A voir également:
- Mon ordi infesté de virus!!!
- Ordi qui rame - Guide
- Comment reinitialiser un ordi - Guide
- Virus mcafee - Accueil - Piratage
- Plus de son sur mon ordi - Guide
- Mon ordi ne reconnait pas ma clé usb - Guide
143 réponses
▶ Désactive ton antivirus le temps de la manipulation car OTM est détecté comme une infection à tort.
▶ Télécharge OTM (OldTimer) sur ton Bureau :
▶ Double-clique sur OTM.exe afin de le lancer.
▶ Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe
:files
C:\Program Files\PokerStars
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=-
"TkBellExe"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\taskmgr.exe"="C:\WINDOWS\system32\taskmgr.exe:*:Enabled:Gestionnaire des tâches de Windows"
:commands
[emptytemp]
[reboot]
▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
*Le nom du rapport correspond au moment de sa création : date_heure.log
▶ Télécharge OTM (OldTimer) sur ton Bureau :
▶ Double-clique sur OTM.exe afin de le lancer.
▶ Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe
:files
C:\Program Files\PokerStars
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=-
"TkBellExe"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\taskmgr.exe"="C:\WINDOWS\system32\taskmgr.exe:*:Enabled:Gestionnaire des tâches de Windows"
:commands
[emptytemp]
[reboot]
▶ Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
▶ Clique maintenant sur le bouton MoveIt! puis ferme OTM
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
▶ Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
*Le nom du rapport correspond au moment de sa création : date_heure.log
ok
demarrer / executer
puis tapes :
cmd
et ok
copie-colle dans la fenetre noire devant le curseur:
dir /A/B/S %Homedrive%\_OTL >> %Homedrive%\ziza.txt
puis entrée
ensuite colle le contenu de ziza.txt que tu trouveras dans ton disque system
demarrer / executer
puis tapes :
cmd
et ok
copie-colle dans la fenetre noire devant le curseur:
dir /A/B/S %Homedrive%\_OTL >> %Homedrive%\ziza.txt
puis entrée
ensuite colle le contenu de ziza.txt que tu trouveras dans ton disque system
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-08-04 23:58:28
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 7 GB (21%) free of 35 GB
Total RAM: 255 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:58:40, on 04/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\BboxUpdate\BTLiveUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\_OTM\MovedFiles\08022009_183625\Program Files\trend micro\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [BboxUpdate] C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: lxbt_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxbtcoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Run by Propriétaire at 2009-08-04 23:58:28
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 7 GB (21%) free of 35 GB
Total RAM: 255 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:58:40, on 04/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\BboxUpdate\BTLiveUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\_OTM\MovedFiles\08022009_183625\Program Files\trend micro\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [BboxUpdate] C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: lxbt_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxbtcoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
bien il n a pas fonctionné
on en tente un autre , son cousin ^^
Télécharge OTL de OLDTimer
▶ Double clic sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous Customs Scans/Fixes :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe
:files
C:\Program Files\PokerStars
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=-
"TkBellExe"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\taskmgr.exe"="C:\WINDOWS\system32\taskmgr.exe:*:Enabled:Gestionnaire des tâches de Windows"
:commands
[emptytemp]
[reboot]
▶ Clique sur RunFix pour lancer la suppression.
▶ Poste le rapport.
on en tente un autre , son cousin ^^
Télécharge OTL de OLDTimer
▶ Double clic sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous Customs Scans/Fixes :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
TeaTimer.exe
:files
C:\Program Files\PokerStars
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=-
"TkBellExe"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\taskmgr.exe"="C:\WINDOWS\system32\taskmgr.exe:*:Enabled:Gestionnaire des tâches de Windows"
:commands
[emptytemp]
[reboot]
▶ Clique sur RunFix pour lancer la suppression.
▶ Poste le rapport.
dsl g mis du temps je n'arrivais pas à faire un copier coller g du eteindre et rallumer mais là je crois que ça deviens bon merci encore
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
========== FILES ==========
C:\Program Files\PokerStars\updateself moved successfully.
C:\Program Files\PokerStars\update moved successfully.
C:\Program Files\PokerStars\Themes\simple\label moved successfully.
C:\Program Files\PokerStars\Themes\simple moved successfully.
C:\Program Files\PokerStars\Themes\shiny\label moved successfully.
C:\Program Files\PokerStars\Themes\shiny\ctrls moved successfully.
C:\Program Files\PokerStars\Themes\shiny moved successfully.
C:\Program Files\PokerStars\Themes\saloon\label moved successfully.
C:\Program Files\PokerStars\Themes\saloon\ctrls moved successfully.
C:\Program Files\PokerStars\Themes\saloon moved successfully.
C:\Program Files\PokerStars\Themes\preview\lobby moved successfully.
C:\Program Files\PokerStars\Themes\preview moved successfully.
