Virus : les applis sont win32 non valides

Résolu
Utilisateur anonyme -  
 Utilisateur anonyme -
Bonjour,

Je suis en train de vouloir faire remarcher un pc qui doit avoir un ou des virus. L'antivirus qui était installé, Avast ne fonctionnait plus, application win32 non valide, j'ai pas réussi à installer antivir. J'ai tenté de faire un RSIT et un hijackthis mais ils ne fonctionnent pas non plus (win32 non valides).

Pouvez vous me donner des pistes pour m'en sortir ?
A voir également:

46 réponses

Précédent
Réponse 21 / 46
Utilisateur anonyme
 
J'ai trouvé OTL sur un autre pc que je nettoie.

Voici le OTL.txt avec 60 days, pour le Extras j'avais fait que 30 days, oublié de changer.

http://www.cijoint.fr/cjlink.php?file=cj200907/cijVLqmUEL.txt

Extras.txt :

http://www.cijoint.fr/cjlink.php?file=cj200907/cijDmKOn3Y.txt
0
Réponse 22 / 46
Utilisateur anonyme
 
Logfile of random's system information tool 1.06 (written by random/random)
Run by Acapandie at 2009-07-28 23:14:44
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 49 GB (63%) free of 78 GB
Total RAM: 1535 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:32:20, on 27/07/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\TeamViewer\Version4\TeamViewer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\trend micro\Acapandie.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: (no name) - {BDB976AE-EBE4-BB65-D718-65526073F410} - (no file)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinFoxV2] C:\WINDOWS\system32\WF2K.EXE Initial
O4 - HKLM\..\Run: [WinFast2KLoadDefault] rundll32.exe wf2kcpl.dll,DllLoadDefaultSettings
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [Tool Flag Heart Poke] C:\Documents and Settings\All Users\Application Data\Browse Dash Tool Flag\proxy real.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [DELDIR0.EXE] "C:\DOCUME~1\ACAPAN~1\LOCALS~1\Temp\DELDIR0.EXE" "C:\Program Files\McAfee\McAfee Shared Components\Guardian\"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
0
Réponse 23 / 46
Utilisateur anonyme
 
