Virus Ntsb investigator
Résolu/Fermé
bonovox06220
Messages postés
2
Date d'inscription
vendredi 26 décembre 2008
Statut
Membre
Dernière intervention
27 décembre 2008
-
26 déc. 2008 à 11:02
laevi - 27 mars 2009 à 19:51
laevi - 27 mars 2009 à 19:51
A voir également:
- Virus Ntsb investigator
- Svchost.exe virus - Guide
- Faux message virus iphone - Forum iPhone
- Lien virus à envoyer - Forum Virus
- Vérificateur de lien virus - Guide
- Operagxsetup virus ✓ - Forum Virus
24 réponses
bonovox06220
Messages postés
2
Date d'inscription
vendredi 26 décembre 2008
Statut
Membre
Dernière intervention
27 décembre 2008
27 déc. 2008 à 10:03
27 déc. 2008 à 10:03
up ?
Utilisateur anonyme
27 déc. 2008 à 10:05
27 déc. 2008 à 10:05
Salut,
▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.
▶ Double clique sur RSIT.exe pour lancer l'outil.
▶ Clique sur ' continue ' à l'écran Disclaimer.
▶ Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.
▶ Double clique sur RSIT.exe pour lancer l'outil.
▶ Clique sur ' continue ' à l'écran Disclaimer.
▶ Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
tototoulouse
Messages postés
19
Date d'inscription
samedi 3 janvier 2009
Statut
Membre
Dernière intervention
7 janvier 2009
3 janv. 2009 à 19:39
3 janv. 2009 à 19:39
bonsoir et bonne année 2009 à tous
je suis nouveau (premier post)
et comme certaines personnes j'ai des soucis :):):) avec ce ntsb investigator
il me bloquai le centre de securité et parfois redemarrer l'ordi.
j'ai lancé findykill et maintenant je peux reactiver le par feu windows ainsi que windows defender. (je suis sous vista)
au demarrage il est bloqué par le ""programme de demarrage "" mais il est toujours present
comment m'en debarrasser ?????
pour info j'ai ensuite lancer une analyse par spybot , résultat niquel ,
j'ai lancer aussi malwarebytes anti-malware resultat , niquel
à l'instant j'ai scan avec windows defender il n'a rien trouvé
je viens de faire aussi RSIT.EXE j'ai les 2 rapports mais je ne sais pas le dechiffrer si quelqu'un peux m'aider , merci
tototoulouse
je suis nouveau (premier post)
et comme certaines personnes j'ai des soucis :):):) avec ce ntsb investigator
il me bloquai le centre de securité et parfois redemarrer l'ordi.
j'ai lancé findykill et maintenant je peux reactiver le par feu windows ainsi que windows defender. (je suis sous vista)
au demarrage il est bloqué par le ""programme de demarrage "" mais il est toujours present
comment m'en debarrasser ?????
pour info j'ai ensuite lancer une analyse par spybot , résultat niquel ,
j'ai lancer aussi malwarebytes anti-malware resultat , niquel
à l'instant j'ai scan avec windows defender il n'a rien trouvé
je viens de faire aussi RSIT.EXE j'ai les 2 rapports mais je ne sais pas le dechiffrer si quelqu'un peux m'aider , merci
tototoulouse
Utilisateur anonyme
3 janv. 2009 à 19:42
3 janv. 2009 à 19:42
Re;
@tototoulouse;
Comment faire sont propre topic sur CCM
Merci
@tototoulouse;
Comment faire sont propre topic sur CCM
Merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
tototoulouse
Messages postés
19
Date d'inscription
samedi 3 janvier 2009
Statut
Membre
Dernière intervention
7 janvier 2009
3 janv. 2009 à 19:48
3 janv. 2009 à 19:48
bonsoir
ok je file le faire :)
c'etait pour eviter de faire 2 post pour un meme sujet
ok je file le faire :)
c'etait pour eviter de faire 2 post pour un meme sujet
meme probleme que les autres NTSB investigators voici les rapports apres telechargement de RSIT.exe:Logfile of random's system information tool 1.05 (written by random/random)
Run by Marianne at 2009-03-07 23:27:45
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 29 GB (65%) free of 45 GB
Total RAM: 895 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:26, on 07/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
D:\charg-internet\RSIT.exe
C:\Program Files\trend micro\Marianne.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://lo.st#first
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CamserviceDeluxe2] C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [ReEXEc] D:\charg-internet\ELIBAGLA.AE%D8CB%D8%D8I.EXE
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: e-Carte Bleue La Banque Postale.lnk = C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?45c32f53825c4b41b17702a0c37fc03a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?45c32f53825c4b41b17702a0c37fc03a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab?AuthParam=1207948657_9d213279ea20566917b3e59cd67d0436&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Run by Marianne at 2009-03-07 23:27:45
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 29 GB (65%) free of 45 GB
Total RAM: 895 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:26, on 07/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
D:\charg-internet\RSIT.exe
C:\Program Files\trend micro\Marianne.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://lo.st#first
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CamserviceDeluxe2] C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [ReEXEc] D:\charg-internet\ELIBAGLA.AE%D8CB%D8%D8I.EXE
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: e-Carte Bleue La Banque Postale.lnk = C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?45c32f53825c4b41b17702a0c37fc03a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?45c32f53825c4b41b17702a0c37fc03a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab?AuthParam=1207948657_9d213279ea20566917b3e59cd67d0436&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Utilisateur anonyme
7 mars 2009 à 23:41
7 mars 2009 à 23:41
Salut,
Telecharge FindyKill sur ton bureau :
--> Lance l installation avec les parametres par default
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Tuto : malekal
Tuto : 01net
Telecharge FindyKill sur ton bureau :
--> Lance l installation avec les parametres par default
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 1 (Recherche)
--> Post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Tuto : malekal
Tuto : 01net
############################## [ FindyKill V4.719 ]
# User : Marianne (Administrateurs) # ASUS
# Update on 06/03/09 by Chiquitine29
# Start at: 00:22:04 | 08/03/2009
# Intel(R) Celeron(R) M CPU 420 @ 1.60GHz
# Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 43,65 Go (28,58 Go free) # NTFS
# D:\ # Disque fixe local # 29,02 Go (24,64 Go free) # NTFS
# E:\ # Disque CD-ROM # 686,5 Mo (0 Mo free) [RCT2] # CDFS
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Marianne\Application Data\drivers\winupgro.exe
C:\Documents and Settings\Marianne\Application Data\m\flec006.exe
C:\WINDOWS\system32\wintems.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Processus infectieux stoppés ]
"C:\Documents and Settings\Marianne\Application Data\drivers\winupgro.exe" (2168)
"C:\Documents and Settings\Marianne\Application Data\m\flec006.exe" (2188)
"C:\WINDOWS\system32\wintems.exe" (2196)
################## [ Fichiers / Dossiers infectieux C:\ ]
Found ! - "C:\Muestras"
Found ! - C:\InfoSat.txt
################## [ C:\WINDOWS ]
################## [ C:\WINDOWS\system32 ]
Found ! - C:\WINDOWS\system32\mdelk.exe
Found ! - C:\WINDOWS\system32\wintems.exe
Found ! - C:\WINDOWS\system32\ban_list.txt
################## [ C:\WINDOWS\system32\drivers ]
################## [ C:\.. Application Data ... ]
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\flec006.exe"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\list.oct"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\data.oct"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\srvlist.oct"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\shared"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m"
Found ! - "C:\Documents and Settings\Marianne\Application Data\drivers"
Found ! - "C:\Documents and Settings\Marianne\Application Data\drivers\wfsintwq.sys"
Found ! - "C:\Documents and Settings\Marianne\Application Data\drivers\winupgro.exe"
Found ! - "C:\Documents and Settings\Marianne\Application Data\drivers\downld"
################## [ Registre / Clés infectieuses ]
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"
# Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
# Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1
################## [ Recherche dans supports amovibles]
# Contenu de l'autorun : D:\autorun.inf
[autorun]
OPEN=setupSNK.exe
ICON=\SMRTNTKY\fcw.ico
ACTION=Assistant Réseau sans fil
# Contenu de l'autorun : E:\autorun.inf
[AUTORUN]
open=Autorun.exe
icon=\English\RCT2.EXE
# Presence des fichiers :
Found ! [07/02/2008 19:31][--a------] - D:\autorun.inf
Found ! [29/08/2002 02:14][-r-------] - E:\autorun.inf
################## [ Registre / Mountpoint2 ]
