Sujet Précédent Sujet Suivant

Impossible de remettre antivivir free edition

Fermé
jorandall62 Messages postés 596 Date d'inscription jeudi 24 janvier 2008 Statut Membre Dernière intervention 6 octobre 2023 - 3 juin 2009 à 03:17
 Utilisateur anonyme - 12 juin 2009 à 17:17
Bonjour,
j'ai voulu retirer mon antivirus " antivir" personnal free edition avira avec le logiciel "revo uninstaller "pour en mettre un autre.( avg antivirus free )
mais finalement je voulais revenir a antivir mais je n'arrive plus à l'installer !!
soit j'ai cette fenétre;
" CCPLG.XML: unable to find file ( c:/programfiles/avira/antivir personnaledition classic/ccplg.xml "
soit cette autre fenetre :
"un produit de avira gmbh est déjà installé sur votre systéme,souhaitez vous desinstaller pour installer le nouveau ?............pour cela il faut redémarrer "
j'ai pourtant tout retirer d'antivir ou avira avant de refaire l'installation , j'ai fait aussi un nettoyage du registre avec ccleaner mais pas moyen d'installer "antivir " !!!
merci pour vos aides
A voir également:

162 réponses

Réponse 1 / 162
Utilisateur anonyme
3 juin 2009 à 03:19
salut



==> Télécharge OAD (de Laur3n7!)

- Enregistre le sur ton bureau

Double clique sur le OAD pour le lancer

- nom de fichier à rechercher ,tapes : Avira
- Type de recherche : sélectionne l'option 6 puis valide [entree]

OAD va maintenant rechercher le fichier. Laisse le travailler jusqu'à ce qu'il en ai terminé.
Le rapport de recherche s'affichera automatiquement à dès qu'il en aura terminé.

- Fais un copier / coller de ce rapport dans ton prochain post.

Note importante : Suivant la taille des disques dur cette recherche peut prendre plusieurs minutes. Sois patient
0
Réponse 2 / 162
jorandall62 Messages postés 596 Date d'inscription jeudi 24 janvier 2008 Statut Membre Dernière intervention 6 octobre 2023 56
3 juin 2009 à 11:07
merci d'avoir répondu
voici le rapport
2009-06-03 ---- 11:00:40.87

----------------------------------
§§§§§§ [avira] §§§§§§
----------------------------------
[X] Registre

-------------- [ ] rapide
-- Fichier --- [ ] disque systeme
------------- [X] complete


********************
[Registre]
********************


[HKEY_LOCAL_MACHINE\SOFTWARE\Avira]

[HKEY_LOCAL_MACHINE\SOFTWARE\Avira\AntiVir PersonalEdition Classic]

[HKEY_LOCAL_MACHINE\SOFTWARE\Avira\AntiVir PersonalEdition Classic]
"Path"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Avira\AntiVir PersonalEdition Classic]
"AppDataDirectory"="C:\\ProgramData\\Avira\\AntiVir PersonalEdition Classic\\"

[HKEY_LOCAL_MACHINE\SOFTWARE\Avira\AntiVir PersonalEdition Classic\FACT]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}]
@="Avira AntiVir Personal"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}]
"System.ApplicationName"="Avira GmbH.Avira AntiVir Personal"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}]
"System.Software.TasksFileUrl"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avconfig.xml"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45AC2688-0253-4ED8-97DE-B5370FA7D48A}\InProcServer32]
@="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\shlext.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{305CA226-D286-468e-B848-2B2E8E697B74}]
@="Avira AntiVir Personal"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="\"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic]
"DisplayIcon"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\rcimage.dll,1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic]
"DisplayName"="Avira AntiVir Personal - Free Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic]
"Publisher"="Avira GmbH"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic]
"UninstallString"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\setup.exe /REMOVE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic]
"ModifyPath"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\setup.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation\AntiVir PersonalEdition Classic]
"Name"="Avira AntiVir Personal - Free Antivirus"

[HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation\AntiVir PersonalEdition Classic]
"MasterKey"="Software\\Avira\\AntiVir PersonalEdition Classic"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler]
"DisplayName"="Planificateur Avira AntiVir Personal - Free Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler]
"Description"="Service de commande des tâches de contrôle et mises à jour Avira AntiVir Personal - Free Antivirus."

