Sujet Précédent Sujet Suivant

Suis-je infecté ?

Fermé
aselmare - 23 févr. 2009 à 11:10
 Utilisateur anonyme - 27 févr. 2009 à 16:42
Bonjour,

En arrivant ce matin au boulot, je me suis rendu compte que mon PC était vérolé, et qu'aucun antivirus n'était activé (symantec auparavant). L'informaticien est en vacance pendant 2semaine, et personne n'est capable de me donner un coup de main. Après avoir installer antivir, fait 3 analyses, et un firewall (zone alarm), de nombreux virus sont supprimés. Cependant, mon PC est toujours terriblement lent, les pages web ne fonctionnent presque pas (j’ai l’impression que ca provient des applet flash), elle s’affichent en format texte, sans images. Ou lorsque je click sur un lien, il me met a la place du lien demander : http://windowsclick.com/go.php? …….

J’ai donc suivit la procedure suivante : http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr
Je mets ci-dessous les trois rapports, pouvez vous me dire si mon PC est encore infecté
Merci a tous
PS : après avoir lancé CCcleaner, le PC ma semblé bcp plus « rapide ».
PS2 : je n’ai pas réussit à faire de maj pour AVG (probablement dernière version téléchargée)
PS3 : impossible de faire le scan online de bitdefender, erreur. J’ai téléchargé la version d’évaluation, et effectué le scan

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 09:58:02 23/02/2009

+ Résultat de l'analyse:


:mozilla.394:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.395:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.116:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.117:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.118:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.119:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.121:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.123:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.216:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.273:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.376:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.488:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.120:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.122:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.112:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.113:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.114:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.115:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.124:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.140:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.148:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.531:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.125:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.126:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.127:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.62:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.195:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.448:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.289:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.290:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.213:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.214:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.315:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.384:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Hitslink : Aucune action entreprise.
:mozilla.63:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.64:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.458:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Information : Aucune action entreprise.
:mozilla.535:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Ivwbox : Aucune action entreprise.
:mozilla.68:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.69:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.70:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.91:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.649:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Onestat : Aucune action entreprise.
:mozilla.650:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Onestat : Aucune action entreprise.
:mozilla.197:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.400:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Paypal : Aucune action entreprise.
:mozilla.451:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.452:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.453:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.454:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.455:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.456:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.457:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.392:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Realmedia : Aucune action entreprise.
:mozilla.141:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.142:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.143:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.144:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.145:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.146:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.147:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.168:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.169:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.170:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.171:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.175:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.176:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.335:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.337:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.338:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.339:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.21:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.26:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.27:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.28:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.29:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.30:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.76:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.77:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.79:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.80:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.81:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.57:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.58:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.59:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.60:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.61:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.510:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Trafficmp : Aucune action entreprise.
:mozilla.511:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Trafficmp : Aucune action entreprise.
:mozilla.291:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.102:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.103:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.259:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Webtrends : Aucune action entreprise.
:mozilla.336:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.44:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.45:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.46:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.47:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.48:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.49:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.50:C:\WINDOWS\CSC\d4\800001DB -> TrackingCookie.Yieldmanager : Aucune action entreprise.

Fin du rapport



BitDefender - Fichier journal

Produit : BitDefender Total Security 2009
Version : BitDefender UIScanner v.12
Tâche d'analyse : Analyse complète
Date du journal : 11:05:04 23/02/2009
Chemin du journal : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\full_scan\1235383504_1_02.xml
Analyse des chemins :
Chemin 0000: C:\
Options d’analyse :
Détecter les virus : Oui
Détecter les adwares : Oui
Détecter les spywares : Oui
Analyser les applications : Oui
Détecter les dialers : Oui
Détecter les rootkits : Oui
Options de sélection de cible :
Analyser les clés du registre : Oui
Analyser les cookies : Oui
Analyser les secteurs de boot : Oui
Analyser les processus mémoire : Oui
Analyser les archives : Non
Analyser les fichiers enpaquetés : Oui
Analyser les e-mails : Non
Analyser tous les fichiers : Oui
Analyse heuristique : Oui
Extensions analysées :
Extensions exclues :
Traitement de la cible :
Action par défaut pour les objets infectés : Désinfecter
Action par défaut pour les objets suspects : Aucune
Action par défaut pour les objets camouflés : Aucune
Résumé de l'analyse
Nombre de signatures de virus : 2680880
Plugins archives : 45
Plugins e-mail : 6
Plugins d'analyse : 13
Plugins système : 5
Plugins de décompression : 7
Résumé de l'analyse générale
Eléments analysés : 58248
Eléments infectés : 12
Eléments suspects : 0
Eléments résolus : 7
Éléments non résolus : 5
Eléments protégés par mot de passe : 0
Virus individuels trouvés : 6
Répertoires analysés : 4296
Secteur de boot analysés : 3
Archives analysés : 3
Erreurs I/O : 31
Temps d'analyse : 00:33:19
Fichiers par seconde : 28
Résumé des processus analysés
Analysé : 40
Infecté : 0
Résumé des clés de registre analysées
Analysé : 857
Infecté : 0
Résumé des cookies analysés
Analysé : 857
Infecté : 0
Problèmes non résolus :
Nom de l'objet Nom de la menace État final
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04980000.VBN=](Quarantine-PE) Backdoor.Bot.18029 Aucune action possible
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04A00000.VBN=](Quarantine-PE) Backdoor.Bot.18029 Aucune action possible
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04A40000.VBN=](Quarantine-PE) Backdoor.Bot.18029 Aucune action possible
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04500002.VBN=](Quarantine-PE) Rootkit.Agent.AIUL Aucune action possible
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04480000.VBN=](Quarantine-PE) Trojan.Downloader.JLQS Aucune action possible