info.txt logfile of random's system information tool 1.06 2009-07-28 23:14:51

======Uninstall list======

-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
Advanced Messenger Plus-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Advanced Messenger Plus\Uninst.isu"
Agathe 1.31.200.14 (build:1.31.200.176)-->"C:\Program Files\Agathe Millénium Gestion\unins000.exe"
Agathe Comptabilité 1.31.200.11a-->"C:\Program Files\Agathe Millénium Compta\unins000.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Atelier historique-->C:\WINDOWS\unin040c.exe -fc:\atelier\DeIsL1.isu -cc:\atelier\_ISREG32.DLL
Avira AntiVir Premium-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
Canon MP Navigator 3.1-->"C:\Program Files\Canon\MP Navigator 3.1\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.1\uninst.ini
Canon MP140 series-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series /L0x000c
Canon Utilities Easy-LayoutPrint-->C:\Program Files\Canon\Easy-LayoutPrint\uninst.exe uninst.ini
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
C-Dilla Licence Management System-->C:\C_DILLA\setup\cdunin16.exe
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-040C-0000-0000000FF1CE}
Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Direct Show Ogg Vorbis Filter (remove only)-->"C:\WINDOWS\system32\OggDSuninst.exe"
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Enregistrement utilisateur de Canon MP140 series-->C:\Program Files\Canon\IJEREG\MP140 series\UNINST.EXE
FindyKill-->C:\FindyKill\Uninstal.exe
FoxTarot-->C:\WINDOWS\unin040c.exe -f"C:\Program Files\FoxTarot\DeIsL1.isu" -c"C:\Program Files\FoxTarot\_ISREG32.DLL"
Freecorder Toolbar 3.03 Application-->"C:\WINDOWS\Freecorder Toolbar\uninstall.exe" "/U:C:\Program Files\Freecorder Toolbar\Uninstall\uninstall.xml"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
InCD EasyWrite Reader-->C:\WINDOWS\unmrw.exe /UNINSTALL
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 11-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java 2 Runtime Environment, SE v1.4.2_05-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142050}
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Maj Sesam 1.0-->C:\WINDOWS\unins000.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Micro Application - 9 Dictionnaires Utiles-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{802342C3-8E1C-4A8B-96C3-F98FD9B336D0}\setup.exe" -l0x40c -uninst
Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{72AD53CC-CCC0-3757-8480-9EE176866A7C}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - FRA-->MsiExec.exe /I{0BD83598-C2EF-3343-847B-7D2E84599128}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Professional-->MsiExec.exe /I{0001040C-78E1-11D2-B60F-006097C998E7}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Picture It! Express 2001-->MsiExec.exe /I{FB10FE1A-9906-44A1-B8AB-B70B19FEAB58}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960714)-->"C:\WINDOWS\$NtUninstallKB960714$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 3.5 magicMoments_CE - Leadtek-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D05B3985-3B58-418A-BB37-B43F04A56FA1}\Setup.exe" -l0x40c
Nero Media Player-->C:\WINDOWS\UNNMP.exe /UNINSTALL
Nero OEM-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
OLITEC PCI V92 Ready V2 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F00&SUBSYS_200014F1\HXFSETUP.EXE -U -IVEN_14F1&DEV_2F00&SUBSYS_200014F1
OpenOffice.org Installer 1.0-->MsiExec.exe /X{3A2AF807-9F9F-43C9-A24A-17B617238B74}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PIXMA Extended Survey Program-->C:\Program Files\Canon\IJPLM\SETUP.EXE -R
QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Radio Media Player-->C:\Program Files\Windows Media Player\Plugins\Radios Media Player\uninst.exe
RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
ScanSoft OmniPage SE 4-->MsiExec.exe /I{DEE88727-779B-47A9-ACEF-F87CA5F92A65}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Search 4 - KB963093-->"C:\WINDOWS\$NtUninstallKB963093$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\INSTALL.LOG
TeamViewer 4-->C:\Program Files\TeamViewer\Version4\uninstall.exe
Ultimate Reference Suite-->"C:\Program Files\Britannica 9.0\Ultimate Reference Suite\Uninstall_Ultimate Reference Suite\Uninstall Ultimate Reference Suite.exe"
Universalis 13-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Universalis\Universalis 13\Uninst.isu"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
VLC media player 1.0.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Search 4.0-->"C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinFast(R) Display Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F69FD33C-8815-46BF-9134-A643DE68F3C0}\setup.exe"
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}
Wondershare Streaming Audio Recorder(Build 1.0.4.0)-->"C:\Program Files\Wondershare\Streaming Audio Recorder\unins000.exe"
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Security center information======

AV: AntiVir Desktop

======System event log======

Computer Name: ACAPANDI-FB9686
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.


Record Number: 115572
Source Name: Service Control Manager
Time Written: 20090721211851.000000+120
Event Type: erreur
User:

Computer Name: ACAPANDI-FB9686
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.


Record Number: 115571
Source Name: Service Control Manager
Time Written: 20090721211851.000000+120
Event Type: erreur
User:

Computer Name: ACAPANDI-FB9686
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.


Record Number: 115570
Source Name: Service Control Manager
Time Written: 20090721211837.000000+120
Event Type: erreur
User:

Computer Name: ACAPANDI-FB9686
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.


Record Number: 115569
Source Name: Service Control Manager
Time Written: 20090721211837.000000+120
Event Type: erreur
User:

Computer Name: ACAPANDI-FB9686
Event Code: 7000
Message: Le service PCAMPR5 NDIS Protocol Driver n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.


Record Number: 115568
Source Name: Service Control Manager
Time Written: 20090721211837.000000+120
Event Type: erreur
User:

=====Application event log=====

Computer Name: ACAPANDI-FB9686
Event Code: 2003
Message:
Record Number: 13568
Source Name: EAPOL
Time Written: 20090225114345.000000+060
Event Type: Informations
User:

Computer Name: ACAPANDI-FB9686
Event Code: 1800
Message: Le service Centre de sécurité Windows a démarré.