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService]
"DisplayName"="Avira AntiVir Personal - Free Antivirus Guard"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt]
"Description"="Mini-filtre pour AntiVir Guard de l'Avira AntiVir Personal - Free Antivirus. L'AntiVir Guard protège des virus et logiciels malveillants en temps réel."

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avipbb]
"Description"="Avira's Driver for RootKit Detection"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avira AntiVir]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avira AntiVir]
"CategoryMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\guardevt.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avira AntiVir]
"EventMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\guardevt.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\avgntflt]
"CategoryMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgntflt.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\avgntflt]
"EventMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgntflt.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ssmdrv]
"Description"="Avira Snapshot Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ssmdrv\Products]
"Avira AntiVir Personal - Free Antivirus"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirScheduler]
"DisplayName"="Planificateur Avira AntiVir Personal - Free Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirScheduler]
"Description"="Service de commande des tâches de contrôle et mises à jour Avira AntiVir Personal - Free Antivirus."

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirService]
"DisplayName"="Avira AntiVir Personal - Free Antivirus Guard"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avgntflt]
"Description"="Mini-filtre pour AntiVir Guard de l'Avira AntiVir Personal - Free Antivirus. L'AntiVir Guard protège des virus et logiciels malveillants en temps réel."

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avipbb]
"Description"="Avira's Driver for RootKit Detection"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Avira AntiVir]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Avira AntiVir]
"CategoryMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\guardevt.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Avira AntiVir]
"EventMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\guardevt.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\System\avgntflt]
"CategoryMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgntflt.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\System\avgntflt]
"EventMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgntflt.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ssmdrv]
"Description"="Avira Snapshot Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ssmdrv\Products]
"Avira AntiVir Personal - Free Antivirus"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler]
"DisplayName"="Planificateur Avira AntiVir Personal - Free Antivirus"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler]
"Description"="Service de commande des tâches de contrôle et mises à jour Avira AntiVir Personal - Free Antivirus."

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirService]
"DisplayName"="Avira AntiVir Personal - Free Antivirus Guard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt]
"Description"="Mini-filtre pour AntiVir Guard de l'Avira AntiVir Personal - Free Antivirus. L'AntiVir Guard protège des virus et logiciels malveillants en temps réel."

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avipbb]
"Description"="Avira's Driver for RootKit Detection"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir]
"CategoryMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\guardevt.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir]
"EventMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\guardevt.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\avgntflt]
"CategoryMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgntflt.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\avgntflt]
"EventMessageFile"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgntflt.sys"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ssmdrv]
"Description"="Avira Snapshot Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ssmdrv\Products]
"Avira AntiVir Personal - Free Antivirus"="C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira\AntiVir PersonalEdition Classic]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira\AntiVir PersonalEdition Classic\Reminder]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira\AntiVir PersonalEdition Classic\SeenMessages]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windifesavirale.com]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]

[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]

"C:\\Users\\jorandall62\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\66Z4209O\\avira-antivir-personal-free_avira_antivir_personal_free_9.0.0.386_anglais_10821[1].exe"=dword:00000001

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]

*******************
[Fichier]
*******************

c:\Program Files\Avira
c:\ProgramData\Avira
c:\Users\All Users\Avira
c:\Users\jorandall62\AppData\Local\VirtualStore\Program Files\Avira


*********************
[Même date]
*********************

[Répertoire ] --- REP ---> C:\Program Files\Files



Outil Aide Diagnostic By !aur3n7 Version 1.1
----------------------------------
§§§§§ Fin Rapport §§§§§
----------------------------------
0
Réponse 3 / 162
Utilisateur anonyme
3 juin 2009 à 13:40
---> Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.

