PC lent....

Résolu
fredlof -  
 gen-hackman -
Bonjour,
mon pc est un peu long depuis un moment, de plus j'ai basculé ci vers sfr, je vous parle pas du b....l !!
Il me semble qu'il y a des lignes pas normal pourriez vous m'aidez!!

voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:10:15, on 25/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iSafer\iSaferSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iSafer\iSafer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Vincent\Bureau\scanner.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min/nosplash
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Moniteur Fax-Voix.lnk = C:\OLIFAXVX\MONITEUR.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: iSafer.lnk = C:\Program Files\iSafer\iSafer.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iSafer - Personal Firewall (iSafer) - http://winsockfirewall.sourceforge.net - C:\Program Files\iSafer\iSaferSvr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 11741 bytes
Configuration: Windows XP
Firefox 3.5.5
SP3

34 réponses

  • 1
  • 2
  1. fredlof
     
    bonjour,
    voici la suite, merci encore :

    ############################## | FindyKill V5.020 |

    # User : Vincent (Administrateurs) # VIVACLIM
    # Update on 26/11/2009 by Chiquitine29
    # Start at: 11:32:09 | 27/11/2009
    # Website : http://pagesperso-orange.fr/NosTools/index.html
    # Contact : FindyKill.Contact@gmail.com

    # Intel(R) Pentium(R) 4 CPU 2.93GHz
    # Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    # Internet Explorer 8.0.6001.18702
    # Windows Firewall Status : Disabled
    # AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

    # C:\ # Disque fixe local # 78,13 Go (57,36 Go free) # NTFS
    # D:\ # Disque fixe local # 70,91 Go (22,96 Go free) [Fred] # NTFS
    # E:\ # Disque amovible
    # F:\ # Disque amovible
    # G:\ # Disque amovible
    # H:\ # Disque amovible
    # I:\ # Disque CD-ROM
    # J:\ # Disque CD-ROM
    # K:\ # Disque amovible # 14,92 Go (14,92 Go free) [PKBACK# 001] # FAT32
    # L:\ # Disque amovible

    ############################## | Processus actifs |

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir Desktop\sched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\a-squared Free\a2service.exe
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\iSafer\iSaferSvr.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
    C:\WINDOWS\ALCWZRD.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    ################## | C: |

    ################## | C:\WINDOWS |

    ################## | C:\WINDOWS\system32 |

    ################## | C:\WINDOWS\system32\drivers |

    ################## | C:\Documents and Settings\Vincent\Application Data |

    ################## | Autres detections ... |

    ################## | Temporary Internet Files |

    ################## | Registre / Clés infectieuses |

    Présent ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
    Présent ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
    Présent ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
    Présent ! [HKLM\software\microsoft\security center] "FirewallOverride"
    Présent ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"
    Présent ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"

    ################## | Etat / Services / Informations |

    # Affichage des fichiers cachés : OK

    # Mode sans echec : OK

    # Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
    # EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
    # Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
    # SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
    # wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
    # wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

    ################## | Cracks / Keygens / Serials |

    "D:\LOGICIELS\winzip 8.0 fr\Crack.exe"
    15/08/2000 12:08 |Size 44544 |Crc32 8bafc100 |Md5 2b7f83d8cede0ea3c48a9624dc4f710e

    ################## | ! Fin du rapport # FindyKill V5.020 ! |
    1
  2. gen-hackman
     
    salut desinstalle AD-Aware

    ensuite :

    ▶ Télécharge Ad-remover ( de C_XX ) sur ton bureau :

    ▶ Déconnecte toi et ferme toutes applications en cours !

    ▶ Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

    ▶ Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

    ▶ Au menu principal choisis l'option "L" et tape sur [entrée] .

    ▶ Laisse travailler l'outil et ne touche à rien ...

    ▶ Poste le rapport qui apparait à la fin , sur le forum ...

    ( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
    ( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

    ▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    0
  3. fredlof
     
    Salut,
    merci de ta réponse, je m'exécute...
    .
    ======= RAPPORT D'AD-REMOVER 1.1.4.6_D | UNIQUEMENT XP/VISTA/7 =======
    .
    Mit à jour par C_XX le 25.11.2009 à 18:47
    Contact: AdRemover.contact@gmail.com
    Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    .
    Lancé à: 14:38:32, 26/11/2009 | Mode Normal | Option: CLEAN
    Exécuté de: C:\Program Files\Ad-Remover\
    Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
    Nom du PC: VIVACLIM | Utilisateur actuel: Vincent
    .
    ============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
    .
    .
    HKCU\software\appdatalow\AskBarDis
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
    HKLM\software\appdatalow\AskBarDis
    HKLM\software\AskBarDis
    HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
    HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

    (!) -- Fichiers temporaires supprimés.

    .
    ============== Scan additionnel ==============
    .
    .
    * Mozilla FireFox Version 3.5.5 [fr] *
    .
    Nom du profil: hawkrvol.default (Vincent)
    .
    (Vincent, prefs.js) Browser.download.dir, C:\Documents and Settings\Vincent\Bureau
    (Vincent, prefs.js) Browser.download.lastDir, D:\PHOTOS\Images divers
    (Vincent, prefs.js) Browser.search.selectedEngine, eBay France
    (Vincent, prefs.js) Browser.startup.homepage, hxxp://www.google.fr
    (Vincent, prefs.js) Privacy.popups.showBrowserMessage, false
    .
    .
    * Internet Explorer Version 8.0.6001.18702 *
    .
    [HKEY_CURRENT_USER\..\Internet Explorer\Main]
    .
    Start Page: hxxp://fr.msn.com/
    Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
    .
    Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
    Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    Start Page: hxxp://fr.msn.com/
    Search bar: hxxp://search.msn.com/spbasic.htm
    .
    [HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
    .
    Tabs: res://ieframe.dll/tabswelcome.htm
    .
    ===================================
    .
    2368 Octet(s) - C:\Ad-Report-CLEAN[1].log
    .
    0 Fichier(s) - C:\DOCUME~1\Vincent\LOCALS~1\Temp
    2 Fichier(s) - C:\WINDOWS\Temp
    .
    18 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
    0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
    .
    Fin à: 14:45:36 | 26/11/2009 - CLEAN[1]
    .
    ============== E.O.F ==============
    .
    0
  4. gen-hackman
     
    Télécharge OTL de OLDTimer

    enregistre le sur ton Bureau.

    ▶ Double clic ( pour vista => clic droit "executer en tant qu'administrateur") sur OTL.exe pour le lancer.

    ▶ Coche les 2 cases Lop et Purity

    ▶ Coche la case devant scan all users

    ▶ règle-le sur "60 Days"

    ▶ dans la colonne de gauche , mets tout sur all

    ne modifie pas ceci :

    "files created whithin" et "files modified whithin"


    ▶Clic sur Run Scan.

    A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

    Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

    ▶▶▶ NE LE POSTE PAS SUR LE FORUM

    Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

    ▶ Clique sur Parcourir et cherche le fichier ci-dessus.

    ▶ Clique sur Ouvrir.

    ▶ Clique sur "Cliquez ici pour déposer le fichier".

    Un lien de cette forme :

    http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

    est ajouté dans la page.

    ▶ Copie ce lien dans ta réponse.

    ▶▶ Tu feras la meme chose avec le "Extra.txt".
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. fredlof
     
    j'ai fait ce que tu as dit, il me met un message avant l'arret du scan,
    windows - pas de disque
    x exception processing message c0000013 Parameters 75afbf7c 4 75afbf7c 75afbf7c
    annuler recommencer continuer????
    que faire
    0
  7. fredlof
     
    voici le 1er :
    http://www.cijoint.fr/cjlink.php?file=cj200911/cij1DwZUam.txt

    et le 2e :
    http://www.cijoint.fr/cjlink.php?file=cj200911/cijtudCyxN.txt
    0
  8. gen-hackman
     
    Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

    ▶ Télécharge List&Kill'em et enregistre le sur ton bureau

    ▶ dezippe-le , (clic droit/ extraire.....)

    Il ne necessite pas d'installation

    ▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

    choisis la langue puis choisis l'option 1 = Mode Recherche

    ▶laisse travailler l'outil

    ▶Poste le contenu du rapport qui s'ouvre

    0
  9. fredlof
     
    ok,
    List'em by g3n-h@ckm@n 1.0.5.6

    Thx to Chiquitine29.....

    User : Vincent (Administrateurs) # VIVACLIM
    Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
    Start at: 15:45:44 | 26/11/2009
    Contact : g3n-h@ckm@n sur CCM

    Intel(R) Pentium(R) 4 CPU 2.93GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]

    C:\ -> Disque fixe local | 78,13 Go (57,34 Go free) | NTFS
    D:\ -> Disque fixe local | 70,91 Go (22,96 Go free) [Fred] | NTFS
    E:\ -> Disque amovible
    F:\ -> Disque amovible
    G:\ -> Disque amovible
    H:\ -> Disque amovible
    I:\ -> Disque CD-ROM
    J:\ -> Disque CD-ROM
    K:\ -> Disque amovible | 1,88 Go (915,31 Mo free) [PKBACK# 001] | FAT
    L:\ -> Disque amovible

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours

    C:\WINDOWS\System32\smss.exe 516
    C:\WINDOWS\system32\csrss.exe 576
    C:\WINDOWS\system32\winlogon.exe 604
    C:\WINDOWS\system32\services.exe 648
    C:\WINDOWS\system32\lsass.exe 660
    C:\WINDOWS\system32\Ati2evxx.exe 824
    C:\WINDOWS\system32\svchost.exe 840
    C:\WINDOWS\system32\svchost.exe 912
    C:\WINDOWS\System32\svchost.exe 944
    C:\WINDOWS\system32\svchost.exe 992
    C:\WINDOWS\system32\svchost.exe 1152
    C:\WINDOWS\system32\svchost.exe 1240
    C:\WINDOWS\system32\spoolsv.exe 1332
    C:\Program Files\Avira\AntiVir Desktop\sched.exe 1380
    C:\WINDOWS\system32\svchost.exe 1440
    C:\Program Files\a-squared Free\a2service.exe 1540
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1692
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1720
    C:\Program Files\Bonjour\mDNSResponder.exe 1756
    C:\WINDOWS\system32\svchost.exe 1792
    C:\WINDOWS\system32\svchost.exe 1908
    C:\WINDOWS\system32\Ati2evxx.exe 1936
    C:\WINDOWS\system32\svchost.exe 2044
    C:\Program Files\iSafer\iSaferSvr.exe 200
    C:\Program Files\Java\jre6\bin\jqs.exe 412
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 116
    C:\WINDOWS\System32\svchost.exe 1236
    C:\Program Files\Java\jre6\bin\jusched.exe 1476
    C:\WINDOWS\SOUNDMAN.EXE 1488
    C:\WINDOWS\System32\svchost.exe 1484
    C:\Program Files\Microsoft IntelliType Pro\itype.exe 1512
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe 1572
    C:\Program Files\BroadJump\Client Foundation\CFD.exe 1620
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1628
    C:\WINDOWS\system32\slserv.exe 1776
    C:\WINDOWS\ALCWZRD.EXE 1992
    C:\WINDOWS\system32\svchost.exe 2080
    C:\Program Files\iTunes\iTunesHelper.exe 2156
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 2188
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe 2276
    C:\WINDOWS\system32\ctfmon.exe 2308
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 2488
    C:\Program Files\iPod\bin\iPodService.exe 3244
    C:\WINDOWS\System32\alg.exe 3332
    C:\WINDOWS\system32\wbem\wmiapsrv.exe 3660
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 4012
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe 4084
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe 1024
    C:\WINDOWS\explorer.exe 3696
    C:\Program Files\Mozilla Firefox\firefox.exe 744
    C:\WINDOWS\system32\wscntfy.exe 2324
    C:\Documents and Settings\Vincent\Bureau\List_Kill'em.exe 3132
    C:\WINDOWS\system32\cmd.exe 1192
    C:\WINDOWS\system32\wbem\wmiprvse.exe 536
    C:\Documents and Settings\Vincent\Local Settings\Temp\1A.tmp\pv.exe 3100

    ======================
    Cles de demarrage "Run"
    ======================

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    MSMSGS REG_SZ "C:\Program Files\Messenger\msmsgs.exe" /background
    LightScribe Control Panel REG_SZ C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
    ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
    SoundMan REG_SZ SOUNDMAN.EXE
    Raccourci vers la page des propriétés de High Definition Audio REG_SZ HDAShCut.exe
    KernelFaultCheck REG_SZ %systemroot%\system32\dumprep 0 -k
    itype REG_SZ "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    IntelliPoint REG_SZ "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    BluetoothAuthenticationAgent REG_SZ rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    BJCFD REG_SZ C:\Program Files\BroadJump\Client Foundation\CFD.exe
    avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min/nosplash
    AlcWzrd REG_SZ ALCWZRD.EXE
    Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    Adobe ARM REG_SZ "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
    QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
    HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    <SANS NOM> REG_SZ

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
    =====================
    cles additionnelles
    =====================

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
    dontdisplaylastusername REG_DWORD 0x0
    legalnoticecaption REG_SZ
    legalnoticetext REG_SZ
    shutdownwithoutlogon REG_DWORD 0x1
    undockwithoutlogon REG_DWORD 0x1
    DisableRegistryTools REG_DWORD 0x0
    HideLegacyLogonScripts REG_DWORD 0x0
    HideLogoffScripts REG_DWORD 0x0
    RunLogonScriptSync REG_DWORD 0x1
    RunStartupScriptSync REG_DWORD 0x0
    HideStartupScripts REG_DWORD 0x0
    ConsentPromptBehaviorAdmin REG_DWORD 0x2
    ===============
    ===============
    BHO :
    ======

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}

    ========
    Services
    ========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

    Ndisuio : 0x3
    EapHost : 0x3
    SharedAccess : 0x2
    wuauserv : 0x2
    =========

    =========================
    Environnement variables :
    =========================