Record Number: 13567
Source Name: SecurityCenter
Time Written: 20090225114328.000000+060
Event Type: Informations
User:

Computer Name: ACAPANDI-FB9686
Event Code: 1
Message: The service is started.

Record Number: 13566
Source Name: IJPLMSVC
Time Written: 20090225114325.000000+060
Event Type: Informations
User:

Computer Name: ACAPANDI-FB9686
Event Code: 1002
Message: Application bloquée iexplore.exe, version 7.0.6000.16791, module bloqué hungapp, version 0.0.0.0, adresse de blocage 0x00000000.

Record Number: 13565
Source Name: Application Hang
Time Written: 20090225113521.000000+060
Event Type: erreur
User:

Computer Name: ACAPANDI-FB9686
Event Code: 1000
Message: Application défaillante wlcomm.exe, version 14.0.8064.206, module défaillant kernel32.dll, version 5.1.2600.5512, adresse de défaillance 0x00009f44.

Record Number: 13564
Source Name: Application Error
Time Written: 20090225113208.000000+060
Event Type: erreur
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=0401
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"="C:\WINDOWS\system32\QTJava.zip"
"QTJAVA"="C:\WINDOWS\system32\QTJava.zip"

-----------------EOF-----------------
0
Réponse 24 / 46
Utilisateur anonyme
 
télécharge LOP S&D sur ton Bureau.

* Double-clique dessus pour lancer l'installation
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
* Patiente jusqu'à la fin du scan

* Poste le rapport généré (C:\lopR.txt)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 46
Utilisateur anonyme
 
--
Quel bonheur de se faire aider par les membres actifs des forums de CommentCaMarche !
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Acapandie ( Administrator )
BOOT : Normal boot
Antivirus : AntiVir Desktop 9.0.1.30 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:76 Go (Free:47 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 28/07/2009|23:20 )

--------------------\\ Listing des dossiers dans APPLIC~1

[30/04/2008|14:30] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Adobe
[23/05/2008|09:37] C:\DOCUME~1\ACAPAN~1\APPLIC~1\AdobeUM
[16/03/2005|15:52] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Ahead
[20/10/2005|12:58] C:\DOCUME~1\ACAPAN~1\APPLIC~1\amenarmyooze
[21/07/2009|14:09] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Audacity
[27/07/2009|17:38] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Avira
[23/02/2009|00:43] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Bull
[09/02/2009|11:33] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Canon
[25/07/2009|20:53] C:\DOCUME~1\ACAPAN~1\APPLIC~1\dvdcss
[05/04/2005|13:05] C:\DOCUME~1\ACAPAN~1\APPLIC~1\eu
[21/07/2009|14:27] C:\DOCUME~1\ACAPAN~1\APPLIC~1\FLV Extract
[06/03/2009|17:11] C:\DOCUME~1\ACAPAN~1\APPLIC~1\F-Secure
[03/01/2007|12:58] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Google
[29/05/2005|14:30] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Help
[15/03/2005|11:37] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Identities
[20/03/2005|21:38] C:\DOCUME~1\ACAPAN~1\APPLIC~1\InterVideo
[16/03/2005|15:17] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Macromedia
[27/07/2009|21:55] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Malwarebytes
[19/12/2006|13:49] C:\DOCUME~1\ACAPAN~1\APPLIC~1\McAfee
[27/07/2006|12:47] C:\DOCUME~1\ACAPAN~1\APPLIC~1\McAfee.com Personal Firewall
[21/07/2009|22:52] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Microsoft
[06/05/2005|17:40] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Microsoft Web Folders
[21/07/2009|14:09] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Mozilla
[16/03/2005|15:14] C:\DOCUME~1\ACAPAN~1\APPLIC~1\MSNInstaller
[27/04/2008|19:42] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Real
[21/06/2005|16:32] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Registry Cleaner
[09/02/2009|11:17] C:\DOCUME~1\ACAPAN~1\APPLIC~1\ScanSoft
[05/05/2007|12:17] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Screenshot Sender
[02/11/2005|13:03] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Sectreadme
[05/04/2005|13:04] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Sun
[27/07/2009|11:10] C:\DOCUME~1\ACAPAN~1\APPLIC~1\TeamViewer
[03/03/2009|16:10] C:\DOCUME~1\ACAPAN~1\APPLIC~1\TuneUp Software
[23/02/2008|13:30] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Universalis V13
[26/07/2009|12:55] C:\DOCUME~1\ACAPAN~1\APPLIC~1\vlc
[05/03/2009|13:11] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Windows Desktop Search
[21/07/2009|14:28] C:\DOCUME~1\ACAPAN~1\APPLIC~1\Windows Search
[20/07/2009|20:48] C:\DOCUME~1\ACAPAN~1\APPLIC~1\WinRAR