C:\Program Files\PokerStars\Themes\black\templates moved successfully.
C:\Program Files\PokerStars\Themes\black\lobby moved successfully.
C:\Program Files\PokerStars\Themes\black\label moved successfully.
C:\Program Files\PokerStars\Themes\black\images moved successfully.
C:\Program Files\PokerStars\Themes\black\ctrls moved successfully.
C:\Program Files\PokerStars\Themes\black moved successfully.
C:\Program Files\PokerStars\Themes\&default moved successfully.
C:\Program Files\PokerStars\Themes moved successfully.
C:\Program Files\PokerStars\Snd moved successfully.
C:\Program Files\PokerStars\ImgCache moved successfully.
C:\Program Files\PokerStars\HandHistory moved successfully.
C:\Program Files\PokerStars\Gx\usr moved successfully.
C:\Program Files\PokerStars\Gx\templates moved successfully.
C:\Program Files\PokerStars\Gx\replay moved successfully.
C:\Program Files\PokerStars\Gx\lobby\en moved successfully.
C:\Program Files\PokerStars\Gx\lobby moved successfully.
C:\Program Files\PokerStars\Gx\label moved successfully.
C:\Program Files\PokerStars\Gx\fonts moved successfully.
C:\Program Files\PokerStars\Gx\ctrls moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\6 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\5 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\4 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\3 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\2 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\1 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\0 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\6 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\5 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\4 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\3 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\2 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\1 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\0 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\6 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\5 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\4 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\3 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\2 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\1 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\0 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\6 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\5 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\4 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\3 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\2 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\1 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\0 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck moved successfully.
C:\Program Files\PokerStars\Gx moved successfully.
C:\Program Files\PokerStars\backup\Themes\black\templates moved successfully.
C:\Program Files\PokerStars\backup\Themes\black moved successfully.
C:\Program Files\PokerStars\backup\Themes moved successfully.
C:\Program Files\PokerStars\backup\Gx\templates moved successfully.
C:\Program Files\PokerStars\backup\Gx moved successfully.
C:\Program Files\PokerStars\backup moved successfully.
C:\Program Files\PokerStars moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nwiz deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\ deleted successfully.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\WINDOWS\system32\taskmgr.exe"|"C:\WINDOWS\system32\taskmgr.exe:*:Enabled:Gestionnaire des tâches de Windows" /E : value set successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Invité
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
User: Propriétaire
->Temp folder emptied: 1699237 bytes
->Temporary Internet Files folder emptied: 1224168 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2,91 mb
OTL by OldTimer - Version 3.0.10.4 log created on 08052009_002159
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named TeaTimer.exe was found!
========== FILES ==========
C:\Program Files\PokerStars\updateself moved successfully.
C:\Program Files\PokerStars\update moved successfully.
C:\Program Files\PokerStars\Themes\simple\label moved successfully.
C:\Program Files\PokerStars\Themes\simple moved successfully.
C:\Program Files\PokerStars\Themes\shiny\label moved successfully.
C:\Program Files\PokerStars\Themes\shiny\ctrls moved successfully.
C:\Program Files\PokerStars\Themes\shiny moved successfully.
C:\Program Files\PokerStars\Themes\saloon\label moved successfully.
C:\Program Files\PokerStars\Themes\saloon\ctrls moved successfully.
C:\Program Files\PokerStars\Themes\saloon moved successfully.
C:\Program Files\PokerStars\Themes\preview\lobby moved successfully.
C:\Program Files\PokerStars\Themes\preview moved successfully.
C:\Program Files\PokerStars\Themes\black\templates moved successfully.
C:\Program Files\PokerStars\Themes\black\lobby moved successfully.
C:\Program Files\PokerStars\Themes\black\label moved successfully.
C:\Program Files\PokerStars\Themes\black\images moved successfully.
C:\Program Files\PokerStars\Themes\black\ctrls moved successfully.
C:\Program Files\PokerStars\Themes\black moved successfully.
C:\Program Files\PokerStars\Themes\&default moved successfully.
C:\Program Files\PokerStars\Themes moved successfully.
C:\Program Files\PokerStars\Snd moved successfully.
C:\Program Files\PokerStars\ImgCache moved successfully.
C:\Program Files\PokerStars\HandHistory moved successfully.
C:\Program Files\PokerStars\Gx\usr moved successfully.
C:\Program Files\PokerStars\Gx\templates moved successfully.
C:\Program Files\PokerStars\Gx\replay moved successfully.
C:\Program Files\PokerStars\Gx\lobby\en moved successfully.
C:\Program Files\PokerStars\Gx\lobby moved successfully.
C:\Program Files\PokerStars\Gx\label moved successfully.
C:\Program Files\PokerStars\Gx\fonts moved successfully.
