Winupgro bagle
Résolu
Neoyevon
-
Neoyevon Messages postés 15 Statut Membre -
Neoyevon Messages postés 15 Statut Membre -
Bonjour,infecté par par winupgro je cherche désespérément une solution j ai suivi les topics présents sur ce forum et utilisé findykill .
La détection se passe bien malheureusement l étape 2 (désinfection) ne se déroule pas correctement le pc reboot une 1ere fois (Néanmoins un écran bleu a la fermeture de windows mais qui ne me laisse pas le temps de lire).
Une fois redémarré findykill ne se relance pas
je vous joins le rapportci dessous
Dans l attente de vos réponses cordialement.
----------------- FindyKill V4.711 ------------------
* User : Sloane - NEOYEVON
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 22:29:00 le 06/01/2009
* Windows XP - Internet Explorer 6.0.2900.5512
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\117593.EXE-148D91AE.pf
Found ! - C:\WINDOWS\prefetch\119031.EXE-370F03AF.pf
Found ! - C:\WINDOWS\prefetch\119718.EXE-072BED3B.pf
Found ! - C:\WINDOWS\prefetch\128171.EXE-234AE885.pf
Found ! - C:\WINDOWS\prefetch\138640.EXE-2FC301D2.pf
Found ! - C:\WINDOWS\prefetch\143812.EXE-0761CE9F.pf
Found ! - C:\WINDOWS\prefetch\168734.EXE-25324F4B.pf
Found ! - C:\WINDOWS\prefetch\204640.EXE-0AF45669.pf
Found ! - C:\WINDOWS\prefetch\212703.EXE-1DF1D249.pf
Found ! - C:\WINDOWS\prefetch\218421.EXE-1B3F16EB.pf
Found ! - C:\WINDOWS\prefetch\218828.EXE-1F55A19E.pf
Found ! - C:\WINDOWS\prefetch\219078.EXE-394FB033.pf
Found ! - C:\WINDOWS\prefetch\258750.EXE-003087E7.pf
Found ! - C:\WINDOWS\prefetch\275796.EXE-214AE00D.pf
Found ! - C:\WINDOWS\prefetch\309890.EXE-307B2DED.pf
Found ! - C:\WINDOWS\prefetch\318437.EXE-03D056C3.pf
Found ! - C:\WINDOWS\prefetch\351937.EXE-301070CC.pf
Found ! - C:\WINDOWS\prefetch\358875.EXE-24BC25A4.pf
Found ! - C:\WINDOWS\prefetch\411390.EXE-08E400DB.pf
Found ! - C:\WINDOWS\prefetch\413062.EXE-2AEE7461.pf
Found ! - C:\WINDOWS\prefetch\471234.EXE-096CDE46.pf
Found ! - C:\WINDOWS\prefetch\481984.EXE-2B20585F.pf
Found ! - C:\WINDOWS\prefetch\513078.EXE-137FB439.pf
Found ! - C:\WINDOWS\prefetch\629156.EXE-0BA7F054.pf
Found ! - C:\WINDOWS\prefetch\64046.EXE-2C1949ED.pf
Found ! - C:\WINDOWS\prefetch\664734.EXE-19EACC53.pf
Found ! - C:\WINDOWS\prefetch\70453.EXE-21210DA6.pf
Found ! - C:\WINDOWS\prefetch\70609.EXE-1155F366.pf
Found ! - C:\WINDOWS\prefetch\72156.EXE-2101F77B.pf
Found ! - C:\WINDOWS\prefetch\75250.EXE-272077E5.pf
Found ! - C:\WINDOWS\prefetch\98484.EXE-24C311C7.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-17A6EC36.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf
Found ! - C:\WINDOWS\Prefetch\NBKEYSCAN.EXE-2E1DB169.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [06/01/2009 22:25] - C:\WINDOWS\system32\mdelk.exe
Found ! [06/01/2009 22:25] - C:\WINDOWS\system32\wintems.exe
Found ! [06/01/2009 22:26] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Sloane\Application Data
Found ! [06/01/2009 21:06] - "C:\Documents and Settings\Sloane\Application Data\m\flec006.exe"
Found ! [06/01/2009 21:15] - "C:\Documents and Settings\Sloane\Application Data\m\list.oct"
Found ! [06/01/2009 21:17] - "C:\Documents and Settings\Sloane\Application Data\m\data.oct"
Found ! [06/01/2009 21:17] - "C:\Documents and Settings\Sloane\Application Data\m\srvlist.oct"
Found ! [06/01/2009 22:26] - "C:\Documents and Settings\Sloane\Application Data\m\shared"
Found ! [02/01/2009 22:48] - "C:\Documents and Settings\Sloane\Application Data\m"
Found ! [02/01/2009 21:43] - "C:\Documents and Settings\Sloane\Application Data\drivers"
Found ! [06/01/2009 22:24] - "C:\Documents and Settings\Sloane\Application Data\drivers\srosa.sys"
Found ! [06/01/2009 22:24] - "C:\Documents and Settings\Sloane\Application Data\drivers\srosa2.sys"
Found ! [02/09/2005 08:03] - "C:\Documents and Settings\Sloane\Application Data\drivers\winupgro.exe"
Found ! [06/01/2009 22:28] - "C:\Documents and Settings\Sloane\Application Data\drivers\downld"
»»»» Presence des fichiers dans C:\DOCUME~1\Sloane\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5
Found ! [04/01/2009 10:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_1[1].jpg
Found ! [04/01/2009 19:33] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_1[2].jpg
Found ! [06/01/2009 20:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_1[3].jpg
Found ! [06/01/2009 12:16] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_3[1].jpg
Found ! [04/01/2009 09:41] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_5[1].jpg
Found ! [06/01/2009 20:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\file[1].txt
Found ! [06/01/2009 22:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\file[2].txt
Found ! [04/01/2009 10:27] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64[1].jpg
Found ! [06/01/2009 21:06] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64[2].jpg
Found ! [04/01/2009 11:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64_1[1].jpg
Found ! [05/01/2009 18:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64_1[2].jpg
Found ! [06/01/2009 16:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64_2[1].jpg
Found ! [02/01/2009 22:48] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\mxd[1].jpg
Found ! [06/01/2009 20:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\servernames[1].htm