---> Télécharge OTM (OldTimer) sur ton Bureau :

---> Double-clique sur OTM.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:services

:files
c:\Program Files\Avira
c:\ProgramData\Avira
c:\Users\All Users\Avira
c:\Users\jorandall62\AppData\Local\VirtualStore\Program Files\Avira

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Avira]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{305CA226-D286-468e-B848-2B2E8E697B74}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic]
[-HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation\AntiVir PersonalEdition Classic]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avipbb]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avira AntiVir]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ssmdrv]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirScheduler]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirService]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avipbb]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Avira AntiVir]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\System\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ssmdrv]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avipbb]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ssmdrv]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira\AntiVir PersonalEdition Classic\SeenMessages]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windifesavirale.com]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]
[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]


:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTM

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 4 / 162
jorandall62 Messages postés 596 Date d'inscription jeudi 24 janvier 2008 Statut Membre Dernière intervention 6 octobre 2023 56
3 juin 2009 à 14:03
voici le rapport otm
File/Folder :processes not found.
File/Folder explorer.exe not found.
File/Folder not found.
File/Folder :services not found.
File/Folder not found.
File/Folder :files not found.
Folder move failed. c:\Program Files\Avira\AntiVir PersonalEdition Classic scheduled to be moved on reboot.
Folder cleanup failed. c:\Program Files\Avira scheduled to be deleted on reboot.
File/Folder c:\ProgramData\Avira not found.
File/Folder c:\Users\All Users\Avira not found.
c:\Users\jorandall62\AppData\Local\VirtualStore\Program Files\Avira\AntiVir PersonalEdition Classic moved successfully.
c:\Users\jorandall62\AppData\Local\VirtualStore\Program Files\Avira moved successfully.
File/Folder not found.
File/Folder :reg not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Avira] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{305CA226-D286-468e-B848-2B2E8E697B74}] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www] not found.
File/Folder [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] not found.
File/Folder "avgnt"=- not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation\AntiVir PersonalEdition Classic] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt] not found.
File/Folder [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avipbb] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avira AntiVir] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ssmdrv] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirScheduler] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirService] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avipbb] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Avira AntiVir] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\System\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ssmdrv] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avipbb] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ssmdrv] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira\AntiVir PersonalEdition Classic\SeenMessages] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windifesavirale.com] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de] not found.
File/Folder [HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www] not found.
File/Folder not found.
File/Folder not found.
File/Folder :commands not found.
File/Folder [purity] not found.
File/Folder [emptytemp] not found.
File/Folder [start explorer] not found.
File/Folder [reboot] not found.
File/Folder not found.
File/Folder not found.
File/Folder not found.

Created on 06-03-2009 13:54:58
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 162
Utilisateur anonyme
3 juin 2009 à 14:33
tu l'as copié collé tel quel dans OTM ?
0
Réponse 6 / 162
jorandall62 Messages postés 596 Date d'inscription jeudi 24 janvier 2008 Statut Membre Dernière intervention 6 octobre 2023 56
3 juin 2009 à 14:45
oui pourquoi ???
j'ai sélectionné tout ce qui devait étre mis dans le cadre Paste Instructions for Items to be Moved.
tout ce que tu m'a mi en gras !
j'ai du redémarré mon pc et a l'ouverture j'ai encore eu la fenétre "CCPLG.XML: unable to find file ( c:/programfiles/avira/antivir personnaledition classic/ccplg.xml "
0
Réponse 7 / 162
Utilisateur anonyme
3 juin 2009 à 14:52
Télécharge Random's System Information Tool (RSIT) de random/random et enregistre l'exécutable sur ton Bureau.

! Déconnecte toi et ferme toutes tes applications en cours !

Double-clique sur " RSIT.exe " pour le lancer .

-> Une première fenêtre s'ouvre avec en titre : " Disclaimer of warranty " .

