Sujet Précédent Sujet Suivant

Double infection virale!

ninoy91 Messages postés 5 Statut Membre -  
plopus Messages postés 6113 Statut Contributeur sécurité -
Bonjour,

Tout d'abord je tient à précider que je suis nouveau et que je ne m'y connait pas tres bien en informatique. Je vous resume mon probleme:

Depuis qulque temps, des que j'utilise google, je suis redirigé vers des sites bidons (genre rootio ou xxfind). Donc j'ai fait une analyse de mon ordinateur avec avast.
Il a trouvé deux virus: smss.exe (dans le dossier commonfile) et bolivar32.exe (dans le dossier systeme).
je n'arrive pas a les supprimer car introuvables... Et je pense avoir fait une grosse betise car jai supprimé un fichier qui s'appelait smss.exe.assembly

Pour l'instant google marche une fois sur deux mais est extremement lent.... HELP!!

Ce serait tres sympa de m'aider.

A+
A voir également:

42 réponses

Précédent
Réponse 21 / 42
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
bien peut tu refaire une analyse malwatrebyte, mais cette fois redemarre ton pc au bip tapote la touche F8 et choisit mode sans echec et relance malwarebyte en scan RAPIDE (c'est 10min) et supprime si il trouve des choses et poste le rapport

puis reposte un hijackthis
0
Réponse 22 / 42
ninoy91
 
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1699
Windows 6.0.6001 Service Pack 1

28/01/2009 12:45:32
mbam-log-2009-01-28 (12-45-32).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|)
Eléments examinés: 134192
Temps écoulé: 1 hour(s), 21 minute(s), 23 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 23 / 42
ninoy91
 
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1699
Windows 6.0.6001 Service Pack 1

28/01/2009 12:53:47
mbam-log-2009-01-28 (12-53-47).txt

Type de recherche: Examen rapide
Eléments examinés: 47249
Temps écoulé: 2 minute(s), 4 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 24 / 42
ninoy91
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:02:57, on 28/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\P4P\P4P.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Cobian Backup 9\cbInterface.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Ninoy\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7070
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb124\Dealio.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb124\Dealio.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKLM\..\Run: [Cobian Backup 9 interface] "C:\Program Files\Cobian Backup 9\cbInterface.exe" -service
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: Signet Souvenir - {01065454-F77B-4577-B8EC-D75E7BAE3992} - C:\Program Files\Souvenir\SouvIE Scripts\SouvIE BookMark.htm
O9 - Extra 'Tools' menuitem: Signet Souvenir - {01065454-F77B-4577-B8EC-D75E7BAE3992} - C:\Program Files\Souvenir\SouvIE Scripts\SouvIE BookMark.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Rechercher dans Souvenir - {56DADBEE-F85C-441C-8AA6-279DF759ABE3} - C:\Program Files\Souvenir\SouvIE Scripts\SouvIE Find.htm
O9 - Extra 'Tools' menuitem: Rechercher dans Souvenir - {56DADBEE-F85C-441C-8AA6-279DF759ABE3} - C:\Program Files\Souvenir\SouvIE Scripts\SouvIE Find.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb124\Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb124\Dealio.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Unknown owner - C:\Program Files\Common Files\\System\\smss.exe (file missing)
O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis Cobian - C:\Program Files\Cobian Backup 9\cbService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 42
ninoy91
 
j'ai fait les trucs de plopus, je fais quand meme ce que tu ma recommandé feelgood?

merci

je fais quoi du dossier backups qui est apparu sur mon bureau?
0
Réponse 26 / 42
Utilisateur anonyme
 
Re,

* je t'ai juste demandé de faire toolbarsd ( option1)
postes le rapport stp !