Found ! [06/01/2009 20:08] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_2[1].jpg
Found ! [02/01/2009 21:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_3[1].jpg
Found ! [04/01/2009 09:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_3[2].jpg
Found ! [04/01/2009 09:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_3[3].jpg
Found ! [06/01/2009 12:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64[1].jpg
Found ! [06/01/2009 19:51] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64[2].jpg
Found ! [02/01/2009 22:49] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[1].jpg
Found ! [04/01/2009 09:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[2].jpg
Found ! [04/01/2009 15:20] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[3].jpg
Found ! [05/01/2009 17:54] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[4].jpg
Found ! [05/01/2009 17:53] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[5].jpg
Found ! [06/01/2009 16:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[6].jpg
Found ! [06/01/2009 21:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[7].jpg
Found ! [04/01/2009 10:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_2[1].jpg
Found ! [03/01/2009 10:34] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[1].jpg
Found ! [04/01/2009 09:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[2].jpg
Found ! [05/01/2009 12:19] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[3].jpg
Found ! [05/01/2009 22:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[4].jpg
Found ! [06/01/2009 20:59] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[5].jpg
Found ! [02/01/2009 22:47] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64[1].jpg
Found ! [06/01/2009 21:00] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64[2].jpg
Found ! [06/01/2009 21:00] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64[3].jpg
Found ! [04/01/2009 09:41] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[1].jpg
Found ! [04/01/2009 09:41] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[2].jpg
Found ! [04/01/2009 10:56] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[3].jpg
Found ! [06/01/2009 21:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[4].jpg
Found ! [05/01/2009 12:30] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_2[1].jpg
Found ! [04/01/2009 19:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_3[1].jpg
Found ! [06/01/2009 20:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_3[2].jpg
Found ! [05/01/2009 22:07] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64[1].jpg
Found ! [06/01/2009 12:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64[2].jpg
Found ! [06/01/2009 22:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64[3].jpg
Found ! [02/01/2009 22:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[1].jpg
Found ! [03/01/2009 10:39] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[2].jpg
Found ! [04/01/2009 10:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[3].jpg
Found ! [04/01/2009 10:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[4].jpg
Found ! [06/01/2009 12:19] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[5].jpg
Found ! [06/01/2009 22:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_3[1].jpg
Found ! [06/01/2009 21:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\mxd[1].jpg
Found ! [04/01/2009 09:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[1].jpg
Found ! [04/01/2009 19:28] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[2].jpg
Found ! [05/01/2009 17:56] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[3].jpg
Found ! [06/01/2009 20:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[4].jpg
Found ! [03/01/2009 10:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64_2[1].jpg
Found ! [06/01/2009 20:31] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64_2[2].jpg
Found ! [04/01/2009 11:02] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\mxd[1].jpg
Found ! [03/01/2009 10:37] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64[1].jpg
Found ! [04/01/2009 10:28] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64[2].jpg
Found ! [05/01/2009 18:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_2[1].jpg
Found ! [04/01/2009 10:55] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_3[1].jpg
Found ! [04/01/2009 15:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_3[2].jpg
Found ! [06/01/2009 16:21] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_3[3].jpg
Found ! [06/01/2009 22:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\file[1].txt
Found ! [06/01/2009 22:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\file[2].txt
Found ! [06/01/2009 21:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\mxd[1].jpg
Found ! [06/01/2009 21:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\servernames[1].htm
Found ! [12/05/2008 15:36] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\K35JE2J5\B644328551ED9E9AFE595B8B26F2A[1].jpg
Found ! [04/01/2009 15:21] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64[1].jpg
Found ! [06/01/2009 16:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64[2].jpg
Found ! [06/01/2009 20:27] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64[3].jpg
Found ! [04/01/2009 09:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_1[1].jpg