# -> Not found !
################## [ ! Fin du rapport # FindyKill V4.719 ! ]
# User : Marianne (Administrateurs) # ASUS
# Update on 06/03/09 by Chiquitine29
# Start at: 00:22:04 | 08/03/2009
# Intel(R) Celeron(R) M CPU 420 @ 1.60GHz
# Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 43,65 Go (28,58 Go free) # NTFS
# D:\ # Disque fixe local # 29,02 Go (24,64 Go free) # NTFS
# E:\ # Disque CD-ROM # 686,5 Mo (0 Mo free) [RCT2] # CDFS
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Marianne\Application Data\drivers\winupgro.exe
C:\Documents and Settings\Marianne\Application Data\m\flec006.exe
C:\WINDOWS\system32\wintems.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Processus infectieux stoppés ]
"C:\Documents and Settings\Marianne\Application Data\drivers\winupgro.exe" (2168)
"C:\Documents and Settings\Marianne\Application Data\m\flec006.exe" (2188)
"C:\WINDOWS\system32\wintems.exe" (2196)
################## [ Fichiers / Dossiers infectieux C:\ ]
Found ! - "C:\Muestras"
Found ! - C:\InfoSat.txt
################## [ C:\WINDOWS ]
################## [ C:\WINDOWS\system32 ]
Found ! - C:\WINDOWS\system32\mdelk.exe
Found ! - C:\WINDOWS\system32\wintems.exe
Found ! - C:\WINDOWS\system32\ban_list.txt
################## [ C:\WINDOWS\system32\drivers ]
################## [ C:\.. Application Data ... ]
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\flec006.exe"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\list.oct"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\data.oct"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\srvlist.oct"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m\shared"
Found ! - "C:\Documents and Settings\Marianne\Application Data\m"
Found ! - "C:\Documents and Settings\Marianne\Application Data\drivers"
Found ! - "C:\Documents and Settings\Marianne\Application Data\drivers\wfsintwq.sys"
Found ! - "C:\Documents and Settings\Marianne\Application Data\drivers\winupgro.exe"
Found ! - "C:\Documents and Settings\Marianne\Application Data\drivers\downld"
################## [ Registre / Clés infectieuses ]
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\serial
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"
Found ! - HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"
# Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
# Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1
################## [ Recherche dans supports amovibles]
# Contenu de l'autorun : D:\autorun.inf
[autorun]
OPEN=setupSNK.exe
ICON=\SMRTNTKY\fcw.ico
ACTION=Assistant Réseau sans fil
# Contenu de l'autorun : E:\autorun.inf
[AUTORUN]
open=Autorun.exe
icon=\English\RCT2.EXE
# Presence des fichiers :
Found ! [07/02/2008 19:31][--a------] - D:\autorun.inf
Found ! [29/08/2002 02:14][-r-------] - E:\autorun.inf
################## [ Registre / Mountpoint2 ]
# -> Not found !
################## [ ! Fin du rapport # FindyKill V4.719 ! ]
Utilisateur anonyme
8 mars 2009 à 00:26
8 mars 2009 à 00:26
re Marianne,
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 2 (Suppression)
/!\ le pc va redémarrer, laisse travailler l outils jusqu a l apparition du message "Cleaning complete"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
--> Double clic sur le raccourci FindyKill sur ton bureau
--> Au menu principal,choisi l option 2 (Suppression)
/!\ le pc va redémarrer, laisse travailler l outils jusqu a l apparition du message "Cleaning complete"
/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !
-------> ensuite post le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides
Logfile of random's system information tool 1.05 (written by random/random)
Run by Marianne at 2009-03-08 00:37:59
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 29 GB (66%) free of 45 GB
Total RAM: 895 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:26, on 07/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
D:\charg-internet\RSIT.exe
C:\Program Files\trend micro\Marianne.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://lo.st#first
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CamserviceDeluxe2] C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [ReEXEc] D:\charg-internet\ELIBAGLA.AE%D8CB%D8%D8I.EXE
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: e-Carte Bleue La Banque Postale.lnk = C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?45c32f53825c4b41b17702a0c37fc03a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?45c32f53825c4b41b17702a0c37fc03a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab?AuthParam=1207948657_9d213279ea20566917b3e59cd67d0436&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Run by Marianne at 2009-03-08 00:37:59
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 29 GB (66%) free of 45 GB
Total RAM: 895 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:18:26, on 07/03/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\MediaDICO4Ut.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\Rac4Ut.EXE
C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
D:\charg-internet\RSIT.exe
C:\Program Files\trend micro\Marianne.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://lo.st#first
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [CamserviceDeluxe2] C:\Program Files\Hercules\Deluxe Optical Glass\Camservice.exe /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Marianne\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [ReEXEc] D:\charg-internet\ELIBAGLA.AE%D8CB%D8%D8I.EXE
O4 - HKCU\..\Run: [MediaDICO4Ut] C:\Program Files\Micro Application\Les 4 Dictionnaires Utiles\LanceMediaDICO4Ut.exe Lancement
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: e-Carte Bleue La Banque Postale.lnk = C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?45c32f53825c4b41b17702a0c37fc03a
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?45c32f53825c4b41b17702a0c37fc03a
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab?AuthParam=1207948657_9d213279ea20566917b3e59cd67d0436&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
Utilisateur anonyme
8 mars 2009 à 00:46
8 mars 2009 à 00:46
OK
envoi ce rapport stp : C:\FindyKill.txt
envoi ce rapport stp : C:\FindyKill.txt
excuse je me suis plantée de rapport voici le bon:
# User : Marianne (Administrateurs) # ASUS
# Update on 06/03/09 by Chiquitine29
# Start at: 00:49:15 | 08/03/2009
# Intel(R) Celeron(R) M CPU 420 @ 1.60GHz
# Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 43,65 Go (28,71 Go free) # NTFS
# D:\ # Disque fixe local # 29,02 Go (24,64 Go free) # NTFS
# E:\ # Disque CD-ROM # 686,5 Mo (0 Mo free) [RCT2] # CDFS
############################## [ Active Processes ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Infected Files / Folders C:\ ]
Deleted ! - C:\InfoSat.txt
################## [ C:\WINDOWS ]
################## [ C:\WINDOWS\system32 ]
################## [ C:\WINDOWS\system32\drivers ]
################## [ C:\.. Application Data ... ]
################## [ Registry / Infected keys ]
################## [ Cleaning Removable drives ]
# Deleting files :
Not deleted !! - E:\autorun.inf
################## [ Registry / Mountpoint2 ]