* Pour Plopus, ne t'inquiètes pas ---> pas de soucis
0
Réponse 27 / 42
ninoy91
 
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz )
BIOS : Default System BIOS
USER : Ninoy ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:116 Go (Free:23 Go)
D:\ (Local Disk) - NTFS - Total:106 Go (Free:106 Go)
E:\ (CD or DVD)
F:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 28/01/2009|13:50 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Dealio
C:\Program Files\Dealio
C:\Program Files\Dealio\DealioAU.exe
C:\Program Files\Dealio\kb124
C:\Program Files\Dealio\kb124\Dealio Deskbar.exe
C:\Program Files\Dealio\kb124\Dealio.dll
C:\Program Files\Dealio\kb124\res
C:\Program Files\Dealio\kb124\rules
C:\Program Files\Dealio\kb124\temp
C:\Program Files\Dealio\kb124\res\as_sidebar.html
C:\Program Files\Dealio\kb124\res\blank.gif
C:\Program Files\Dealio\kb124\res\DealioSearch.html
C:\Program Files\Dealio\kb124\res\deals-endcap.gif
C:\Program Files\Dealio\kb124\res\deals-leftcap.gif
C:\Program Files\Dealio\kb124\res\deal_report.jpg
C:\Program Files\Dealio\kb124\res\ebay_login.jpg
C:\Program Files\Dealio\kb124\res\endcap22-bg.png
C:\Program Files\Dealio\kb124\res\endcap22-left.png
C:\Program Files\Dealio\kb124\res\endcap22-right-arrow.png
C:\Program Files\Dealio\kb124\res\endcap22-right.png
C:\Program Files\Dealio\kb124\res\ErrorPageTemplate.css
C:\Program Files\Dealio\kb124\res\err_mainwindow.html
C:\Program Files\Dealio\kb124\res\err_sidebar.html
C:\Program Files\Dealio\kb124\res\err_toolbar.html
C:\Program Files\Dealio\kb124\res\global_scripts.js
C:\Program Files\Dealio\kb124\res\headerbgthin.jpg
C:\Program Files\Dealio\kb124\res\help.gif
C:\Program Files\Dealio\kb124\res\logo.png
C:\Program Files\Dealio\kb124\res\logo_over.png
C:\Program Files\Dealio\kb124\res\man_toolbar.html
C:\Program Files\Dealio\kb124\res\man_toolbar.js
C:\Program Files\Dealio\kb124\res\pill_bg.gif
C:\Program Files\Dealio\kb124\res\post-this-deal.gif
C:\Program Files\Dealio\kb124\res\post-this-deal_over.gif
C:\Program Files\Dealio\kb124\res\scripts.js
C:\Program Files\Dealio\kb124\res\scroller.js
C:\Program Files\Dealio\kb124\res\search-chevron.gif
C:\Program Files\Dealio\kb124\res\search_bg_blink.gif
C:\Program Files\Dealio\kb124\res\separator.gif
C:\Program Files\Dealio\kb124\res\settings.gif
C:\Program Files\Dealio\kb124\res\settings_over.gif
C:\Program Files\Dealio\kb124\res\sidebar.html
C:\Program Files\Dealio\kb124\res\steals_bg.gif
C:\Program Files\Dealio\kb124\res\tabdata.js
C:\Program Files\Dealio\kb124\res\tablib.js
C:\Program Files\Dealio\kb124\res\tabwelcome_en.html
C:\Program Files\Dealio\kb124\res\tab_icon.png
C:\Program Files\Dealio\kb124\res\toolbar_background.gif
C:\Program Files\Dealio\kb124\res\yahoo_search.gif
C:\Program Files\Dealio\kb124\rules\index.1.80.39
C:\Program Files\Dealio\kb124\rules\rules.1.10.76
C:\Program Files\Dealio\kb124\rules\rules.1.109.43
C:\Program Files\Dealio\kb124\rules\rules.1.110.43
C:\Program Files\Dealio\kb124\rules\rules.1.12.52
C:\Program Files\Dealio\kb124\rules\rules.1.13.58
C:\Program Files\Dealio\kb124\rules\rules.1.130.58
C:\Program Files\Dealio\kb124\rules\rules.1.135.50
C:\Program Files\Dealio\kb124\rules\rules.1.153.44
C:\Program Files\Dealio\kb124\rules\rules.1.155.43
C:\Program Files\Dealio\kb124\rules\rules.1.156.49
C:\Program Files\Dealio\kb124\rules\rules.1.16.60
C:\Program Files\Dealio\kb124\rules\rules.1.161.52
C:\Program Files\Dealio\kb124\rules\rules.1.178.66
C:\Program Files\Dealio\kb124\rules\rules.1.184.55
C:\Program Files\Dealio\kb124\rules\rules.1.188.52
C:\Program Files\Dealio\kb124\rules\rules.1.189.45
C:\Program Files\Dealio\kb124\rules\rules.1.196.43
C:\Program Files\Dealio\kb124\rules\rules.1.198.56
C:\Program Files\Dealio\kb124\rules\rules.1.199.43
C:\Program Files\Dealio\kb124\rules\rules.1.200.53
C:\Program Files\Dealio\kb124\rules\rules.1.201.43
C:\Program Files\Dealio\kb124\rules\rules.1.202.43
C:\Program Files\Dealio\kb124\rules\rules.1.203.71
C:\Program Files\Dealio\kb124\rules\rules.1.205.62
C:\Program Files\Dealio\kb124\rules\rules.1.213.71
C:\Program Files\Dealio\kb124\rules\rules.1.214.49
C:\Program Files\Dealio\kb124\rules\rules.1.215.43
C:\Program Files\Dealio\kb124\rules\rules.1.216.67
C:\Program Files\Dealio\kb124\rules\rules.1.217.67
C:\Program Files\Dealio\kb124\rules\rules.1.218.52
C:\Program Files\Dealio\kb124\rules\rules.1.219.43
C:\Program Files\Dealio\kb124\rules\rules.1.220.43
C:\Program Files\Dealio\kb124\rules\rules.1.221.57
C:\Program Files\Dealio\kb124\rules\rules.1.222.43
C:\Program Files\Dealio\kb124\rules\rules.1.223.68
C:\Program Files\Dealio\kb124\rules\rules.1.226.68
C:\Program Files\Dealio\kb124\rules\rules.1.227.43
C:\Program Files\Dealio\kb124\rules\rules.1.228.62
C:\Program Files\Dealio\kb124\rules\rules.1.229.76
C:\Program Files\Dealio\kb124\rules\rules.1.23.63