[21/07/2009|23:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[27/07/2009|16:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
[27/07/2007|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Borland
[16/10/2005|12:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Browse Dash Tool Flag
[09/02/2009|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[10/07/2009|14:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonIJPLM
[14/11/2008|15:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CBA
[06/03/2009|17:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[06/03/2009|17:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[23/03/2009|16:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[09/02/2009|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[23/02/2008|13:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Link Data Security
[27/07/2009|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30/04/2008|20:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[23/08/2006|21:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
[10/04/2009|13:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[05/03/2009|13:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[15/03/2005|12:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\muvee Technologies
[16/03/2005|15:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[21/07/2009|22:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters
[05/04/2005|13:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
[09/02/2009|11:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ScanSoft
[10/01/2007|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UniversalisV10
[28/08/2008|13:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UniversalisV13
[08/07/2006|08:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[20/07/2009|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip

[11/05/2005|13:18] C:\DOCUME~1\amma\APPLIC~1\Identities
[11/05/2005|13:24] C:\DOCUME~1\amma\APPLIC~1\Microsoft

[15/03/2005|11:26] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[06/10/2005|19:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\amenarmyooze
[30/01/2007|16:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
[15/06/2005|21:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\Macromedia
[22/03/2006|16:45] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
[05/03/2009|13:17] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[03/11/2005|12:42] C:\DOCUME~1\LOCALS~1\APPLIC~1\Sectreadme