# -> Not found !
################## [ Searching Other Infections ]
################## [ PEH Corrupted ]
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ISSVC.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK\NSMdtr.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccApp.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccEvtMgr.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccSetMgr.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\NMain.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre\ccProxy.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\SPBBCSvc.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDSrvc.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ISSVC.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK\NSMdtr.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccApp.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccEvtMgr.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccSetMgr.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\NMain.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre\ccProxy.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\SPBBCSvc.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDSrvc.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ISSVC.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK\NSMdtr.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccApp.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccEvtMgr.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccSetMgr.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\NMain.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre\ccProxy.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\SPBBCSvc.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashAvast.exe
C:\Program Files\Alwil Software\Avast4\ashChest.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashLogV.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashPopWz.exe
C:\Program Files\Alwil Software\Avast4\ashQuick.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashSimp2.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Alwil Software\Avast4\ashSkPcc.exe
C:\Program Files\Alwil Software\Avast4\ashSkPck.exe
C:\Program Files\Alwil Software\Avast4\ashUpd.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\aswRegSvr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\copyx64.exe
C:\Program Files\Alwil Software\Avast4\sched.exe
C:\Program Files\Alwil Software\Avast4\VisthLic.exe
C:\Program Files\Alwil Software\Avast4\VisthUpd.exe
C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\Update.exe
C:\Program Files\Mozilla Firefox\uninstall\helper.exe
C:\Program Files\trend micro\hijackthis.exe
C:\Program Files\trend micro\Marianne.exe
C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
C:\WINDOWS\$hf_mig$\KB896424\update\update.exe
C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
C:\WINDOWS\$hf_mig$\KB900930\update\update.exe
C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
C:\WINDOWS\$hf_mig$\KB904942\update\update.exe
C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
C:\WINDOWS\$hf_mig$\KB911567\update\update.exe
C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
C:\WINDOWS\$hf_mig$\KB912919\update\update.exe
C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
C:\WINDOWS\$hf_mig$\KB917159\update\update.exe
C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
C:\WINDOWS\$hf_mig$\KB917422\update\update.exe
C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
C:\WINDOWS\$hf_mig$\KB918899\update\update.exe
C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
C:\WINDOWS\$hf_mig$\KB920214\update\update.exe
C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
C:\WINDOWS\$hf_mig$\KB921398\update\update.exe
C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
C:\WINDOWS\$hf_mig$\KB921883\update\update.exe
C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
C:\WINDOWS\$hf_mig$\KB922616\update\update.exe
C:\WINDOWS\$hf_mig$\KB922760\update\update.exe
C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
C:\WINDOWS\$hf_mig$\KB923694\update\update.exe
C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
C:\WINDOWS\$hf_mig$\KB924191\update\update.exe
C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
C:\WINDOWS\$hf_mig$\KB925454\update\update.exe
C:\WINDOWS\$hf_mig$\KB925486\update\update.exe
C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
C:\WINDOWS\$hf_mig$\KB928090\update\update.exe
C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
C:\WINDOWS\$hf_mig$\KB929338\update\update.exe
C:\WINDOWS\$hf_mig$\KB929969\update\update.exe
C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
C:\WINDOWS\$hf_mig$\KB931768\update\update.exe
C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
C:\WINDOWS\$hf_mig$\KB933566\update\update.exe
C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
C:\WINDOWS\$hf_mig$\KB935448\update\update.exe
C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
C:\WINDOWS\$hf_mig$\KB936357\update\update.exe
C:\WINDOWS\$hf_mig$\KB937143\update\update.exe
C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB938464\update\update.exe
C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
C:\WINDOWS\$hf_mig$\KB942615\update\update.exe
C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
C:\WINDOWS\$hf_mig$\KB942840\update\update.exe
C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
C:\WINDOWS\$hf_mig$\KB943460\update\update.exe
C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
C:\WINDOWS\$hf_mig$\KB944533\update\update.exe
C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
C:\WINDOWS\$hf_mig$\KB946627\update\update.exe
C:\WINDOWS\$hf_mig$\KB946648\update\update.exe
C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
C:\WINDOWS\$hf_mig$\KB951066\update\update.exe
C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
C:\WINDOWS\$hf_mig$\KB952287\update\update.exe
C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
C:\WINDOWS\$hf_mig$\KB953838-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB953839\update\update.exe
C:\WINDOWS\$hf_mig$\KB954211\update\update.exe
C:\WINDOWS\$hf_mig$\KB954600\update\update.exe
C:\WINDOWS\$hf_mig$\KB955069\update\update.exe
C:\WINDOWS\$hf_mig$\KB955839\update\update.exe
C:\WINDOWS\$hf_mig$\KB956390-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB956391\update\update.exe
C:\WINDOWS\$hf_mig$\KB956802\update\update.exe
C:\WINDOWS\$hf_mig$\KB956803\update\update.exe
C:\WINDOWS\$hf_mig$\KB956841\update\update.exe
C:\WINDOWS\$hf_mig$\KB957095\update\update.exe
C:\WINDOWS\$hf_mig$\KB957097\update\update.exe
C:\WINDOWS\$hf_mig$\KB958215-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB958644\update\update.exe
C:\WINDOWS\$hf_mig$\KB958687\update\update.exe
C:\WINDOWS\$hf_mig$\KB960714-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB960715\update\update.exe
C:\WINDOWS\$hf_mig$\KB961260-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB967715\update\update.exe
D:\charg-internet\HiJackThis.exe
################## [ ! End of Report # FindyKill V4.719 ! ]
merci
# User : Marianne (Administrateurs) # ASUS
# Update on 06/03/09 by Chiquitine29
# Start at: 00:49:15 | 08/03/2009
# Intel(R) Celeron(R) M CPU 420 @ 1.60GHz
# Microsoft Windows XP dition familiale (5.1.2600 32-bit) # Service Pack 2
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# C:\ # Disque fixe local # 43,65 Go (28,71 Go free) # NTFS
# D:\ # Disque fixe local # 29,02 Go (24,64 Go free) # NTFS
# E:\ # Disque CD-ROM # 686,5 Mo (0 Mo free) [RCT2] # CDFS
############################## [ Active Processes ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Infected Files / Folders C:\ ]
Deleted ! - C:\InfoSat.txt
################## [ C:\WINDOWS ]
################## [ C:\WINDOWS\system32 ]
################## [ C:\WINDOWS\system32\drivers ]
################## [ C:\.. Application Data ... ]
################## [ Registry / Infected keys ]
################## [ Cleaning Removable drives ]
# Deleting files :
Not deleted !! - E:\autorun.inf
################## [ Registry / Mountpoint2 ]