    AdMin00=~NVous devez etre l'administrateur de ce PC pour continuer !!~N~NDans ces conditions, Le programme ne peut continuer a s'executer...~N~NVeuillez en parler a la personne qui vous aide
    AdMin01=... ATTENTION !!!
    Administrative Tools=C:\DOCUME~1\Vincent\MENUDM~1\PROGRA~1\OUTILS~1
    ALLUSERSPROFILE=C:\Documents and Settings\All Users
    APPDATA=C:\DOCUME~1\Vincent\APPLIC~1
    AUTHOR=C_XX
    BKCOUNT=18
    BOOTMODE=Mode Normal
    Cache=C:\DOCUME~1\Vincent\LOCALS~1\TEMPOR~1
    CD Burning=C:\DOCUME~1\Vincent\LOCALS~1\APPLIC~1\MICROS~1\CDBURN~1
    CHOICE=L
    choix=1
    CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    CLIENTNAME=Console
    Common Administrative Tools=C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\OUTILS~1
    Common AppData=C:\DOCUME~1\ALLUSE~1\APPLIC~1
    Common Desktop=C:\DOCUME~1\ALLUSE~1\Bureau
    Common Documents=C:\DOCUME~1\ALLUSE~1\DOCUME~1
    Common Favorites=C:\DOCUME~1\ALLUSE~1\Favoris
    Common Music=C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1
    Common Pictures=C:\DOCUME~1\ALLUSE~1\DOCUME~1\MESIMA~1
    Common Programs=C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1
    Common Start Menu=C:\DOCUME~1\ALLUSE~1\MENUDM~1
    Common Startup=C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1
    Common Templates=C:\DOCUME~1\ALLUSE~1\MODLES~1
    Common Video=C:\DOCUME~1\ALLUSE~1\DOCUME~1\MESVID~1
    CommonProgramFiles=C:\Program Files\Fichiers communs
    COMPUTERNAME=VIVACLIM
    ComSpec=C:\WINDOWS\system32\cmd.exe
    Cookies=C:\DOCUME~1\Vincent\Cookies
    CurrReport=1
    Desktop=C:\DOCUME~1\Vincent\Bureau
    DISPLAY00=CALL DISPLAY ³³³³³
    DISPLAY01=CALL DISPLAY ³³³³³³³³
    DISPLAY02=CALL DISPLAY ³³³³³³³³³³³³
    DISPLAY03=CALL DISPLAY ³³³³³³³³³³³³³³³³
    DISPLAY04=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³
    DISPLAY05=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY06=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY07=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY08=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY09=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY10=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY11=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY12=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY13=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY14=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY15=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY16=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY17=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY18=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY19=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY20=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY21=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY22=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY23=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY24=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY25=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY26=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY27=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY28=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    DISPLAY29=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
    Do00=Move.bat
    Do01=DelKeys.bat
    Do02=DelValues.bat
    DPF=C:\WINDOWS\Downloaded Program Files
    Favorites=C:\DOCUME~1\Vincent\Favoris
    FF=hawkrvol.default
    Fonts=C:\WINDOWS\Fonts
    FP_NO_HOST_CHECK=NO
    History=C:\DOCUME~1\Vincent\LOCALS~1\HISTOR~1
    HOMEDRIVE=C:
    HOMEPATH=\Documents and Settings\Vincent
    IE=C:\Program Files\Internet Explorer
    Incompatible OS 00=~NCe programme ne peut fonctionner que sous Windows XP,Vista et 7 !~N~Ncliquez sur ~qOK~q pour quitter.
    Incompatible OS 01=... Systeme d'exploitation incompatible !!!
    INSTALLER=C:\WINDOWS\Installer
    L01=Veuillez patienter ...
    L02=~NERREUR ! -- Un ou plusieurs composant(s) est/sont manquant(s) !~NAppuyer sur 'Ok' pour quitter.~N~N
    L05=Termin‚! le rapport est sauvegard‚ ici:
    L06=Choisissez et appuyez sur entr‚e pour continuer
    L07=Scan additionnel termin‚
    L07A=Scan additionnel
    L08=Nettoyage des fichiers temporaires termin‚
