ANtivir ne start pas ...log hijak. gracias
empty_files
Messages postés
438
Date d'inscription
Statut
Membre
Dernière intervention
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:15, on 2009-03-15
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.blackle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\CF1783.exe /c C:\ComboFix\Combobatch.bat
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Citrus Alarm Clock] C:\Program Files\Citrus Alarm Clock\citrusac.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
O4 - Global Startup: Carte pour réseau sans fil WLAN (USB 2.0).lnk = C:\Program Files\Dell Wireless\PRISMCFG.exe
O4 - Global Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = C:\Program Files\Dell Wireless\PRISMCFG.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\downloadbinportable\aawservice.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Unknown owner - C:\Program Files\Sandboxie\SbieSvc.exe (file missing)
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Scan saved at 21:15, on 2009-03-15
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.blackle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\CF1783.exe /c C:\ComboFix\Combobatch.bat
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Citrus Alarm Clock] C:\Program Files\Citrus Alarm Clock\citrusac.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
O4 - Global Startup: Carte pour réseau sans fil WLAN (USB 2.0).lnk = C:\Program Files\Dell Wireless\PRISMCFG.exe
O4 - Global Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\memturbo.exe
O4 - Global Startup: Wireless USB 2.0 WLAN Card Utility.lnk = C:\Program Files\Dell Wireless\PRISMCFG.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler... - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Unknown owner - C:\downloadbinportable\aawservice.exe (file missing)
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Unknown owner - C:\Program Files\Sandboxie\SbieSvc.exe (file missing)
O23 - Service: spkrmon - Unknown owner - C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A voir également:
- ANtivir ne start pas ...log hijak. gracias
- Start pxe over ipv4 - Forum Windows 10
- One start c'est quoi ✓ - Forum Navigateur
- Ti college plus log - Forum calculatrices
- Start menu 8 - Télécharger - Systèmes d'exploitation
- Pokki start menu - Forum Windows 8 / 8.1
68 réponses
Salut Gen!!!
La j'ai faite un sacanne sur mon discdur externe,et il trouve pas ma l de truck,Mais je ne suis pas capable de les suprimé...
Donc la je serait rendu a desinstaller ad-ware...Parfait!!!
VOici mon rapport drWeb disk e\: Nero-7.0.1.2_fra.exe\1060.mst;E:\Softwarium\zz Nero v7.0.1.2 + Serial Number qui marche à 100% +bonus\Nero-7.0.1.2_fra.exe;Modification de VBS.LoveLetter;;
Nero-7.0.1.2_fra.exe;E:\Softwarium\zz Nero v7.0.1.2 + Serial Number qui marche à 100% +bonus;L'archive contient des éléments infectés;Quarantaine.;
A0049265.exe\1060.mst;E:\System Volume Information\_restore{2E1D344D-F13D-4D2D-9644-D11B111A2DFB}\RP146\A0049265.exe;Modification de VBS.LoveLetter;;
A0049265.exe;E:\System Volume Information\_restore{2E1D344D-F13D-4D2D-9644-D11B111A2DFB}\RP146;L'archive contient des éléments infectés;Quarantaine.;
A0040479.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsFile.origin;Irréparable.Supprimé.;
A0040480.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsSid.142;Irréparable.Supprimé.;
A0040482.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsList.126;Irréparable.Supprimé.;
A0040485.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsPasswd.121;Irréparable.Supprimé.;
A0040488.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsSuspend.105;Irréparable.Supprimé.;
A0046948.exe\data003;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0046948.exe;Program.RemoteAdmin;;
A0046948.exe\data005;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0046948.exe;Program.RemoteAdmin;;
A0046948.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;Quarantaine.;
A0046957.exe/SETUP.EXE/install/data/3e2ff5d7f589ce0deb4ce7aae4064e36/12.03.0011.0/assembly.dat/b737ba9e5eb1b1d53ed19de1ee6b7284;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0046957.exe/SETUP.EXE/install/data/3e2ff5d7f;Modification de Win95.Dedo.1286;;
b737ba9e5eb1b1d53ed19de1ee6b7284/md5/2657297143202e3f10d1b2fada664f65;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Conteneur comporte des objets infectés;;
install/data/3e2ff5d7f589ce0deb4ce7aae4064e36/12.03.0011.0/assembly.dat;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;;
\SETUP.EXE;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;;
A0046957.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;Quarantaine.;
A0046960.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.WinVnc;Irréparable.Supprimé.;
A0051184.msi\stream001;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0051184.msi;BackDoor.IRC.Sdbot.origin;;
A0051184.msi;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;Quarantaine.;
A0055532.exe\data014;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0055532.exe;Program.RemoteAdmin.37;;
A0055532.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;Quarantaine.;
A0055544.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsFile.101;Irréparable.Supprimé.;
A0055545.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsSid.142;Irréparable.Supprimé.;
A0055547.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsList.126;Irréparable.Supprimé.;
A0055548.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsLogon.131;Irréparable.Supprimé.;
A0055550.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsPasswd.121;Irréparable.Supprimé.;
A0055553.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsSuspend.105;Irréparable.Supprimé.;
La j'ai faite un sacanne sur mon discdur externe,et il trouve pas ma l de truck,Mais je ne suis pas capable de les suprimé...