# -> Not found !
################## [ Searching Other Infections ]
################## [ PEH Corrupted ]
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ISSVC.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK\NSMdtr.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccApp.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccEvtMgr.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccSetMgr.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\NMain.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre\ccProxy.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\SPBBCSvc.exe
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDSrvc.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ISSVC.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK\NSMdtr.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccApp.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccEvtMgr.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccSetMgr.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\NMain.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre\ccProxy.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\SPBBCSvc.exe
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDSrvc.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\ISSVC.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK\NSMdtr.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccApp.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccEvtMgr.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\ccSetMgr.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon\NMain.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre\ccProxy.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC\SPBBCSvc.exe
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\SNDSrvc.exe
C:\Program Files\Alwil Software\Avast4\ashAvast.exe
C:\Program Files\Alwil Software\Avast4\ashChest.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashLogV.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashPopWz.exe
C:\Program Files\Alwil Software\Avast4\ashQuick.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashSimp2.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Alwil Software\Avast4\ashSkPcc.exe
C:\Program Files\Alwil Software\Avast4\ashSkPck.exe
C:\Program Files\Alwil Software\Avast4\ashUpd.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\aswRegSvr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\copyx64.exe
C:\Program Files\Alwil Software\Avast4\sched.exe
C:\Program Files\Alwil Software\Avast4\VisthLic.exe
C:\Program Files\Alwil Software\Avast4\VisthUpd.exe
C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\Update.exe
C:\Program Files\Mozilla Firefox\uninstall\helper.exe
C:\Program Files\trend micro\hijackthis.exe
C:\Program Files\trend micro\Marianne.exe
C:\WINDOWS\$hf_mig$\KB873339\update\update.exe
C:\WINDOWS\$hf_mig$\KB885835\update\update.exe
C:\WINDOWS\$hf_mig$\KB885836\update\update.exe
C:\WINDOWS\$hf_mig$\KB886185\update\update.exe
C:\WINDOWS\$hf_mig$\KB887472\update\update.exe
C:\WINDOWS\$hf_mig$\KB888302\update\update.exe
C:\WINDOWS\$hf_mig$\KB890046\update\update.exe
C:\WINDOWS\$hf_mig$\KB890859\update\update.exe
C:\WINDOWS\$hf_mig$\KB891781\update\update.exe
C:\WINDOWS\$hf_mig$\KB893756\update\update.exe
C:\WINDOWS\$hf_mig$\KB894391\update\update.exe
C:\WINDOWS\$hf_mig$\KB896358\update\update.exe
C:\WINDOWS\$hf_mig$\KB896423\update\update.exe
C:\WINDOWS\$hf_mig$\KB896424\update\update.exe
C:\WINDOWS\$hf_mig$\KB896428\update\update.exe
C:\WINDOWS\$hf_mig$\KB898461\update\update.exe
C:\WINDOWS\$hf_mig$\KB899587\update\update.exe
C:\WINDOWS\$hf_mig$\KB899591\update\update.exe
C:\WINDOWS\$hf_mig$\KB900485\update\update.exe
C:\WINDOWS\$hf_mig$\KB900725\update\update.exe
C:\WINDOWS\$hf_mig$\KB900930\update\update.exe
C:\WINDOWS\$hf_mig$\KB901017\update\update.exe
C:\WINDOWS\$hf_mig$\KB901214\update\update.exe
C:\WINDOWS\$hf_mig$\KB902400\update\update.exe
C:\WINDOWS\$hf_mig$\KB904706\update\update.exe
C:\WINDOWS\$hf_mig$\KB904942\update\update.exe
C:\WINDOWS\$hf_mig$\KB905414\update\update.exe
C:\WINDOWS\$hf_mig$\KB905749\update\update.exe
C:\WINDOWS\$hf_mig$\KB908519\update\update.exe
C:\WINDOWS\$hf_mig$\KB908531\update\update.exe
C:\WINDOWS\$hf_mig$\KB910437\update\update.exe
C:\WINDOWS\$hf_mig$\KB911280\update\update.exe
C:\WINDOWS\$hf_mig$\KB911562\update\update.exe
C:\WINDOWS\$hf_mig$\KB911567\update\update.exe
C:\WINDOWS\$hf_mig$\KB911927\update\update.exe
C:\WINDOWS\$hf_mig$\KB912919\update\update.exe
C:\WINDOWS\$hf_mig$\KB913580\update\update.exe
C:\WINDOWS\$hf_mig$\KB914388\update\update.exe
C:\WINDOWS\$hf_mig$\KB914389\update\update.exe
C:\WINDOWS\$hf_mig$\KB915865\update\update.exe
C:\WINDOWS\$hf_mig$\KB916595\update\update.exe
C:\WINDOWS\$hf_mig$\KB917159\update\update.exe
C:\WINDOWS\$hf_mig$\KB917344\update\update.exe
C:\WINDOWS\$hf_mig$\KB917422\update\update.exe
C:\WINDOWS\$hf_mig$\KB917953\update\update.exe
C:\WINDOWS\$hf_mig$\KB918118\update\update.exe
C:\WINDOWS\$hf_mig$\KB918439\update\update.exe
C:\WINDOWS\$hf_mig$\KB918899\update\update.exe
C:\WINDOWS\$hf_mig$\KB919007\update\update.exe
C:\WINDOWS\$hf_mig$\KB920213\update\update.exe
C:\WINDOWS\$hf_mig$\KB920214\update\update.exe
C:\WINDOWS\$hf_mig$\KB920670\update\update.exe
C:\WINDOWS\$hf_mig$\KB920683\update\update.exe
C:\WINDOWS\$hf_mig$\KB920685\update\update.exe
C:\WINDOWS\$hf_mig$\KB920872\update\update.exe
C:\WINDOWS\$hf_mig$\KB921398\update\update.exe
C:\WINDOWS\$hf_mig$\KB921503\update\update.exe
C:\WINDOWS\$hf_mig$\KB921883\update\update.exe
C:\WINDOWS\$hf_mig$\KB922582\update\update.exe
C:\WINDOWS\$hf_mig$\KB922616\update\update.exe
C:\WINDOWS\$hf_mig$\KB922760\update\update.exe
C:\WINDOWS\$hf_mig$\KB922819\update\update.exe
C:\WINDOWS\$hf_mig$\KB923414\update\update.exe
C:\WINDOWS\$hf_mig$\KB923694\update\update.exe
C:\WINDOWS\$hf_mig$\KB923980\update\update.exe
C:\WINDOWS\$hf_mig$\KB924191\update\update.exe
C:\WINDOWS\$hf_mig$\KB924270\update\update.exe
C:\WINDOWS\$hf_mig$\KB924496\update\update.exe
C:\WINDOWS\$hf_mig$\KB925454\update\update.exe
C:\WINDOWS\$hf_mig$\KB925486\update\update.exe
C:\WINDOWS\$hf_mig$\KB925902\update\update.exe
C:\WINDOWS\$hf_mig$\KB926255\update\update.exe
C:\WINDOWS\$hf_mig$\KB926436\update\update.exe
C:\WINDOWS\$hf_mig$\KB927779\update\update.exe
C:\WINDOWS\$hf_mig$\KB927802\update\update.exe
C:\WINDOWS\$hf_mig$\KB927891\update\update.exe
C:\WINDOWS\$hf_mig$\KB928090\update\update.exe
C:\WINDOWS\$hf_mig$\KB928255\update\update.exe
C:\WINDOWS\$hf_mig$\KB928843\update\update.exe
C:\WINDOWS\$hf_mig$\KB929123\update\update.exe
C:\WINDOWS\$hf_mig$\KB929338\update\update.exe
C:\WINDOWS\$hf_mig$\KB929969\update\update.exe
C:\WINDOWS\$hf_mig$\KB930178\update\update.exe
C:\WINDOWS\$hf_mig$\KB930916\update\update.exe
C:\WINDOWS\$hf_mig$\KB931261\update\update.exe
C:\WINDOWS\$hf_mig$\KB931768\update\update.exe
C:\WINDOWS\$hf_mig$\KB931784\update\update.exe
C:\WINDOWS\$hf_mig$\KB931836\update\update.exe
C:\WINDOWS\$hf_mig$\KB932168\update\update.exe
C:\WINDOWS\$hf_mig$\KB932823-v3\update\update.exe
C:\WINDOWS\$hf_mig$\KB933566\update\update.exe
C:\WINDOWS\$hf_mig$\KB933729\update\update.exe
C:\WINDOWS\$hf_mig$\KB935448\update\update.exe
C:\WINDOWS\$hf_mig$\KB935839\update\update.exe
C:\WINDOWS\$hf_mig$\KB935840\update\update.exe
C:\WINDOWS\$hf_mig$\KB936021\update\update.exe
C:\WINDOWS\$hf_mig$\KB936357\update\update.exe
C:\WINDOWS\$hf_mig$\KB937143\update\update.exe
C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
C:\WINDOWS\$hf_mig$\KB938127-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB938464\update\update.exe
C:\WINDOWS\$hf_mig$\KB938828\update\update.exe
C:\WINDOWS\$hf_mig$\KB938829\update\update.exe