Problèmes résolus
Nom de l'objet Nom de la menace État final
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04600000.VBN=](Quarantine-PE) Backdoor.Bot.18029 Supprimé
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\047C0000.VBN=](Quarantine-PE) Rootkit.Agent.AIUL Supprimé
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\04800000.VBN=](Quarantine-PE) Rootkit.Agent.AIUL Supprimé
C:\Documents and Settings\Alexis\Local Settings\Temp\9874.tmp Trojan.Generic.1444242 Supprimé
C:\System Volume Information\_restore{340C3340-2EBB-4324-859A-C37E85627171}\RP237\A0014859.exe Trojan.Generic.296792 Supprimé
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\044C0001.VBN=](Quarantine-PE) Trojan.TDss.AU Supprimé
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\044C0002.VBN=](Quarantine-PE) Trojan.TDss.AU Supprimé




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:06:03, on 23/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Intel\AMT\UNS.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe
C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://neurochem.u-strasbg.fr/pub/transfert/Alexis/review.pdf
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\services.exe
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O2 - BHO: C:\WINDOWS\system32\hsari3jndsbfi73.dll - {D5BF4552-94F1-42BD-F434-3604812C807D} - C:\WINDOWS\system32\hsari3jndsbfi73.dll
O3 - Toolbar: ZoneAlarm Spy Blocker Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: Domain = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: NameServer = 130.79.200.200
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O22 - SharedTaskScheduler: erajhsf8743kjrngjnf - {D5BF4552-94F1-42BD-F434-3604812C807D} - C:\WINDOWS\system32\hsari3jndsbfi73.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: LPTRDC server (LPTRDCsrv) - Unknown owner - C:\WINDOWS\ctfmon.exe (file missing)
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe (file missing)
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel - C:\Program Files\Intel\AMT\UNS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe

32 réponses

  • 1
  • 2
Réponse 1 / 32
Utilisateur anonyme
23 févr. 2009 à 11:20
Bonjour :



réouvre hijackthis
fais scan only
coches ces lignes :
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\services.exe

tu les coches et tu clic sur fix checked

ensuite :

Télécharge ToolBar S&D ( de Eric_71/Team IDN ) sur ton bureau :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )

!! Déconnecte toi et ferme toutes tes applications en cours le temps de la manipe !!

* Double-clique sur ToolBar SD.exe pour lancer l'outil et laisse toi guider ...
--> Tapes ( option " recherche " ) puis tape sur [Entrée].

Un rapport sera généré à la fin du processus : poste son contenu dans ta prochaine réponse

( le rapport est en outre sauvegardé ici -> C:\TB.txt )
0
Réponse 2 / 32
aselmare
23 févr. 2009 à 11:33
Voila, l'analyse est effectuée d'aprés tes consignes.

Merci


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A04
USER : Alexis ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
Firewall : ZoneAlarm Firewall 8.0.065.000 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:57 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 23/02/2009|11:28 )

-----------\\ Recherche de Fichiers / Dossiers ...

[Service] ASKService
C:\Program Files\AskBarDis
C:\Program Files\AskBarDis\bar
C:\Program Files\AskBarDis\unins000.dat
C:\Program Files\AskBarDis\unins000.exe
C:\Program Files\AskBarDis\zonealarm.ico
C:\Program Files\AskBarDis\bar\bin
C:\Program Files\AskBarDis\bar\Settings
C:\Program Files\AskBarDis\bar\bin\askBar.dll
C:\Program Files\AskBarDis\bar\bin\askPopStp.dll
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\psvince.dll
C:\Program Files\AskBarDis\bar\Settings\config.dat
C:\Program Files\AskBarDis\bar\Settings\config.dat.bak
C:\Program Files\AskBarDis\bar\Settings\prevCfg2.htm
C:\WINDOWS\System32\uninst.exe

-----------\\ Extensions

(Alexis) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(Alexis) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://search.speedbit.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"First Home Page"="https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Home_Page"="https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1"
"Help_Page"="http://support.euro.dell.com/segment.asp?country=FR&language=FR"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 23/02/2009|11:29 - Option : [1]

-----------\\ Fin du rapport a 11:29:43,10
0
Réponse 3 / 32
Utilisateur anonyme
23 févr. 2009 à 11:41
Relance Toolbar-S&D en double-cliquant sur le raccourci
.
Ø Tape sur "2" puis valide en appuyant sur "Entrée".

! Ne ferme pas la fenêtre lors de la suppression !

Un rapport sera généré, poste son contenu ici.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

0
Réponse 4 / 32
aselmare
23 févr. 2009 à 12:19
Voila, pour effectué avec le choix 2, rien a signalé, pas de disparition du bureau.

Merci

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E4400 @ 2.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A04
USER : Alexis ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition Classic 8.0.1.30 (Activated)
Firewall : ZoneAlarm Firewall 8.0.065.000 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:57 Go)
D:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 23/02/2009|12:17 )

-----------\\ SUPPRESSION

Supprime! - [Service] ASKService
Supprime! - C:\Program Files\AskBarDis\bar
Supprime! - C:\Program Files\AskBarDis\unins000.dat
Supprime! - C:\Program Files\AskBarDis\unins000.exe
Supprime! - C:\Program Files\AskBarDis\zonealarm.ico
Supprime! - C:\WINDOWS\System32\uninst.exe
Supprime! - C:\Program Files\AskBarDis

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Alexis) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(Alexis) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://search.speedbit.com/"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"First Home Page"="https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
"Home_Page"="https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1"
"Help_Page"="http://support.euro.dell.com/segment.asp?country=FR&language=FR"


--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !


1 - "C:\ToolBar SD\TB_1.txt" - 23/02/2009|11:29 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 23/02/2009|12:18 - Option : [2]

-----------\\ Fin du rapport a 12:18:16,71
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 32
Utilisateur anonyme
23 févr. 2009 à 12:20
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

-> http://images.malwareremoval.com/random/RSIT.exe

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


-> laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum


( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )

0
aselmare
23 févr. 2009 à 12:37
Voila le log

Logfile of random's system information tool 1.05 (written by random/random)
Run by Alexis at 2009-02-23 12:35:52
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 58 GB (77%) free of 76 GB
Total RAM: 997 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:53, on 23/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Intel\AMT\UNS.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe
C:\Documents and Settings\Alexis\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Alexis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://neurochem.u-strasbg.fr/pub/transfert/Alexis/review.pdf
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O2 - BHO: C:\WINDOWS\system32\hsari3jndsbfi73.dll - {D5BF4552-94F1-42BD-F434-3604812C807D} - C:\WINDOWS\system32\hsari3jndsbfi73.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: Domain = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: NameServer = 130.79.200.200
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O22 - SharedTaskScheduler: erajhsf8743kjrngjnf - {D5BF4552-94F1-42BD-F434-3604812C807D} - C:\WINDOWS\system32\hsari3jndsbfi73.dll
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: LPTRDC server (LPTRDCsrv) - Unknown owner - C:\WINDOWS\ctfmon.exe (file missing)
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe (file missing)
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel - C:\Program Files\Intel\AMT\UNS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
0
aselmare > aselmare
23 févr. 2009 à 12:37
Voila info.txt

Merci

info.txt logfile of random's system information tool 1.05 2009-02-23 12:35:55

======Uninstall list======

-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
AVG Anti-Spyware 7.5-->C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
bibus 1.4.2-->C:\Program Files\bibus\uninst.exe
BitDefender Total Security 2009-->MsiExec.exe /X{F959B396-6E53-4B2D-88AF-5B65FAF9F4D5}
Brain Explorer 1.4.2-->C:\Program Files\Allen Institute\Brain Explorer\uninst.exe /AllUsers
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Canon Utilities PhotoStitch 3.1-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Dell ETS Factory Installation-->C:\Program Files\InstallShield Installation Information\{92FD71D5-ED7E-40B2-8DF3-4B5E6F684367}\setup.exe -runfromtemp -l0x040c -removeonly
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) Matrix Storage Manager-->C:\WINDOWS\System32\Imsmudlg.exe
Intel(R) PRO Alerting Agent-->MsiExec.exe /X{53183B25-FBDC-4B95-856A-DCDD69DFEE18}
Intel(R) PRO Network Connections 12.1.12.4-->MsiExec.exe /i{777CA40C-0206-4EF6-A0FC-618BF06BF8D0} ARPREMOVE=1
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
LiveUpdate 1.80 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
LSM Image Browser, Release 3.2-->C:\AIM\UnInstall.exe C:\AIM\Inst_IB.log
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Standard 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
Microsoft Office Standard 2007-->MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mouse Suite for Desktop Computers-->C:\Program Files\InstallShield Installation Information\{448E2D77-E504-4221-B2C2-93646B344729}\setup.exe -runfromtemp -l0x040c -removeonly
Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.9)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{97AA1F3C-DD64-4AA6-AEC5-F8F9F4CC21C5}
Navilog1 3.7.4-->"C:\Program Files\Navilog1\unins000.exe"
PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{281ECE39-F043-492B-8337-F2E546B5604A}\Setup.exe" -l0x40c -cluninstall
R for Windows 2.8.1-->"C:\Program Files\R\R-2.8.1\unins000.exe"
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Symantec AntiVirus Client-->MsiExec.exe /X{0EFC6259-3AD8-4CD2-BC57-D4937AF5CC0E}
Technologie d’administration active Intel®-->C:\WINDOWS\system32\mesoludlg.exe -uninstall
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb959634)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {50C77E2F-5C1C-467D-9BC8-3CA07D28C9F2}
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
ZoneAlarm Spy Blocker Toolbar-->"C:\Program Files\AskBarDis\unins000.exe"
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

=====HijackThis Backups=====

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\services.exe

======Hosts File======

195.245.119.131 browser-security.microsoft.com
195.245.119.131 browser-security.microsoft.com

======Security center information======

AV: BitDefender Antivirus
AV: Avira AntiVir PersonalEdition Classic
FW: Pare-feu BitDefender
FW: ZoneAlarm Firewall

System event log

Computer Name: YANINE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service COM de gravage de CD IMAPI.

Record Number: 7435
Source Name: Service Control Manager
Time Written: 20081105082055.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: YANINE
Event Code: 7036
Message: Le service Service de découvertes SSDP est entré dans l'état : en cours d'exécution.

Record Number: 7434
Source Name: Service Control Manager
Time Written: 20081105082050.000000+060
Event Type: Informations
User:

Computer Name: YANINE
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.

Record Number: 7433
Source Name: Service Control Manager
Time Written: 20081105082050.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

Computer Name: YANINE
Event Code: 7036
Message: Le service Téléphonie est entré dans l'état : arrêté.

Record Number: 7432
Source Name: Service Control Manager
Time Written: 20081105081534.000000+060
Event Type: Informations
User:

Computer Name: YANINE
Event Code: 7036
Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution.

Record Number: 7431
Source Name: Service Control Manager
Time Written: 20081105081441.000000+060
Event Type: Informations
User:

Application event log

Computer Name: YANINE
Event Code: 32068
Message: La règle de routage de trafic sortant n'est pas valide car elle ne peut pas trouver de périphérique valide. Les télécopies sortantes qui utilisent cette règle ne peuvent pas être acheminées. Vérifiez que le ou les périphériques concernés (en cas de routage vers un groupe de périphériques) sont connectés et installés correctement et allumés. En cas de routage vers un groupe, vérifiez que le groupe est configuré correctement.
Code de pays/région : '*'
Indicatif régional : '*'

Record Number: 2984
Source Name: Microsoft Fax
Time Written: 20081210030957.000000+060
Event Type: Avertissement
User:

Computer Name: YANINE
Event Code: 32026
Message: Le service de télécopie n'a pas pu initialiser de périphériques de télécopies attribués (virtuel ou TAPI).
Aucune télécopie ne peut être envoyée ou reçue tant qu'un périphérique de télécopies n'a pas été installé.

Record Number: 2983
Source Name: Microsoft Fax
Time Written: 20081210030957.000000+060
Event Type: Avertissement
User:

Computer Name: YANINE
Event Code: 2002
Message: [UNS] Failed to subscribe to local Intel(R) AMT.


Record Number: 2982
Source Name: Intel(R) AMT
Time Written: 20081210030957.000000+060
Event Type: erreur
User:

Computer Name: YANINE
Event Code: 2000
Message: [UNS] Intel(R) User Notification Service started.