C:\Program Files\PokerStars\Gx\ctrls moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\6 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\5 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\4 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\3 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\2 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\1 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple\0 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\simple moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\6 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\5 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\4 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\3 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\2 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\1 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large\0 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\large moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\6 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\5 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\4 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\3 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\2 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\1 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default\0 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck\default moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\deck moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\6 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\5 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\4 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\3 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\2 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\1 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips\0 moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck\chips moved successfully.
C:\Program Files\PokerStars\Gx\chips&deck moved successfully.
C:\Program Files\PokerStars\Gx moved successfully.
C:\Program Files\PokerStars\backup\Themes\black\templates moved successfully.
C:\Program Files\PokerStars\backup\Themes\black moved successfully.
C:\Program Files\PokerStars\backup\Themes moved successfully.
C:\Program Files\PokerStars\backup\Gx\templates moved successfully.
C:\Program Files\PokerStars\backup\Gx moved successfully.
C:\Program Files\PokerStars\backup moved successfully.
C:\Program Files\PokerStars moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\nwiz deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\\ deleted successfully.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\"C:\WINDOWS\system32\taskmgr.exe"|"C:\WINDOWS\system32\taskmgr.exe:*:Enabled:Gestionnaire des tâches de Windows" /E : value set successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Invité
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
File delete failed. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes
User: Propriétaire
->Temp folder emptied: 1699237 bytes
->Temporary Internet Files folder emptied: 1224168 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 2,91 mb
OTL by OldTimer - Version 3.0.10.4 log created on 08052009_002159
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
si quelqu'un te recupère au vol , sinon ben on fera un grand menage et.....
tu voulais y faire quoi dans le panneau de config sinon ?
tu voulais y faire quoi dans le panneau de config sinon ?
je vole! je vole! mais je ne vois plus personne lol
je ne sais plus ce que je devais faire mais je veux bien finir ce que g commencer" finaliser ",on y était presque avec chipikine on arrivait plus à ouvrir explorer maintenant qu'on l' récupéré grace au grand gen ackmane,on peut peut étre reprendre ou on en était.
un grand grand merci mon mari est épaté de voir l'ordi dans cet état!!!!!!!!!!!
je ne sais plus ce que je devais faire mais je veux bien finir ce que g commencer" finaliser ",on y était presque avec chipikine on arrivait plus à ouvrir explorer maintenant qu'on l' récupéré grace au grand gen ackmane,on peut peut étre reprendre ou on en était.
un grand grand merci mon mari est épaté de voir l'ordi dans cet état!!!!!!!!!!!
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-08-05 22:03:37
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 7 GB (21%) free of 35 GB
Total RAM: 255 MB (7% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:03:42, on 05/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\BboxUpdate\BTLiveUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\_OTM\MovedFiles\08022009_183625\Program Files\trend micro\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [BboxUpdate] C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: lxbt_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxbtcoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Run by Propriétaire at 2009-08-05 22:03:37
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 7 GB (21%) free of 35 GB
Total RAM: 255 MB (7% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:03:42, on 05/08/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\BboxUpdate\BTLiveUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Propriétaire\Bureau\RSIT.exe
C:\_OTM\MovedFiles\08022009_183625\Program Files\trend micro\Propriétaire.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BHO Barre de Confiance - {988B07F5-7392-455A-8A1F-64935CB8B6ED} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Barre de confiance - {55BDF3B0-C0A8-481A-B8A6-01CD2BE0F3FD} - C:\Program Files\BarreConfCMCIC\TAPBar.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Lexmark 5200 series] "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
O4 - HKLM\..\Run: [LXBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [BboxUpdate] C:\Program Files\BboxUpdate\BTLiveUpdate.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: lxbt_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxbtcoms.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
je voudrais verifier certains services :
########### [ Option 1 ( Recherche ) ]
▶ Télécharge FindyKill de Chiquitine29 sur ton bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
! Déconnecte toi et ferme toutes applications en cours !
▶ Double clique (clic droit "en tant qu'administrateur" pour Vista)sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .
▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
▶ Double-clique (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
########### [ Option 1 ( Recherche ) ]
▶ Télécharge FindyKill de Chiquitine29 sur ton bureau :
http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe
! Déconnecte toi et ferme toutes applications en cours !
▶ Double clique (clic droit "en tant qu'administrateur" pour Vista)sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .
▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
▶ Double-clique (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
bonjour gen-ackmane!!!!!
je n'ai pas de disque dur exterieur ni de clé usb
############################## | FindyKill V5.005 |
# User : Propriétaire (Administrateurs) # NOM-WWF1HBDMB6D
# Update on 27/07/09 by Chiquitine29
# Start at: 09:32:49 | 06/08/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# AMD Athlon(tm) XP 1800+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 33,9 Go (6,99 Go free) # NTFS
# D:\ # Disque fixe local # 3,36 Go (811,64 Mo free) [HP_RECOVERY] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\BboxUpdate\BTLiveUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | C: |
################## | C:\WINDOWS |
################## | C:\WINDOWS\system32 |
################## | C:\WINDOWS\system32\drivers |
################## | C:\Documents and Settings\Propri‚taire\Application Data |
################## | C:\Documents and Settings\Propri‚taire\Temporary Internet Files |
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.005 ! |
je n'ai pas de disque dur exterieur ni de clé usb
############################## | FindyKill V5.005 |
# User : Propriétaire (Administrateurs) # NOM-WWF1HBDMB6D
# Update on 27/07/09 by Chiquitine29
# Start at: 09:32:49 | 06/08/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# AMD Athlon(tm) XP 1800+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 33,9 Go (6,99 Go free) # NTFS
# D:\ # Disque fixe local # 3,36 Go (811,64 Mo free) [HP_RECOVERY] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe
C:\Program Files\Lexmark 5200 series\lxbtbmon.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\BboxUpdate\BTLiveUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | C: |
################## | C:\WINDOWS |
################## | C:\WINDOWS\system32 |
################## | C:\WINDOWS\system32\drivers |
################## | C:\Documents and Settings\Propri‚taire\Application Data |
################## | C:\Documents and Settings\Propri‚taire\Temporary Internet Files |
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Affichage des fichiers cachés : OK
# Mode sans echec : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.005 ! |
########### [ Option 2 ( Suppression ) ]
▶ Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .
▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
▶ Relance "FindyKill" (clic droit "en tant qu'administrateur" pour Vista): au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu choisis l'option 2 (suppression) et tape sur [entrée]
▶ Le pc va redémarrer automatiquement ...
▶ le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !
▶ Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
▶ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
▶ Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .
▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)
▶ Relance "FindyKill" (clic droit "en tant qu'administrateur" pour Vista): au menu principal choisis l'option " F " pour français et tape sur [entrée] .
▶ Au second menu choisis l'option 2 (suppression) et tape sur [entrée]
▶ Le pc va redémarrer automatiquement ...
▶ le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !
▶ Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
▶ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
############################## | FindyKill V5.005 |
# User : Propriétaire (Administrateurs) # NOM-WWF1HBDMB6D
# Update on 27/07/09 by Chiquitine29
# Start at: 13:55:53 | 06/08/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# AMD Athlon(tm) XP 1800+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 33,9 Go (6,98 Go free) # NTFS
# D:\ # Disque fixe local # 3,36 Go (811,64 Mo free) [HP_RECOVERY] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | C: |
################## | C:\WINDOWS |
Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-0F8DCEDB.pf
################## | C:\WINDOWS\system32 |
################## | C:\WINDOWS\system32\drivers |
################## | C:\Documents and Settings\Propri‚taire\Application Data |
################## | Autres ... |
################## | Temporary Internet Files |
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Mode sans echec : OK
# Affichage des fichiers cachés : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | PEH ... |
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.005 ! |
# User : Propriétaire (Administrateurs) # NOM-WWF1HBDMB6D
# Update on 27/07/09 by Chiquitine29
# Start at: 13:55:53 | 06/08/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# AMD Athlon(tm) XP 1800+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 33,9 Go (6,98 Go free) # NTFS
# D:\ # Disque fixe local # 3,36 Go (811,64 Mo free) [HP_RECOVERY] # FAT32
# E:\ # Disque CD-ROM
# F:\ # Disque CD-ROM
############################## | Processus actifs |
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | C: |
################## | C:\WINDOWS |
Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-0F8DCEDB.pf
################## | C:\WINDOWS\system32 |
################## | C:\WINDOWS\system32\drivers |
################## | C:\Documents and Settings\Propri‚taire\Application Data |
################## | Autres ... |
################## | Temporary Internet Files |
################## | Registre / Clés infectieuses |
################## | Etat / Services / Informations |
# Mode sans echec : OK
# Affichage des fichiers cachés : OK
# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )
################## | PEH ... |
################## | Cracks / Keygens / Serials |
################## | ! Fin du rapport # FindyKill V5.005 ! |
bien on a recupéré cerains services/accès
relance findykill , option desinstallation
ensuite vois si c est possible de jeter un coup d'oeil au panneau de config ou toujours pas ^^
relance findykill , option desinstallation
ensuite vois si c est possible de jeter un coup d'oeil au panneau de config ou toujours pas ^^
ça ne fonctionne toujours pas en mode sans échec.
aussi quand je clic sur la poubelle il y a c cleaner qui s'ouvre est ce que je peux l'enlever(c cleaner)?.
ps: tu dors quand?
aussi quand je clic sur la poubelle il y a c cleaner qui s'ouvre est ce que je peux l'enlever(c cleaner)?.
ps: tu dors quand?
