Sujet Précédent Sujet Suivant

Virus puis ad-remover

Résolu/Fermé
jules964 - 10 juil. 2009 à 13:21
 Utilisateur anonyme - 14 juil. 2009 à 23:13
Bonjour,
voila le rapport ad-remover




======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 13:03:45, 09/07/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: COLIN-DOSSMANN | Utilisateur actuel: JULIEN
.
Administrateur: Administrateur
N'est pas administrateur: ASPNET
N'est pas administrateur: ED
N'est pas administrateur: HelpAssistant *Desactive*
N'est pas administrateur: Invité
Administrateur: JULIEN
Administrateur: Principal
N'est pas administrateur: SUPPORT_388945a0 *Desactive*
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCU\Software\EoRezo
HKLM\Software\EoRezo
HKLM\Software\Microsoft\shared tools\msconfig\startupreg\EoWeather
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sof­twareUpdate_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Eoengine­
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Software­helper
.
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\ConfMedia.cyp
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\db
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\eoDesktop
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\eoStats
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\host.cyp
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\user.cyp
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\eoDesktop\config.xml
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\eoDesktop\eoDesktop.html
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\eoDesktop\userConfig.xml
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo\eoStats\eoStats.txt
C:\DOCUME~1\JULIEN\APPLIC~1\EoRezo
C:\Documents and Settings\ED\Application Data\Eorezo\ConfMedia.cyp
C:\Documents and Settings\ED\Application Data\Eorezo\db
C:\Documents and Settings\ED\Application Data\Eorezo\eoDesktop
C:\Documents and Settings\ED\Application Data\Eorezo\host.cyp
C:\Documents and Settings\ED\Application Data\Eorezo\user.cyp
C:\Documents and Settings\ED\Application Data\Eorezo\eoDesktop\config.xml
C:\Documents and Settings\ED\Application Data\Eorezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\ED\Application Data\Eorezo\eoDesktop\userConfig.xml
C:\Documents and Settings\ED\Application Data\Eorezo
C:\Documents and Settings\Principal\Application Data\Eorezo\cache
C:\Documents and Settings\Principal\Application Data\Eorezo\cmhost.cyp
C:\Documents and Settings\Principal\Application Data\Eorezo\ConfMedia.cyp
C:\Documents and Settings\Principal\Application Data\Eorezo\db
C:\Documents and Settings\Principal\Application Data\Eorezo\eoDesktop
C:\Documents and Settings\Principal\Application Data\Eorezo\eoStats
C:\Documents and Settings\Principal\Application Data\Eorezo\host.cyp
C:\Documents and Settings\Principal\Application Data\Eorezo\install.exe
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate
C:\Documents and Settings\Principal\Application Data\Eorezo\user.cyp
C:\Documents and Settings\Principal\Application Data\Eorezo\eoDesktop\config.xml
C:\Documents and Settings\Principal\Application Data\Eorezo\eoDesktop\eoDesktop.html
C:\Documents and Settings\Principal\Application Data\Eorezo\eoDesktop\userConfig.xml
C:\Documents and Settings\Principal\Application Data\Eorezo\eoStats\eoStats.txt
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\Download
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\help_config.cyp
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\Software
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\SoftwareUpdate.exe
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\unins000.dat
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\unins000.exe
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\user_config.cyp
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\user_profil.cyp
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\Software\itsTV
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\Software\itsTV\3.0.0.9
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\Software\itsTV\3.0.1.0
C:\Documents and Settings\Principal\Application Data\Eorezo\SoftwareUpdate\Software\itsTV\3.0.1.0\itstv.exe
C:\Documents and Settings\Principal\Application Data\Eorezo
C:\WINDOWS\Prefetch\SOFTWAREUPDATEHP.EXE-3A3240AA.pf
C:\DOCUME~1\JULIEN\Cookies\julien@ads.eorezo[2].txt
C:\DOCUME~1\JULIEN\Cookies\julien@eorezo[2].txt
C:\Documents and Settings\ED\Cookies\ed@eorezo[2].txt
C:\Documents and Settings\ED\Cookies\ed@partypoker[2].txt
C:\Documents and Settings\Principal\Cookies\principal@ads.eorezo[2].txt
C:\Documents and Settings\Principal\Cookies\principal@eorezo[1].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.