C:\Program Files\Dealio\kb124\rules\rules.1.239.43
C:\Program Files\Dealio\kb124\rules\rules.1.24.43
C:\Program Files\Dealio\kb124\rules\rules.1.240.43
C:\Program Files\Dealio\kb124\rules\rules.1.241.43
C:\Program Files\Dealio\kb124\rules\rules.1.242.43
C:\Program Files\Dealio\kb124\rules\rules.1.243.77
C:\Program Files\Dealio\kb124\rules\rules.1.244.63
C:\Program Files\Dealio\kb124\rules\rules.1.245.43
C:\Program Files\Dealio\kb124\rules\rules.1.247.43
C:\Program Files\Dealio\kb124\rules\rules.1.248.43
C:\Program Files\Dealio\kb124\rules\rules.1.249.43
C:\Program Files\Dealio\kb124\rules\rules.1.250.43
C:\Program Files\Dealio\kb124\rules\rules.1.251.43
C:\Program Files\Dealio\kb124\rules\rules.1.252.43
C:\Program Files\Dealio\kb124\rules\rules.1.253.43
C:\Program Files\Dealio\kb124\rules\rules.1.254.43
C:\Program Files\Dealio\kb124\rules\rules.1.255.43
C:\Program Files\Dealio\kb124\rules\rules.1.256.43
C:\Program Files\Dealio\kb124\rules\rules.1.257.43
C:\Program Files\Dealio\kb124\rules\rules.1.279.43
C:\Program Files\Dealio\kb124\rules\rules.1.28.58
C:\Program Files\Dealio\kb124\rules\rules.1.282.75
C:\Program Files\Dealio\kb124\rules\rules.1.283.43
C:\Program Files\Dealio\kb124\rules\rules.1.284.43
C:\Program Files\Dealio\kb124\rules\rules.1.289.67
C:\Program Files\Dealio\kb124\rules\rules.1.290.62
C:\Program Files\Dealio\kb124\rules\rules.1.291.61
C:\Program Files\Dealio\kb124\rules\rules.1.296.43
C:\Program Files\Dealio\kb124\rules\rules.1.297.43
C:\Program Files\Dealio\kb124\rules\rules.1.304.43
C:\Program Files\Dealio\kb124\rules\rules.1.307.43
C:\Program Files\Dealio\kb124\rules\rules.1.308.75
C:\Program Files\Dealio\kb124\rules\rules.1.31.47
C:\Program Files\Dealio\kb124\rules\rules.1.310.46
C:\Program Files\Dealio\kb124\rules\rules.1.311.43
C:\Program Files\Dealio\kb124\rules\rules.1.315.43
C:\Program Files\Dealio\kb124\rules\rules.1.316.43
C:\Program Files\Dealio\kb124\rules\rules.1.317.43
C:\Program Files\Dealio\kb124\rules\rules.1.318.43
C:\Program Files\Dealio\kb124\rules\rules.1.319.49
C:\Program Files\Dealio\kb124\rules\rules.1.32.48
C:\Program Files\Dealio\kb124\rules\rules.1.334.44
C:\Program Files\Dealio\kb124\rules\rules.1.335.60
C:\Program Files\Dealio\kb124\rules\rules.1.336.44
C:\Program Files\Dealio\kb124\rules\rules.1.337.44
C:\Program Files\Dealio\kb124\rules\rules.1.338.75
C:\Program Files\Dealio\kb124\rules\rules.1.339.47
C:\Program Files\Dealio\kb124\rules\rules.1.34.43
C:\Program Files\Dealio\kb124\rules\rules.1.340.47
C:\Program Files\Dealio\kb124\rules\rules.1.341.47
C:\Program Files\Dealio\kb124\rules\rules.1.349.50
C:\Program Files\Dealio\kb124\rules\rules.1.35.48
C:\Program Files\Dealio\kb124\rules\rules.1.350.50
C:\Program Files\Dealio\kb124\rules\rules.1.351.51
C:\Program Files\Dealio\kb124\rules\rules.1.352.77
C:\Program Files\Dealio\kb124\rules\rules.1.353.51
C:\Program Files\Dealio\kb124\rules\rules.1.354.51
C:\Program Files\Dealio\kb124\rules\rules.1.357.62
C:\Program Files\Dealio\kb124\rules\rules.1.358.52
C:\Program Files\Dealio\kb124\rules\rules.1.359.52
C:\Program Files\Dealio\kb124\rules\rules.1.360.53
C:\Program Files\Dealio\kb124\rules\rules.1.361.54
C:\Program Files\Dealio\kb124\rules\rules.1.362.68
C:\Program Files\Dealio\kb124\rules\rules.1.363.58
C:\Program Files\Dealio\kb124\rules\rules.1.364.54
C:\Program Files\Dealio\kb124\rules\rules.1.365.53
C:\Program Files\Dealio\kb124\rules\rules.1.367.56
C:\Program Files\Dealio\kb124\rules\rules.1.368.58
C:\Program Files\Dealio\kb124\rules\rules.1.369.55
C:\Program Files\Dealio\kb124\rules\rules.1.370.80
C:\Program Files\Dealio\kb124\rules\rules.1.371.56
C:\Program Files\Dealio\kb124\rules\rules.1.372.57
C:\Program Files\Dealio\kb124\rules\rules.1.373.55
C:\Program Files\Dealio\kb124\rules\rules.1.375.56
C:\Program Files\Dealio\kb124\rules\rules.1.376.57
C:\Program Files\Dealio\kb124\rules\rules.1.377.55
C:\Program Files\Dealio\kb124\rules\rules.1.378.65
C:\Program Files\Dealio\kb124\rules\rules.1.384.58
C:\Program Files\Dealio\kb124\rules\rules.1.386.71
C:\Program Files\Dealio\kb124\rules\rules.1.387.59
C:\Program Files\Dealio\kb124\rules\rules.1.388.59
C:\Program Files\Dealio\kb124\rules\rules.1.389.59
C:\Program Files\Dealio\kb124\rules\rules.1.390.60
C:\Program Files\Dealio\kb124\rules\rules.1.391.78
C:\Program Files\Dealio\kb124\rules\rules.1.392.60
C:\Program Files\Dealio\kb124\rules\rules.1.393.60
C:\Program Files\Dealio\kb124\rules\rules.1.394.60
C:\Program Files\Dealio\kb124\rules\rules.1.396.61
C:\Program Files\Dealio\kb124\rules\rules.1.397.61
C:\Program Files\Dealio\kb124\rules\rules.1.398.60
C:\Program Files\Dealio\kb124\rules\rules.1.399.60
C:\Program Files\Dealio\kb124\rules\rules.1.403.61
C:\Program Files\Dealio\kb124\rules\rules.1.404.63
C:\Program Files\Dealio\kb124\rules\rules.1.405.61
C:\Program Files\Dealio\kb124\rules\rules.1.406.61
C:\Program Files\Dealio\kb124\rules\rules.1.407.76