C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
C:\WINDOWS\$hf_mig$\KB941644\update\update.exe
C:\WINDOWS\$hf_mig$\KB941693\update\update.exe
C:\WINDOWS\$hf_mig$\KB942615\update\update.exe
C:\WINDOWS\$hf_mig$\KB942615-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
C:\WINDOWS\$hf_mig$\KB942840\update\update.exe
C:\WINDOWS\$hf_mig$\KB943055\update\update.exe
C:\WINDOWS\$hf_mig$\KB943460\update\update.exe
C:\WINDOWS\$hf_mig$\KB943485\update\update.exe
C:\WINDOWS\$hf_mig$\KB944533\update\update.exe
C:\WINDOWS\$hf_mig$\KB944533-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
C:\WINDOWS\$hf_mig$\KB945553\update\update.exe
C:\WINDOWS\$hf_mig$\KB946026\update\update.exe
C:\WINDOWS\$hf_mig$\KB946627\update\update.exe
C:\WINDOWS\$hf_mig$\KB946648\update\update.exe
C:\WINDOWS\$hf_mig$\KB947864-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB948590\update\update.exe
C:\WINDOWS\$hf_mig$\KB948881\update\update.exe
C:\WINDOWS\$hf_mig$\KB950749\update\update.exe
C:\WINDOWS\$hf_mig$\KB950759-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB950760\update\update.exe
C:\WINDOWS\$hf_mig$\KB950762\update\update.exe
C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
C:\WINDOWS\$hf_mig$\KB951066\update\update.exe
C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
C:\WINDOWS\$hf_mig$\KB951376\update\update.exe
C:\WINDOWS\$hf_mig$\KB951376-v2\update\update.exe
C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
C:\WINDOWS\$hf_mig$\KB952287\update\update.exe
C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
C:\WINDOWS\$hf_mig$\KB953838-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB953839\update\update.exe
C:\WINDOWS\$hf_mig$\KB954211\update\update.exe
C:\WINDOWS\$hf_mig$\KB954600\update\update.exe
C:\WINDOWS\$hf_mig$\KB955069\update\update.exe
C:\WINDOWS\$hf_mig$\KB955839\update\update.exe
C:\WINDOWS\$hf_mig$\KB956390-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB956391\update\update.exe
C:\WINDOWS\$hf_mig$\KB956802\update\update.exe
C:\WINDOWS\$hf_mig$\KB956803\update\update.exe
C:\WINDOWS\$hf_mig$\KB956841\update\update.exe
C:\WINDOWS\$hf_mig$\KB957095\update\update.exe
C:\WINDOWS\$hf_mig$\KB957097\update\update.exe
C:\WINDOWS\$hf_mig$\KB958215-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB958644\update\update.exe
C:\WINDOWS\$hf_mig$\KB958687\update\update.exe
C:\WINDOWS\$hf_mig$\KB960714-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB960715\update\update.exe
C:\WINDOWS\$hf_mig$\KB961260-IE7\update\update.exe
C:\WINDOWS\$hf_mig$\KB967715\update\update.exe
D:\charg-internet\HiJackThis.exe
################## [ ! End of Report # FindyKill V4.719 ! ]
merci
Utilisateur anonyme
8 mars 2009 à 01:03
8 mars 2009 à 01:03
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005
C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\Update.exe
C:\Program Files\Mozilla Firefox\uninstall\helper.exe
C:\Program Files\trend micro
D:\charg-internet\HiJackThis.exe
:commands
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
http://oldtimer.geekstogo.com/OTMoveIt3.exe
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005
C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\Update.exe
C:\Program Files\Mozilla Firefox\uninstall\helper.exe
C:\Program Files\trend micro
D:\charg-internet\HiJackThis.exe
:commands
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\VirusDef moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS\SymSC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV\SymSC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32\Drivers moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32 moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\IDS moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymLnch moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SpamDefs moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SEVINST moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ScrBlock moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist\Ansi moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Redist moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyExt moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\NISTools moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\MSI moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LUpdate moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare\Help moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\FRE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\DCOM98 moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\Symantec moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\IDSDefs moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\System32 moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005 moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\VirusDef moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS\SymSC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV\SymSC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32\Drivers moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32 moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\IDS moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymLnch moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SpamDefs moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SEVINST moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ScrBlock moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist\Ansi moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Redist moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyExt moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\NISTools moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\MSI moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LUpdate moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare\Help moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\FRE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\DCOM98 moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\Symantec moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\IDSDefs moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\System32 moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005 moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\VirusDef moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS\SymSC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV\SymSC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32\Drivers moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32 moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\IDS moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymLnch moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SpamDefs moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SEVINST moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ScrBlock moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist\Ansi moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Redist moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyExt moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\NISTools moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\MSI moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\LUpdate moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare\Help moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\FRE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\DCOM98 moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\Symantec moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\Options moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\IDSDefs moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\System32 moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005 moved successfully.