[15/03/2005|11:29] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[28/07/2009 23:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
[27/07/2009 23:15][--ah-----] C:\WINDOWS\tasks\SA.DAT
[05/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[21/07/2009|23:35] C:\Program Files\Adobe
[30/06/2006|12:29] C:\Program Files\Advanced Messenger Plus
[23/06/2009|12:20] C:\Program Files\Agathe Mill‚nium Compta
[03/04/2009|16:11] C:\Program Files\Agathe Mill‚nium Gestion
[15/03/2005|14:28] C:\Program Files\Ahead
[06/03/2009|17:27] C:\Program Files\Alwil Software
[12/10/2005|09:23] C:\Program Files\amenarmyooze
[08/05/2005|21:33] C:\Program Files\Atlantis
[27/07/2009|16:21] C:\Program Files\Avira
[15/03/2005|11:54] C:\Program Files\AvRack
[16/03/2005|16:15] C:\Program Files\Boonty
[17/03/2005|22:27] C:\Program Files\BoontyGames
[28/11/2008|17:09] C:\Program Files\Britannica 9.0
[09/02/2009|11:21] C:\Program Files\Canon
[09/02/2009|11:09] C:\Program Files\CanonBJ
[27/07/2009|23:22] C:\Program Files\CCleaner
[15/03/2005|11:23] C:\Program Files\ComPlus Applications
[16/03/2005|10:19] C:\Program Files\CONEXANT
[29/06/2006|19:43] C:\Program Files\DIFX
[20/07/2009|20:15] C:\Program Files\eMule
[13/10/2006|15:30] C:\Program Files\ErrorGuard
[23/03/2009|16:35] C:\Program Files\Fichiers communs
[06/07/2006|20:56] C:\Program Files\FoxTarot
[23/03/2009|16:33] C:\Program Files\Google
[09/02/2009|11:56] C:\Program Files\Hewlett-Packard
[11/02/2009|10:00] C:\Program Files\hp deskjet 845c series
[21/07/2009|18:37] C:\Program Files\InstallShield Installation Information
[15/03/2005|11:54] C:\Program Files\Intel
[13/06/2009|13:26] C:\Program Files\Internet Explorer
[26/03/2005|18:08] C:\Program Files\InterVideo
[15/03/2005|21:34] C:\Program Files\Inventel
[19/12/2008|13:01] C:\Program Files\Java
[22/06/2005|11:33] C:\Program Files\Lily_Utils
[27/07/2009|21:55] C:\Program Files\Malwarebytes' Anti-Malware
[30/04/2008|20:09] C:\Program Files\McAfee
[16/03/2005|17:31] C:\Program Files\McAfee Firewall Demo 30 ENG
[16/03/2005|16:14] C:\Program Files\Mes Jeux Install‚s
[06/09/2008|15:32] C:\Program Files\Messenger
[09/04/2009|21:11] C:\Program Files\Messenger Plus! Live
[23/10/2005|15:55] C:\Program Files\Micro Application
[22/02/2009|13:28] C:\Program Files\Microsoft
[23/02/2009|10:26] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[15/03/2005|11:26] C:\Program Files\microsoft frontpage
[17/10/2008|14:07] C:\Program Files\Microsoft Office
[06/05/2008|10:51] C:\Program Files\Microsoft Picture It! PhotoPub
[05/03/2009|13:36] C:\Program Files\Microsoft Silverlight
[06/09/2008|15:16] C:\Program Files\Movie Maker
[28/07/2009|23:19] C:\Program Files\Mozilla Firefox
[05/03/2009|13:23] C:\Program Files\MSBuild
[17/10/2008|14:07] C:\Program Files\MSECache
[16/03/2005|15:16] C:\Program Files\MSN
[15/03/2005|11:22] C:\Program Files\MSN Gaming Zone
[10/02/2009|21:29] C:\Program Files\MSXML 4.0
[15/03/2005|12:19] C:\Program Files\muvee Technologies
[06/09/2008|15:10] C:\Program Files\NetMeeting
[05/07/2006|18:55] C:\Program Files\OLIFAXVX
[15/03/2005|11:22] C:\Program Files\Online Services
[06/03/2009|17:05] C:\Program Files\Orange
[06/09/2008|15:10] C:\Program Files\Outlook Express
[24/06/2005|12:26] C:\Program Files\PowerArchiver
[18/03/2007|11:43] C:\Program Files\PowerPoint Viewer
[05/04/2005|13:03] C:\Program Files\QuickTime
[07/06/2005|20:35] C:\Program Files\Real
[15/03/2005|11:54] C:\Program Files\Realtek Sound Manager
[05/03/2009|13:22] C:\Program Files\Reference Assemblies
[22/06/2005|11:49] C:\Program Files\Registry Clean Pro
[23/02/2009|00:22] C:\Program Files\RSS Publisher
[23/02/2009|01:01] C:\Program Files\RSS Xpress
[09/02/2009|11:14] C:\Program Files\ScanSoft
[15/03/2005|11:24] C:\Program Files\Services en ligne
[24/05/2005|13:19] C:\Program Files\Sierra On-Line
[10/08/2008|08:08] C:\Program Files\Sun
[27/07/2009|11:10] C:\Program Files\TeamViewer
[28/07/2009|23:14] C:\Program Files\trend micro
[26/03/2005|18:10] C:\Program Files\TryMedia
[15/03/2005|11:37] C:\Program Files\Uninstall Information
[23/02/2009|00:09] C:\Program Files\Universalis
[07/06/2005|11:48] C:\Program Files\VideoLAN
[06/07/2006|14:10] C:\Program Files\WinAce
[11/06/2009|20:57] C:\Program Files\Windows Desktop Search
[10/04/2005|20:52] C:\Program Files\Windows Journal Viewer
[22/02/2009|13:28] C:\Program Files\Windows Live
[22/02/2009|13:27] C:\Program Files\Windows Live SkyDrive
[10/12/2006|16:13] C:\Program Files\Windows Media Connect 2
[06/09/2008|15:10] C:\Program Files\Windows Media Player
[06/09/2008|15:10] C:\Program Files\Windows NT
[15/03/2005|11:24] C:\Program Files\WindowsUpdate
[20/07/2009|20:47] C:\Program Files\WinZip
[21/07/2009|14:30] C:\Program Files\Wondershare
[15/03/2005|11:26] C:\Program Files\xerox
[28/11/2008|17:09] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[21/07/2009|23:34] C:\Program Files\Fichiers communs\Adobe
[15/03/2005|14:25] C:\Program Files\Fichiers communs\Ahead
[15/03/2005|14:44] C:\Program Files\Fichiers communs\Borland Shared
[06/05/2005|17:41] C:\Program Files\Fichiers communs\Designer
[09/02/2009|11:16] C:\Program Files\Fichiers communs\InstallShield
[05/04/2005|13:03] C:\Program Files\Fichiers communs\Java
[27/07/2009|16:15] C:\Program Files\Fichiers communs\Microsoft Shared
[15/03/2005|11:24] C:\Program Files\Fichiers communs\MSSoap
[15/03/2005|12:19] C:\Program Files\Fichiers communs\muvee Technologies
[15/03/2005|11:34] C:\Program Files\Fichiers communs\ODBC
[23/03/2009|16:34] C:\Program Files\Fichiers communs\Real
[09/02/2009|11:16] C:\Program Files\Fichiers communs\ScanSoft Shared
[15/03/2005|11:24] C:\Program Files\Fichiers communs\Services
[15/03/2005|11:34] C:\Program Files\Fichiers communs\SpeechEngines
[06/09/2008|15:10] C:\Program Files\Fichiers communs\System
[22/02/2009|13:16] C:\Program Files\Fichiers communs\Windows Live
[23/03/2009|16:35] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 39 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-28 23:21:25
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 328