C:\Program Files\Dealio\kb124\rules\rules.1.408.63
C:\Program Files\Dealio\kb124\rules\rules.1.409.61
C:\Program Files\Dealio\kb124\rules\rules.1.412.62
C:\Program Files\Dealio\kb124\rules\rules.1.413.62
C:\Program Files\Dealio\kb124\rules\rules.1.414.62
C:\Program Files\Dealio\kb124\rules\rules.1.415.62
C:\Program Files\Dealio\kb124\rules\rules.1.416.62
C:\Program Files\Dealio\kb124\rules\rules.1.417.62
C:\Program Files\Dealio\kb124\rules\rules.1.418.62
C:\Program Files\Dealio\kb124\rules\rules.1.419.62
C:\Program Files\Dealio\kb124\rules\rules.1.420.62
C:\Program Files\Dealio\kb124\rules\rules.1.421.62
C:\Program Files\Dealio\kb124\rules\rules.1.423.77
C:\Program Files\Dealio\kb124\rules\rules.1.424.63
C:\Program Files\Dealio\kb124\rules\rules.1.425.63
C:\Program Files\Dealio\kb124\rules\rules.1.426.63
C:\Program Files\Dealio\kb124\rules\rules.1.427.63
C:\Program Files\Dealio\kb124\rules\rules.1.428.65
C:\Program Files\Dealio\kb124\rules\rules.1.429.63
C:\Program Files\Dealio\kb124\rules\rules.1.430.63
C:\Program Files\Dealio\kb124\rules\rules.1.432.65
C:\Program Files\Dealio\kb124\rules\rules.1.433.64
C:\Program Files\Dealio\kb124\rules\rules.1.434.65
C:\Program Files\Dealio\kb124\rules\rules.1.435.64
C:\Program Files\Dealio\kb124\rules\rules.1.436.76
C:\Program Files\Dealio\kb124\rules\rules.1.437.64
C:\Program Files\Dealio\kb124\rules\rules.1.438.71
C:\Program Files\Dealio\kb124\rules\rules.1.439.71
C:\Program Files\Dealio\kb124\rules\rules.1.440.75
C:\Program Files\Dealio\kb124\rules\rules.1.442.73
C:\Program Files\Dealio\kb124\rules\rules.1.443.73
C:\Program Files\Dealio\kb124\rules\rules.1.444.73
C:\Program Files\Dealio\kb124\rules\rules.1.445.68
C:\Program Files\Dealio\kb124\rules\rules.1.446.69
C:\Program Files\Dealio\kb124\rules\rules.1.450.67
C:\Program Files\Dealio\kb124\rules\rules.1.451.67
C:\Program Files\Dealio\kb124\rules\rules.1.452.68
C:\Program Files\Dealio\kb124\rules\rules.1.453.68
C:\Program Files\Dealio\kb124\rules\rules.1.454.69
C:\Program Files\Dealio\kb124\rules\rules.1.456.69
C:\Program Files\Dealio\kb124\rules\rules.1.457.75
C:\Program Files\Dealio\kb124\rules\rules.1.458.70
C:\Program Files\Dealio\kb124\rules\rules.1.459.70
C:\Program Files\Dealio\kb124\rules\rules.1.460.69
C:\Program Files\Dealio\kb124\rules\rules.1.462.74
C:\Program Files\Dealio\kb124\rules\rules.1.463.69
C:\Program Files\Dealio\kb124\rules\rules.1.464.70
C:\Program Files\Dealio\kb124\rules\rules.1.465.68
C:\Program Files\Dealio\kb124\rules\rules.1.468.70
C:\Program Files\Dealio\kb124\rules\rules.1.469.70
C:\Program Files\Dealio\kb124\rules\rules.1.470.70
C:\Program Files\Dealio\kb124\rules\rules.1.471.73
C:\Program Files\Dealio\kb124\rules\rules.1.472.70
C:\Program Files\Dealio\kb124\rules\rules.1.478.74
C:\Program Files\Dealio\kb124\rules\rules.1.479.73
C:\Program Files\Dealio\kb124\rules\rules.1.480.68
C:\Program Files\Dealio\kb124\rules\rules.1.481.71
C:\Program Files\Dealio\kb124\rules\rules.1.482.74
C:\Program Files\Dealio\kb124\rules\rules.1.49.67
C:\Program Files\Dealio\kb124\rules\rules.1.50.43
C:\Program Files\Dealio\kb124\rules\rules.1.500.71
C:\Program Files\Dealio\kb124\rules\rules.1.501.74
C:\Program Files\Dealio\kb124\rules\rules.1.502.71
C:\Program Files\Dealio\kb124\rules\rules.1.51.69
C:\Program Files\Dealio\kb124\rules\rules.1.52.72
C:\Program Files\Dealio\kb124\rules\rules.1.520.76
C:\Program Files\Dealio\kb124\rules\rules.1.521.76
C:\Program Files\Dealio\kb124\rules\rules.1.522.76
C:\Program Files\Dealio\kb124\rules\rules.1.53.51
C:\Program Files\Dealio\kb124\rules\rules.1.531.76
C:\Program Files\Dealio\kb124\rules\rules.1.532.75
C:\Program Files\Dealio\kb124\rules\rules.1.533.77
C:\Program Files\Dealio\kb124\rules\rules.1.534.75
C:\Program Files\Dealio\kb124\rules\rules.1.54.47
C:\Program Files\Dealio\kb124\rules\rules.1.55.45
C:\Program Files\Dealio\kb124\rules\rules.1.56.69
C:\Program Files\Dealio\kb124\rules\rules.1.57.43
C:\Program Files\Dealio\kb124\rules\rules.1.58.47
C:\Program Files\Dealio\kb124\rules\rules.1.591.79
C:\Program Files\Dealio\kb124\rules\rules.1.592.79
C:\Program Files\Dealio\kb124\rules\rules.1.593.76
C:\Program Files\Dealio\kb124\rules\rules.1.594.77
C:\Program Files\Dealio\kb124\rules\rules.1.595.76
C:\Program Files\Dealio\kb124\rules\rules.1.608.78
C:\Program Files\Dealio\kb124\rules\rules.1.610.80
C:\Program Files\Dealio\kb124\rules\rules.1.611.79
C:\Program Files\Dealio\kb124\rules\rules.1.614.79
C:\Program Files\Dealio\kb124\rules\rules.1.617.79
C:\Program Files\Dealio\kb124\rules\rules.1.624.80
C:\Program Files\Dealio\kb124\rules\rules.1.63.57
C:\Program Files\Dealio\kb124\rules\rules.1.640.80
C:\Program Files\Dealio\kb124\rules\rules.1.641.80
C:\Program Files\Dealio\kb124\rules\rules.1.66.47
C:\Program Files\Dealio\kb124\rules\rules.1.70.75
C:\Program Files\Dealio\kb124\rules\rules.1.71.43