* Devant l'option "List files/folders created ..." , tu choisis : 2 months

* clique ensuite sur " Continue " pour lancer l'analyse ...


-> laisse faire le scan et ne touche pas au PC ...


Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront (probablement avec le bloc-note).

Poste le contenu de " log.txt " (c'est celui qui apparait à l'écran), ainsi que de " info.txt " (que tu verras dans la barre des tâches), pour analyse et attends la suite ...

Important : poste un rapport, puis l'autre dans la réponse suivante
Si tu essaies de poster les deux en même temps, cela risque d'être trop long pour le forum


( Note : les rapports seront en outre sauvegardés dans ce dossier -> C:\rsit )
0
Réponse 8 / 162
jorandall62 Messages postés 596 Date d'inscription jeudi 24 janvier 2008 Statut Membre Dernière intervention 6 octobre 2023 56
3 juin 2009 à 15:18
Logfile of random's system information tool 1.06 (written by random/random)
Run by jorandall62 at 2009-06-03 15:10:01
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 2 GB (1%) free of 218 GB
Total RAM: 2046 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:10, on 2009-06-03
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Windows\tsnp2uvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\jorandall62\Desktop\RSIT.exe
C:\Program Files\trend micro\jorandall62.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NXIECatcher Class - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{512AC375-977B-4769-997F-290DCF6E5904}: NameServer = 89.2.0.1,89.2.0.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\Skype4COM.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
0
Réponse 9 / 162
Utilisateur anonyme
3 juin 2009 à 15:33
######## | XP _ Instal & recherche | #######


Telecharge et install UsbFix (de C_XX & Chiquitine29)

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau .

# Choisi l option 1 ( Recherche )

# Laisse travailler l outil.

# Ensuite post le rapport UsbFix.txt qui apparaitra.

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

# Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.



0
Réponse 10 / 162
jorandall62 Messages postés 596 Date d'inscription jeudi 24 janvier 2008 Statut Membre Dernière intervention 6 octobre 2023 56
3 juin 2009 à 15:51
############################## [ UsbFix V3.028 | Scan ]

# User : jorandall62 (Administrateurs) # PC-DE-JORANDALL
# Update on 02/06/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 15:49:29 | 2009-06-03

# Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Disabled

# C:\ # Disque fixe local # 213.11 Go (2.02 Go free) [BOOT] # NTFS
# D:\ # Disque fixe local # 19.76 Go (14.03 Go free) [RECOVER] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible

############################## [ Processus actifs ]

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Windows\vsnp2uvc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Windows\tsnp2uvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Windows\ehome\ehsched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\Windows\ehome\ehRecvr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## [ Registre Startup ]

HKCU_Main: "Local Page"="C:\\windows\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="https://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=UTF-8&gws_rd=ssl"
HKCU_Main: "Secondary Start Pages"=hex(7):68,00,74,00,74,00,70,00,3a,00,2f,00,2f,00,6f,00,\
HKLM_logon: "Userinit"="C:\\Windows\\system32\\userinit.exe,"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: NvSvc=RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM_Run: NvCplDaemon=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM_Run: NvMediaCenter=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM_Run: ArcSoft Connection Service=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM_Run: avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
HKLM_Run: Adobe Reader Speed Launcher="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: snp2uvc=C:\Windows\vsnp2uvc.exe
HKLM_Run: tsnp2uvc=C:\Windows\tsnp2uvc.exe
HKLM_Run: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
HKCU_Run: Sidebar=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKCU_Run: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKCU_Run: SUPERAntiSpyware=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKCU_Run: msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKCU_Run: WMPNSCFG=C:\Program Files\Windows Media Player\WMPNSCFG.exe
HKCU_Run: ehTray.exe=C:\Windows\ehome\ehTray.exe

################## [ Fichiers # Dossiers infectieux ]


################## [ Registre # Clés Run infectieuses ]

Found ! HKLM\software\microsoft\security center "UacDisableNotify" ( 0x1 )