Record Number: 2981
Source Name: Intel(R) AMT
Time Written: 20081210030957.000000+060
Event Type: Informations
User:

Computer Name: YANINE
Event Code: 0
Message: LMS Service listens at ports 16992 and 16993

Record Number: 2980
Source Name: LMS
Time Written: 20081210030953.000000+060
Event Type: Informations
User: AUTORITE NT\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Perl\bin\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\DMIX
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8

-----------------EOF-----------------
0
Réponse 6 / 32
Utilisateur anonyme
23 févr. 2009 à 12:57
---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:services
LPTRDCsrv

:files
C:\WINDOWS\system32\drivers\ekskfobvqywrzi.sys
C:\Program Files\R
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021
C:\B.txt
C:\SH.txt
C:\CGA.txt
C:\Program Files\Microsoft Common
C:\WINDOWS\system32\hsari3jndsbfi73.dll
C:\WINDOWS\system32\shell31.dll
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd
C:\WINDOWS\system32\hsari3jndsbfi73.dll

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12395913-e5e7-11dc-a3ab-001e4f9d19ee}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6be0dcdc-f05d-11dc-a3b5-001e4f9d19ee}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddedfdda-f659-11dc-a3bb-001e4f9d19ee}]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\sysrc32.exe"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
"erajhsf8743kjrngjnf"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt]


:commands
[purity]
[emptytemp]
[start explorer]
[reboot]




---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

ensuite :

Télécharge MalwareByte's :
http://www.malwarebytes.org/mbam.php ou ici :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/ )

* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's .

Fais un examen dit "Complet" .

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0
aselmare
23 févr. 2009 à 14:32
Je n'arrive pas a faire fonctionner malware, j'ai eu enormement de mal a l'installer : je double cliquer sur l'executable ca ne faisait rien, au bout du 10ème essai, j'ai eu kkl chose. Maintenant qu'il est installer, je n'arrive pas a le lancer, le sablier apparait puis plus rien :/.

Voila dans un premier temps le log de OTmoveit.

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Service LPTRDCsrv stopped successfully.
Service LPTRDCsrv deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\drivers\ekskfobvqywrzi.sys not found.
C:\Program Files\R\RW201slab\bin moved successfully.
C:\Program Files\R\RW201slab moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\Tktable moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tk8.5\ttk moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tk8.5\msgs moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tk8.5 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\US moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\SystemV moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Pacific moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Mexico moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Indian moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Europe moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Etc moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Chile moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Canada moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Brazil moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Australia moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Atlantic moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Asia moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Arctic moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Antarctica moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\America\North_Dakota moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\America\Kentucky moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\America\Indiana moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\America\Argentina moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\America moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata\Africa moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\tzdata moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\opt0.4 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\msgs moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\http1.0 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5\encoding moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8.5 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8\8.5 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8\8.4\platform moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8\8.4 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\tcl8 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\reg1.2 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\dde1.3 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\BWidget\tests moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\BWidget\lang moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\BWidget\images moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\BWidget\demo moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\BWidget\BWman moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib\BWidget moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\lib moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\include\X11 moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\include moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\doc moved successfully.
C:\Program Files\R\R-2.8.1\Tcl\bin moved successfully.
C:\Program Files\R\R-2.8.1\Tcl moved successfully.
C:\Program Files\R\R-2.8.1\src\library\windlgs\src moved successfully.
C:\Program Files\R\R-2.8.1\src\library\windlgs\R moved successfully.
C:\Program Files\R\R-2.8.1\src\library\windlgs\man moved successfully.
C:\Program Files\R\R-2.8.1\src\library\windlgs moved successfully.
C:\Program Files\R\R-2.8.1\src\library moved successfully.
C:\Program Files\R\R-2.8.1\src\gnuwin32\help moved successfully.
C:\Program Files\R\R-2.8.1\src\gnuwin32\check moved successfully.
C:\Program Files\R\R-2.8.1\src\gnuwin32 moved successfully.
C:\Program Files\R\R-2.8.1\src moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\US moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Pacific moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Mexico moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Indian moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Europe moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Etc moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Chile moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Canada moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Brazil moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Australia moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Atlantic moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Asia moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Arctic moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Antarctica moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\America\North_Dakota moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\America\Kentucky moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\America\Indiana moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\America\Argentina moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\America moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo\Africa moved successfully.
C:\Program Files\R\R-2.8.1\share\zoneinfo moved successfully.
C:\Program Files\R\R-2.8.1\share\texmf moved successfully.
C:\Program Files\R\R-2.8.1\share\sh moved successfully.
C:\Program Files\R\R-2.8.1\share\R moved successfully.
C:\Program Files\R\R-2.8.1\share\perl\Text moved successfully.
C:\Program Files\R\R-2.8.1\share\perl\R moved successfully.
C:\Program Files\R\R-2.8.1\share\perl\File\Copy moved successfully.
C:\Program Files\R\R-2.8.1\share\perl\File moved successfully.
C:\Program Files\R\R-2.8.1\share\perl moved successfully.
C:\Program Files\R\R-2.8.1\share\make moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\zh_TW\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\zh_TW moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\ru moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\pt_BR\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\pt_BR moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\ko moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\ja moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\it\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\it moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\fr moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\es\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\es moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\en_GB\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\en_GB moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\en\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\en moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\share\locale\de moved successfully.
C:\Program Files\R\R-2.8.1\share\locale moved successfully.
C:\Program Files\R\R-2.8.1\share\licenses moved successfully.
C:\Program Files\R\R-2.8.1\share moved successfully.
C:\Program Files\R\R-2.8.1\modules moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\Sweave moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\R moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\po moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\misc moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\man moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\html moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\help moved successfully.
C:\Program Files\R\R-2.8.1\library\utils\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\utils moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\R moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\pt_BR\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\pt_BR moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\it\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\it moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\po moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\man moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\html moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\help moved successfully.
C:\Program Files\R\R-2.8.1\library\tools\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\tools moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\R moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\pt_BR\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\pt_BR moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\it\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\it moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\po moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\man moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\html moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\help moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\exec moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\demo moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\tcltk moved successfully.
C:\Program Files\R\R-2.8.1\library\SwissAir\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\SwissAir\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\SwissAir\man moved successfully.
C:\Program Files\R\R-2.8.1\library\SwissAir\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\SwissAir\html moved successfully.
C:\Program Files\R\R-2.8.1\library\SwissAir\help moved successfully.
C:\Program Files\R\R-2.8.1\library\SwissAir\data moved successfully.
C:\Program Files\R\R-2.8.1\library\SwissAir\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\SwissAir moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\R moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\man moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\html moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\help moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\data moved successfully.
C:\Program Files\R\R-2.8.1\library\survival\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\survival moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\R moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\pt_BR\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\pt_BR moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\it\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\it moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\po moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\man moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\html moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\help moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\stats4 moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\R moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\pt_BR\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\pt_BR moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\it\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\it moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\po moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\man moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\html moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\help moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\demo moved successfully.
C:\Program Files\R\R-2.8.1\library\stats\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\stats moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\R moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\pt_BR\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\pt_BR moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\po moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\man moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\html moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\help moved successfully.
C:\Program Files\R\R-2.8.1\library\splines\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\splines moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\R moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\ppdata moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\po moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\man moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\html moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\help moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\spatial moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\R moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\po moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\man moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\html moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\help moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\data moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\rpart moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC\R moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC\man moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC\html moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC\help moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\RODBC moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\R moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\man moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\jri\examples moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\jri moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\java\boot moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\java moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\html moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\help moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\rJava moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\R moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\po moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\man moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\html moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\help moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\nnet moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\scripts moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\R moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\po moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\mlbook moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\man moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\html moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\help moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\data moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\nlme moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv\R moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv\man moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv\html moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv\help moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\mgcv moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\R moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\pt_BR\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\pt_BR moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\po moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\man moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\html moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\help moved successfully.
C:\Program Files\R\R-2.8.1\library\methods\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\methods moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\scripts moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\R moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\po moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\man moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\html moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\help moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\data moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\MASS moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\R moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\man moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\html moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\help moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\demo moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\data moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\lattice moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth\R moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth\man moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth\html moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth\help moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\KernSmooth moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\scripts moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\R moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\man moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\java moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\html moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\help moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\JGR moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\R moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\man moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\java moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\html moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\help moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\JavaGD moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets\R moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets\man moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets\java moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets\html moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets\help moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\iWidgets moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots\R moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots\man moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots\java moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots\html moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots\help moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\iplots moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\R moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\man moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\html moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\help moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\data moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\gtools moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\R moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\pt_BR\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\pt_BR moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\it\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\it moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\po moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\man moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\html moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\help moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\doc moved successfully.
C:\Program Files\R\R-2.8.1\library\grid\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\grid moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc\R moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc\man moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc\html moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc\help moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc\doc moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\gregmisc moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\R moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\it\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\it moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\en_GB\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\en_GB moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\po moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\man moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\html moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\help moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\enc moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices\afm moved successfully.
C:\Program Files\R\R-2.8.1\library\grDevices moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\R moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\it\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\it moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\po moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\man moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\html moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\help moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\demo moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\graphics moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\R moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\man moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\html moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\help moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\doc moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\data moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\gplots moved successfully.
C:\Program Files\R\R-2.8.1\library\gmodels\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\gmodels\R moved successfully.
C:\Program Files\R\R-2.8.1\library\gmodels\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\gmodels\man moved successfully.
C:\Program Files\R\R-2.8.1\library\gmodels\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\gmodels\html moved successfully.
C:\Program Files\R\R-2.8.1\library\gmodels\help moved successfully.
C:\Program Files\R\R-2.8.1\library\gmodels\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\gmodels moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\xls moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\unitTests moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\R moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\perl\Spreadsheet\ParseExcel moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\perl\Spreadsheet moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\perl\OLE moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\perl\IO moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\perl moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\man moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\html moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\help moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\doc moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\data moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata\bin moved successfully.
C:\Program Files\R\R-2.8.1\library\gdata moved successfully.
C:\Program Files\R\R-2.8.1\library\g.data\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\g.data\R moved successfully.
C:\Program Files\R\R-2.8.1\library\g.data\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\g.data\man moved successfully.
C:\Program Files\R\R-2.8.1\library\g.data\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\g.data\html moved successfully.
C:\Program Files\R\R-2.8.1\library\g.data\help moved successfully.
C:\Program Files\R\R-2.8.1\library\g.data\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\g.data moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\R moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\po moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\man moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\html moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\help moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\files moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\foreign moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets\R moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets\man moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets\html moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets\help moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets\data moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\datasets moved successfully.
C:\Program Files\R\R-2.8.1\library\codetools\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\codetools\R moved successfully.
C:\Program Files\R\R-2.8.1\library\codetools\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\codetools\man moved successfully.
C:\Program Files\R\R-2.8.1\library\codetools\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\codetools\html moved successfully.
C:\Program Files\R\R-2.8.1\library\codetools\help moved successfully.
C:\Program Files\R\R-2.8.1\library\codetools\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\codetools moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\R moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\man moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\html moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\help moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\data moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\cluster moved successfully.
C:\Program Files\R\R-2.8.1\library\class\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\class\R moved successfully.
C:\Program Files\R\R-2.8.1\library\class\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\class\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\class\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\class\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\class\po moved successfully.
C:\Program Files\R\R-2.8.1\library\class\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\class\man moved successfully.
C:\Program Files\R\R-2.8.1\library\class\libs moved successfully.
C:\Program Files\R\R-2.8.1\library\class\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\class\html moved successfully.
C:\Program Files\R\R-2.8.1\library\class\help moved successfully.
C:\Program Files\R\R-2.8.1\library\class\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\class moved successfully.
C:\Program Files\R\R-2.8.1\library\car\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\car\R moved successfully.
C:\Program Files\R\R-2.8.1\library\car\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\car\man moved successfully.
C:\Program Files\R\R-2.8.1\library\car\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\car\html moved successfully.
C:\Program Files\R\R-2.8.1\library\car\help moved successfully.
C:\Program Files\R\R-2.8.1\library\car\data moved successfully.
C:\Program Files\R\R-2.8.1\library\car\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\car moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\R moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\po moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\man moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\html moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\help moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\data moved successfully.
C:\Program Files\R\R-2.8.1\library\boot\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\boot moved successfully.
C:\Program Files\R\R-2.8.1\library\base\R-ex moved successfully.
C:\Program Files\R\R-2.8.1\library\base\R moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\zh_CN\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\zh_CN moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\ru\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\ru moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\pt_BR\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\pt_BR moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\ko\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\ko moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\ja\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\ja moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\it\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\it moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\fr\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\fr moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\en@quot\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\en@quot moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\de\LC_MESSAGES moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po\de moved successfully.
C:\Program Files\R\R-2.8.1\library\base\po moved successfully.
C:\Program Files\R\R-2.8.1\library\base\Meta moved successfully.
C:\Program Files\R\R-2.8.1\library\base\man moved successfully.
C:\Program Files\R\R-2.8.1\library\base\latex moved successfully.
C:\Program Files\R\R-2.8.1\library\base\html moved successfully.
C:\Program Files\R\R-2.8.1\library\base\help moved successfully.
C:\Program Files\R\R-2.8.1\library\base\demo moved successfully.
C:\Program Files\R\R-2.8.1\library\base\chtml moved successfully.
C:\Program Files\R\R-2.8.1\library\base moved successfully.
C:\Program Files\R\R-2.8.1\library moved successfully.
C:\Program Files\R\R-2.8.1\include\R_ext moved successfully.
C:\Program Files\R\R-2.8.1\include moved successfully.
C:\Program Files\R\R-2.8.1\etc moved successfully.
C:\Program Files\R\R-2.8.1\doc\manual moved successfully.
C:\Program Files\R\R-2.8.1\doc\html\search moved successfully.
C:\Program Files\R\R-2.8.1\doc\html moved successfully.
C:\Program Files\R\R-2.8.1\doc moved successfully.
C:\Program Files\R\R-2.8.1\bin moved successfully.
C:\Program Files\R\R-2.8.1 moved successfully.
C:\Program Files\R moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Test Storage moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Temp moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Runtime\Security moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Runtime\Objects moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Runtime moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime\OLQNVEMFLLD1E3XLF34G43MHAC\Security moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime\OLQNVEMFLLD1E3XLF34G43MHAC\Objects moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime\OLQNVEMFLLD1E3XLF34G43MHAC moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Publisher Runtime moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Licenses moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\License-DLL\AZUG6HI6Y3GPUDG1KFC2FSHLUC moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\License-DLL moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\EC-License moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Discrete Storage\SXKACOMOSF33GJV6HNX15JNQFA moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Discrete Storage moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Continous Storage\SXKACOMOSF33GJV6HNX15JNQFA moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021\Continous Storage moved successfully.
C:\WINDOWS\system32\E177E04D548C4006A465EEB92D3DE021 moved successfully.
File/Folder C:\B.txt not found.
File/Folder C:\SH.txt not found.
File/Folder C:\CGA.txt not found.
C:\Program Files\Microsoft Common moved successfully.
C:\WINDOWS\system32\hsari3jndsbfi73.dll NOT unregistered.
C:\WINDOWS\system32\hsari3jndsbfi73.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\shell31.dll
C:\WINDOWS\system32\shell31.dll NOT unregistered.
C:\WINDOWS\system32\shell31.dll moved successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009 moved successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd moved successfully.
File/Folder C:\WINDOWS\system32\hsari3jndsbfi73.dll not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12395913-e5e7-11dc-a3ab-001e4f9d19ee}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6be0dcdc-f05d-11dc-a3b5-001e4f9d19ee}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddedfdda-f659-11dc-
0
Réponse 7 / 32
Utilisateur anonyme
23 févr. 2009 à 14:40
tu peux me mettre la fin a partir de Registry ?????