Found ! [05/01/2009 22:07] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_1[2].jpg
Found ! [06/01/2009 12:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_1[3].jpg
Found ! [02/01/2009 22:50] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_2[1].jpg
Found ! [06/01/2009 21:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_2[2].jpg
Found ! [05/01/2009 17:50] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_3[1].jpg
Found ! [06/01/2009 19:51] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_3[2].jpg
Found ! [06/01/2009 19:50] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_3[3].jpg
Found ! [06/01/2009 22:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\file[1].txt
Found ! [06/01/2009 19:58] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\mxd[1].jpg
Found ! [04/01/2009 09:38] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_1[1].jpg
Found ! [04/01/2009 09:47] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[1].jpg
Found ! [05/01/2009 18:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[2].jpg
Found ! [06/01/2009 12:20] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[3].jpg
Found ! [06/01/2009 12:20] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[4].jpg
Found ! [05/01/2009 22:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_3[1].jpg
Found ! [04/01/2009 09:43] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[1].jpg
Found ! [04/01/2009 09:43] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[2].jpg
Found ! [04/01/2009 09:43] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[3].jpg
Found ! [04/01/2009 11:01] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[4].jpg
Found ! [06/01/2009 21:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[5].jpg
Found ! [04/01/2009 09:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_1[1].jpg
Found ! [04/01/2009 19:27] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_1[2].jpg
Found ! [06/01/2009 20:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_1[3].jpg
Found ! [05/01/2009 22:11] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_2[1].jpg
Found ! [06/01/2009 16:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_2[2].jpg
Found ! [06/01/2009 20:31] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_2[3].jpg
Found ! [04/01/2009 10:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_3[1].jpg
Found ! [05/01/2009 18:01] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64[1].jpg
Found ! [06/01/2009 20:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_1[1].jpg
Found ! [04/01/2009 09:12] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[1].jpg
Found ! [04/01/2009 09:47] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[2].jpg
Found ! [04/01/2009 11:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[3].jpg
Found ! [04/01/2009 19:33] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[4].jpg
Found ! [04/01/2009 09:37] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_3[1].jpg
Found ! [06/01/2009 12:16] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_3[2].jpg
Found ! [03/01/2009 10:34] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\mxd[1].jpg
Found ! [20/05/2008 14:09] - C:\Program Files\Hack\dessassemblage\winhex\File Type Signatures.txt
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
MessengerPlus3="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
WOOKIT=C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
DAEMON Tools="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
AlcoholAutomount="C:\Program Files\Alcohol 120\axcmd.exe" /automount
msnmsgr="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMan=SOUNDMAN.EXE
NVRaidService=C:\WINDOWS\system32\nvraidservice.exe
ATICCC="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
LVCOMS=C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
LogitechGalleryRepair=C:\Program Files\Logitech\ImageStudio\ISStart.exe
LogitechImageStudioTray=C:\Program Files\Logitech\ImageStudio\LogiTray.exe
MessengerPlus3="C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
NetLimiter=C:\Program Files\NetLimiter\NetLimiter.exe /s
NeroFilterCheck=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
NBKeyScan="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsgPlus]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\RtlRack]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\run]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sK9Ou0s
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
/!\ Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
/!\ Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
/!\ Mode sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
/!\ Mode sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
/!\ Mode sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
EapHost - Type de démarrage = 3
/!\ Ip6Fw - Type de démarrage = 4
/!\ SharedAccess - Type de démarrage = 4
/!\ wuauserv - Type de démarrage = 4
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8963406c-55a6-11dc-8f11-000fea313fa3}\Shell\AutoRun\command
------------------- ! Fin du rapport ! --------------------
La détection se passe bien malheureusement l étape 2 (désinfection) ne se déroule pas correctement le pc reboot une 1ere fois (Néanmoins un écran bleu a la fermeture de windows mais qui ne me laisse pas le temps de lire).