################## [ Registre # Mountpoints2 ]


################## [ ! Fin du rapport # UsbFix V3.028 ! ]
0
Réponse 11 / 162
Utilisateur anonyme
3 juin 2009 à 16:03
######## | Suppression | ########

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d avoir été infectés sans les ouvrir

# Double clic sur le raccourci UsbFix présent sur ton bureau

# choisi l option 2 ( Suppression )

# Ton bureau disparaitra et le pc redémarrera .

# Au redémarrage , UsbFix scannera ton pc , laisse travailler l outil.

# Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

# Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )


######### | Désinstallation | #######


# Double clic sur le raccourci UsbFix présent sur ton bureau

# Choisi l option Désinstaller ....
0
Réponse 12 / 162
jorandall62
3 juin 2009 à 16:33
############################## [ UsbFix V3.028 | Cleaning ]

# User : jorandall62 (Administrateurs) # PC-DE-JORANDALL
# Update on 02/06/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 16:24:00 | 2009-06-03

# Intel(R) Core(TM)2 CPU 4300 @ 1.80GHz
# Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Disabled

# C:\ # Disque fixe local # 213.11 Go (2.22 Go free) [BOOT] # NTFS
# D:\ # Disque fixe local # 19.76 Go (14.03 Go free) [RECOVER] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible

############################## [ Processus actifs ]

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\LogonUI.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\userinit.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\runonce.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## [ Fichiers # Dossiers infectieux ]


################## [ Registre # Clés Run infectieuses ]

# HKLM\software\microsoft\security center\\ "UacDisableNotify" # -> Reset sucessfully !

################## [ Registre # Mountpoints2 ]


################## [ Listing des fichiers présent ]

[2008-12-30 18:02|--a------|1916] - C:\aaw7boot.log
[2009-01-03 00:43|--a------|3456] - C:\AD-report-Clean-02.01.2009.log
[2009-01-02 23:52|--a------|12463] - C:\AD-report-Scan-02.01.2009.log
[2008-06-07 23:22|--a------|185] - C:\AUTOEXEC.BAT
[2006-09-18 23:43|--a------|24] - C:\AUTOEXEC.NAV
[2008-01-19 09:45|-rahs----|333203] - C:\bootmgr
[2009-02-26 19:50|--a------|3870] - C:\cleannavi.txt
[2009-03-15 01:44|--a------|29046] - C:\ComboFix.txt
[2006-09-18 23:43|--a------|10] - C:\config.sys
[2009-03-09 15:09|--a------|4083] - C:\FindyKill.txt
[2009-03-12 21:03|--a------|3658] - C:\fixnavi.txt
[2002-12-21 00:00|--a------|53248] - C:\gendel32.exe
[2008-06-20 17:21|--a------|164] - C:\install.dat
[2007-10-21 22:51|-rahs----|0] - C:\IO.SYS
[2009-02-20 03:42|--a------|19602] - C:\lopR.txt
[2009-05-07 18:07|--a------|24111] - C:\MP4debug.log
[2007-10-21 22:51|-rahs----|0] - C:\MSDOS.SYS
[2008-08-16 15:42|--a------|481059] - C:\MyMusic01.mp3
[2004-02-29 17:44|--a------|52576] - C:\orange.bmp
[?|?|?] - C:\pagefile.sys
[2009-03-09 19:59|--a------|91] - C:\program1
[2007-11-19 00:32|--ah-----|0] - C:\ProgramData.LOG1
[2007-11-19 00:32|--ah-----|0] - C:\ProgramData.LOG2
[2008-05-28 12:45|--a------|16989] - C:\PVOEM_debug.txt
[2009-06-03 11:00|--a------|13862] - C:\resultat.txt
[2009-04-18 16:01|--a------|3932184] - C:\snp2uvc-001.raw
[2007-10-21 23:23|--ah-----|232] - C:\sqmdata00.sqm
[2008-01-05 20:30|--ah-----|232] - C:\sqmdata01.sqm
[2008-11-10 02:07|--ah-----|268] - C:\sqmdata02.sqm
[2009-01-04 22:29|--ah-----|268] - C:\sqmdata03.sqm
[2007-10-21 23:23|--ah-----|244] - C:\sqmnoopt00.sqm
[2008-01-05 20:30|--ah-----|244] - C:\sqmnoopt01.sqm
[2008-11-10 02:07|--ah-----|244] - C:\sqmnoopt02.sqm
[2009-01-04 22:29|--ah-----|244] - C:\sqmnoopt03.sqm
[2009-04-04 20:14|--a------|2097] - C:\TB.txt
[2009-01-03 17:56|--a------|2958] - C:\TCleaner.txt
[2008-08-16 15:21|--a------|14591828] - C:\TestRecord.wav
[2008-06-07 23:22|---h-----|27] - C:\TraFgFr.Tra
[2009-06-03 16:24|--a------|4687] - C:\UsbFix.txt
[2007-01-15 15:48|--a------|22] - D:\SWCONF.DAT
[2007-01-25 06:55|--a------|49] - D:\PASS.RPT
[1995-01-01 01:00|--a------|44] - D:\Track03.cda
[2007-02-25 18:09|--a------|316] - D:\GHOSTERR.TXT
[2007-03-19 17:46|--ahs----|285696] - D:\ehthumbs_vista.db
[2007-04-11 19:33|-ra------|528] - D:\MediaID.bin