tu auras peut etre un programme a reinstaller
0
Réponse 8 / 32
aselmare
23 févr. 2009 à 14:51
Oui j'ai vu, mon logiciel R :), pour les stats, c'est pas grave, rien de vraiment important.

voila la fin, et toujours rien a faire avec le logiciel anti malwares

========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12395913-e5e7-11dc-a3ab-001e4f9d19ee}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6be0dcdc-f05d-11dc-a3b5-001e4f9d19ee}\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddedfdda-f659-11dc-a3bb-001e4f9d19ee}\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\sysrc32.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler\\erajhsf8743kjrngjnf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt\\ deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Alexis\LOCALS~1\Temp\etilqs_CtkIqKdsuUBvV9hJ6WUO scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Alexis\LOCALS~1\Temp\~DFEFA9.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\atchk.log scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\atchksrv.log scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT00989.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02232009_130352

Files moved on Reboot...
File C:\DOCUME~1\Alexis\LOCALS~1\Temp\etilqs_CtkIqKdsuUBvV9hJ6WUO not found!
C:\DOCUME~1\Alexis\LOCALS~1\Temp\~DFEFA9.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\atchk.log moved successfully.
File move failed. C:\WINDOWS\temp\atchksrv.log scheduled to be moved on reboot.
File C:\WINDOWS\temp\ZLT00989.TMP not found!
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\pchqtjx1.default\XUL.mfl moved successfully.
0
Réponse 9 / 32
Utilisateur anonyme
23 févr. 2009 à 15:22
ok relance rsit stp
0
aselmare
23 févr. 2009 à 15:27
Voila