Une fois redémarré findykill ne se relance pas
je vous joins le rapportci dessous
Dans l attente de vos réponses cordialement.
----------------- FindyKill V4.711 ------------------
* User : Sloane - NEOYEVON
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 22:29:00 le 06/01/2009
* Windows XP - Internet Explorer 6.0.2900.5512
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
Found ! - C:\WINDOWS\prefetch\117593.EXE-148D91AE.pf
Found ! - C:\WINDOWS\prefetch\119031.EXE-370F03AF.pf
Found ! - C:\WINDOWS\prefetch\119718.EXE-072BED3B.pf
Found ! - C:\WINDOWS\prefetch\128171.EXE-234AE885.pf
Found ! - C:\WINDOWS\prefetch\138640.EXE-2FC301D2.pf
Found ! - C:\WINDOWS\prefetch\143812.EXE-0761CE9F.pf
Found ! - C:\WINDOWS\prefetch\168734.EXE-25324F4B.pf
Found ! - C:\WINDOWS\prefetch\204640.EXE-0AF45669.pf
Found ! - C:\WINDOWS\prefetch\212703.EXE-1DF1D249.pf
Found ! - C:\WINDOWS\prefetch\218421.EXE-1B3F16EB.pf
Found ! - C:\WINDOWS\prefetch\218828.EXE-1F55A19E.pf
Found ! - C:\WINDOWS\prefetch\219078.EXE-394FB033.pf
Found ! - C:\WINDOWS\prefetch\258750.EXE-003087E7.pf
Found ! - C:\WINDOWS\prefetch\275796.EXE-214AE00D.pf
Found ! - C:\WINDOWS\prefetch\309890.EXE-307B2DED.pf
Found ! - C:\WINDOWS\prefetch\318437.EXE-03D056C3.pf
Found ! - C:\WINDOWS\prefetch\351937.EXE-301070CC.pf
Found ! - C:\WINDOWS\prefetch\358875.EXE-24BC25A4.pf
Found ! - C:\WINDOWS\prefetch\411390.EXE-08E400DB.pf
Found ! - C:\WINDOWS\prefetch\413062.EXE-2AEE7461.pf
Found ! - C:\WINDOWS\prefetch\471234.EXE-096CDE46.pf
Found ! - C:\WINDOWS\prefetch\481984.EXE-2B20585F.pf
Found ! - C:\WINDOWS\prefetch\513078.EXE-137FB439.pf
Found ! - C:\WINDOWS\prefetch\629156.EXE-0BA7F054.pf
Found ! - C:\WINDOWS\prefetch\64046.EXE-2C1949ED.pf
Found ! - C:\WINDOWS\prefetch\664734.EXE-19EACC53.pf
Found ! - C:\WINDOWS\prefetch\70453.EXE-21210DA6.pf
Found ! - C:\WINDOWS\prefetch\70609.EXE-1155F366.pf
Found ! - C:\WINDOWS\prefetch\72156.EXE-2101F77B.pf
Found ! - C:\WINDOWS\prefetch\75250.EXE-272077E5.pf
Found ! - C:\WINDOWS\prefetch\98484.EXE-24C311C7.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-17A6EC36.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf
Found ! - C:\WINDOWS\Prefetch\NBKEYSCAN.EXE-2E1DB169.pf
»»»» Presence des fichiers dans C:\WINDOWS\system32
Found ! [06/01/2009 22:25] - C:\WINDOWS\system32\mdelk.exe
Found ! [06/01/2009 22:25] - C:\WINDOWS\system32\wintems.exe
Found ! [06/01/2009 22:26] - C:\WINDOWS\system32\ban_list.txt
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Sloane\Application Data
Found ! [06/01/2009 21:06] - "C:\Documents and Settings\Sloane\Application Data\m\flec006.exe"
Found ! [06/01/2009 21:15] - "C:\Documents and Settings\Sloane\Application Data\m\list.oct"
Found ! [06/01/2009 21:17] - "C:\Documents and Settings\Sloane\Application Data\m\data.oct"
Found ! [06/01/2009 21:17] - "C:\Documents and Settings\Sloane\Application Data\m\srvlist.oct"
Found ! [06/01/2009 22:26] - "C:\Documents and Settings\Sloane\Application Data\m\shared"
Found ! [02/01/2009 22:48] - "C:\Documents and Settings\Sloane\Application Data\m"
Found ! [02/01/2009 21:43] - "C:\Documents and Settings\Sloane\Application Data\drivers"
Found ! [06/01/2009 22:24] - "C:\Documents and Settings\Sloane\Application Data\drivers\srosa.sys"
Found ! [06/01/2009 22:24] - "C:\Documents and Settings\Sloane\Application Data\drivers\srosa2.sys"
Found ! [02/09/2005 08:03] - "C:\Documents and Settings\Sloane\Application Data\drivers\winupgro.exe"
Found ! [06/01/2009 22:28] - "C:\Documents and Settings\Sloane\Application Data\drivers\downld"
»»»» Presence des fichiers dans C:\DOCUME~1\Sloane\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5
Found ! [04/01/2009 10:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_1[1].jpg
Found ! [04/01/2009 19:33] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_1[2].jpg
Found ! [06/01/2009 20:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_1[3].jpg
Found ! [06/01/2009 12:16] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_3[1].jpg
Found ! [04/01/2009 09:41] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\b64_5[1].jpg
Found ! [06/01/2009 20:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\file[1].txt
Found ! [06/01/2009 22:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\0FTV6YJX\file[2].txt
Found ! [04/01/2009 10:27] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64[1].jpg
Found ! [06/01/2009 21:06] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64[2].jpg
Found ! [04/01/2009 11:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64_1[1].jpg
Found ! [05/01/2009 18:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64_1[2].jpg
Found ! [06/01/2009 16:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\b64_2[1].jpg
Found ! [02/01/2009 22:48] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\mxd[1].jpg
Found ! [06/01/2009 20:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\7NLH9L9A\servernames[1].htm
Found ! [06/01/2009 20:08] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_2[1].jpg
Found ! [02/01/2009 21:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_3[1].jpg
Found ! [04/01/2009 09:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_3[2].jpg
Found ! [04/01/2009 09:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9BVMJ7ZZ\b64_3[3].jpg