################## [ Vaccination ]

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

################## [ ! Fin du rapport # UsbFix V3.028 ! ]
0
Réponse 13 / 162
Utilisateur anonyme
3 juin 2009 à 16:50
relances rsit stp
0
Réponse 14 / 162
jorandall62 Messages postés 596 Date d'inscription jeudi 24 janvier 2008 Statut Membre Dernière intervention 6 octobre 2023 56
3 juin 2009 à 17:22
je n'ai pas eu de rapport "info.txt mais seulement celui-ci ;

Logfile of random's system information tool 1.06 (written by random/random)
Run by jorandall62 at 2009-06-03 17:19:17
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 990 MB (0%) free of 218 GB
Total RAM: 2046 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:19, on 2009-06-03
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
c:\Users\jorandall62\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\jorandall62.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NXIECatcher Class - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [tsnp2uvc] C:\Windows\tsnp2uvc.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.13\AMVConverter\grab.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.13\MediaManager\grab.html
O8 - Extra context menu item: Recherche sur eBay - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com/QuickTime/qtactivex/qtplugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{512AC375-977B-4769-997F-290DCF6E5904}: NameServer = 89.2.0.1,89.2.0.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\Skype4COM.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
0
Réponse 15 / 162
Utilisateur anonyme
3 juin 2009 à 17:45
retente le OTM en mode sans echec stp
0
Réponse 16 / 162
jorandall62 Messages postés 596 Date d'inscription jeudi 24 janvier 2008 Statut Membre Dernière intervention 6 octobre 2023 56
3 juin 2009 à 17:57
ok mais comment faire pour mettre le texte dans la fenétre ?
0
Réponse 17 / 162
Utilisateur anonyme
3 juin 2009 à 18:01
clic droit copier
ensuite
clic droit coller
0
Réponse 18 / 162
jorandall62
3 juin 2009 à 18:30
ok j'ai compri et je sais faire ça ! lol
mais si je redémarre mon pc en mode sans échic et que je veux copier le texte ci dessous je ne peux pas faire "coller" !