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.asus.com/fr/"
"Default_Page_URL"="https://www.asus.com/fr/"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.asus.com/fr/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

--------------------\\ Recherche d'autres infections

C:\Users\Ninoy\AppData\Local\live-player
C:\Users\Ninoy\AppData\Local\live-player\flv.swf
C:\Users\Ninoy\AppData\Local\live-player\liveplayer.s3db
[b]==> EGDACCESS <==/b

--------------------\\ KoobFace !

C:\Windows\nlmark2.dat

--------------------\\ Cracks & Keygens ..

C:\Users\Ninoy\Documents\Logiciels\Adobe Photoshop CS4\Crack.7z
C:\Users\Ninoy\Documents\Logiciels\Morheus Photo Animation Suite V 3.1.0\CRACK
C:\Users\Ninoy\Documents\Logiciels\Morheus Photo Animation Suite V 3.1.0\CRACK\CRACK.txt
C:\Users\Ninoy\Documents\Logiciels\Morheus Photo Animation Suite V 3.1.0\CRACK\Morpheus.exe
C:\Users\Ninoy\Documents\Logiciels\PDF Decrypt 2009 v1.3.2.83\CRACK
C:\Users\Ninoy\Documents\Logiciels\PDF Decrypt 2009 v1.3.2.83\CRACK\PDFDecrypt.exe
C:\Users\Ninoy\Music\iTunes\iTunes Music\Snow Patrol\A Hundred Million Suns\02 Crack The Shutters.mp3

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 28/01/2009|13:51 - Option : [1]

-----------\\ Fin du rapport a 13:51:34,42
0
Réponse 28 / 42
ninoy91
 
lol non javou que je ne sais pas trop.... Mais bon je te fais confiance!

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz )
BIOS : Default System BIOS
USER : Ninoy ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:116 Go (Free:23 Go)
D:\ (Local Disk) - NTFS - Total:106 Go (Free:106 Go)
E:\ (CD or DVD)
F:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 28/01/2009|14:06 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Dealio
Supprime! - C:\Program Files\Dealio\DealioAU.exe
Supprime! - C:\Program Files\Dealio\kb124
Supprime! - C:\Program Files\Dealio

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.asus.com/fr/"
"Default_Page_URL"="https://www.asus.com/fr/"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.asus.com/fr/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

--------------------\\ Recherche d'autres infections

C:\Users\Ninoy\AppData\Local\live-player
C:\Users\Ninoy\AppData\Local\live-player\flv.swf
C:\Users\Ninoy\AppData\Local\live-player\liveplayer.s3db
[b]==> EGDACCESS <==/b

--------------------\\ KoobFace !

C:\Windows\nlmark2.dat

--------------------\\ Cracks & Keygens ..

C:\Users\Ninoy\Documents\Logiciels\Adobe Photoshop CS4\Crack.7z
C:\Users\Ninoy\Documents\Logiciels\Morheus Photo Animation Suite V 3.1.0\CRACK
C:\Users\Ninoy\Documents\Logiciels\Morheus Photo Animation Suite V 3.1.0\CRACK\CRACK.txt
C:\Users\Ninoy\Documents\Logiciels\Morheus Photo Animation Suite V 3.1.0\CRACK\Morpheus.exe
C:\Users\Ninoy\Documents\Logiciels\PDF Decrypt 2009 v1.3.2.83\CRACK
C:\Users\Ninoy\Documents\Logiciels\PDF Decrypt 2009 v1.3.2.83\CRACK\PDFDecrypt.exe
C:\Users\Ninoy\Music\iTunes\iTunes Music\Snow Patrol\A Hundred Million Suns\02 Crack The Shutters.mp3

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 28/01/2009|13:51 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 28/01/2009|14:08 - Option : [2]

-----------\\ Fin du rapport a 14:08:06,56
0
Réponse 29 / 42
ninoy91
 
-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz )
BIOS : Default System BIOS
USER : Ninoy ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:116 Go (Free:23 Go)
D:\ (Local Disk) - NTFS - Total:106 Go (Free:106 Go)
E:\ (CD or DVD)
F:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 28/01/2009|14:19 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.asus.com/fr/"
"Default_Page_URL"="https://www.asus.com/fr/"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.asus.com/fr/"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"

--------------------\\ Recherche d'autres infections

C:\Users\Ninoy\AppData\Local\live-player
C:\Users\Ninoy\AppData\Local\live-player\flv.swf
C:\Users\Ninoy\AppData\Local\live-player\liveplayer.s3db
[b]==> EGDACCESS <==/b

--------------------\\ KoobFace !