Found ! [06/01/2009 12:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64[1].jpg
Found ! [06/01/2009 19:51] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64[2].jpg
Found ! [02/01/2009 22:49] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[1].jpg
Found ! [04/01/2009 09:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[2].jpg
Found ! [04/01/2009 15:20] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[3].jpg
Found ! [05/01/2009 17:54] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[4].jpg
Found ! [05/01/2009 17:53] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[5].jpg
Found ! [06/01/2009 16:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[6].jpg
Found ! [06/01/2009 21:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_1[7].jpg
Found ! [04/01/2009 10:29] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_2[1].jpg
Found ! [03/01/2009 10:34] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[1].jpg
Found ! [04/01/2009 09:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[2].jpg
Found ! [05/01/2009 12:19] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[3].jpg
Found ! [05/01/2009 22:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[4].jpg
Found ! [06/01/2009 20:59] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\9XAQIWK6\b64_3[5].jpg
Found ! [02/01/2009 22:47] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64[1].jpg
Found ! [06/01/2009 21:00] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64[2].jpg
Found ! [06/01/2009 21:00] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64[3].jpg
Found ! [04/01/2009 09:41] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[1].jpg
Found ! [04/01/2009 09:41] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[2].jpg
Found ! [04/01/2009 10:56] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[3].jpg
Found ! [06/01/2009 21:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_1[4].jpg
Found ! [05/01/2009 12:30] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_2[1].jpg
Found ! [04/01/2009 19:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_3[1].jpg
Found ! [06/01/2009 20:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\EFKFHIN2\b64_3[2].jpg
Found ! [05/01/2009 22:07] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64[1].jpg
Found ! [06/01/2009 12:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64[2].jpg
Found ! [06/01/2009 22:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64[3].jpg
Found ! [02/01/2009 22:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[1].jpg
Found ! [03/01/2009 10:39] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[2].jpg
Found ! [04/01/2009 10:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[3].jpg
Found ! [04/01/2009 10:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[4].jpg
Found ! [06/01/2009 12:19] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_1[5].jpg
Found ! [06/01/2009 22:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\b64_3[1].jpg
Found ! [06/01/2009 21:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\GCRF7Q3S\mxd[1].jpg
Found ! [04/01/2009 09:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[1].jpg
Found ! [04/01/2009 19:28] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[2].jpg
Found ! [05/01/2009 17:56] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[3].jpg
Found ! [06/01/2009 20:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64[4].jpg
Found ! [03/01/2009 10:40] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64_2[1].jpg
Found ! [06/01/2009 20:31] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\b64_2[2].jpg
Found ! [04/01/2009 11:02] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\IQQ1X18Q\mxd[1].jpg
Found ! [03/01/2009 10:37] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64[1].jpg
Found ! [04/01/2009 10:28] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64[2].jpg
Found ! [05/01/2009 18:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_2[1].jpg
Found ! [04/01/2009 10:55] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_3[1].jpg
Found ! [04/01/2009 15:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_3[2].jpg
Found ! [06/01/2009 16:21] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\b64_3[3].jpg
Found ! [06/01/2009 22:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\file[1].txt
Found ! [06/01/2009 22:03] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\file[2].txt
Found ! [06/01/2009 21:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\mxd[1].jpg
Found ! [06/01/2009 21:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\JLJZMW5W\servernames[1].htm
Found ! [12/05/2008 15:36] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\K35JE2J5\B644328551ED9E9AFE595B8B26F2A[1].jpg
Found ! [04/01/2009 15:21] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64[1].jpg
Found ! [06/01/2009 16:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64[2].jpg
Found ! [06/01/2009 20:27] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64[3].jpg
Found ! [04/01/2009 09:46] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_1[1].jpg
Found ! [05/01/2009 22:07] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_1[2].jpg
Found ! [06/01/2009 12:17] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_1[3].jpg