Logfile of random's system information tool 1.05 (written by random/random)
Run by Alexis at 2009-02-23 15:27:32
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 58 GB (77%) free of 76 GB
Total RAM: 997 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:27:37, on 23/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Intel\AMT\UNS.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Alexis\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Alexis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://neurochem.u-strasbg.fr/pub/transfert/Alexis/review.pdf
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O2 - BHO: C:\WINDOWS\system32\hsari3jndsbfi73.dll - {D5BF4552-94F1-42BD-F434-3604812C807D} - C:\WINDOWS\system32\hsari3jndsbfi73.dll (file missing)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: Domain = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: NameServer = 130.79.200.200
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O22 - SharedTaskScheduler: erajhsf8743kjrngjnf - {D5BF4552-94F1-42BD-F434-3604812C807D} - C:\WINDOWS\system32\hsari3jndsbfi73.dll (file missing)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe (file missing)
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel - C:\Program Files\Intel\AMT\UNS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
0
Réponse 10 / 32
Utilisateur anonyme
23 févr. 2009 à 15:36
une question :

tu as des soucis avec firefox ?
0
aselmare
23 févr. 2009 à 15:48
oui avec firefox et IE, les pages ne se chargent pas toutes, ou lorsquelles se chargent la mise en page de la page internet n'est pas bonne, il n'y a que le texte. La plus part du temps les pages ne se chargent pas lorsque je clic a partir d'un lien. Lorsque je tape l'adresse directement, elle fonctionne.

Sinon le PC et lent ..
0
Réponse 11 / 32
aselmare
23 févr. 2009 à 15:48
Tu as une idée pour Malwarebytes' Anti-Malware ? qui ne fonctionne pas !
0
Réponse 12 / 32
Utilisateur anonyme
23 févr. 2009 à 15:53
---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:reg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"


:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

ensuite :

redemarrre et navugues sur firefox et dis moi si changement il y eu
0
aselmare
23 févr. 2009 à 16:20
Re, aucun changement, toujours pareil : a titre d'exemple, je recherche sur google le site de clubic, je clique sur le lien, une page blanche s'affiche avec comme statu "terminé", et le lien est :
http://windowsclick.com/go.php?u=0ded0d699dbe745b3ad998be5cbf1eb5%3Dcr%26023%3Dld%26MgzsoVN5FXOfc8iFz8DqLJlhgKNYaInoJBVLWloDGfkLR2NASTatStKIyN4D647wcTZ0RARvfkl_OF9Hzp1xLXnU1Pl8ST7nmj9m3DPukiBotw5mZ7FqhQBo7WTdenug7VRlDxq~sEFmJKahuya~4gzaHbGs3LE_um9IhSw~BWHH%3ADNzUykj%3AundQPTFtF3sDl6Jf3pEUf7vNubpCQtbRWq4T31tIG%3AqfZsQcpPbDh2okFLY~UZ9FU1HWk0URGyWrZKZ5440_bsHGZUDE1pNAl1g%3AyIDPpGNkQQfsnVBVre%3AeKDIzveW_uXQbix3ykny%3Datad%26993%3Dffa%26108112045321%3Ddi%3Fphp.wohsm%2Fmoc.yubkcilchcraes&bid=0.024000&aid=109&said=132&mppc=elcl

et non pas celui de clubic !! je comprend pas.
0
aselmare > aselmare
23 févr. 2009 à 16:25
https://forums.techguy.org/threads/malformed-webpages-in-ie-ff-windowsclick-com-forwards-etc.793021/

j'ai vu ce sujet sur un forum anglais qui parler de ce problème. Peut être que tu y vera plus clair que moi.
0
Réponse 13 / 32
Utilisateur anonyme
23 févr. 2009 à 16:31
relances rsit s'il te plait
0
aselmare
23 févr. 2009 à 16:43
Voila

Logfile of random's system information tool 1.05 (written by random/random)
Run by Alexis at 2009-02-23 16:43:11
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 59 GB (77%) free of 76 GB
Total RAM: 997 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:43:20, on 23/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Intel\AMT\UNS.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Documents and Settings\Alexis\Bureau\RSIT.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\Alexis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://neurochem.u-strasbg.fr/pub/transfert/Alexis/review.pdf
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O2 - BHO: C:\WINDOWS\system32\hsari3jndsbfi73.dll - {D5BF4552-94F1-42BD-F434-3604812C807D} - C:\WINDOWS\system32\hsari3jndsbfi73.dll (file missing)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: Domain = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: NameServer = 130.79.200.200
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O22 - SharedTaskScheduler: erajhsf8743kjrngjnf - {D5BF4552-94F1-42BD-F434-3604812C807D} - C:\WINDOWS\system32\hsari3jndsbfi73.dll (file missing)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe (file missing)
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel - C:\Program Files\Intel\AMT\UNS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
0
Réponse 14 / 32
aselmare
23 févr. 2009 à 16:44
Je dois quitter le boulot, je ne serais plus sur le PC, merci pour ton aide, je reviendrais sur le forum demain matin, en esperant que tu trouve d'ou sa puisse venir.

Merci
0
Réponse 15 / 32
Utilisateur anonyme
23 févr. 2009 à 17:00
ok quand tu reviens demain fais remonter le topic par un signe de vie :)
0
aselmare
24 févr. 2009 à 09:12
Voila de retour, et toujours le même problème avec firefox, je vais refaire un scan avec bitdefender pour voi si mon PC est encore infecté.

gen-hackman est tu encore parmis nous ?

:)
0
Réponse 16 / 32
aselmare
24 févr. 2009 à 10:30
up, quelqu'un peut-il m'aider ?
0
aselmare
24 févr. 2009 à 13:07
up, help
0
Réponse 17 / 32
Utilisateur anonyme
24 févr. 2009 à 15:02
salut je peux avoir le rapport de otmoveit ?