    L09=Impossible d'obtenir la version
    L10=Administrateur
    L10A=N'est pas administrateur
    L11=Scanner ^(Aucune suppression n'est effectu‚e^)
    L12=Lancer le nettoyage
    L13=D‚sinstaller
    L14=Quitter
    L15=RAPPORT D'AD-REMOVER 1.1.4.6_D ^| UNIQUEMENT XP/VISTA/7
    L16=Mit à jour par C_XX le 25.11.2009 à 18:47
    L17=Contact: AdRemover.contact@gmail.com
    L18=Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
    L19=Lancé à: 14:38:32, 26/11/2009 ^| Mode Normal
    L20=Exécuté de:
    L21=Système d'exploitation:
    L22=Nom du PC: VIVACLIM ^| Utilisateur actuel: Vincent
    L23=Option:
    L24=Scan en cours, veuillez patienter le temps de la recherche.
    L25=ÉLÉMENT^(S^) NEUTRALISÉ^(S^)
    L25A=ÉLÉMENT^(S^) TROUVÉ^(S^)
    L26=Fichiers temporaires supprimés.
    L27=Fin à:
    L28=Nom du profil:
    Local AppData=C:\DOCUME~1\Vincent\LOCALS~1\APPLIC~1
    LOCALAPPDATA=C:\Documents and Settings\Vincent\Local Settings\Application Data
    LOCALLOW=C:\Documents and Settings\Vincent\AppData\LocalLow
    LOGONSERVER=\\VIVACLIM
    misc=Octet
    misc2=Fichier
    misc3=EFFACE
    misc4=TROUVE
    misc5=Progression du scan ..
    Mode=CLEAN
    MSN=C:\Program Files\MSN Messenger
    My Music=C:\DOCUME~1\Vincent\MESDOC~1\MAMUSI~1
    My Pictures=C:\DOCUME~1\Vincent\MESDOC~1\MESIMA~1
    NAME=AD-REMOVER
    NBC02=1
    NBS02=1
    NetHood=C:\DOCUME~1\Vincent\VOISIN~1
    Nondelete=... [b]ERREUR SUPPRESSION !!/b
    NUMBER_OF_PROCESSORS=1
    OS=Windows_NT
    OS_SP=Service Pack 3
    Page_Values=Default_Page_URL|Default_Search_URL|SearchAssistant|Search bar|Search Page|Start Page|Start Page Restore|First Home Page
    Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Fichiers communs\HP\Digital Imaging\bin;C:\Program Files\HP\Digital Imaging\bin\;C:\Program Files\HP\Digital Imaging\bin\Qt\Qt 4.3.3;C:\Program Files\QuickTime\QTSystem\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    Personal=C:\DOCUME~1\Vincent\MESDOC~1
    PrintHood=C:\DOCUME~1\Vincent\VOISIN~2
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
    PROCESSOR_LEVEL=15
    PROCESSOR_REVISION=0304
    ProgramFiles=C:\Program Files
    Programs=C:\DOCUME~1\Vincent\MENUDM~1\PROGRA~1
    PROMPT=$P$G
    QTJAVA=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    QUCOUNT=0
    QUICK LAUNCH=C:\DOCUME~1\Vincent\APPLIC~1\Microsoft\Internet Explorer\Quick Launch
    Recent=C:\DOCUME~1\Vincent\Recent
    REPORT=C:\Ad-Report-CLEAN[1].log
    SE=Windows XP
    SendTo=C:\DOCUME~1\Vincent\SendTo
    Services=ASK(Service|Upgrade)|MyWebSearchService|OneStepS(rch|earch) Service|OneStep Search Service|PremierOpinion|RelevantKnowledge|(SearchIn1Step|Seekapp|SeekappSrch|Seekeen) Service|SeekService Service
    SESSIONNAME=Console
    SE_=0
    Start Menu=C:\DOCUME~1\Vincent\MENUDM~1
    Startup=C:\DOCUME~1\Vincent\MENUDM~1\PROGRA~1\DMARRA~1
    SYSTEM32=C:\WINDOWS\System32
    SystemDrive=C:
    SystemRoot=C:\WINDOWS
    TbPath=Software\Microsoft\Internet Explorer\Toolbar
    Teatimer00=~NLe resident ~qTeaTimer.exe~q de ~qSpybot - Search ^& Destroy~q est actif !~N~NDans ces conditions, Le programme ne peut continuer a s'executer...~N~NVeuillez en parler a la personne qui vous aide
    Teatimer01=... ATTENTION !!!
    TEMP=C:\DOCUME~1\Vincent\LOCALS~1\Temp
    TEMP2=C:\WINDOWS\Temp
    Templates=C:\DOCUME~1\Vincent\MODLES~1
    TMP=C:\DOCUME~1\Vincent\LOCALS~1\Temp
    ToSrch01=Eorezo|FunWebProducts|ItsLabel|Kiwee Toolbar
    ToSrch02=Bingo Day|Casino-On-Net|Casino Del Rio|Casino\.com Poker|EmpirePoker|Europa Casino|iMesh.lnk|My Speedy Alert|Pacific Poker|PartyPoker|Titan Poker|Vegas Red Casino|888poker\.net
    UAC00=~NLe ~qControle des comptes utilisateur~q est actif !~N~NDans ces conditions, Le programme ne peut continuer a s'executer...~N~NVeuillez en parler a la personne qui vous aide
    UAC01=... ATTENTION !!!
    UPDATE_DATE=25.11.2009
    UPDATE_TIME=18:47
    USER=S-1-5-21-1123561945-261478967-725345543-1003
    USERDOMAIN=VIVACLIM
    USERNAME=Vincent
    USERPROFILE=C:\Documents and Settings\Vincent
    VER=1.1.4.6_D
    VERFF=3.5.5 [fr]
    VERIE=8.0.6001.18702
    VERW=v5.1.2600
    windir=C:\WINDOWS
    WLM=C:\Program Files\Windows Live\Messenger

    ¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

    C:\WINDOWS\aucfg.ini
    C:\WINDOWS\jautoexp.dat
    C:\WINDOWS\patch.exe
    C:\WINDOWS\System32\drivers\etc\hosts.msn
    C:\WINDOWS\System32\SETF8.tmp

    ¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}"
    HKLM\SYSTEM\CurrentControlSet\Services\mchInjDrv

    =====================
    Verification Rootkits
    =====================

    disk not found C:\

    please note that you need administrator rights to perform deep scan

    ¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

    ACRORD32INFO.EXE-3686C6FE.pf
    AD-R.EXE-295E01CC.pf
    ALG.EXE-0037216C.pf
    APPLEMOBILEDEVICEHELPER.EXE-14B1C894.pf
    AVCENTER.EXE-327D1785.pf
    AVGNT.EXE-2584822D.pf
    AVNOTIFY.EXE-1DD367BD.pf
    AVWSC.EXE-051736A1.pf
    CCLEANER.EXE-2DA27B30.pf
    CHCP.COM-33B74DB3.pf
    CMD.EXE-1757A515.pf
    CSCRIPT.EXE-3889D978.pf
    DEVIS.EXE-0B89F1C6.pf
    ERUNT.COM-16C0F406.pf
    EXPLORER.EXE-0BD44A36.pf
    FIREFOX.EXE-2D86FE5D.pf
    GREP.COM-2FDECA7C.pf
    HELPCTR.EXE-0D31BA78.pf
    HELPSVC.EXE-1ABD1CE3.pf
    HPQBAM08.EXE-19AE6796.pf
    HPQGPC01.EXE-29296286.pf
    HPQSTE08.EXE-1FDB76E2.pf
    HPQUSGL.EXE-324CAFC6.pf
    IMAPI.EXE-244838D0.pf
    IPODSERVICE.EXE-085C0DD6.pf
    ISADMIN.COM-0C3EDDA7.pf
    ISAFER.EXE-03E12380.pf
    ITUNES.EXE-214C1E02.pf
    JQSNOTIFY.EXE-0E310DCF.pf
    Layout.ini
    LIST_KILL'EM.EXE-2A2E2ED8.pf
    LOGONUI.EXE-11719815.pf
    MODE.COM-0B95623F.pf
    MSIEXEC.EXE-1326CB42.pf
    NIRCMD.COM-1BF8F327.pf
    NOTEPAD.EXE-0E40B726.pf
    NOTEPAD.EXE-16FF903D.pf
    NTOSBOOT-B00DFAAD.pf
    OTL.EXE-0E0C852A.pf
    OUTLOOK.EXE-02B37452.pf
    OUTLOOKSYNCCLIENT.EXE-01AD90A4.pf
    PROCESS.COM-27D162FD.pf
    PV.COM-114E47A4.pf
    PV.EXE-30A2F225.pf
    REG.EXE-03DA8496.pf
    REG.EXE-1C06FB0B.pf
    REGDACL.COM-22FB26B9.pf
    RUNDLL32.EXE-0B7DCCBB.pf
    RUNDLL32.EXE-0EE62C6A.pf
    RUNDLL32.EXE-197BDB03.pf
    RUNDLL32.EXE-24D5C4FA.pf
    RUNDLL32.EXE-37799188.pf
    RUNDLL32.EXE-380F9E2D.pf
    SED.COM-047C962B.pf
    SETPATH.COM-1397489E.pf
    SORT.EXE-23B2D5B1.pf
    SWREG.COM-3514A06D.pf
    SWSC.COM-0E328E9B.pf
    TASKMGR.EXE-00EE63BA.pf
    THUNDERBIRD.EXE-0047D6EC.pf
    UNIQ.COM-11A62396.pf
    UPDATE.EXE-144818A8.pf
    VERCLSID.EXE-23D808F5.pf
    WIAACMGR.EXE-2E3EFD0B.pf
    WINRAR.EXE-39EF02AC.pf
    WINWORD.EXE-02222DB5.pf
    WMIAPSRV.EXE-23354B79.pf
    WMIPRVSE.EXE-2E05DC7D.pf
    WSCNTFY.EXE-3788B757.pf
    WUAUCLT.EXE-32CC1C14.pf