Found ! [02/01/2009 22:50] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_2[1].jpg
Found ! [06/01/2009 21:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_2[2].jpg
Found ! [05/01/2009 17:50] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_3[1].jpg
Found ! [06/01/2009 19:51] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_3[2].jpg
Found ! [06/01/2009 19:50] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\b64_3[3].jpg
Found ! [06/01/2009 22:26] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\file[1].txt
Found ! [06/01/2009 19:58] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\LRNG84VK\mxd[1].jpg
Found ! [04/01/2009 09:38] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_1[1].jpg
Found ! [04/01/2009 09:47] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[1].jpg
Found ! [05/01/2009 18:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[2].jpg
Found ! [06/01/2009 12:20] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[3].jpg
Found ! [06/01/2009 12:20] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_2[4].jpg
Found ! [05/01/2009 22:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PMKY7TPK\b64_3[1].jpg
Found ! [04/01/2009 09:43] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[1].jpg
Found ! [04/01/2009 09:43] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[2].jpg
Found ! [04/01/2009 09:43] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[3].jpg
Found ! [04/01/2009 11:01] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[4].jpg
Found ! [06/01/2009 21:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64[5].jpg
Found ! [04/01/2009 09:10] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_1[1].jpg
Found ! [04/01/2009 19:27] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_1[2].jpg
Found ! [06/01/2009 20:05] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_1[3].jpg
Found ! [05/01/2009 22:11] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_2[1].jpg
Found ! [06/01/2009 16:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_2[2].jpg
Found ! [06/01/2009 20:31] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_2[3].jpg
Found ! [04/01/2009 10:25] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\PSTHF1TR\b64_3[1].jpg
Found ! [05/01/2009 18:01] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64[1].jpg
Found ! [06/01/2009 20:22] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_1[1].jpg
Found ! [04/01/2009 09:12] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[1].jpg
Found ! [04/01/2009 09:47] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[2].jpg
Found ! [04/01/2009 11:04] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[3].jpg
Found ! [04/01/2009 19:33] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_2[4].jpg
Found ! [04/01/2009 09:37] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_3[1].jpg
Found ! [06/01/2009 12:16] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\b64_3[2].jpg
Found ! [03/01/2009 10:34] - C:\Documents and Settings\Sloane\Local Settings\Temporary Internet Files\Content.IE5\XRTV52N9\mxd[1].jpg
Found ! [20/05/2008 14:09] - C:\Program Files\Hack\dessassemblage\winhex\File Type Signatures.txt
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
MessengerPlus3="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
WOOKIT=C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
DAEMON Tools="C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
AlcoholAutomount="C:\Program Files\Alcohol 120\axcmd.exe" /automount
msnmsgr="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
SoundMan=SOUNDMAN.EXE
NVRaidService=C:\WINDOWS\system32\nvraidservice.exe
ATICCC="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
RemoteControl="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
LVCOMS=C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
LogitechGalleryRepair=C:\Program Files\Logitech\ImageStudio\ISStart.exe
LogitechImageStudioTray=C:\Program Files\Logitech\ImageStudio\LogiTray.exe
MessengerPlus3="C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
SunJavaUpdateSched="C:\Program Files\Java\jre6\bin\jusched.exe"
NetLimiter=C:\Program Files\NetLimiter\NetLimiter.exe /s
NeroFilterCheck=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
NBKeyScan="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
KernelFaultCheck=%systemroot%\system32\dumprep 0 -k
[HKEY_CURRENT_USER\software\local appwizard-generated applications\MsgPlus]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\RtlRack]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\run]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\winupgro]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\bisoft
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\DateTime4
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-2052111302-287218729-725345543-1004\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sK9Ou0s
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\DateTime4
Found ! - HKEY_CURRENT_USER\Software\FirtR
/!\ Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
/!\ Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1
--------------- [ Etat / Services ] ----------------
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot
/!\ Mode sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
/!\ Mode sans echec non fonctionnel !!
Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network
/!\ Mode sans echec non fonctionnel !!
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
/!\ Ndisuio - Type de démarrage = 4
EapHost - Type de démarrage = 3
/!\ Ip6Fw - Type de démarrage = 4
/!\ SharedAccess - Type de démarrage = 4
/!\ wuauserv - Type de démarrage = 4
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8963406c-55a6-11dc-8f11-000fea313fa3}\Shell\AutoRun\command
------------------- ! Fin du rapport ! --------------------
25 réponses
relance hijack(scan only) et coche ces lignes
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
clic sur fix checked
ferme ton pc puis relance le
poste un nouveau rapport Hijack stp
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
clic sur fix checked
ferme ton pc puis relance le
poste un nouveau rapport Hijack stp
C est chose faite voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:56, on 12/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol 120\axcmd.exe" /automount
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1273B02A-115F-4852-87C0-3AD270B276CE}: NameServer = 194.2.0.20,195.248.0.2
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: wampapache - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\apache\apache2.2.8\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe (file missing)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:56, on 12/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\NetLimiter\NetLimiter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol 120\axcmd.exe" /automount
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Rawflow.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1273B02A-115F-4852-87C0-3AD270B276CE}: NameServer = 194.2.0.20,195.248.0.2
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: wampapache - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\apache\apache2.2.8\bin\httpd.exe (file missing)
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\1WOWserver\wamp\bin\mysql\mysql5.0.51a\bin\mysqld-nt.exe (file missing)
c'est ok,
tu n'es plus infecté
l'autre infection n'avait rien à voir avec bagle c'était une toolbar néfaste
fais la mise à jour de adobe
https://get2.adobe.com/reader/otherversions/
et de java
---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
* Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
on fini
Télécharge ToolsCleaner sur ton bureau.
-->
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner
# Clique sur "Recherche" et laisse le scan agir ...
# Clique sur "Suppression" pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
ensuite
Télécharges : - CCleaner (n'installe pas la barre d'outil Yahoo)
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
***très important***
Suppression des points de restauration :
1.Ouvre le Menu Démarrer
2.Clique-droit sur Poste de travail
3.Clique sur Propriétés
4.Positionne-toi dans l'onglet Restauration du système
5.Coche "Désactiver la restauration système"
6.Valide par Ok
7.Redémarre ton pc
8.Reproduis les manipulations 1 à 3
9.Décoche "Désactiver la restauration système"
10.Valide par Ok
sous vista
https://www.01net.com/actualites/
http://www.commentcamarche.net/faq/sujet 13214 desactiver reactiver la restauration systeme de vista
Ne pas oublier de créer un nouveau point de restauration en procédant comme indiqué sur le lien ci dessous
https://www.vulgarisation-informatique.com/creer-point-restauration.php
si tu n as pas d autres soucis change le statut du sujet en resolu stp
tu n'es plus infecté
l'autre infection n'avait rien à voir avec bagle c'était une toolbar néfaste
fais la mise à jour de adobe
https://get2.adobe.com/reader/otherversions/
et de java
---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
* Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique sur le répertoire JavaRa.
* Puis double-clique sur le fichier JavaRa.exe (le exe peut ne pas s'afficher).
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.
Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
on fini
Télécharge ToolsCleaner sur ton bureau.
-->
http://www.commentcamarche.net/telecharger/telechargement 34055291 toolscleaner
# Clique sur "Recherche" et laisse le scan agir ...
# Clique sur "Suppression" pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).
ensuite
Télécharges : - CCleaner (n'installe pas la barre d'outil Yahoo)
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).
Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .
( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )
***très important***
Suppression des points de restauration :
1.Ouvre le Menu Démarrer
2.Clique-droit sur Poste de travail
3.Clique sur Propriétés
4.Positionne-toi dans l'onglet Restauration du système
5.Coche "Désactiver la restauration système"
6.Valide par Ok
7.Redémarre ton pc
8.Reproduis les manipulations 1 à 3
9.Décoche "Désactiver la restauration système"
10.Valide par Ok
sous vista
https://www.01net.com/actualites/
http://www.commentcamarche.net/faq/sujet 13214 desactiver reactiver la restauration systeme de vista
Ne pas oublier de créer un nouveau point de restauration en procédant comme indiqué sur le lien ci dessous
https://www.vulgarisation-informatique.com/creer-point-restauration.php
si tu n as pas d autres soucis change le statut du sujet en resolu stp
Javara.log:
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Mon Jan 12 18:17:49 2009
Found and removed: C:\Program Files\Java\jre1.5.0_08
Found and removed: C:\Program Files\Java\jre1.5.0_10
Found and removed: C:\Program Files\Java\jre1.6.0_02
Found and removed: C:\Program Files\Java\jre1.6.0_03
Found and removed: Software\JavaSoft\Java2D\1.5.0_08
Found and removed: Software\JavaSoft\Java2D\1.5.0_10
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\JavaPlugin.150_08
Found and removed: SOFTWARE\Classes\JavaPlugin.150_10
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510008
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150080}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\JavaPlugin.160_02
Found and removed: SOFTWARE\Classes\JavaPlugin.160_03
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10
Found and removed: Software\Classes\JavaPlugin.160_02
Found and removed: Software\Classes\JavaPlugin.160_03
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03
Found and removed: Software\JavaSoft\Java2D\1.6.0_02
Found and removed: Software\JavaSoft\Java2D\1.6.0_03
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_08\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\
------------------------------------
Finished reporting.