* Mozilla FireFox Version 3.0.11 *

Nom du profil: 6acad0m6.default (JULIEN)
.
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://www.google.fr");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.11");
.
.

* Internet Explorer Version 7.0.5730.11 *

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchAssistant: hxxp://search.imesh.com/sidebar.html?src=ssb
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Search Page: hxxp://search.imesh.com/sidebar.html?src=ssb
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

============== Suspect (Cracks, Serials ... ) ==============

.
C:\Documents and Settings\ED\Local Settings\Temp\Patch_MSN_Messenger.EXE
.
===================================
.
6612 Octet(s) - C:\Ad-Report-CLEAN.log
.
290 Fichier(s) - C:\DOCUME~1\JULIEN\LOCALS~1\Temp
837 Fichier(s) - C:\WINDOWS\Temp
.
18 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
37 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 17:05:39 | 09/07/2009
.
============== E.O.F ==============
A voir également:

64 réponses

Précédent
Réponse 21 / 64
jules964
13 juil. 2009 à 15:04
C'est tout ce que j'ai...
0
Réponse 22 / 64
Utilisateur anonyme
13 juil. 2009 à 15:20
Double clic sur OTL.exe pour le lancer.


Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans la zone sous Customs Scans/Fixes

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe
JULIEN.exe

:services
qiyurwany
rbadza

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
IE - HKU\S-1-5-21-3209044353-2627916084-2635611745-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.imesh.com/sidebar.html?src=ssb
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Every Toolbar) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - C:\DOCUME~1\ED\Bureau\EVERYT~1.1\everycom.dll File not found
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Every Toolbar) - {A20A76AD-7A29-4756-87FE-70C334CB40C0} - C:\DOCUME~1\ED\Bureau\EVERYT~1.1\everycom.dll File not found
O3 - HKU\S-1-5-21-3209044353-2627916084-2635611745-1010\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-3209044353-2627916084-2635611745-1010\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-3209044353-2627916084-2635611745-1010\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - No CLSID value found.
O4 - HKU\S-1-5-21-3209044353-2627916084-2635611745-1010..\Run: [fsm] File not found
O4 - HKU\S-1-5-21-3209044353-2627916084-2635611745-1010..\Run: [JULIEN] C:\Documents and Settings\JULIEN\JULIEN.exe ()
O16 - DPF: {88C51E90-8E9C-4C96-8A45-574D88B63FAF} http://acceso.masminutos.com/laaplicacion.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} https://www.oracle.com/java/technologies/ (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Filter: - text/html - Reg Error: Key error. File not found
O20 - Winlogon\Notify\rbadzm: DllName - rbadzm.dll - File not found


:reg

:files
C:\Documents and Settings\JULIEN\JULIEN.exe
C:\WINDOWS\System32\drivers\zjjdnya.sys
C:\WINDOWS\System32\rbadza.sys
C:\WINDOWS\System32\drivers\str.sys
C:\WINDOWS\SlantAdj.dll
C:\Documents and Settings\JULIEN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini


:commands
[emptytemp]
[start explorer]
[reboot]


Clique sur RunFix pour lancer la suppression.


Poste le rapport.

==========
0
Réponse 23 / 64
jules964
13 juil. 2009 à 16:19
Re, je ne trouve pas le rapport. Il y a un rapport OTL sur mon bureau mais c'est celui que je t'ai posté ce matin.
0
Réponse 24 / 64
Utilisateur anonyme
13 juil. 2009 à 16:20
pardon le rapport se trouve aussi ici : C:\_OTL......le dernier en date
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 64
jules964
13 juil. 2009 à 16:24
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
No active process named JULIEN.exe was found!
========== SERVICES/DRIVERS ==========

Service\Driver qiyurwany deleted successfully.