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:9][D:9]-> C:\DOCUME~1\ACAPAN~1\LOCALS~1\Temp
[F:25][D:0]-> C:\DOCUME~1\ACAPAN~1\Cookies
[F:1227][D:4]-> C:\DOCUME~1\ACAPAN~1\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 28/07/2009|23:22 - Option : [1]

--------------------\\ Fin du rapport a 23:22:44
0
Réponse 26 / 46
Utilisateur anonyme
 
ca alors elle est bien bonne celle-là !!!!


Télécharger Smitfraudfix par S!RI :



Décompresser l'archive
Exécuter le en double cliquant sur Smitfraudfix.cmd
Appuyer sur une touche pour continuer
Arriver à l'invite de commande, saisir la lettre L afin de basculer le fix en langue française
Au menu, choisir l’option Recherche
Poster le rapport ainsi généré
0
Réponse 27 / 46
Utilisateur anonyme
 
SmitFraudFix v2.423

Rapport fait à 0:01:40,54, 29/07/2009
Executé à partir de C:\Documents and Settings\Acapandie\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Program Files\TeamViewer\Version4\TeamViewer.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Acapandie\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Acapandie


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ACAPAN~1\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Acapandie\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ACAPAN~1\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"

»»»»»»»»»»»»»»»»»»»»»»»» RK

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""




»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

Description: Carte réseau Fast Ethernet PCI Realtek RTL8139 Family - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

Description: 802.11g USB 2.0 adapter #4 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{02325EE3-2597-4F5B-9C51-327223B1105D}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{6B1AD43A-E450-4EB4-BC61-E178702B57EF}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{BA883895-EDBC-4224-9CC7-670F76DB3308}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{02325EE3-2597-4F5B-9C51-327223B1105D}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6B1AD43A-E450-4EB4-BC61-E178702B57EF}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{BA883895-EDBC-4224-9CC7-670F76DB3308}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{02325EE3-2597-4F5B-9C51-327223B1105D}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{6B1AD43A-E450-4EB4-BC61-E178702B57EF}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{BA883895-EDBC-4224-9CC7-670F76DB3308}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

0
Réponse 28 / 46
Utilisateur anonyme
 
bon ben on va faire autrement :

Double clic sur OTL.exe pour le lancer.


Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans la zone sous Customs Scans/Fixes

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {BDB976AE-EBE4-BB65-D718-65526073F410} - No CLSID value found.
O4 - HKLM..\Run: [Tool Flag Heart Poke] C:\Documents and Settings\All Users\Application Data\Browse Dash Tool Flag\proxy real.exe ()
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} https://www.oracle.com/java/technologies/ (Java Plug-in 1.4.2_05)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O33 - MountPoints2\{e55c4fc6-5862-11dc-a23f-000b6b6a5e03}\Shell\Auto\command - "" = C:\WINDOWS\System32\cmd.exe -- [2008/04/14 04:33:57 | 00,401,408 | ---- | M] (Microsoft Corporation)

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"NeroFilterCheck"=-
"nwiz"=-
"QuickTime Task"=-
"SoundMan"=-
"TkBellExe"=-

:files
C:\Documents and Settings\Acapandie\Application Data\Registry Cleaner

:commands
[emptytemp]
[start explorer]
[reboot]


Clique sur RunFix pour lancer la suppression.


Poste le rapport.

==========
0
Réponse 29 / 46
Utilisateur anonyme
 
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDB976AE-EBE4-BB65-D718-65526073F410}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDB976AE-EBE4-BB65-D718-65526073F410}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Tool Flag Heart Poke deleted successfully.
C:\Documents and Settings\All Users\Application Data\Browse Dash Tool Flag\proxy real.exe moved successfully.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e55c4fc6-5862-11dc-a23f-000b6b6a5e03}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e55c4fc6-5862-11dc-a23f-000b6b6a5e03}\ not found.
C:\WINDOWS\System32\cmd.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\nwiz deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\SoundMan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
========== FILES ==========
C:\Documents and Settings\Acapandie\Application Data\Registry Cleaner moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Acapandie
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 10278634 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 34821766 bytes

User: All Users

User: amma
->Temp folder emptied: 220 bytes
->Temporary Internet Files folder emptied: 158862 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 7860486 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
C:\WINDOWS\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 4249443 bytes
%systemroot%\System32 .tmp files removed: 3433472 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 58,18 mb


OTL by OldTimer - Version 3.0.10.3 log created on 07292009_085127

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0
Réponse 30 / 46
Destrio5 Messages postés 85985 Date d'inscription   Statut Modérateur Dernière intervention   10 302
 
Bonjour,

--> Télécharge SystemLook sur ton Bureau.
--> Double-clique sur SystemLook.exe pour le lancer.
--> Copie-colle le texte entre les deux espaces ci-dessous dans la zone texte de SystemLook :




:dir
C:\DOCUME~1\ACAPAN~1\APPLIC~1\amenarmyooze
C:\DOCUME~1\ACAPAN~1\APPLIC~1\Sectreadme
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Browse Dash Tool Flag
C:\DOCUME~1\LOCALS~1\APPLIC~1\amenarmyooze
C:\DOCUME~1\LOCALS~1\APPLIC~1\Sectreadme
C:\Program Files\amenarmyooze




--> Clique sur le bouton Look pour démarrer l'examen.
--> A la fin, le Bloc-notes s'ouvre avec le résultat de l'analyse. Copie-colle le rapport dans ta prochaine réponse.
Note : Le rapport peut aussi être trouvé sur ton Bureau sous le nom SystemLook.txt
0
Réponse 31 / 46
Utilisateur anonyme
 
SystemLook v1.0 by jpshortstuff (22.05.09)
Log created at 15:55 on 29/07/2009 by Acapandie (Administrator - Elevation successful)

========== dir ==========

C:\DOCUME~1\ACAPAN~1\APPLIC~1\amenarmyooze - Parameters: "(none)"

---Files---
654C1C42 --ahsc 1060 bytes [07:24 12/10/2005] [07:24 12/10/2005]

---Folders---
None found.