C:\Windows\nlmark2.dat

--------------------\\ Cracks & Keygens ..

C:\Users\Ninoy\Documents\Logiciels\Adobe Photoshop CS4\Crack.7z
C:\Users\Ninoy\Documents\Logiciels\Morheus Photo Animation Suite V 3.1.0\CRACK
C:\Users\Ninoy\Documents\Logiciels\Morheus Photo Animation Suite V 3.1.0\CRACK\CRACK.txt
C:\Users\Ninoy\Documents\Logiciels\Morheus Photo Animation Suite V 3.1.0\CRACK\Morpheus.exe
C:\Users\Ninoy\Documents\Logiciels\PDF Decrypt 2009 v1.3.2.83\CRACK
C:\Users\Ninoy\Documents\Logiciels\PDF Decrypt 2009 v1.3.2.83\CRACK\PDFDecrypt.exe
C:\Users\Ninoy\Music\iTunes\iTunes Music\Snow Patrol\A Hundred Million Suns\02 Crack The Shutters.mp3

[ UAC => 1 ]

1 - "C:\ToolBar SD\TB_1.txt" - 28/01/2009|13:51 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 28/01/2009|14:08 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 28/01/2009|14:20 - Option : [2]

-----------\\ Fin du rapport a 14:20:32,22
0
Réponse 30 / 42
Utilisateur anonyme
 
Re,

* Bon on ne va pas tergiverser, tes cracks --> ce sont eux les coupables
- Que comptes tu en faire ?
0
Réponse 31 / 42
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
bonsoir a vous,

ninoy91 suit les conseils de feelgood1 tu as pas de soucis à avoir. ;)
0
Réponse 32 / 42
ninoy91
 
Bonsoir,

Je ne sais pas, c'est toi qui me dis ce qui est le mieux, je t'avou que je n'ai rien compris de ce que j'ai fais...
J'ai encore des virus? peux tu me dire quels sont les cracks qui posent probleme?

Encore merci de vos conseils!!
0
Réponse 33 / 42
ninoy91
 
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Users\Ninoy\AppData\Local\live-player moved successfully.
File/Folder C:\Users\Ninoy\AppData\Local\live-player\fl.swf not found.
File/Folder C:\Users\Ninoy\AppData\Local\live-player\live-player.s3db not found.
C:\Windows\nlmark2.dat moved successfully.
========== COMMANDS ==========
Error: Unable to interpret <[emptytremp] > in the current context!
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01292009_111334

Mon raccourci reseau qui etait en bas a droite a disparu. Je fais quoi?
0
Réponse 34 / 42
ninoy91
 
Bonsoir,

Pas de nouvelles de se que je dois faire... Je suis un peu perdu.

Merci d'avance.
0
Réponse 35 / 42
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
bonsoir,

pour avancer

Télécharge Random's System Information Tool (RSIT) par random/random et sauvegarde-le sur ton Bureau.
http://images.malwareremoval.com/random/RSIT.exe
2 rapport s ouvrirons poste les 2 separement
0
Réponse 36 / 42
ninoy91
 
juste pour info: mon pb de depart qui etais le probleme de google est réglé.... En fait on continu pour totalement netoyer mon ordi c'est ca?