Service\Driver rbadza deleted successfully.
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Unable to set value : HKU\S-1-5-21-3209044353-2627916084-2635611745-1010\SOFTWARE\­Microsoft\Internet Explorer\Main\\Search Page| /E!
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A20A76AD-7A29-4756-87FE-70C334CB40C0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A20A76AD-7A29-4756-87FE-70C334CB40C0}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A20A76AD-7A29-4756-87FE-70C334CB40C0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A20A76AD-7A29-4756-87FE-70C334CB40C0}\ not found.
Registry value HKEY_USERS\S-1-5-21-3209044353-2627916084-2635611745-1010\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-21-3209044353-2627916084-2635611745-1010\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-3209044353-2627916084-2635611745-1010\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D}\ not found.
Registry value HKEY_USERS\S-1-5-21-3209044353-2627916084-2635611745-1010\Software\Microsoft\Windows\CurrentVersion\Run\\fsm deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3209044353-2627916084-2635611745-1010\Software\Microsoft\Windows\CurrentVersion\Run\\JULIEN deleted successfully.
File C:\Documents and Settings\JULIEN\JULIEN.exe not found.
Starting removal of ActiveX control {88C51E90-8E9C-4C96-8A45-574D88B63FAF}
C:\WINDOWS\Downloaded Program Files\msa64chk.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{88C51E90-8E9C-4C96-8A45-574D88B63FAF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C51E90-8E9C-4C96-8A45-574D88B63FAF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{88C51E90-8E9C-4C96-8A45-574D88B63FAF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C51E90-8E9C-4C96-8A45-574D88B63FAF}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rbadzm\ deleted successfully.
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\Documents and Settings\JULIEN\JULIEN.exe not found.
C:\WINDOWS\System32\drivers\zjjdnya.sys moved successfully.
C:\WINDOWS\System32\rbadza.sys moved successfully.
File move failed. C:\WINDOWS\System32\drivers\str.sys scheduled to be moved on reboot.
DllUnregisterServer procedure not found in C:\WINDOWS\SlantAdj.dll
C:\WINDOWS\SlantAdj.dll NOT unregistered.
C:\WINDOWS\SlantAdj.dll moved successfully.
C:\Documents and Settings\JULIEN\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: ED
->Temp folder emptied: 171301672 bytes
->Temporary Internet Files folder emptied: 77726589 bytes
->Java cache emptied: 26141706 bytes
->FireFox cache emptied: 71533491 bytes

User: JULIEN
->Temp folder emptied: 33054106 bytes
->Temporary Internet Files folder emptied: 86673947 bytes
->Java cache emptied: 1912932 bytes
->FireFox cache emptied: 43677913 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 481359 bytes

User: Principal
->Temp folder emptied: 108755228 bytes
->Temporary Internet Files folder emptied: 42816926 bytes
->Java cache emptied: 7617554 bytes
->FireFox cache emptied: 47563813 bytes

User: Propriétaire

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 19569 bytes
%systemroot%\System32 .tmp files removed: 13198336 bytes
Windows Temp folder emptied: 104685754 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 798,44 mb


OTL by OldTimer - Version 3.0.7.1 log created on 07132009_160732

Files\Folders moved on Reboot...
C:\WINDOWS\System32\drivers\str.sys moved successfully.

Registry entries deleted on Reboot...
0
Réponse 26 / 64
Utilisateur anonyme
13 juil. 2009 à 16:30
ok nickel tu peux me renvoyer un OTL par cijoint.fr , tout neuf ?
0
Réponse 27 / 64
jules964
13 juil. 2009 à 16:37
http://www.cijoint.fr/cjlink.php?file=cj200907/cijgq6Uqdb.txt


J'espère que c'est juste!
0
Réponse 28 / 64
Utilisateur anonyme
13 juil. 2009 à 16:49
Double clic sur OTL.exe pour le lancer.


Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans la zone sous Customs Scans/Fixes

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe

:reg
[HKEY_USERS\S-1-5-21-3209044353-2627916084-2635611745-1010\SOFTWARE\Microsoft\Internet Explorer\Main]
"Search Page"=""

:commands
[emptytemp]
[start explorer]
[reboot]


Clique sur RunFix pour lancer la suppression.


Poste le rapport.