C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\Update.exe moved successfully.
C:\Program Files\Mozilla Firefox\uninstall\helper.exe moved successfully.
C:\Program Files\trend micro moved successfully.
D:\charg-internet\HiJackThis.exe moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03082009_010643
Files moved on Reboot...
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
Process explorer.exe killed successfully.
========== FILES ==========
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\VirusDef moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS\SymSC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV\SymSC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32\Drivers moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32 moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\IDS moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SymLnch moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SpamDefs moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\SEVINST moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ScrBlock moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist\Ansi moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Redist moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyExt moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\NISTools moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\MSI moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LUpdate moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare\Help moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\FRE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\DCOM98 moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Support moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\Symantec moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\IDSDefs moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall\APP moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\System32 moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005\Setup moved successfully.
C:\Documents and Settings\Default User\Local Settings\Temp\Norton Internet Security 2005 moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\VirusDef moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS\SymSC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV\SymSC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32\Drivers moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32 moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\IDS moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SymLnch moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SpamDefs moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\SEVINST moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ScrBlock moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist\Ansi moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Redist moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyExt moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\NISTools moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\MSI moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LUpdate moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare\Help moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\FRE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\DCOM98 moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Support moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\Symantec moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\IDSDefs moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall\APP moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\System32 moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005\Setup moved successfully.
C:\Documents and Settings\Invité\Local Settings\Temp\Norton Internet Security 2005 moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\VirusDef moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS\SymSC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIIS moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV\SymSC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC\SYMWMIAV moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymSC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32\Drivers moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System32 moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\System moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE\IDS moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet\SymNet moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymNet moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SymLnch moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC\Common moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SPBBC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SpamDefs moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\SEVINST moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ScrBlock moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist\Ansi moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Redist\MSRedist moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Redist moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyExt moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy\ccPxyCre moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\Proxy moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\NISTools moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\MSI moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\LUpdate moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\LiveReg moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare\Help moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common\SymShare moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External\Common moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI\External moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\HelpMSI moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\FRE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\DCOM98 moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon\ccCommon moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support\ccCommon moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Support moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\SymLT moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Setup moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Privacy moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\Symantec moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\PControl moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\SPBBC moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\Options moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP\IDSDefs moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\ISCommon moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall\APP moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\Firewall moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\System32 moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE\AntiSpam moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore\COMMON moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\asCore moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\Options moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE\ADBLCK moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON\SYMSHARE moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck\COMMON moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup\AdBlck moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005\Setup moved successfully.
C:\Documents and Settings\vieux\Local Settings\Temp\Norton Internet Security 2005 moved successfully.
C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\Update.exe moved successfully.
C:\Program Files\Mozilla Firefox\uninstall\helper.exe moved successfully.
C:\Program Files\trend micro moved successfully.
D:\charg-internet\HiJackThis.exe moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 03082009_010643
Files moved on Reboot...
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
Utilisateur anonyme
8 mars 2009 à 01:15
8 mars 2009 à 01:15
OK , on continue ,
Télécharge Ad-remover ( de C_XX ) sur ton bureau ( et pas ailleurs!) :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
! Déconnecte toi et ferme toutes applications en cours !
* Clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installe par défaut .
* Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "A" et tape sur [entrée] .
Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Télécharge Ad-remover ( de C_XX ) sur ton bureau ( et pas ailleurs!) :
http://sd-1.archive-host.com/membres/up/16506160323759868/AD-R.exe
! Déconnecte toi et ferme toutes applications en cours !
* Clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installe par défaut .
* Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
* Au menu principal choisis l'option "A" et tape sur [entrée] .
Laisse travailler l'outil et ne touche à rien ...
--> Poste le rapport qui apparait à la fin .
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------
Updated by C_XX on 07/03/2009 at 21:40
Start at: 1:17:35 | Dim 08/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: ASUS
Current User: Marianne - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 49
+-----------------| Boonty/Boonty Games Elements Found:
.
.
+-----------------| Eorezo Elements Found:
HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKCR\AppID\EoRezoBHO.DLL
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKCU\Software\EoRezo
HKLM\Software\EoRezo
HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\AppID\EoRezoBHO.DLL
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Softwarehelper
.
C:\Program Files\EoRezo
C:\Documents and Settings\Marianne\Application Data\EoRezo
C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-281B60C2.pf
C:\WINDOWS\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.EX-1AFAA025.pf
C:\WINDOWS\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.TM-0C85E76B.pf
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-013AE3BD.pf
C:\Documents and Settings\Marianne\Cookies\marianne@eorezo[2].txt
+-----------------| Infected Poker Softwares Elements Found:
.
+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:
.
.
+-----------------| It's TV Elements Found:
.
+-----------------| Sweetim Elements Found:
.
+-----------------| Other Adwares Found:
.
.
C:\Documents and Settings\Marianne\Cookies\marianne@atdmt[2].txt
+-----------------| Added Scan:
---- Mozilla FireFox Version 2.0.0.17 ----
ProfilePath: krceghue.default
.
.
(Prefs.js) FOUND: user_pref("browser.startup.homepage", "http://y.lo.st");
.
.
.
.
---- Internet Explorer Version 7.0.5730.13 ----
+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Search bar: hxxp://recherche.neuf.fr/ie/default.html
Search Page: hxxp://recherche.neuf.fr/
Start page: hxxp://home.neuf.fr/
+-[HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\..\Internet Explorer\Main]
Search bar: hxxp://recherche.neuf.fr/ie/default.html
Search Page: hxxp://recherche.neuf.fr/
Start page: hxxp://home.neuf.fr/
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: hxxp://y.lo.st
+---------------------------------------------------------------------------+
[~3594 Bytes] - C:\Ad-Report-Scan-08.03.2009.log
- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE
End at: 1:19:02 | 08/03/2009
.
+-----------------| E.O.F - 86 Lines
.
Updated by C_XX on 07/03/2009 at 21:40
Start at: 1:17:35 | Dim 08/03/2009 | Boot mode: Normal Boot
Option: SCAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: ASUS
Current User: Marianne - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 49
+-----------------| Boonty/Boonty Games Elements Found:
.
.
+-----------------| Eorezo Elements Found:
HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKCR\AppID\EoRezoBHO.DLL
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKCU\Software\EoRezo
HKLM\Software\EoRezo
HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\AppID\EoRezoBHO.DLL
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Softwarehelper
.
C:\Program Files\EoRezo
C:\Documents and Settings\Marianne\Application Data\EoRezo
C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-281B60C2.pf
C:\WINDOWS\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.EX-1AFAA025.pf
C:\WINDOWS\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.TM-0C85E76B.pf
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-013AE3BD.pf
C:\Documents and Settings\Marianne\Cookies\marianne@eorezo[2].txt
+-----------------| Infected Poker Softwares Elements Found:
.
+-----------------| FunWebProducts/MyWay/MyWebSearch Elements Found:
.
.
+-----------------| It's TV Elements Found:
.
+-----------------| Sweetim Elements Found:
.
+-----------------| Other Adwares Found:
.
.
C:\Documents and Settings\Marianne\Cookies\marianne@atdmt[2].txt
+-----------------| Added Scan:
---- Mozilla FireFox Version 2.0.0.17 ----
ProfilePath: krceghue.default
.
.
(Prefs.js) FOUND: user_pref("browser.startup.homepage", "http://y.lo.st");
.
.
.
.
---- Internet Explorer Version 7.0.5730.13 ----
+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Search bar: hxxp://recherche.neuf.fr/ie/default.html
Search Page: hxxp://recherche.neuf.fr/
Start page: hxxp://home.neuf.fr/
+-[HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\..\Internet Explorer\Main]
Search bar: hxxp://recherche.neuf.fr/ie/default.html
Search Page: hxxp://recherche.neuf.fr/
Start page: hxxp://home.neuf.fr/
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Start page: hxxp://go.microsoft.com/fwlink/?LinkId=69157
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: hxxp://y.lo.st
+---------------------------------------------------------------------------+
[~3594 Bytes] - C:\Ad-Report-Scan-08.03.2009.log
- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE
End at: 1:19:02 | 08/03/2009
.
+-----------------| E.O.F - 86 Lines
.
Utilisateur anonyme
8 mars 2009 à 01:23
8 mars 2009 à 01:23
OK,
! Déconnecte toi et ferme toutes application en cours ( navigarteur compris ) !
* Relance "Ad-remover" : au menu principal choisis l'option "B" .
* A l'écran de sélection ( écran ) :
> choisis le(s) chiffre(s) suivant pour nettoyer les traces de :
2 - "Eorezo" puis [entrée]
Une fois la sélection faite, tape S puis [entrée] pour lancer la suppression .
--> le programme va travailler , ne touche à rien ...
* Poste le rapport qui apparait à la fin
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide ) /!\
! Déconnecte toi et ferme toutes application en cours ( navigarteur compris ) !
* Relance "Ad-remover" : au menu principal choisis l'option "B" .
* A l'écran de sélection ( écran ) :
> choisis le(s) chiffre(s) suivant pour nettoyer les traces de :
2 - "Eorezo" puis [entrée]
Une fois la sélection faite, tape S puis [entrée] pour lancer la suppression .
--> le programme va travailler , ne touche à rien ...
* Poste le rapport qui apparait à la fin
( le rapport est sauvegardé aussi sous C:\Ad-report.log )
/!\ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide ) /!\
------- LOGFILE OF AD-REMOVER 1.1.1.6 | ONLY XP/VISTA -------
Updated by C_XX on 07/03/2009 at 21:40
*** LIMITED TO ***
Eorezo
******************
Start at: 1:26:03 | Dim 08/03/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: ASUS
Current User: Marianne - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 50
(!) ---- IE start pages/Tabs reset
+-----------------| Eorezo Elements Deleted :
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Softwarehelper
HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKCR\AppID\EoRezoBHO.DLL
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKCU\Software\EoRezo
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
.
C:\Program Files\EoRezo
C:\Documents and Settings\Marianne\Application Data\EoRezo
C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-281B60C2.pf
C:\WINDOWS\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.EX-1AFAA025.pf
C:\WINDOWS\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.TM-0C85E76B.pf
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-013AE3BD.pf
C:\Documents and Settings\Marianne\Cookies\marianne@eorezo[2].txt
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+-----------------| Added Scan :
---- Mozilla FireFox Version 2.0.0.17 ----
ProfilePath: krceghue.default
.
.
(Prefs.js) REMOVED: user_pref("browser.startup.homepage", "http://y.lo.st");
.
.
.
.
---- Internet Explorer Version 7.0.5730.13 ----
+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://recherche.neuf.fr/
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+-[HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://recherche.neuf.fr/
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: hxxp://ieframe.dll/tabswelcome.htm
+---------------------------------------------------------------------------+
[~3527 Bytes] - C:\Ad-Report-Clean-08.03.2009.log
[~3815 Bytes] - C:\Ad-Report-Scan-08.03.2009.log
- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE
End at: 1:27:04 | 08/03/2009
.
+-----------------| E.O.F - 75 Lines
.