:processes
explorer.exe

:services

:files
c:\Program Files\Avira
c:\ProgramData\Avira
c:\Users\All Users\Avira
c:\Users\jorandall62\AppData\Local\VirtualStore\Program Files\Avira

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Avira]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{305CA226-D286-468e-B848-2B2E8E697B74}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic]
[-HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation\AntiVir PersonalEdition Classic]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avipbb]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avira AntiVir]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ssmdrv]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirScheduler]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirService]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avipbb]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Avira AntiVir]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\System\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ssmdrv]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avipbb]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\avgntflt]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ssmdrv]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira\AntiVir PersonalEdition Classic\SeenMessages]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windifesavirale.com]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]
[-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]
[HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de]
[-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www]


:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
0
Réponse 19 / 162
Utilisateur anonyme
3 juin 2009 à 18:41

/!\ ATTENTION SUIVRE SCRUPULEUSEMENT A LA LETTRE CES INDICATIONS/!\

_________________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
=====================================================

On va utiliser ComboFix.exe. Rends toi sur cette page web pour obtenir les liens de téléchargement, ainsi que des instructions pour exécuter l'outil:

https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix


Avant d'utiliser ComboFix :
______________________________________________________________________
>> referme les fenêtres de tous les programmes en cours.
>> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
>>la protection en temps réel de ton Antivirus et de tes Antispywares,
>>qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°°

!!!!!NE TOUCHE A RIEN PENDANT LE TRAVAIL DE COMBOFIX (SOURIS/CLAVIER.....)!!!!!

n'oublie pas de reactiver la garde de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

>> Reviens sur le forum, et

copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

0
Réponse 20 / 162
jorandall62
3 juin 2009 à 18:50
finalement j'ai réussi a faire le mode sans échec et le copier coller du texte !!
voici le rapport
sinon j'attends une confirmation pour faire la manoeuvre avec "combo "
File/Folder :processes not found.
File/Folder explorer.exe not found.
File/Folder not found.
File/Folder :services not found.
File/Folder not found.
File/Folder :files not found.
c:\Program Files\Avira\AntiVir PersonalEdition Classic moved successfully.
c:\Program Files\Avira moved successfully.
c:\ProgramData\Avira\AntiVir PersonalEdition Classic\LOGFILES moved successfully.
c:\ProgramData\Avira\AntiVir PersonalEdition Classic\EVENTDB moved successfully.
c:\ProgramData\Avira\AntiVir PersonalEdition Classic moved successfully.
c:\ProgramData\Avira moved successfully.
File/Folder c:\Users\All Users\Avira not found.
File/Folder c:\Users\jorandall62\AppData\Local\VirtualStore\Program Files\Avira not found.
File/Folder not found.
File/Folder :reg not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Avira] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{305CA226-D286-468e-B848-2B2E8E697B74}] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\ControlPanel\NameSpace\{305CA226-D286-468e-B848-2B2E8E697B74}] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www] not found.
File/Folder [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] not found.
File/Folder "avgnt"=- not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiVir PersonalEdition Classic] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\X-AVCSD\Workstation\AntiVir PersonalEdition Classic] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirScheduler] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\AntiVirService] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avgntflt] not found.
File/Folder [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\avipbb] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Avira AntiVir] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\System\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ssmdrv] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirScheduler] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\AntiVirService] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\avipbb] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\Avira AntiVir] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\System\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ssmdrv] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AntiVirScheduler] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avipbb] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avira AntiVir] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\avgntflt] not found.
File/Folder [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ssmdrv] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de] not found.
File/Folder [-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Avira\AntiVir PersonalEdition Classic\SeenMessages] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\windifesavirale.com] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de] not found.
File/Folder [HKEY_USERS\S-1-5-21-641817250-3860369117-549646289-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aviraa.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aavira.de\www] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de] not found.
File/Folder [-HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\aviraa.de\www] not found.
File/Folder not found.
File/Folder not found.
File/Folder :commands not found.
File/Folder [purity] not found.
File/Folder [emptytemp] not found.
File/Folder [start explorer] not found.
File/Folder [reboot] not found.
File/Folder not found.

Created on 06-03-2009 18:41:48
0

Discussions similaires

ATTENTION A FREE FLEX
Floriane27eure -
BENISEFRANCA -

13 réponses
La messagerie vocale ne se déclenche pas.
Wolgulc -
T3chN0g3n -

6 réponses