==========
0
Réponse 29 / 64
jules964
13 juil. 2009 à 19:28
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
Process iexplore.exe killed successfully!
Process firefox.exe killed successfully!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
========== REGISTRY ==========
Unable to set value : HKEY_USERS\S-1-5-21-3209044353-2627916084-2635611745-1010\S­OFTWARE\Microsoft\Internet Explorer\Main\\"Search Page"|"" /E!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: ED
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: JULIEN
->Temp folder emptied: 1186 bytes
->Temporary Internet Files folder emptied: 12075153 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 41855941 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33237 bytes

User: Principal
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Propriétaire

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 17048 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 51,51 mb


OTL by OldTimer - Version 3.0.7.1 log created on 07132009_191549

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0
Réponse 30 / 64
Utilisateur anonyme
13 juil. 2009 à 19:48
bien on a un truc qui nous bloque une modif d'internet :

♦ Desactive ton Anti-virus le temps de la manip car il est detecte a tort comme infection puis :

♦ Télécharge List_All (de g3n-h@ckm@n)

et enregistre-le sur ton bureau et pas ailleurs

♦ Execute-le en double clic (clic droit et "en tant qu'administrateur" sous vista)pour le lancer

♦ choisis la langue d'utilisation

♦ choisis l'option en gras ci-dessous :

1 : Elements du panneau de configuration (cpl)
2 : Liste des .dll systeme
3 : Listes des executables (.exe)
4 : Liste des fichiers systeme (Drivers)
5 : Liste du system32
6 : Liste de tout le systeme
7 : Liste des fichiers .tmp
8 : Liste des fichiers racine
9 : Liste des fichiers cachés
0 : Liste des Processus Console


puis "entrée"

♦ rends-toi récupérer le rapport où il t'est indiqué ,

♦ envoie-le sur : http://www.cijoint.fr/ , fais-toi parcourir ,

puis envoie le fichier.

♦ un lien de cette forme va apparaitre :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

♦ renvoie le lien tout frais dans ta prochaine reponse .
0
Réponse 31 / 64
jules964
14 juil. 2009 à 16:51
http://www.cijoint.fr/cjlink.php?file=cj200907/cijS5Tdr2q.txt
0
Réponse 32 / 64
Utilisateur anonyme
14 juil. 2009 à 17:03
reessaie le post29 en mode sans echec stp
0
Réponse 33 / 64
jules964
14 juil. 2009 à 17:04
Tu peux développer s'il te plaît? Je ne sais pas ce que c'est le post29, je suis débutant...
0
Réponse 34 / 64
jules964
14 juil. 2009 à 17:06
Excuses, j'ai compris...
0
Réponse 35 / 64
jules964
14 juil. 2009 à 17:10
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
========== REGISTRY ==========
Unable to set value : HKEY_USERS\S-1-5-21-3209044353-2627916084-2635611745-1010\S­OFTWARE\Microsoft\Internet Explorer\Main\\"Search Page"|"" /E!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: ED
->Temp folder emptied: 222 bytes
->Temporary Internet Files folder emptied: 2383694 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 46848710 bytes

User: JULIEN
->Temp folder emptied: 1188 bytes
->Temporary Internet Files folder emptied: 365723 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 53245681 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: Principal
->Temp folder emptied: 114939 bytes
->Temporary Internet Files folder emptied: 113580 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes

User: Propriétaire

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 98,36 mb


OTL by OldTimer - Version 3.0.7.1 log created on 07142009_170706

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0
Réponse 36 / 64
Utilisateur anonyme
14 juil. 2009 à 17:21
telecharge ceci :

http://sd-1.archive-host.com/membres/up/829108531491024/Key.zip

dezippe-le , double-clic sur la clé , acceptes l'entree dans le registre et supprime-les ensuite
0
Réponse 37 / 64
jules964
14 juil. 2009 à 17:25
C'est fait.
0
Réponse 38 / 64
Utilisateur anonyme
14 juil. 2009 à 17:35
ok redemarre le pc et renvoie un OTL par cijoint.fr
0
Réponse 39 / 64
jules964
14 juil. 2009 à 17:43
http://www.cijoint.fr/cjlink.php?file=cj200907/cijrKfo5wC.txt
0
Réponse 40 / 64
Utilisateur anonyme
14 juil. 2009 à 17:49
ok


Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.



Télécharges :

Malwarebytes

ou :

Malwarebytes

* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

* Potasses le Tuto pour te familiariser avec le prg :


( cela dit, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's .

Fais un examen dit "Complet" .

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
problème avec ad doubleclick sur android
monnalie -
bazfile -

6 réponses
Dossier apparu ".ms-ad"
Sakura_01 -
brucine -

13 réponses