Pc ralenti -> infection
Résolu
blasterofmetal
Messages postés
416
Date d'inscription
Statut
Membre
Dernière intervention
-
blasterofmetal Messages postés 416 Date d'inscription Statut Membre Dernière intervention -
blasterofmetal Messages postés 416 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
Mon pc tourne au ralenti, cela peux surement etre du à une infection, quelqu'un peut m'aider à le désinfecter ?
Mon pc tourne au ralenti, cela peux surement etre du à une infection, quelqu'un peut m'aider à le désinfecter ?
A voir également:
- Pc ralenti -> infection
- Pc ralenti - Guide
- Reinitialiser pc - Guide
- Test performance pc - Guide
- Downloader for pc - Télécharger - Téléchargement & Transfert
- Mettre une vidéo au ralenti iphone - Guide
32 réponses
bon je pense que ton pc doit avoir un rootkit qui traine par la.
▶ Télécharge mbr.exe de Gmer sur le Bureau : http://www2.gmer.net/mbr/mbr.exe
▶ Désactive toutes tes protections et coupe la connexion.
▶ Double clique sur mbr.exe et laisse l'outil travailler : un rapport nommé mbr.log sera généré
▶ Poste son rapport dans ta prochaine réponse stp
▶ Télécharge mbr.exe de Gmer sur le Bureau : http://www2.gmer.net/mbr/mbr.exe
▶ Désactive toutes tes protections et coupe la connexion.
▶ Double clique sur mbr.exe et laisse l'outil travailler : un rapport nommé mbr.log sera généré
▶ Poste son rapport dans ta prochaine réponse stp
Re,
Et ça c'est toujours présent :
C:\Program Files\Winsudate\gibusr.exe
C:\Program Files\Winsudate\gibsvc.exe
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe
"WinUsr"=C:\Program Files\Winsudate\gibusr.exe [2009-09-21 88304]
2009-09-21 14:22:53 ----D---- C:\Program Files\Winsudate
R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2009-09-21 70896]
@blasterofmetal, fais ceci :
-+-+-+-> OTMoveIt <-+-+-+-
[x] Télécharge OTMoveIt (de Old_Timer) à cette adresse : https://www.luanagames.com/index.fr.html sur ton Bureau.
[x] Double-clique sur OTMoveIt.exe.
[x] Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.
[x] Copie le texte en gras ci dessous et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved
:processes
explorer.exe
gibsvc.exe
gibusr.exe
:services
Winsudate
Winsvc
:reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinUsr"=-
:files
C:\Program Files\Winsudate
:commands
[emptytemp]
[purity]
[start explorer]
[x] Clique sur MoveIt! pour lancer la suppression.
[x] Si OTMoveIt propose de redémarrer ton PC, accepte.
[x] Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.
[x] Dans ta future réponse, envoie le rapport de OTMoveIt situé sous C:\_OTMoveIt\MovedFiles
Et ça c'est toujours présent :
C:\Program Files\Winsudate\gibusr.exe
C:\Program Files\Winsudate\gibsvc.exe
O4 - HKCU\..\Run: [WinUsr] C:\Program Files\Winsudate\gibusr.exe
O23 - Service: Gestionnaire de mise à jour Winsudate (WinSvc) - Winsudate - C:\Program Files\Winsudate\gibsvc.exe
"WinUsr"=C:\Program Files\Winsudate\gibusr.exe [2009-09-21 88304]
2009-09-21 14:22:53 ----D---- C:\Program Files\Winsudate
R2 WinSvc;Gestionnaire de mise à jour Winsudate; C:\Program Files\Winsudate\gibsvc.exe [2009-09-21 70896]
@blasterofmetal, fais ceci :
-+-+-+-> OTMoveIt <-+-+-+-
[x] Télécharge OTMoveIt (de Old_Timer) à cette adresse : https://www.luanagames.com/index.fr.html sur ton Bureau.
[x] Double-clique sur OTMoveIt.exe.
[x] Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.
[x] Copie le texte en gras ci dessous et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved
:processes
explorer.exe
gibsvc.exe
gibusr.exe
:services
Winsudate
Winsvc
:reg
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinUsr"=-
:files
C:\Program Files\Winsudate
:commands
[emptytemp]
[purity]
[start explorer]
[x] Clique sur MoveIt! pour lancer la suppression.
[x] Si OTMoveIt propose de redémarrer ton PC, accepte.
[x] Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.
[x] Dans ta future réponse, envoie le rapport de OTMoveIt situé sous C:\_OTMoveIt\MovedFiles
OTMOVEIT
========== PROCESSES ==========
Process explorer.exe killed successfully.
Unable to kill process: gibsvc.exe
Process gibusr.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service Winsudate .
Service Winsvc stopped successfully.
Service Winsvc deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WinUsr deleted successfully.
========== FILES ==========
C:\Program Files\Winsudate moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\etilqs_8M7yuQJQy7ckzZMJX7Xz scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_6d4.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_e78.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_ecc.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DF1C68.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DF1CA8.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DFE00B.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DFF8FB.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_180.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 10292009_142354
Files moved on Reboot...
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\etilqs_8M7yuQJQy7ckzZMJX7Xz not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_6d4.dat not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_e78.dat not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_ecc.dat not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DF1C68.tmp not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DF1CA8.tmp not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DFE00B.tmp not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DFF8FB.tmp not found!
File C:\WINDOWS\temp\Perflib_Perfdata_180.dat not found!
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\urlclassifier3.sqlite moved successfully.
========== PROCESSES ==========
Process explorer.exe killed successfully.
Unable to kill process: gibsvc.exe
Process gibusr.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service Winsudate .
Service Winsvc stopped successfully.
Service Winsvc deleted successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WinUsr deleted successfully.
========== FILES ==========
C:\Program Files\Winsudate moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\etilqs_8M7yuQJQy7ckzZMJX7Xz scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_6d4.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_e78.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_ecc.dat scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DF1C68.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DF1CA8.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DFE00B.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DFF8FB.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_180.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 10292009_142354
Files moved on Reboot...
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\etilqs_8M7yuQJQy7ckzZMJX7Xz not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_6d4.dat not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_e78.dat not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\Perflib_Perfdata_ecc.dat not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DF1C68.tmp not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DF1CA8.tmp not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DFE00B.tmp not found!
File C:\DOCUME~1\PROPRI~3.FAM\LOCALS~1\Temp\~DFF8FB.tmp not found!
File C:\WINDOWS\temp\Perflib_Perfdata_180.dat not found!
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Local Settings\Application Data\Mozilla\Firefox\Profiles\q7spisns.default\urlclassifier3.sqlite moved successfully.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
Logfile of random's system information tool 1.06 (written by random/random)
Run by Propriétaire at 2009-10-29 14:46:17
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 16 GB (30%) free of 53 GB
Total RAM: 767 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:47:41, on 29/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsqh.exe
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsus.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Bureau\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SB8.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://pl12je.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp10.photoprintit.de/microsite/1156/defaults/activex/ImageUploader3.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15106/CTPID.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C762A03-C9A5-414C-8C53-36D32BC14FCD}: NameServer = 192.168.1.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
Run by Propriétaire at 2009-10-29 14:46:17
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 16 GB (30%) free of 53 GB
Total RAM: 767 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:47:41, on 29/10/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsqh.exe
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsus.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Documents and Settings\Propriétaire.FAMILLE-QDS3TN1\Bureau\RSIT.exe
C:\Program Files\trend micro\Propriétaire.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_SB8.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: iGraal - {88F05591-0079-4c37-B138-5DA8BC1782EF} - C:\Program Files\iGraal\iGraal.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://pl12je.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp10.photoprintit.de/microsite/1156/defaults/activex/ImageUploader3.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15106/CTPID.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5C762A03-C9A5-414C-8C53-36D32BC14FCD}: NameServer = 192.168.1.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
Ca m'a l'air pas mal.
En tout cas, c'est de mieux en mieux.
Après comment être sure qu'il n'y a plus rien ?
En tout cas, c'est de mieux en mieux.
Après comment être sure qu'il n'y a plus rien ?
Parce que je te le dis ^^
On va faire du nettoyage maintenant :
relance otmoveit et copie/colle ceci :
:services
mbr
Clique sur " moveit! " et poste le rapport
---------------------------
1 - Nettoyage :
- Télécharge ATF-Cleaner
- Suis le tutoriel disponible à cette adresse
- Renouvelle l'opération régulièrement
-----------------
-+-+-+-> Tools Cleaner <-+-+-+-
[o] Afin de supprimer tout les logiciels qui ont été utilisés pour ta désinfection,
[o] Télécharge ToolsCleaner sur ton bureau à cette adresse : https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/
[o] Double-clique sur « Toolscleaner.exe »
[o] Clique sur "restauration" pour créer un point de restauration.
[o] Puis clique sur « recherche »
[o] Quand la recherche sera terminée, clique sur "suppression".
[o] A la fin (il y aura des indications dans le cadre en-dessous), clique sur "quitter" et poste le rapport qui se trouve dans C:\Tcleaner.txt
On va faire du nettoyage maintenant :
relance otmoveit et copie/colle ceci :
:services
mbr
Clique sur " moveit! " et poste le rapport
---------------------------
1 - Nettoyage :
- Télécharge ATF-Cleaner
- Suis le tutoriel disponible à cette adresse
- Renouvelle l'opération régulièrement
-----------------
-+-+-+-> Tools Cleaner <-+-+-+-
[o] Afin de supprimer tout les logiciels qui ont été utilisés pour ta désinfection,
[o] Télécharge ToolsCleaner sur ton bureau à cette adresse : https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/
[o] Double-clique sur « Toolscleaner.exe »
[o] Clique sur "restauration" pour créer un point de restauration.
[o] Puis clique sur « recherche »
[o] Quand la recherche sera terminée, clique sur "suppression".
[o] A la fin (il y aura des indications dans le cadre en-dessous), clique sur "quitter" et poste le rapport qui se trouve dans C:\Tcleaner.txt