Merci

info.txt logfile of random's system information tool 1.05 2009-01-30 21:49:14

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {926CC8AE-8414-43DF-8EB4-CF26D9C3C663}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
7-Zip 4.64-->"C:\Program Files\7-Zip\Uninstall.exe"
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.3 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81300000003}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
ASUS Data Security Manager-->C:\Program Files\InstallShield Installation Information\{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ASUS InstantFun-->MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS Live Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS Touch Pad Extra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BitZipper 5.1-->"C:\Program Files\BitZipper\unins000.exe"
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
BS.Player ControlBar-->C:\Program Files\BS.Player ControlBar\uninst.exe
BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"
ccc-Branding-->MsiExec.exe /I{6E32B134-CA8D-49DD-B94C-0DB155CE70B5}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Cobian Backup 9-->C:\Program Files\Cobian Backup 9\cbUninstall.exe
Convert Image To PDF-->"C:\Program Files\Softinterface, Inc\Convert Image To PDF\unins000.exe"
CyberLink LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" -uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
CyberLink Power2Go-->"C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
Dealio Toolbar 3.1.1-->MsiExec.exe /X{F38E1EF1-BBD6-4743-AF84-021E26B0481C}
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Free PDF to Word Doc Converter v1.1-->"C:\Program Files\Free PDF to Word Doc Converter\unins000.exe"
Gamtec USB Converter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6AB671A8-B984-4E10-B492-609796FD0EC7}\setup.exe" -l0x9
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
GrabIt 1.7.2 Beta 3 (build 996)-->"C:\Program Files\GrabIt\unins000.exe"
HijackThis 2.0.2-->"C:\Users\Ninoy\Desktop\HijackThis.exe" /uninstall
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
LightScribe System Software 1.14.17.1-->MsiExec.exe /X{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Morpheus Photo Animation Suite v3.10-->"C:\Program Files\Morpheus Photo Animation Suite\unins000.exe"
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co6a.dll,SM56UnInstaller
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Navilog1 3.7.1-->"C:\Program Files\Navilog1\unins000.exe"
OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}
P4P-->C:\Program Files\InstallShield Installation Information\{FC3D290D-79BE-44B7-ABF9-FDD110925930}\setup.exe -runfromtemp -l0x0009 -removeonly
PDFCreator Toolbar-->"C:\Windows\PDFCreator_Toolbar_Uninstaller_9281.exe" _?=C:\Program Files\PDFCreator Toolbar
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Power4Gear eXtreme-->C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\setup.exe -runfromtemp -l0x0009 -removeonly
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x9 -removeonly
REALTEK RTL8187 Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{06FE1146-4FF8-45DF-B0D9-CBA8E38C708C}\SETUP.EXE -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x0009 -removeonly
Regressi-->MsiExec.exe /I{E2E164AB-1367-488F-8F1F-BA312DB2FF18}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SopCast 3.0.1-->C:\Program Files\SopCast\uninst.exe
Souvenir-->MsiExec.exe /I{2EEDA268-098B-4F3F-A15C-9C24B2331771}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe"
Téléchargeur de FIFA 2009 fr-->"C:\Program Files\Téléchargeur de FIFA 2009\unins000.exe"
TestLAB 2008 Evaluation-->"C:\Program Files\AxBx\TestLAB 2008 Evaluation\unins000.exe"
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Update for Microsoft Office 2007 Help for Common Features (KB957244)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {C8C72583-C907-4D20-8973-C3858D96BD9E}
Update for Microsoft Office Access 2007 Help (KB957241)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {D670F9B9-3E84-47B5-8A4A-618B65DB1593}
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {51864046-74C8-487B-97CD-6167A4B1DB56}
Update for Microsoft Office InfoPath 2007 Help (KB957243)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {766DF26B-5F03-48ED-9307-5326F2790ED0}
Update for Microsoft Office OneNote 2007 Help (KB957245)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {7332DE60-DC79-4578-A60A-A5EA0D6E032B}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office PowerPoint 2007 Help (KB957247)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {B20E2C59-EEC5-4102-9E50-5DBB2093C37D}
Update for Microsoft Office Publisher 2007 Help (KB957249)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4E140A5A-4A90-404A-B955-10C2D98CD3EE}
Update for Microsoft Office Word 2007 Help (KB957252)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {54DF3345-0720-4224-9740-C7E00303F565}
Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959141)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CC6191C2-B0CE-473C-AD77-61EA3497D796}
USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
USB Dual Vibration Joystick-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56DD3770-2EF5-42D0-BA5A-A8135E9D4A9E}\setup.exe" -l0x9
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F}
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

=====HijackThis Backups=====

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - Startup: Serveur Souvenir.lnk = ?
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

======Security center information======

AS: Windows Defender

System event log

Computer Name: PC-de-Ninoy
Event Code: 1003
Message: Votre ordinateur n'a pas pu renouveler son adresse à partir du réseau (à partir du serveur DHCP) pour la carte réseau dont l'adresse réseau est 00C0CA1E94FF. Il s'est produit l'erreur suivante :
L'opération a été annulée par l'utilisateur.. Votre ordinateur va continuer à essayer d'obtenir sa propre adresse auprès du serveur d'adresse réseau (DHCP).
Record Number: 35200
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090130201502.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-Ninoy
Event Code: 4201
Message: Le système a détecté que la carte réseau Connexion réseau sans fil 2 était connectée au réseau, et a lancé une opération normale.
Record Number: 35201
Source Name: Tcpip
Time Written: 20090130201502.379108-000
Event Type: Information
User:

Computer Name: PC-de-Ninoy
Event Code: 4201
Message: Le système a détecté que la carte réseau Connexion réseau sans fil 2 était connectée au réseau, et a lancé une opération normale.
Record Number: 35202
Source Name: Tcpip
Time Written: 20090130201502.379108-000
Event Type: Information
User:

Computer Name: PC-de-Ninoy
Event Code: 1103
Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs.
Record Number: 35203
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090130201507.000000-000
Event Type: Information
User:

Computer Name: PC-de-Ninoy
Event Code: 1103
Message: Votre ordinateur a obtenu une adresse auprès du réseau, et vous pouvez maintenant vous connecter à d'autres ordinateurs.
Record Number: 35204
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090130204505.000000-000
Event Type: Information
User:

Application event log

Computer Name: PC-de-Ninoy
Event Code: 1001
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés. Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système et les dernières entrées du registre d'aide.
Record Number: 5183
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090130201755.000000-000
Event Type: Information
User:

Computer Name: PC-de-Ninoy
Event Code: 1000
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été chargés. Les données d'enregistrement dans la section des données contiennent les nouvelles valeurs d'index assignées à ce service.
Record Number: 5184
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090130201755.000000-000
Event Type: Information
User:

Computer Name: PC-de-Ninoy
Event Code: 1001
Message: Récipient d’erreurs 199566505, type 5
Événement : AppHangB1
Réponse : Aucun
ID de CAB : 0

Signature du problème :
P1 : iexplore.exe
P2 : 7.0.6001.18000
P3 : 47918f11
P4 : cab0
P5 : 4
P6 :
P7 :
P8 :
P9 :
P10 :

Fichiers joints :
C:\Users\Ninoy\AppData\Local\Temp\WERD4A4.tmp.version.txt
C:\Users\Ninoy\AppData\Local\Temp\WERE927.tmp.appcompat.txt