Télécharge HostsXpert sur ton Bureau :
http://www.funkytoad.com/download/HostsXpert.zip

---> Décompresse-le (Clic droit >> Extraire ici)

---> Double-clique sur HostsXpert pour le lancer

---> clique sur le bouton "Restore MS Hosts File" puis ferme le programme

PS : Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur.

s'il est fermé , clique dessus :)

ensuite :

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:services
SeaPort

:files
C:\Program Files\AskBardis

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5BF4552-94F1-42BD-F434-3604812C807D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=""

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
aselmare
24 févr. 2009 à 15:39
Re, merci de ta réponse,

Voila, le rapport OTmoveIT, aprés avoir utilisé HostXpert

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service SeaPort .
========== FILES ==========
C:\Program Files\AskBardis\bar\Settings moved successfully.
C:\Program Files\AskBardis\bar moved successfully.
C:\Program Files\AskBardis moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5BF4552-94F1-42BD-F434-3604812C807D}\\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully!
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Alexis\LOCALS~1\Temp\etilqs_vN7wLyhCjJOAkZefLXGW scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\atchk.log scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\atchksrv.log scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02242009_151214

Files moved on Reboot...
File C:\DOCUME~1\Alexis\LOCALS~1\Temp\etilqs_vN7wLyhCjJOAkZefLXGW not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\atchk.log moved successfully.
File move failed. C:\WINDOWS\temp\atchksrv.log scheduled to be moved on reboot.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Alexis\Local Settings\Application Data\Mozilla\Firefox\Profiles\dxbc7y6r.default\XUL.mfl moved successfully.
0
Réponse 18 / 32
Utilisateur anonyme
24 févr. 2009 à 16:37
tu n 'as pas repondu a ma question stp

relancesz rsit stp
0
aselmare
24 févr. 2009 à 17:05
Le voila

Logfile of random's system information tool 1.05 (written by random/random)
Run by Alexis at 2009-02-24 17:04:17
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 58 GB (77%) free of 76 GB
Total RAM: 997 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:23, on 24/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Intel\ASF Agent\ASFAgent.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Intel\AMT\UNS.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Intel\AMT\atchk.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\system32\calc.exe
C:\Documents and Settings\Alexis\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Alexis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row-rel&channel=fr&ibd=3071214
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://neurochem.u-strasbg.fr/pub/transfert/Alexis/review.pdf
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [atchk] "C:\Program Files\Intel\AMT\atchk.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: Domain = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{C511F928-EA3C-451F-81B2-79FBF2E8302F}: NameServer = 130.79.200.200
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = u-strasbg.fr
O22 - SharedTaskScheduler: erajhsf8743kjrngjnf - {D5BF4552-94F1-42BD-F434-3604812C807D} - (no file)
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. https://www.bitdefender.fr/ - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - C:\Program Files\Intel\ASF Agent\ASFAgent.exe
O23 - Service: Intel(R) Active Management Technology System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Intel(R) Active Management Technology Local Management Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe (file missing)
O23 - Service: Intel(R) Active Management Technology User Notification Service (UNS) - Intel - C:\Program Files\Intel\AMT\UNS.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
0
Réponse 19 / 32
Utilisateur anonyme
24 févr. 2009 à 17:38
question :

tu te sers de quel antivirus ?

réouvre hijackthis
fais scan only
coches ces lignes :

R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O22 - SharedTaskScheduler: erajhsf8743kjrngjnf - {D5BF4552-94F1-42BD-F434-3604812C807D} - (no file)
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe (file missing)

tu les coches et tu clic sur "fix checked"

et tu fermes le programme.

ensuite :

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl
[HKCU\Software\Microsoft\Internet Connection Wizard]
"ShellNext"=""

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
aselmare
25 févr. 2009 à 10:13
Up !!

Bonjour bonjour,

Ca a l'air d'aller un peu mieu, le net est moin lent, mais j'ai toujours ces message d'erreur http://windowsclick.com/.......

Voila le rapport OTmoveIT

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"https://www.google.fr/?gws_rd=ssl /E : value set successfully!
HKCU\Software\Microsoft\Internet Connection Wizard\\"ShellNext"|"" /E : value set successfully!
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Alexis\LOCALS~1\Temp\~DF3979.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\atchk.log scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\atchksrv.log scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT005c5.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02252009_095538

Files moved on Reboot...
C:\DOCUME~1\Alexis\LOCALS~1\Temp\~DF3979.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
C:\WINDOWS\temp\atchk.log moved successfully.
File move failed. C:\WINDOWS\temp\atchksrv.log scheduled to be moved on reboot.
File C:\WINDOWS\temp\ZLT005c5.TMP not found!
0
Réponse 20 / 32
Utilisateur anonyme
25 févr. 2009 à 12:13
bonjour :

Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Coche Afficher les fichiers et dossiers cachés
- Décoche Masquer les extensions des fichiers dont le type est connu
- Décoche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.

N'oublie pas de recacher à nouveau les fichiers cachés et protégés du système d'exploitation en fin de désinfection, c'est important

Fais analyser le(s) fichier(s) suivants sur Virustotal :

Virus Total

* Clique sur Parcourir en haut, choisis Poste de travail et cherche ce fichier :

C:\WINDOWS\system32\drivers\ekskfobvqywrzi.sys

* Clique maintenant sur Envoyer le fichier. et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
* Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
* Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
* Une nouvelle fenêtre de ton navigateur va apparaître
* Clique alors sur les deux fleches
* Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
* Enfin colle le résultat dans ta prochaine réponse.
0
aselmare
25 févr. 2009 à 15:02
Je ne trouve pas le fichier en question, j'ai fait une recherche sur la totalité du disque, niet, rien du tout.
0

Discussions similaires

Menace détectée TrojanSMS-PA sur Google Huawei/Android
Outmost -
bazfile -

6 réponses
Virus détecté
Koony -
MisteryBean -

6 réponses
y a t'il des virus qu'avast ne detecte pas
davivid -
Utilisateur anonyme -

24 réponses
Mon ordinateur a été infecté par un virus ou
henry4002 -
jorginho67 -

6 réponses
Virus non détecté par mon anti-virus ?
F2L -
cabrier -

12 réponses