 2075 Statut Contributeur
       
      J'ai déjà fais avec se bouton dans ce cas.
      0
  4. ledoufi Messages postés 37 Date d'inscription   Statut Membre
     
    je peut faire un nettoyage avec ccleaner ?? NOn
    0
    1. VIRUS_KILLER Messages postés 2075 Statut Contributeur 68
       
      Oui tu peut.
      Normalement je pense que si ma memoire est bonne,a la fin de l'analyse tu devrai avoir a clique sur un bouton :
      Rapports ou quelque chose comme ca.
      0
      1. ledoufi Messages postés 37 Date d'inscription   Statut Membre > VIRUS_KILLER Messages postés 2075 Statut Contributeur
         
        Comment on fait pour avoir le rapport dans karspersky ???
        0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. ledoufi Messages postés 37 Date d'inscription   Statut Membre
     
    Tu crois que sa pourrais venir de mon anti-virus bêtement ??
    0
    1. VIRUS_KILLER Messages postés 2075 Statut Contributeur 68
       
      De quoi?
      Qu'est ce que pourai venir betement?
      0
      1. ledoufi Messages postés 37 Date d'inscription   Statut Membre > VIRUS_KILLER Messages postés 2075 Statut Contributeur
         
        Non pas venir pis sa fais rien. Je crois que le problème c'est IE7.
        0
      2. VIRUS_KILLER Messages postés 2075 Statut Contributeur 68 > ledoufi Messages postés 37 Date d'inscription   Statut Membre
         
        Oui ba en tous cas si tu accede rapidement a un site je ne voit pas ou est le probleme.Et d'ailleur c'est mieu non?
        Docn ton probleme est il resolu?
        0
      3. ledoufi Messages postés 37 Date d'inscription   Statut Membre > VIRUS_KILLER Messages postés 2075 Statut Contributeur
         
        On va dire que pour le moment il est résolu
        0
      4. VIRUS_KILLER Messages postés 2075 Statut Contributeur 68 > ledoufi Messages postés 37 Date d'inscription   Statut Membre
         
        ok !
        0
  7. Utilisateur anonyme
     
    bonjour a TLM

    juste pour dire

    grosse faille de securite pour java tu est a la version 1.5 alors que mintenant nous sommes a la 1.6.07

    mets à jour ta console JAVA (supprime les versions obsolètes)
    https://www.java.com/fr/download/manual.jsp
    0