Ces fichiers sont peut-être disponibles ici :
C:\Users\Ninoy\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report1010eaeb
Record Number: 5185
Source Name: Windows Error Reporting
Time Written: 20090130201955.000000-000
Event Type: Information
User:

Computer Name: PC-de-Ninoy
Event Code: 1002
Message: Le programme iexplore.exe version 7.0.6001.18000 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 1114 Heure de début : 01c983179710610a Heure de fin : 23
Record Number: 5186
Source Name: Application Hang
Time Written: 20090130201955.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-Ninoy
Event Code: 5
Message: Unsupported service control request (see data below)
Record Number: 5187
Source Name: LightScribeService
Time Written: 20090130204913.000000-000
Event Type: Information
User:

Security event log

Computer Name: PC-de-Ninoy
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 8172
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090130204910.985293-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Ninoy
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 8173
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090130204911.030212-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Ninoy
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 8174
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090130204911.074155-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Ninoy
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 8175
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090130204911.118097-000
Event Type: Échec de l'audit
User:

Computer Name: PC-de-Ninoy
Event Code: 5038
Message: L’intégrité du code a déterminé que le hachage de l’image d’un fichier n’est pas valide. Le fichier peut être endommagé en raison d’une modification non autorisée ou le hachage non valide peut indiquer une erreur d’unité de disque potentielle.

Nom du fichier : \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 8176
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090130204911.162040-000
Event Type: Échec de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\ESTsoft\ALZip\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"configsetroot"=%SystemRoot%\ConfigSetRoot
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Réponse 37 / 42
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
re

poste le log.txt dans C/rsit/log.txt

et oui on controle qu'il n' y est + rien
0
Réponse 38 / 42
ninoy91
 
Logfile of random's system information tool 1.05 (written by random/random)
Run by Ninoy at 2009-01-30 21:48:57
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 22 GB (18%) free of 119 GB
Total RAM: 3071 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:49:11, on 30/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\P4P\P4P.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Cobian Backup 9\cbInterface.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Ninoy\Desktop\RSIT.exe
C:\Users\Ninoy\Desktop\Ninoy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7070
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [Cobian Backup 9 interface] "C:\Program Files\Cobian Backup 9\cbInterface.exe" -service
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: Signet Souvenir - {01065454-F77B-4577-B8EC-D75E7BAE3992} - C:\Program Files\Souvenir\SouvIE Scripts\SouvIE BookMark.htm
O9 - Extra 'Tools' menuitem: Signet Souvenir - {01065454-F77B-4577-B8EC-D75E7BAE3992} - C:\Program Files\Souvenir\SouvIE Scripts\SouvIE BookMark.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Rechercher dans Souvenir - {56DADBEE-F85C-441C-8AA6-279DF759ABE3} - C:\Program Files\Souvenir\SouvIE Scripts\SouvIE Find.htm
O9 - Extra 'Tools' menuitem: Rechercher dans Souvenir - {56DADBEE-F85C-441C-8AA6-279DF759ABE3} - C:\Program Files\Souvenir\SouvIE Scripts\SouvIE Find.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Unknown owner - C:\Program Files\Common Files\\System\\smss.exe (file missing)
O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Luis Cobian - C:\Program Files\Cobian Backup 9\cbService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
0
Réponse 39 / 42
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
re

/!\ Desactives ton antivirus et la garde de ton antispyware, si tu en as un /!\

* Fermes tous les programmes en cours

* Clic-droit sur OTMoveIt3 ( executer en tant qu'administrateur)
pour le lancer

*Assures toi que la case : Unregister Dll's and Ocx soit cochée

* Copies les lignes ci-dessous

:reg[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{410b60d2-b4aa-11dd-9bf2-00235452d064}]

:commands
[purity]
[emptytemp]
[reboot]

* et colles les dans le cadre de gauches de OTMoveIt
" Past List of Files/ Folders to move "

* Cliques sur " Moveit " pour lancer la suppression

* Il faudra peut-etre redemarrer le pc afin de finir la suppression
--> si il ne le fait pas, fais le toi meme

* Le resultat apparaitra --> " Results "

* Cliques sur " Exit " pour fermer

* Postes le rapport situé dans C:\_OTMoveIt\MovedFiles

/!\ Si ton bureau ne reapparait pas, presses les touches /!\:
--> Ctrl + supp + Alt
--> gestionnaire de taches
--> onglet processus et cliques sur " Fichier " --> executer et tapes " explorer.exe "
puis valides

puis relance hijackthis choisit do a scan only et coche les cases a gauche des lignes :

R3 - Default URLSearchHook is missing
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cobian Backup 9 service (CobianBackupAmanita) - Unknown owner - C:\Program Files\Common Files\\System\\smss.exe (file missing)

puis clic sur fix checked

ensuite pour controle

telecharge GENPROC Ouvre ce lien d'aide < < http://www.alt-shift-return.org/Info/GenProc-HowTo.html >
, et le téléchargement est dedans < http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip > repond oui à la question à la fin et poste le rapport stp
0
Réponse 40 / 42
ninoy91
 
Error: Unable to interpret <[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{410b60d2-b4aa-11dd-9bf2-00235452d064}] > in the current context!
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01302009_222155
0

Discussions similaires

comment ecrire un double cote " "
helmii -
[Dal] -

3 réponses
Supprimer le paramètre "Stockage interne, messagerie double"
simoncolten -
momo2775 -

5 réponses
Application Messenger double-compte
mehdi2008 -
mehdi2008 -

6 réponses