Donc la je serait rendu a desinstaller ad-ware...Parfait!!!
VOici mon rapport drWeb disk e\: Nero-7.0.1.2_fra.exe\1060.mst;E:\Softwarium\zz Nero v7.0.1.2 + Serial Number qui marche à 100% +bonus\Nero-7.0.1.2_fra.exe;Modification de VBS.LoveLetter;;
Nero-7.0.1.2_fra.exe;E:\Softwarium\zz Nero v7.0.1.2 + Serial Number qui marche à 100% +bonus;L'archive contient des éléments infectés;Quarantaine.;
A0049265.exe\1060.mst;E:\System Volume Information\_restore{2E1D344D-F13D-4D2D-9644-D11B111A2DFB}\RP146\A0049265.exe;Modification de VBS.LoveLetter;;
A0049265.exe;E:\System Volume Information\_restore{2E1D344D-F13D-4D2D-9644-D11B111A2DFB}\RP146;L'archive contient des éléments infectés;Quarantaine.;
A0040479.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsFile.origin;Irréparable.Supprimé.;
A0040480.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsSid.142;Irréparable.Supprimé.;
A0040482.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsList.126;Irréparable.Supprimé.;
A0040485.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsPasswd.121;Irréparable.Supprimé.;
A0040488.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsSuspend.105;Irréparable.Supprimé.;
A0046948.exe\data003;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0046948.exe;Program.RemoteAdmin;;
A0046948.exe\data005;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0046948.exe;Program.RemoteAdmin;;
A0046948.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;Quarantaine.;
A0046957.exe/SETUP.EXE/install/data/3e2ff5d7f589ce0deb4ce7aae4064e36/12.03.0011.0/assembly.dat/b737ba9e5eb1b1d53ed19de1ee6b7284;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0046957.exe/SETUP.EXE/install/data/3e2ff5d7f;Modification de Win95.Dedo.1286;;
b737ba9e5eb1b1d53ed19de1ee6b7284/md5/2657297143202e3f10d1b2fada664f65;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Conteneur comporte des objets infectés;;
install/data/3e2ff5d7f589ce0deb4ce7aae4064e36/12.03.0011.0/assembly.dat;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;;
\SETUP.EXE;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;;
A0046957.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;Quarantaine.;
A0046960.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.WinVnc;Irréparable.Supprimé.;
A0051184.msi\stream001;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0051184.msi;BackDoor.IRC.Sdbot.origin;;
A0051184.msi;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;Quarantaine.;
A0055532.exe\data014;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573\A0055532.exe;Program.RemoteAdmin.37;;
A0055532.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;L'archive contient des éléments infectés;Quarantaine.;
A0055544.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsFile.101;Irréparable.Supprimé.;
A0055545.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsSid.142;Irréparable.Supprimé.;
A0055547.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsList.126;Irréparable.Supprimé.;
A0055548.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsLogon.131;Irréparable.Supprimé.;
A0055550.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsPasswd.121;Irréparable.Supprimé.;
A0055553.exe;E:\System Volume Information\_restore{C91DBC59-6DE6-4AC3-8736-5019242968AE}\RP573;Program.PsSuspend.105;Irréparable.Supprimé.;
et oui il fallait faire un scan sur tous les disques et cles usb avec DrWeb
######## | XP _ Instal & recherche | #######
Telecharge et install UsbFix (de C_XX & Chiquitine29)
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau .
# Choisi l option 1 ( Recherche )
# Laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaitra.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
######## | XP _ Instal & recherche | #######
Telecharge et install UsbFix (de C_XX & Chiquitine29)
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau .
# Choisi l option 1 ( Recherche )
# Laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaitra.
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
sans les ouvrir?? tu veux dire je branche mon disque dure l allume mais je ne clic pas desus cest bien ca....
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voici le rapport BOnne journée:
############################## [ UsbFix V3.004 ]
# User : Guy (Administrators) # DIEGO
# Update on 08/04/09 by C_XX & Chiquitine29
# Start at: 16:00:45 | 2009-04-08
# Intel(R) Pentium(R) 4 CPU 3.20GHz
# Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : ZoneAlarm Security Suite Antivirus 7.0.483.000 [ (!) Disabled | (!) Outdated ]
# AV : avast! antivirus 4.8.1335 [VPS 090408-0] 4.8.1335 [ Enabled | Updated ]
# FW : ZoneAlarm Firewall[ Enabled ]8.0.065.000
# A:\ # 3 1/2 Inch Floppy Drive
# C:\ # Local Fixed Disk # 74.5 Go (15.3 Go free) [dellshit.mpeg] # NTFS
# D:\ # CD-ROM Disc # 1.51 Go (0 Mo free) [NVE_DVD] # UDF
# E:\ # Local Fixed Disk # 233.75 Go (62.44 Go free) [Empty_files] # NTFS
# F:\ # CD-ROM Disc
# G:\ # CD-ROM Disc
# H:\ # CD-ROM Disc # 5.58 Mo (0 Mo free) [U3 System] # CDFS
# I:\ # Removable Disk # 973.17 Mo (0.88 Mo free) # FAT
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Registre # Startup ]
HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="http://www.blackle.com/"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM_Run: H2O=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
HKLM_Run: ZoneAlarm Client="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
HKLM_Run: SpywareTerminator="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: AlcoholAutomount="C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
HKCU_Run: ccleaner="C:\Program Files\CCleaner\CCleaner.exe" /AUTO
HKCU_Run: SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKCU_Run: Citrus Alarm Clock=C:\Program Files\Citrus Alarm Clock\citrusac.exe
HKCU_Run: DAEMON Tools Lite="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
HKCU_Run: CursorXP="C:\Program Files\CursorXP\CursorXP.exe" -s
HKCU_Run: H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
HKCU_Run: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
HKCU_Run: BitComet="C:\Program Files\BitComet\BitComet.exe" /tray
HKLM_System: "DisableRegistryTools"=dword:00000000
################## [ Informations ]
# Contenu de l'autorun C:\autorun.inf
[autorun]
open=OblivionLauncher.exe
icon=Oblivion.ico
# Contenu de l'autorun H:\autorun.inf
[AutoRun]
open=LaunchU3.exe -a
icon=LaunchU3.exe,0
[Definitions]
Launchpad=LaunchPad.exe
Vtype=1
[CopyFiles]
FileNumber=1
File1=LaunchPad.zip
[Update]
URL=http://u3.sandisk.com/download/lp_installer.asp?custom=1.2.0.5&brand=cruzer
[Comment]
brand=cruzer
################## [ Fichiers # Dossiers infectieux ]
Found ! C:\autorun.inf
Found ! H:\autorun.inf
################## [ Registre # Clés infectieuses ]
# -> Not Found !
################## [ Registre # Mountpoint2 ]
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C\Shell\AutoRun\command
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0b843d-bb1d-11dd-b964-000e3b0923cc}\Shell\AutoRun\command
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f4b6cf2-7a33-11d9-a216-806d6172696f}\Shell\AutoRun\command
################## [ ! Fin du rapport # UsbFix V3.004 ! ]
############################## [ UsbFix V3.004 ]
# User : Guy (Administrators) # DIEGO
# Update on 08/04/09 by C_XX & Chiquitine29
# Start at: 16:00:45 | 2009-04-08
# Intel(R) Pentium(R) 4 CPU 3.20GHz
# Microsoft Windows XP Professional (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Disabled
# AV : ZoneAlarm Security Suite Antivirus 7.0.483.000 [ (!) Disabled | (!) Outdated ]
# AV : avast! antivirus 4.8.1335 [VPS 090408-0] 4.8.1335 [ Enabled | Updated ]
# FW : ZoneAlarm Firewall[ Enabled ]8.0.065.000
# A:\ # 3 1/2 Inch Floppy Drive
# C:\ # Local Fixed Disk # 74.5 Go (15.3 Go free) [dellshit.mpeg] # NTFS
# D:\ # CD-ROM Disc # 1.51 Go (0 Mo free) [NVE_DVD] # UDF
# E:\ # Local Fixed Disk # 233.75 Go (62.44 Go free) [Empty_files] # NTFS
# F:\ # CD-ROM Disc
# G:\ # CD-ROM Disc
# H:\ # CD-ROM Disc # 5.58 Mo (0 Mo free) [U3 System] # CDFS
# I:\ # Removable Disk # 973.17 Mo (0.88 Mo free) # FAT
############################## [ Processus actifs ]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Analog Devices\SoundMAX\spkrmon.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Dell Wireless\PRISMCFG.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Opera\Opera.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## [ Registre # Startup ]
HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="http://www.blackle.com/"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_Run: StartCCC="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM_Run: H2O=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
HKLM_Run: ZoneAlarm Client="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
HKLM_Run: SpywareTerminator="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
HKCU_Run: AlcoholAutomount="C:\Program Files\Alcohol Soft\Alcohol 52\axcmd.exe" /automount
HKCU_Run: ccleaner="C:\Program Files\CCleaner\CCleaner.exe" /AUTO
HKCU_Run: SpybotSD TeaTimer=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
HKCU_Run: Citrus Alarm Clock=C:\Program Files\Citrus Alarm Clock\citrusac.exe
HKCU_Run: DAEMON Tools Lite="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
HKCU_Run: CursorXP="C:\Program Files\CursorXP\CursorXP.exe" -s
HKCU_Run: H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
HKCU_Run: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
HKCU_Run: BitComet="C:\Program Files\BitComet\BitComet.exe" /tray
HKLM_System: "DisableRegistryTools"=dword:00000000
################## [ Informations ]
# Contenu de l'autorun C:\autorun.inf
[autorun]
open=OblivionLauncher.exe
icon=Oblivion.ico
# Contenu de l'autorun H:\autorun.inf
[AutoRun]
open=LaunchU3.exe -a
icon=LaunchU3.exe,0
[Definitions]
Launchpad=LaunchPad.exe
Vtype=1
[CopyFiles]
FileNumber=1
File1=LaunchPad.zip
[Update]
URL=http://u3.sandisk.com/download/lp_installer.asp?custom=1.2.0.5&brand=cruzer
[Comment]
brand=cruzer
################## [ Fichiers # Dossiers infectieux ]
Found ! C:\autorun.inf
Found ! H:\autorun.inf
################## [ Registre # Clés infectieuses ]
# -> Not Found !
################## [ Registre # Mountpoint2 ]
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C\Shell\AutoRun\command
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0b843d-bb1d-11dd-b964-000e3b0923cc}\Shell\AutoRun\command
Found ! HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f4b6cf2-7a33-11d9-a216-806d6172696f}\Shell\AutoRun\command
################## [ ! Fin du rapport # UsbFix V3.004 ! ]
Salut
######## | Suppression | ########
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau
# choisi l option 2 ( Suppression )
# Ton bureau disparaitra et le pc redémarrera .
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
######### | Désinstallation | #######
# Double clic sur le raccourci UsbFix présent sur ton bureau
# Choisi l option 3 ( Désinstaller ) ....
######## | Suppression | ########
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
# Double clic sur le raccourci UsbFix présent sur ton bureau
# choisi l option 2 ( Suppression )
# Ton bureau disparaitra et le pc redémarrera .
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.
# Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .
# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
######### | Désinstallation | #######
# Double clic sur le raccourci UsbFix présent sur ton bureau
# Choisi l option 3 ( Désinstaller ) ....
J'ai suivis les etapes et au demarrage pas de rapport Ni de scanne automatic.... ??
merci et bonne journeé !!!!
merci et bonne journeé !!!!
J ai regardé et non pas de rapport dans le dossier c/usbfix ni sur mon disk dur....
aVrai dire quand mon ordi a rallumé j'ai pas vue de scanne ni de rapport...
Ont fait koi ont recomence la supression...
Ou bien c'est pas a cause que j ai pas de burau quand je allume mon ordi faut taper (explorer.exe) ..
Bon merci encore mais la j'ai vraiment hate de me debarassé de cest maudit virus merci...
aVrai dire quand mon ordi a rallumé j'ai pas vue de scanne ni de rapport...
Ont fait koi ont recomence la supression...
Ou bien c'est pas a cause que j ai pas de burau quand je allume mon ordi faut taper (explorer.exe) ..
Bon merci encore mais la j'ai vraiment hate de me debarassé de cest maudit virus merci...
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
C:\autorun.inf
H:\autorun.inf
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C\Shell\AutoRun\command]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0b843d-bb1d-11dd-b964-000e3b0923cc}\Shell\AutoRun\command]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f4b6cf2-7a33-11d9-a216-806d6172696f}\Shell\AutoRun\command]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
C:\autorun.inf
H:\autorun.inf
:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C\Shell\AutoRun\command]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0b843d-bb1d-11dd-b964-000e3b0923cc}\Shell\AutoRun\command]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f4b6cf2-7a33-11d9-a216-806d6172696f}\Shell\AutoRun\command]
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\autorun.inf moved successfully.
File/Folder H:\autorun.inf not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C\Shell\AutoRun\command\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0b843d-bb1d-11dd-b964-000e3b0923cc}\Shell\AutoRun\command\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f4b6cf2-7a33-11d9-a216-806d6172696f}\Shell\AutoRun\command\\ not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\etilqs_bmZGdbqA1v86pAtZUv5L scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\etilqs_bmZGdbqA1v86pAtZUv5L-journal scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\etilqs_ePz3CsFf2h7uV8oQSNIz scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF2642.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF51DF.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF5304.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF6BC8.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DFDE23.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Temporary Internet Files\Content.IE5\254SAR25\_page_recommend[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_118.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT07f53.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\OfflineCache\index.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04112009_020005
on recomence?
"""
Process explorer.exe killed successfully.
========== FILES ==========
C:\autorun.inf moved successfully.
File/Folder H:\autorun.inf not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C\Shell\AutoRun\command\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0b843d-bb1d-11dd-b964-000e3b0923cc}\Shell\AutoRun\command\\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f4b6cf2-7a33-11d9-a216-806d6172696f}\Shell\AutoRun\command\\ not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\etilqs_bmZGdbqA1v86pAtZUv5L scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\etilqs_bmZGdbqA1v86pAtZUv5L-journal scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\etilqs_ePz3CsFf2h7uV8oQSNIz scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF2642.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF51DF.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF5304.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF6BC8.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DFDE23.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Temporary Internet Files\Content.IE5\254SAR25\_page_recommend[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_118.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\ZLT07f53.TMP scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\OfflineCache\index.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Application Data\Mozilla\Firefox\Profiles\49ar9t1y.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04112009_020005
on recomence?
"""
Je crois que ce échoué!!!
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\autorun.inf not found.
File/Folder H:\autorun.inf not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C\Shell\AutoRun\command\\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0b843d-bb1d-11dd-b964-000e3b0923cc}\Shell\AutoRun\command\\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f4b6cf2-7a33-11d9-a216-806d6172696f}\Shell\AutoRun\command\\ not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF4A9D.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF4B84.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04112009_032915
Files moved on Reboot...
File C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF4A9D.tmp not found!
File C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF4B84.tmp not found!
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\autorun.inf not found.
File/Folder H:\autorun.inf not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C\Shell\AutoRun\command\\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d0b843d-bb1d-11dd-b964-000e3b0923cc}\Shell\AutoRun\command\\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f4b6cf2-7a33-11d9-a216-806d6172696f}\Shell\AutoRun\command\\ not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF4A9D.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF4B84.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Guy\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Opera cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04112009_032915
Files moved on Reboot...
File C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF4A9D.tmp not found!
File C:\DOCUME~1\Guy\LOCALS~1\Temp\~DF4B84.tmp not found!
# Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.
Ce point ne ce produit pas ont dirait c'est possible?
J'ai pas vu un foutu rapport de Usb fix?... Désolé je commence a a perdre la boule
puis j, oubliais le scanne de rokitt de avg.. je fait koi avec je peux les suprimé sans prob. tu pense quoi.
c:/windows/systeme32/driversaygui7sz.sys et avcl48m9.sys...
Ce point ne ce produit pas ont dirait c'est possible?
J'ai pas vu un foutu rapport de Usb fix?... Désolé je commence a a perdre la boule
puis j, oubliais le scanne de rokitt de avg.. je fait koi avec je peux les suprimé sans prob. tu pense quoi.
c:/windows/systeme32/driversaygui7sz.sys et avcl48m9.sys...