TCleaner
[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\TB.txt: trouvé !
C:\FindyKill.txt: trouvé !
C:\Qoobox: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\Sloane\Bureau\ToolBarSD.exe: trouvé !
C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Documents and Settings\Sloane\Mes documents\Securité\Combofix.txt: trouvé !
C:\Documents and Settings\Sloane\Mes documents\Securité\FindyKill.txt: trouvé !
C:\Program Files\HijackThis: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\Hijackthis\HijackThis.exe: trouvé !
C:\Program Files\Hijackthis\hijackthis.log: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\Sloane\Bureau\ToolBarSD.exe: supprimé !
C:\Program Files\Hijackthis\HijackThis.exe: supprimé !
C:\TB.txt: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\Sloane\Mes documents\Securité\Combofix.txt: supprimé !
C:\Documents and Settings\Sloane\Mes documents\Securité\FindyKill.txt: supprimé !
C:\Program Files\Hijackthis\hijackthis.log: supprimé !
C:\Qoobox: supprimé !
C:\Toolbar SD: supprimé !
C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\HijackThis: supprimé !
C:\Program Files\FindyKill: supprimé !
JavaRa 1.13 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Mon Jan 12 18:17:49 2009
Found and removed: C:\Program Files\Java\jre1.5.0_08
Found and removed: C:\Program Files\Java\jre1.5.0_10
Found and removed: C:\Program Files\Java\jre1.6.0_02
Found and removed: C:\Program Files\Java\jre1.6.0_03
Found and removed: Software\JavaSoft\Java2D\1.5.0_08
Found and removed: Software\JavaSoft\Java2D\1.5.0_10
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\JavaPlugin.150_08
Found and removed: SOFTWARE\Classes\JavaPlugin.150_10
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510008
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510008
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150080}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Classes\JavaPlugin.160_02
Found and removed: SOFTWARE\Classes\JavaPlugin.160_03
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_08
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10
Found and removed: Software\Classes\JavaPlugin.160_02
Found and removed: Software\Classes\JavaPlugin.160_03
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03
Found and removed: Software\JavaSoft\Java2D\1.6.0_02
Found and removed: Software\JavaSoft\Java2D\1.6.0_03
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02
Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_08\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\
------------------------------------
Finished reporting.
TCleaner
[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]
-->- Recherche:
C:\TB.txt: trouvé !
C:\FindyKill.txt: trouvé !
C:\Qoobox: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\Sloane\Bureau\ToolBarSD.exe: trouvé !
C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\FindyKill: trouvé !
C:\Documents and Settings\Sloane\Mes documents\Securité\Combofix.txt: trouvé !
C:\Documents and Settings\Sloane\Mes documents\Securité\FindyKill.txt: trouvé !
C:\Program Files\HijackThis: trouvé !
C:\Program Files\FindyKill: trouvé !
C:\Program Files\Hijackthis\HijackThis.exe: trouvé !
C:\Program Files\Hijackthis\hijackthis.log: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\Sloane\Bureau\ToolBarSD.exe: supprimé !
C:\Program Files\Hijackthis\HijackThis.exe: supprimé !
C:\TB.txt: supprimé !
C:\FindyKill.txt: supprimé !
C:\Documents and Settings\Sloane\Mes documents\Securité\Combofix.txt: supprimé !
C:\Documents and Settings\Sloane\Mes documents\Securité\FindyKill.txt: supprimé !
C:\Program Files\Hijackthis\hijackthis.log: supprimé !
C:\Qoobox: supprimé !
C:\Toolbar SD: supprimé !
C:\Documents and Settings\Sloane\Menu Démarrer\Programmes\FindyKill: supprimé !
C:\Program Files\HijackThis: supprimé !
C:\Program Files\FindyKill: supprimé !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question