C:\DOCUME~1\ACAPAN~1\APPLIC~1\Sectreadme - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Browse Dash Tool Flag - Parameters: "(none)"

---Files---
Axis Admin Axis --ahsc 76840 bytes [07:36 22/07/2005] [19:01 19/10/2005]
Option Bleh.exe --a--c 0 bytes [07:01 27/08/2005] [17:09 06/10/2005]

---Folders---
None found.

C:\DOCUME~1\LOCALS~1\APPLIC~1\amenarmyooze - Parameters: "(none)"

---Files---
654C1C42 --ahsc 1060 bytes [10:05 21/08/2005] [10:05 21/08/2005]

---Folders---
None found.

C:\DOCUME~1\LOCALS~1\APPLIC~1\Sectreadme - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\Program Files\amenarmyooze - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

-=End Of File=-
0
Réponse 32 / 46
Utilisateur anonyme
 
ok peux-tu verifier que tu aies ceci :

C:\WINDOWS\System32\cmd.exe

ensuite refais un scan avec OTL avec les parametres comme indiqué plus haut stp,envoyé par cijoint.fr.
0
Réponse 33 / 46
Utilisateur anonyme
 
Le cmd est bien présent

voici le rapport :

http://www.cijoint.fr/cjlink.php?file=cj200907/cijIXIfbU6.txt
0
Réponse 34 / 46
Utilisateur anonyme
 
ok supprime ceci en mode sans echec

C:\WINDOWS\System32\tmp.reg

ensuite je ne vois plus d'infections
0
Réponse 35 / 46
Utilisateur anonyme
 
J'ai fait supprimer en mode sans échec ce fichier reg au propriétaire. Par contre elle me disait que l'ordinateur émettait des sonneries comme elle avait au début qu'elle m'a alerté.
0
Réponse 36 / 46
Utilisateur anonyme
 
Double clic sur OTL.exe pour le lancer.


Copie la liste qui se trouve en gras ci-dessous,

et colle-la dans la zone sous Customs Scans/Fixes

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe

:files
C:\DOCUME~1\ACAPAN~1\APPLIC~1\amenarmyooze
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Browse Dash Tool Flag
C:\DOCUME~1\LOCALS~1\APPLIC~1\amenarmyooze

:commands
[emptytemp]
[start explorer]
[reboot]


Clique sur RunFix pour lancer la suppression.


Poste le rapport.
0
Réponse 37 / 46
Utilisateur anonyme
 
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
========== FILES ==========
C:\DOCUME~1\ACAPAN~1\APPLIC~1\amenarmyooze moved successfully.
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Browse Dash Tool Flag moved successfully.
C:\DOCUME~1\LOCALS~1\APPLIC~1\amenarmyooze moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Acapandie
->Temp folder emptied: 248702 bytes
->Temporary Internet Files folder emptied: 24039898 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 7547114 bytes

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: amma
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 664 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 30,46 mb


OTL by OldTimer - Version 3.0.10.3 log created on 07302009_144930

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0
Réponse 38 / 46
Utilisateur anonyme
 
bien :


Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.



Télécharges :

Malwarebytes

ou :

Malwarebytes

* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

* Potasses le Tuto pour te familiariser avec le prg :


( cela dit, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's .

Fais un examen dit "Complet" .

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !


Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0
Réponse 39 / 46
Utilisateur anonyme
 
Pour info, j'ai vidé la quarantaine avant le scan complet

Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2531
Windows 5.1.2600 Service Pack 3

30/07/2009 23:28:31
mbam-log-2009-07-30 (23-28-31).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 178491
Temps écoulé: 1 hour(s), 17 minute(s), 52 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 40 / 46
Utilisateur anonyme
 
ok bien joue je pense qu'on peut faire le menage
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
message de postmaster incessant !
wasap -
wasap -

9 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses