Sujet Précédent Sujet Suivant

Home antivirus 2010

Fermé
maxdunord92 - 19 août 2009 à 17:21
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 13 oct. 2009 à 23:22
Bonjour,

quelqu'un pourrait-il m'aider à me débarrasser de Home antivirus 2010 ?

Cela fait plusieurs semaines qu'il est présent dans mon système j'espère trouver une solution...

Voici mon rapport HijackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:12:49, on 19/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Documents and Settings\Benoit\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\braviax.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Maxime\Mes documents\Téléchargements\HiJackThis(3).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SoftwareHelper] C:\Documents and Settings\Benoit\Application Data\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [msctrl.exe] C:\Program Files\Microsoft Security Adviser\msctrl.exe
O4 - HKLM\..\Run: [msavsc.exe] C:\Program Files\Microsoft Security Adviser\msavsc.exe
O4 - HKLM\..\Run: [msscan.exe] C:\Program Files\Microsoft Security Adviser\msscan.exe
O4 - HKLM\..\Run: [msiemon.exe] C:\Program Files\Microsoft Security Adviser\msiemon.exe
O4 - HKLM\..\Run: [msfw.exe] C:\Program Files\Microsoft Security Adviser\msfw.exe
O4 - HKLM\..\Run: [13337694] C:\Documents and Settings\All Users\Application Data\13337694\13337694.exe
O4 - HKLM\..\Run: [10882344] C:\Documents and Settings\All Users\Application Data\10882344\10882344.exe
O4 - HKLM\..\Run: [Home Antivirus 2010] "C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.exe" /hide
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [braviax] braviax.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\Maxime\LOCALS~1\Temp\E_S119.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [agent.exe] C:\Program Files\PCenter\agent.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [Google Update] "C:\Documents and Settings\Benoit\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [Mon Widget RMC] "C:\Program Files\Nosibay\Mon Widget RMC\launcher.exe" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [EPSON Stylus D92 Series (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\Benoit\LOCALS~1\Temp\E_S33.tmp" /EF "HKCU" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\Benoit\LOCALS~1\Temp\E_S86.tmp" /EF "HKCU" (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msctrl.exe] C:\Program Files\Microsoft Security Adviser\msctrl.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msavsc.exe] C:\Program Files\Microsoft Security Adviser\msavsc.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msscan.exe] C:\Program Files\Microsoft Security Adviser\msscan.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msiemon.exe] C:\Program Files\Microsoft Security Adviser\msiemon.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [msfw.exe] C:\Program Files\Microsoft Security Adviser\msfw.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [mssadv.exe] (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe (User 'Benoit')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1008\..\Run: [nudccjqx] "c:\documents and settings\benoit\local settings\application data\nudccjqx.exe" nudccjqx (User 'Benoit')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: play2p.lnk = C:\Program Files\play2p\play2p.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSman000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD79A15B-8498-4A9B-8B4E-9A94223DECE7}: NameServer = 85.255.112.97,85.255.112.64
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.97,85.255.112.64
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.97,85.255.112.64
O20 - AppInit_DLLs: cru629.dat
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate1c9f33d686aa190) (gupdate1c9f33d686aa190) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Unknown owner - C:\Program Files\Winsudate\gibsvc.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
A voir également:

44 réponses

Précédent
Réponse 21 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
20 août 2009 à 17:58
--> Relance MBAM, va dans Quarantaine et supprime tout.

--> Refais un scan RSIT et poste le rapport log.
0
Réponse 22 / 44
maxdunord92
20 août 2009 à 18:01
voila le rapport log de RSIT :

Logfile of random's system information tool 1.06 (written by random/random)
Run by Maxime at 2009-08-20 17:59:41
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 114 GB (75%) free of 153 GB
Total RAM: 1791 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:59:46, on 20/08/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Classic PhoneTools\CapFax.EXE
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\InterVideo\DVD5R\SchSvr.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Maxime\Bureau\RSIT.exe
C:\Documents and Settings\Maxime\Mes documents\Téléchargements\Maxime.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [WINCINEMAMGR] "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [WinBlueSoft] C:\Program Files\WinBlueSoft Software\WinBlueSoft\WinBlueSoft.exe -min
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [Home Antivirus 2010] "C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.exe" /hide
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CapFax] C:\Program Files\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\Maxime\LOCALS~1\Temp\E_S119.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [setup2.exe] C:\WINDOWS\system32\setup2.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: InterVideo Scheduler server.lnk = C:\Program Files\InterVideo\DVD5R\SchSvr.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: play2p.lnk = C:\Program Files\play2p\play2p.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate1c9f33d686aa190) (gupdate1c9f33d686aa190) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Unknown owner - C:\Program Files\Winsudate\gibsvc.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
0
Réponse 23 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
20 août 2009 à 18:04
Ton PC est un nid à virus.

Mets à jour MBAM et refais un scan rapide.
0
Réponse 24 / 44
maxdunord92
20 août 2009 à 18:30
J'ai effectué la mise à jour et fait un scan.

Voila le rapport :

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2665
Windows 5.1.2600 Service Pack 2

20/08/2009 18:25:21
mbam-log-2009-08-20 (18-25-21).txt

Type de recherche: Examen rapide
Eléments examinés: 139636
Temps écoulé: 15 minute(s), 17 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 12

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e24211b3-a78a-c6a9-d317-70979ace5058} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinBlueSoft (Rogue.WinBlue) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Regedit32 (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\10882344 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\13337694 (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\16464004 (Rogue.Multiple) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Benoit\Bureau\flash-plugin[1].40016.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Benoit\Local Settings\Temp\40.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Benoit\Local Settings\Temp\40.tmp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Benoit\Local Settings\Temp\a.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Benoit\Local Settings\Temp\b.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Benoit\Local Settings\Temp\c.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\msb.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\autorun.inf (SuspectAutorun.Rootdrive.H) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
20 août 2009 à 18:33
● Télécharge Ad-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

/!\ Déconnecte-toi d'Internet et ferme toutes applications en cours. /!\

● Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program Files).
● Double-clique sur le raccourci d'Ad-Remover située sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci d'Ad-Remover et choisir Exécuter en tant qu'administrateur)
● Au menu principal, choisis l'option L.
● Poste le rapport généré (C:\Ad-Report-CLEAN.log).

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
0
Réponse 26 / 44
maxdunord92
24 août 2009 à 13:04
copie colle le à partir de "voilà le rapport"
0
Réponse 27 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
24 août 2009 à 13:29
Comment ça ?
0
Réponse 28 / 44
maxdunord92
25 août 2009 à 13:12
Bonjour,

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

--> Télécharge ComboFix (de sUBs) sur ton Bureau.
--> Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
--> Il va te demander d'installer la console de récupération : accepte.
--> Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
0
Réponse 29 / 44
maxdunord92
25 août 2009 à 13:14
--> Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

--> Double-clique sur RSIT.exe afin de lancer le programme.
(Sous Vista, il faut cliquer droit sur RSIT.exe et choisir Exécuter en tant qu'administrateur)

--> Clique sur Continue à l'écran Disclaimer.

--> Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

--> Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : les rapports sont sauvegardés dans le dossier C:\rsit.
0
Réponse 30 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
25 août 2009 à 14:17
Pourquoi tu me donnes les procédures ?
0
Réponse 31 / 44
maxdunord92
20 sept. 2009 à 12:20
voila le rapport de Ad-Remover

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_O | UNIQUEMENT XP/VISTA/SEVEN =======
.
Mit à jour par C_XX le 24/06/2009 à 7:10 PM
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 11:55:51, 20/09/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 2 v5.1.2600
Nom du PC: D15561E2A92943A | Utilisateur actuel: Maxime
.
Administrateur: Administrateur
N'est pas administrateur: ASPNET
Administrateur: Benoit
Administrateur: Charlotte
Administrateur: Guillaume
N'est pas administrateur: HelpAssistant *Desactive*
N'est pas administrateur: Invité *Desactive*
Administrateur: Maxime
N'est pas administrateur: SUPPORT_388945a0 *Desactive*
Administrateur: Véronique
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
.
C:\Documents and Settings\Benoit\Cookies\benoit@partypoker[1].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.

* Mozilla FireFox Version 3.5.3 *

Nom du profil: vu9rujf4.default (Maxime)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "Google");
(Prefs.js) user_pref("browser.search.selectedEngine", "Wikipédia (fr)");
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.3");
.
.

* Internet Explorer Version 6.0.2900.2180 *

[HKEY_CURRENT_USER\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://www.google.com/ie
Search Page: hxxp://www.google.com
Start Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

.
============== Processus Caches/Bloque ==============
.
PID: 644 [LOCKED] xcommsvr.exe
PID: 1460 [LOCKED] livesrv.exe
PID: 1572 [LOCKED] vsserv.exe
PID: 3480 [LOCKED] svchost.exe
.

============== Suspect (Cracks, Serials ... ) ==============

.
.
===================================
.
2764 Octet(s) - C:\Ad-Report-CLEAN.log
.
19 Fichier(s) - C:\DOCUME~1\Maxime\LOCALS~1\Temp
6 Fichier(s) - C:\WINDOWS\Temp
.
70 Fichier(s) - C:\Program Files\Ad-remover\BACKUP
162 Fichier(s) - C:\Program Files\Ad-remover\QUARANTINE
.
Fin à: 12:12:22 | 20/09/2009
.
============== E.O.F ==============
.
0
Réponse 32 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
21 sept. 2009 à 14:57
Peux-tu faire un scan RSIT avec l'option 3 months puis poster le rapport log ?
0
Réponse 33 / 44
maxdunord92
21 sept. 2009 à 17:55
voila le rapport RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Maxime at 2009-09-21 17:55:06
Microsoft Windows XP Édition familiale Service Pack 2
System drive C: has 100 GB (65%) free of 153 GB
Total RAM: 1791 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:11, on 21/09/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Classic PhoneTools\CapFax.EXE
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\InterVideo\DVD5R\SchSvr.exe
C:\Program Files\Philips\Philips SPC220NC Webcam\TrayMin220.exe
C:\Documents and Settings\Maxime\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Maxime\Bureau\autres icones\RSIT.exe
C:\Documents and Settings\Maxime\Mes documents\Téléchargements\Maxime.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [WINCINEMAMGR] "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [Home Antivirus 2010] "C:\Program Files\HomeAntivirus2010\HomeAntivirus2010.exe" /hide
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [CapFax] C:\Program Files\Classic PhoneTools\CapFax.EXE
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\Maxime\LOCALS~1\Temp\E_S119.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1011\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Guillaume')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1011\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Guillaume')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1011\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User 'Guillaume')
O4 - HKUS\S-1-5-21-385160944-3990610132-1039464959-1011\..\Run: [EPSON Stylus D92 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBZE.EXE /FU "C:\DOCUME~1\GUILLA~1\LOCALS~1\Temp\E_SC.tmp" /EF "HKCU" (User 'Guillaume')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-385160944-3990610132-1039464959-1011 Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Guillaume')
O4 - S-1-5-21-385160944-3990610132-1039464959-1011 User Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe (User 'Guillaume')
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Documents and Settings\Maxime\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: InterVideo Scheduler server.lnk = C:\Program Files\InterVideo\DVD5R\SchSvr.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: play2p.lnk = C:\Program Files\play2p\play2p.exe
O4 - Global Startup: TrayMin220.lnk = ?
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate1c9f33d686aa190) (gupdate1c9f33d686aa190) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Service CANALPLAY - Canal+ Distribution - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Unknown owner - C:\Program Files\Winsudate\gibsvc.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
0
Réponse 34 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
21 sept. 2009 à 18:07
---> Télécharge OTM (OldTimer) sur ton Bureau.

---> Double-clique sur OTM.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:services
WinSvc

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Home Antivirus 2010"=-

:files
C:\Program Files\HomeAntivirus2010
C:\Program Files\Winsudate
C:\Program Files\Winletmin
C:\WINDOWS\system32\17c7de00.dll
C:\WINDOWS\system32\138b1af2.dll
C:\WINDOWS\79zsteal1577.exe
C:\WINDOWS\2457notza-v5rus7889.exe
C:\WINDOWS\system32\353vir1z9.exe
C:\WINDOWS\z681t5ief6819.exe
C:\WINDOWS\57z9down5oader3053.exe
C:\WINDOWS\6a95downl5ader228z.exe
C:\WINDOWS\system32\1cbe5ac9door9z5.dll
C:\WINDOWS\z54spy790.exe
C:\WINDOWS\43fcvi956z3.dll
C:\WINDOWS\system32\465athizf5529.exe
C:\WINDOWS\75b6bac9do5r186z.dll
C:\Program Files\QUAD Utilities
C:\WINDOWS\system32\ML.DLL
C:\WINDOWS\6f1bvirz2955.dll
C:\WINDOWS\13d8a95zare1044.dll
C:\WINDOWS\975zvirus499.exe
C:\WINDOWS\yfep.bat
C:\WINDOWS\system32\vavyqop.com
C:\WINDOWS\system32\anizaso.vbs
C:\WINDOWS\japizomoz.dll
C:\Program Files\Fichiers communs\ifinosymum.com
C:\WINDOWS\powoza.bat
C:\WINDOWS\fojubujo.vbs
C:\Program Files\Fichiers communs\tesyraz.bat
C:\WINDOWS\system32\oduripaqen.bat
C:\WINDOWS\qazuhilido.dll
C:\Documents and Settings\All Users\Application Data\ifihe.com
C:\Documents and Settings\All Users\Application Data\hadi.com
C:\WINDOWS\1a0bth9e54z.exe
C:\WINDOWS\system32\kavosatah.bat
C:\WINDOWS\imali.dll
C:\Program Files\Fichiers communs\yjiqy.bat
C:\Documents and Settings\All Users\Application Data\vurokecoh.dll
C:\Documents and Settings\All Users\Application Data\myrac.exe
C:\WINDOWS\8793hacktzol4d35.dll
C:\WINDOWS\891threaz15809.exe
C:\WINDOWS\system32\4443t9zeat275535.exe
C:\WINDOWS\94a5vir2z02.exe
C:\WINDOWS\system32\4e9z9ir2754.exe
C:\Qoobox
C:\WINDOWS\system32\CF14943.exe
C:\WINDOWS\system32\CF14848.exe
C:\WINDOWS\system32\CF14551.exe
C:\WINDOWS\system32\CF14486.exe
C:\WINDOWS\system32\CF14179.exe
C:\WINDOWS\system32\CF13454.exe
C:\WINDOWS\system32\CF13176.exe
C:\WINDOWS\system32\CF13085.exe
C:\WINDOWS\system32\CF13003.exe
C:\WINDOWS\system32\CF12912.exe
C:\WINDOWS\system32\CF15792.exe
C:\WINDOWS\system32\CF25158.exe
C:\WINDOWS\system32\CF22581.exe
C:\WINDOWS\system32\CF20740.exe
C:\WINDOWS\system32\CF7026.exe
C:\WINDOWS\system32\CF6954.exe
C:\WINDOWS\system32\CF6840.exe
C:\WINDOWS\system32\CF18064.exe
C:\WINDOWS\system32\CF17930.exe
C:\WINDOWS\system32\CF13250.exe
C:\WINDOWS\system32\CF8809.exe
C:\WINDOWS\system32\CF8711.exe
C:\WINDOWS\system32\CF29849.exe
C:\WINDOWS\system32\CF29755.exe
C:\WINDOWS\system32\CF28158.exe
C:\WINDOWS\system32\CF28070.exe
C:\Bibitte
C:\WINDOWS\system32\CF553.exe
C:\WINDOWS\system32\CF438.exe
C:\WINDOWS\system32\CF308.exe
C:\WINDOWS\system32\CF31547.exe
C:\WINDOWS\system32\CF31449.exe
C:\WINDOWS\5535worz915.dll
C:\WINDOWS\system32\6f96spy5aze2689.exe
C:\WINDOWS\system32\z9c5sparse1423.exe
C:\WINDOWS\3486v9z5162.dll
C:\WINDOWS\3c719ozn5oader969.exe
C:\WINDOWS\system32\25623worm297z.dll
C:\WINDOWS\system32\60edbac9zo5r1517.exe
C:\WINDOWS\system32\15902vi5zs449.dll
C:\WINDOWS\system32\103785roj59z.exe
C:\WINDOWS\system32\17999zr5j7c3.dll
C:\WINDOWS\76d0addwa9e1305z.dll
C:\WINDOWS\system32\23f3stezl9657.exe
C:\WINDOWS\system32\e89threat59508z.dll
C:\WINDOWS\23z04not-5-vi9usbc.exe
C:\WINDOWS\518bzownl9ader1115.dll
C:\WINDOWS\system32\15z23not9a-virus495.exe
C:\WINDOWS\19955hazktool46f.dll
C:\WINDOWS\27493vizu535.exe
C:\WINDOWS\system32\46345parse278z9.exe
C:\WINDOWS\5617zs9ambot165.exe
C:\WINDOWS\system32\80z9sp56aa.dll
C:\WINDOWS\system32\13250worm39z.dll
C:\WINDOWS\system32\690bsz5al2144.dll
C:\WINDOWS\5b90v5rz014.dll
C:\WINDOWS\za1ct59ef772.exe
C:\WINDOWS\system32\1caddownl59derz356.exe
C:\WINDOWS\29949szy785.dll
C:\WINDOWS\system32\305z5vir593a5.exe
C:\WINDOWS\system32\609b5irz55.dll
C:\WINDOWS\system32\26595vizu92.exe
C:\WINDOWS\system32\b535pzwa9e361.dll
C:\WINDOWS\22427noz-a-v5r9sf5.exe
C:\WINDOWS\system32\789d5hreat20079z.dll
C:\WINDOWS\5z58backdo9r5599.dll

:commands
[purity]
[emptytemp]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTM.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 35 / 44
maxdunord92
21 sept. 2009 à 18:20
voila


All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========

Service\Driver WinSvc deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Home Antivirus 2010 deleted successfully.
========== FILES ==========
File/Folder C:\Program Files\HomeAntivirus2010 not found.
C:\Program Files\Winsudate moved successfully.
C:\Program Files\Winletmin moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\17c7de00.dll
C:\WINDOWS\system32\17c7de00.dll NOT unregistered.
C:\WINDOWS\system32\17c7de00.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\138b1af2.dll
C:\WINDOWS\system32\138b1af2.dll NOT unregistered.
C:\WINDOWS\system32\138b1af2.dll moved successfully.
C:\WINDOWS\79zsteal1577.exe moved successfully.
C:\WINDOWS\2457notza-v5rus7889.exe moved successfully.
C:\WINDOWS\system32\353vir1z9.exe moved successfully.
C:\WINDOWS\z681t5ief6819.exe moved successfully.
C:\WINDOWS\57z9down5oader3053.exe moved successfully.
C:\WINDOWS\6a95downl5ader228z.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\1cbe5ac9door9z5.dll
C:\WINDOWS\system32\1cbe5ac9door9z5.dll NOT unregistered.
C:\WINDOWS\system32\1cbe5ac9door9z5.dll moved successfully.
C:\WINDOWS\z54spy790.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\43fcvi956z3.dll
C:\WINDOWS\43fcvi956z3.dll NOT unregistered.
C:\WINDOWS\43fcvi956z3.dll moved successfully.
C:\WINDOWS\system32\465athizf5529.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\75b6bac9do5r186z.dll
C:\WINDOWS\75b6bac9do5r186z.dll NOT unregistered.
C:\WINDOWS\75b6bac9do5r186z.dll moved successfully.
C:\Program Files\QUAD Utilities\QUAD Registry Cleaner moved successfully.
C:\Program Files\QUAD Utilities moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\ML.DLL
C:\WINDOWS\system32\ML.DLL NOT unregistered.
C:\WINDOWS\system32\ML.DLL moved successfully.
LoadLibrary failed for C:\WINDOWS\6f1bvirz2955.dll
C:\WINDOWS\6f1bvirz2955.dll NOT unregistered.
C:\WINDOWS\6f1bvirz2955.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\13d8a95zare1044.dll
C:\WINDOWS\13d8a95zare1044.dll NOT unregistered.
C:\WINDOWS\13d8a95zare1044.dll moved successfully.
C:\WINDOWS\975zvirus499.exe moved successfully.
C:\WINDOWS\yfep.bat moved successfully.
C:\WINDOWS\system32\vavyqop.com moved successfully.
C:\WINDOWS\system32\anizaso.vbs moved successfully.
LoadLibrary failed for C:\WINDOWS\japizomoz.dll
C:\WINDOWS\japizomoz.dll NOT unregistered.
C:\WINDOWS\japizomoz.dll moved successfully.
C:\Program Files\Fichiers communs\ifinosymum.com moved successfully.
C:\WINDOWS\powoza.bat moved successfully.
C:\WINDOWS\fojubujo.vbs moved successfully.
C:\Program Files\Fichiers communs\tesyraz.bat moved successfully.
C:\WINDOWS\system32\oduripaqen.bat moved successfully.
LoadLibrary failed for C:\WINDOWS\qazuhilido.dll
C:\WINDOWS\qazuhilido.dll NOT unregistered.
C:\WINDOWS\qazuhilido.dll moved successfully.
C:\Documents and Settings\All Users\Application Data\ifihe.com moved successfully.
C:\Documents and Settings\All Users\Application Data\hadi.com moved successfully.
C:\WINDOWS\1a0bth9e54z.exe moved successfully.
C:\WINDOWS\system32\kavosatah.bat moved successfully.
LoadLibrary failed for C:\WINDOWS\imali.dll
C:\WINDOWS\imali.dll NOT unregistered.
C:\WINDOWS\imali.dll moved successfully.
C:\Program Files\Fichiers communs\yjiqy.bat moved successfully.
LoadLibrary failed for C:\Documents and Settings\All Users\Application Data\vurokecoh.dll
C:\Documents and Settings\All Users\Application Data\vurokecoh.dll NOT unregistered.
C:\Documents and Settings\All Users\Application Data\vurokecoh.dll moved successfully.
C:\Documents and Settings\All Users\Application Data\myrac.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\8793hacktzol4d35.dll
C:\WINDOWS\8793hacktzol4d35.dll NOT unregistered.
C:\WINDOWS\8793hacktzol4d35.dll moved successfully.
C:\WINDOWS\891threaz15809.exe moved successfully.
C:\WINDOWS\system32\4443t9zeat275535.exe moved successfully.
C:\WINDOWS\94a5vir2z02.exe moved successfully.
C:\WINDOWS\system32\4e9z9ir2754.exe moved successfully.
C:\Qoobox\TestC moved successfully.
C:\Qoobox\Test moved successfully.
C:\Qoobox\Quarantine\Registry_backups moved successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers moved successfully.
Folder move failed. C:\Qoobox\Quarantine\C\WINDOWS\system32 scheduled to be moved on reboot.
Folder move failed. C:\Qoobox\Quarantine\C\WINDOWS scheduled to be moved on reboot.
C:\Qoobox\Quarantine\C moved successfully.
C:\Qoobox\Quarantine moved successfully.
C:\Qoobox\LastRun moved successfully.
C:\Qoobox\BackEnv moved successfully.
C:\Qoobox moved successfully.
C:\WINDOWS\system32\CF14943.exe moved successfully.
C:\WINDOWS\system32\CF14848.exe moved successfully.
C:\WINDOWS\system32\CF14551.exe moved successfully.
C:\WINDOWS\system32\CF14486.exe moved successfully.
C:\WINDOWS\system32\CF14179.exe moved successfully.
C:\WINDOWS\system32\CF13454.exe moved successfully.
C:\WINDOWS\system32\CF13176.exe moved successfully.
C:\WINDOWS\system32\CF13085.exe moved successfully.
C:\WINDOWS\system32\CF13003.exe moved successfully.
C:\WINDOWS\system32\CF12912.exe moved successfully.
C:\WINDOWS\system32\CF15792.exe moved successfully.
C:\WINDOWS\system32\CF25158.exe moved successfully.
C:\WINDOWS\system32\CF22581.exe moved successfully.
C:\WINDOWS\system32\CF20740.exe moved successfully.
C:\WINDOWS\system32\CF7026.exe moved successfully.
C:\WINDOWS\system32\CF6954.exe moved successfully.
C:\WINDOWS\system32\CF6840.exe moved successfully.
C:\WINDOWS\system32\CF18064.exe moved successfully.
C:\WINDOWS\system32\CF17930.exe moved successfully.
C:\WINDOWS\system32\CF13250.exe moved successfully.
C:\WINDOWS\system32\CF8809.exe moved successfully.
C:\WINDOWS\system32\CF8711.exe moved successfully.
C:\WINDOWS\system32\CF29849.exe moved successfully.
C:\WINDOWS\system32\CF29755.exe moved successfully.
C:\WINDOWS\system32\CF28158.exe moved successfully.
C:\WINDOWS\system32\CF28070.exe moved successfully.
C:\Bibitte\N_ moved successfully.
C:\Bibitte moved successfully.
C:\WINDOWS\system32\CF553.exe moved successfully.
C:\WINDOWS\system32\CF438.exe moved successfully.
C:\WINDOWS\system32\CF308.exe moved successfully.
C:\WINDOWS\system32\CF31547.exe moved successfully.
C:\WINDOWS\system32\CF31449.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\5535worz915.dll
C:\WINDOWS\5535worz915.dll NOT unregistered.
C:\WINDOWS\5535worz915.dll moved successfully.
C:\WINDOWS\system32\6f96spy5aze2689.exe moved successfully.
C:\WINDOWS\system32\z9c5sparse1423.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\3486v9z5162.dll
C:\WINDOWS\3486v9z5162.dll NOT unregistered.
C:\WINDOWS\3486v9z5162.dll moved successfully.
C:\WINDOWS\3c719ozn5oader969.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\25623worm297z.dll
C:\WINDOWS\system32\25623worm297z.dll NOT unregistered.
C:\WINDOWS\system32\25623worm297z.dll moved successfully.
C:\WINDOWS\system32\60edbac9zo5r1517.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\15902vi5zs449.dll
C:\WINDOWS\system32\15902vi5zs449.dll NOT unregistered.
C:\WINDOWS\system32\15902vi5zs449.dll moved successfully.
C:\WINDOWS\system32\103785roj59z.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\17999zr5j7c3.dll
C:\WINDOWS\system32\17999zr5j7c3.dll NOT unregistered.
C:\WINDOWS\system32\17999zr5j7c3.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\76d0addwa9e1305z.dll
C:\WINDOWS\76d0addwa9e1305z.dll NOT unregistered.
C:\WINDOWS\76d0addwa9e1305z.dll moved successfully.
C:\WINDOWS\system32\23f3stezl9657.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\e89threat59508z.dll
C:\WINDOWS\system32\e89threat59508z.dll NOT unregistered.
C:\WINDOWS\system32\e89threat59508z.dll moved successfully.
C:\WINDOWS\23z04not-5-vi9usbc.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\518bzownl9ader1115.dll
C:\WINDOWS\518bzownl9ader1115.dll NOT unregistered.
C:\WINDOWS\518bzownl9ader1115.dll moved successfully.
C:\WINDOWS\system32\15z23not9a-virus495.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\19955hazktool46f.dll
C:\WINDOWS\19955hazktool46f.dll NOT unregistered.
C:\WINDOWS\19955hazktool46f.dll moved successfully.
C:\WINDOWS\27493vizu535.exe moved successfully.
C:\WINDOWS\system32\46345parse278z9.exe moved successfully.
C:\WINDOWS\5617zs9ambot165.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\80z9sp56aa.dll
C:\WINDOWS\system32\80z9sp56aa.dll NOT unregistered.
C:\WINDOWS\system32\80z9sp56aa.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\13250worm39z.dll
C:\WINDOWS\system32\13250worm39z.dll NOT unregistered.
C:\WINDOWS\system32\13250worm39z.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\690bsz5al2144.dll
C:\WINDOWS\system32\690bsz5al2144.dll NOT unregistered.
C:\WINDOWS\system32\690bsz5al2144.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\5b90v5rz014.dll
C:\WINDOWS\5b90v5rz014.dll NOT unregistered.
C:\WINDOWS\5b90v5rz014.dll moved successfully.
C:\WINDOWS\za1ct59ef772.exe moved successfully.
C:\WINDOWS\system32\1caddownl59derz356.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\29949szy785.dll
C:\WINDOWS\29949szy785.dll NOT unregistered.
C:\WINDOWS\29949szy785.dll moved successfully.
C:\WINDOWS\system32\305z5vir593a5.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\609b5irz55.dll
C:\WINDOWS\system32\609b5irz55.dll NOT unregistered.
C:\WINDOWS\system32\609b5irz55.dll moved successfully.
C:\WINDOWS\system32\26595vizu92.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\b535pzwa9e361.dll
C:\WINDOWS\system32\b535pzwa9e361.dll NOT unregistered.
C:\WINDOWS\system32\b535pzwa9e361.dll moved successfully.
C:\WINDOWS\22427noz-a-v5r9sf5.exe moved successfully.
LoadLibrary failed for C:\WINDOWS\system32\789d5hreat20079z.dll
C:\WINDOWS\system32\789d5hreat20079z.dll NOT unregistered.
C:\WINDOWS\system32\789d5hreat20079z.dll moved successfully.
LoadLibrary failed for C:\WINDOWS\5z58backdo9r5599.dll
C:\WINDOWS\5z58backdo9r5599.dll NOT unregistered.
C:\WINDOWS\5z58backdo9r5599.dll moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Benoit
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;bp=KO;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=9721392389970124[2] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=9334179644890616[2] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=1091597053765422[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2417858158701857[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=3303568732486069[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=3648088069310690[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=4722658570681154[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6006363322042493[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6404505873805291[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6789632804375755[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=7907743544286736[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8009526694446377[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8250554776575361[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9390270181895648[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9925533243234794[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=1411533366124885[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=4024555687819131[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=5292798506930964[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=5444752974021076[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6753868725922656[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9713275816673706[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=5259104821044612[2] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=9232539020389334[2] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=;var22=;var23=;var24=;var25=;var26=;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=5843969350915059[2] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=;var22=;var23=;var24=;var25=;var26=;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=8689371997960267[2] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2506004386782113[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2564542267481515[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2810979398001474[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2923958919255144[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=3469155289605451[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=3769784539666309[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6051261568106273[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8820842306143908[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=4308326385338276[2] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=7456315264875601[2] scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=1793306031441906[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=349085046702618[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=4859487484680844[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6015909388799070[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6115314673194251[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6604956894810270[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=7076576080325310[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=798925196994098[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8202889881868094[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8711110431161262[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9251098087589820[1].htm scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9895738230974682[1].htm scheduled to be deleted on reboot.
->Temp folder emptied: 1448166509 bytes
->Temporary Internet Files folder emptied: 289142893 bytes
->Java cache emptied: 24 bytes
->FireFox cache emptied: 73160419 bytes
->Google Chrome cache emptied: 12835235 bytes
->Apple Safari cache emptied: 27786428 bytes

User: Charlotte
->Temp folder emptied: 425897629 bytes
->Temporary Internet Files folder emptied: 205288010 bytes
->Java cache emptied: 20708 bytes
->FireFox cache emptied: 48807341 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32768 bytes

User: Guillaume
->Temp folder emptied: 409280000 bytes
->Temporary Internet Files folder emptied: 24568660 bytes
->FireFox cache emptied: 66576665 bytes

User: LocalService
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
->Temp folder emptied: 65716 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 6123860 bytes

User: Maxime
->Temp folder emptied: 2760360 bytes
->Temporary Internet Files folder emptied: 3088367 bytes
->Java cache emptied: 550201 bytes
->FireFox cache emptied: 86301012 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Véronique
->Temp folder emptied: 655118 bytes
->Temporary Internet Files folder emptied: 15678631 bytes
->FireFox cache emptied: 20721010 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134465 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 53653 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = -1073,11 mb


OTM by OldTimer - Version 3.0.0.6 log created on 09212009_181056

Files moved on Reboot...
File C:\Qoobox\Quarantine\C\WINDOWS\system32 not found!
File C:\Qoobox\Quarantine\C\WINDOWS not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;bp=KO;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=9721392389970124[2] not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=9334179644890616[2] not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=1091597053765422[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2417858158701857[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=3303568732486069[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=3648088069310690[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=4722658570681154[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6006363322042493[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6404505873805291[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6789632804375755[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=7907743544286736[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8009526694446377[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8250554776575361[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9390270181895648[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\Q9GNMDCP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9925533243234794[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=1411533366124885[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=4024555687819131[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=5292798506930964[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=5444752974021076[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6753868725922656[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\AV8PW9WP\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9713275816673706[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=5259104821044612[2] not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=9232539020389334[2] not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=;var22=;var23=;var24=;var25=;var26=;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=5843969350915059[2] not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=;var22=;var23=;var24=;var25=;var26=;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=8689371997960267[2] not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2506004386782113[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2564542267481515[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2810979398001474[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=2923958919255144[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=3469155289605451[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=3769784539666309[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6051261568106273[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\6VEHMTSV\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8820842306143908[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=4308326385338276[2] not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;bp=OK;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;tile=1;sz=300x250;ord=7456315264875601[2] not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=1793306031441906[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=349085046702618[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=4859487484680844[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6015909388799070[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6115314673194251[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=6604956894810270[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=7076576080325310[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=798925196994098[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8202889881868094[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=8711110431161262[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9251098087589820[1].htm not found!
File C:\Documents and Settings\Benoit\Local Settings\Temp\Temporary Internet Files\Content.IE5\418V636N\;var1=4;var2=1;var3=92210;var4=;var21=3;var22=1;var23=2;var24=3;var25=1;var26=92064;var7=;var8=0;var9=0;var10=0;var11=;var14=;sz=728x90,468x60;ord=9895738230974682[1].htm not found!

Registry entries deleted on Reboot...
0
Réponse 36 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
21 sept. 2009 à 18:22
Essaie de lancer ce fichier :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
0
Réponse 37 / 44
maxdunord92
21 sept. 2009 à 19:33
J'ai lancé le fichier, un scan s'est lancé mais l'ordinateur a redémarré et windows me met qu'il a récupéré d'une erreur sérieuse.
0
Réponse 38 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
21 sept. 2009 à 19:46
---> Télécharge Gmer sur ton Bureau.

---> Extrais le contenu de l'archive puis renomme gmer.exe en CCM.exe (Le .exe n'est pas forcément visible).

---> Double-clique sur CCM.exe.

---> Onglet "Rootkit/Malware", clique sur "Scan" puis patiente.

---> En fin de traitement, clique sur "Save..." et enregistre sur ton Bureau "gmer.txt".

---> Double-clique sur "gmer.txt", le rapport apparaît, poste-le.
0
Réponse 39 / 44
maxdunord92
22 sept. 2009 à 18:09
Dès que je double-clique sur CCM.exe,l'ordinateur redémarre...
0
Réponse 40 / 44
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
22 sept. 2009 à 18:10
D'accord...

--> Télécharge Dr.Web CureIt! sur ton Bureau.
--> Double-clique sur drweb-cureit.exe et clique sur Commencer le scan.
--> Ce scan rapide permet l'analyse des processus chargés en mémoire; s'il trouve des processus infectés, clique sur le bouton Oui pour Tout à l'invite.
--> Lorsque le scan rapide est terminé, clique sur Options > Changer la configuration.
--> Choisis l'onglet Scanner, et décoche Analyse heuristique.
--> De retour à la fenêtre principale : choisis Analyse complète.
--> Clique la flèche verte sur la droite et le scan débutera. Une publicité apparaît quelquefois, ferme-la.
--> Clique Oui pour Tout si un fichier est détecté.
--> A la fin du scan, si des infections sont trouvées, clique sur Tout sélectionner, puis sur Désinfecter. Si la désinfection est impossible, clique sur Quarantaine.
--> Au menu principal de l'outil, en haut à gauche, clique sur le menu Fichier et choisis Enregistrer le rapport.
--> Sauvegarde le rapport sur ton Bureau. Ce dernier se nommera DrWeb.csv.
--> Ferme Dr.Web CureIt!
--> Redémarre ton ordinateur (très important) car certains fichiers peuvent être déplacés/réparés au redémarrage.
--> Suite au redémarrage, poste (Copie/Colle) le contenu du rapport de l'outil Dr.Web dans ta prochaine réponse.

NB : Dr.Web en version gratuite est un scanner à la demande et n'entre pas en conflit avec ton antivirus résident. Tu pourras finalement supprimer Dr.Web à la fin des manipulations.
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
Coco71 -

15 réponses
Touche "home" sur pc portable.
Mario70 -
Bezulon -

25 réponses
Animal crossing - Happy home paradise
igd -
romanebmt -

44 réponses
lien pour le film fracture (Samy seghir)
InesNanouuuuuuuuuuuu -
YasO -

5 réponses