Updated by C_XX on 07/03/2009 at 21:40
*** LIMITED TO ***
Eorezo
******************
Start at: 1:26:03 | Dim 08/03/2009 | Boot mode: Normal Boot
Option: CLEAN | Executed from: C:\Program Files\Ad-remover\Ad-remover.bat
Operating System: Microsoft® Windows XP™ Service Pack 2 (version 5.1.2600)
Computer Name: ASUS
Current User: Marianne - Administrator
Drive(s):
- C:\ (File System: NTFS)
- D:\ (File System: NTFS)
- E:\ (File System: CDFS)
System Drive: C:\
Windows Directory: C:\WINDOWS\
System Directory: C:\WINDOWS\System32\
--- Running Processes: 50
(!) ---- IE start pages/Tabs reset
+-----------------| Eorezo Elements Deleted :
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Softwarehelper
HKCR\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKCR\AppID\EoRezoBHO.DLL
HKCR\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKCR\EoRezoBHO.EoBho
HKCR\EoRezoBHO.EoBho.1
HKCR\Typelib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKCU\Software\EoRezo
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
.
C:\Program Files\EoRezo
C:\Documents and Settings\Marianne\Application Data\EoRezo
C:\WINDOWS\Prefetch\SETUP_EOENGINE.EXE-281B60C2.pf
C:\WINDOWS\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.EX-1AFAA025.pf
C:\WINDOWS\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.TM-0C85E76B.pf
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-013AE3BD.pf
C:\Documents and Settings\Marianne\Cookies\marianne@eorezo[2].txt
(!) ---- Temp files deleted.
(!) ---- Recycle bin emptied in all drives.
+-----------------| Added Scan :
---- Mozilla FireFox Version 2.0.0.17 ----
ProfilePath: krceghue.default
.
.
(Prefs.js) REMOVED: user_pref("browser.startup.homepage", "http://y.lo.st");
.
.
.
.
---- Internet Explorer Version 7.0.5730.13 ----
+-[HKEY_CURRENT_USER\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://recherche.neuf.fr/
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+-[HKEY_USERS\S-1-5-21-1979603849-2658147280-390370475-1005\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://recherche.neuf.fr/
Start page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start page: hxxp://fr.msn.com/
+-[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
Tabs: hxxp://ieframe.dll/tabswelcome.htm
+---------------------------------------------------------------------------+
[~3527 Bytes] - C:\Ad-Report-Clean-08.03.2009.log
[~3815 Bytes] - C:\Ad-Report-Scan-08.03.2009.log
- C:\Program Files\Ad-remover\TOOLS\BACKUP
- C:\Program Files\Ad-remover\TOOLS\QUARANTINE
End at: 1:27:04 | 08/03/2009
.
+-----------------| E.O.F - 75 Lines
.
Utilisateur anonyme
8 mars 2009 à 01:31
8 mars 2009 à 01:31
ok,
Télécharge ToolsCleaner sur ton bureau.
-->
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
ensuite , il faut désinstaller avast pour ensuite le réinstaller ou en changer ...
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->Antivir le telecharger
-> http://www.commentcamarche.net/telecharger/telecharger 55 antivir
tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59
Pour désinstaller Avast telecharge cet outil
ensuite :
Telecharge malwarebytes
https://www.malwarebytes.com/
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
Télécharge ToolsCleaner sur ton bureau.
-->
http://pc-system.fr/
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
ensuite , il faut désinstaller avast pour ensuite le réinstaller ou en changer ...
antivir vs avast :
-> http://forum.malekal.com/ftopic3528.php
alors je te conseille de le desinstaller et d´installer antivir a la place
Telecharge et instales l'antivirus Antivir Personal Edition Classic :
->Antivir le telecharger
-> http://www.commentcamarche.net/telecharger/telecharger 55 antivir
tuto : https://www.malekal.com/avira-free-security-antivirus-gratuit/
tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59
Pour désinstaller Avast telecharge cet outil
ensuite :
Telecharge malwarebytes
https://www.malwarebytes.com/
Tu l´instale; le programme va se mettre automatiquement a jour.
Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".
Click maintenant sur l´onglet recherche et coche la case : "executer un examen rapide".
Puis click sur "rechercher".
Laisse le scanner le pc...
Si des elements on ete trouvés > click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "yes".
A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.
PS : les rapport sont aussi rangé dans l onglet rapport/log
[ Rapport ToolsCleaner version 2.3.2 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\FindyKill.txt: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Marianne\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Marianne\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\charg-internet\HijackThis.exe: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\HijackThis.exe: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\hijackthis.log: trouvé !
-->- Recherche:
C:\FindyKill.txt: trouvé !
C:\_OtMoveIt: trouvé !
C:\Rsit: trouvé !
C:\Documents and Settings\Marianne\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Marianne\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\charg-internet\HijackThis.exe: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\HijackThis.exe: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\hijackthis.log: trouvé !
C:\Documents and Settings\Marianne\Bureau\OTMoveIt3.exe: trouvé !
C:\Documents and Settings\Marianne\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\charg-internet\HijackThis.exe: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\HijackThis.exe: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
-->- Suppression:
C:\_OTMoveIt\MovedFiles\03082009_010643\charg-internet\HijackThis.exe: supprimé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\HijackThis.exe: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\Marianne\Bureau\OTMoveIt3.exe: supprimé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\hijackthis.log: supprimé !
C:\_OtMoveIt: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\Marianne\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\FindyKill: supprimé !
C:\Documents and Settings\Marianne\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\charg-internet\HijackThis.exe: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\HijackThis.exe: trouvé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\hijackthis.log: trouvé !
---------------------------------
-->- Suppression:
C:\_OTMoveIt\MovedFiles\03082009_010643\charg-internet\HijackThis.exe: supprimé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\HijackThis.exe: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\Marianne\Bureau\OTMoveIt3.exe: supprimé !
C:\_OTMoveIt\MovedFiles\03082009_010643\Program Files\trend micro\hijackthis.log: supprimé !
C:\_OtMoveIt: supprimé !
C:\Rsit: supprimé !
C:\Documents and Settings\Marianne\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\FindyKill: supprimé !
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1826
Windows 5.1.2600 Service Pack 2
08/03/2009 01:48:03
mbam-log-2009-03-08 (01-48-03).txt
Type de recherche: Examen rapide
Eléments examinés: 70707
Temps écoulé: 2 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
merci bcp , bonne nuit et a demain.
Version de la base de données: 1826
Windows 5.1.2600 Service Pack 2
08/03/2009 01:48:03
mbam-log-2009-03-08 (01-48-03).txt
Type de recherche: Examen rapide
Eléments examinés: 70707
Temps écoulé: 2 minute(s), 50 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
merci bcp , bonne nuit et a demain.
merci a toi chiquitine29 jai téléchrager antivir et il a trouvé tous les virus cad 15 dont plusieurs bacle,mon PC démarre sans probléme...merci encore je me suis fais une petite trousse de secours maintenant!
bonne journée
bonne journée
Utilisateur anonyme
8 mars 2009 à 12:32
8 mars 2009 à 12:32
Bonjours Marianne,
c est cool si tout va bien , par contre tu veux bien m envoyer le rapport antivir stp , merci
c est cool si tout va bien , par contre tu veux bien m envoyer le rapport antivir stp , merci