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  10. gen-hackman
     
    ▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),

    mais cette fois-ci :

    ▶ choisis l'option 2 = Mode Destruction

    laisse travailler l'outil.

    en fin de scan un rapport s'ouvre

    ▶ colle le contenu dans ta reponse
    0
  11. fredlof
     
    Kill'em by g3n-h@ckm@n 1.0.5.6

    User : Vincent (Administrateurs) # VIVACLIM
    Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
    Start at: 15:55:14 | 26/11/2009
    Contact : g3n-h@ckm@n sur CCM

    Intel(R) Pentium(R) 4 CPU 2.93GHz
    Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
    Internet Explorer 8.0.6001.18702
    Windows Firewall Status : Enabled
    AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]

    C:\ -> Disque fixe local | 78,13 Go (57,34 Go free) | NTFS
    D:\ -> Disque fixe local | 70,91 Go (22,96 Go free) [Fred] | NTFS
    I:\ -> Disque CD-ROM
    J:\ -> Disque CD-ROM

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours

    C:\WINDOWS\System32\smss.exe 516
    C:\WINDOWS\system32\csrss.exe 576
    C:\WINDOWS\system32\winlogon.exe 604
    C:\WINDOWS\system32\services.exe 648
    C:\WINDOWS\system32\lsass.exe 660
    C:\WINDOWS\system32\Ati2evxx.exe 824
    C:\WINDOWS\system32\svchost.exe 840
    C:\WINDOWS\system32\svchost.exe 912
    C:\WINDOWS\System32\svchost.exe 944
    C:\WINDOWS\system32\svchost.exe 992
    C:\WINDOWS\system32\svchost.exe 1152
    C:\WINDOWS\system32\svchost.exe 1240
    C:\WINDOWS\system32\spoolsv.exe 1332
    C:\Program Files\Avira\AntiVir Desktop\sched.exe 1380
    C:\WINDOWS\system32\svchost.exe 1440
    C:\Program Files\a-squared Free\a2service.exe 1540
    C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1692
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1720
    C:\Program Files\Bonjour\mDNSResponder.exe 1756
    C:\WINDOWS\system32\svchost.exe 1792
    C:\WINDOWS\system32\svchost.exe 1908
    C:\WINDOWS\system32\Ati2evxx.exe 1936
    C:\WINDOWS\system32\svchost.exe 2044
    C:\Program Files\iSafer\iSaferSvr.exe 200
    C:\Program Files\Java\jre6\bin\jqs.exe 412
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 116
    C:\WINDOWS\System32\svchost.exe 1236
    C:\Program Files\Java\jre6\bin\jusched.exe 1476
    C:\WINDOWS\SOUNDMAN.EXE 1488
    C:\WINDOWS\System32\svchost.exe 1484
    C:\Program Files\Microsoft IntelliType Pro\itype.exe 1512
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe 1572
    C:\Program Files\BroadJump\Client Foundation\CFD.exe 1620
    C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1628
    C:\WINDOWS\system32\slserv.exe 1776
    C:\WINDOWS\ALCWZRD.EXE 1992
    C:\WINDOWS\system32\svchost.exe 2080
    C:\Program Files\iTunes\iTunesHelper.exe 2156
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 2188
    C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe 2276
    C:\WINDOWS\system32\ctfmon.exe 2308
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 2488
    C:\Program Files\iPod\bin\iPodService.exe 3244
    C:\WINDOWS\System32\alg.exe 3332
    C:\WINDOWS\system32\wbem\wmiapsrv.exe 3660
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 4012
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe 4084
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe 1024
    C:\WINDOWS\explorer.exe 3696
    C:\WINDOWS\system32\wscntfy.exe 2324
    C:\Documents and Settings\Vincent\Bureau\List_Kill'em.exe 1980
    C:\WINDOWS\system32\cmd.exe 3828
    C:\WINDOWS\system32\wbem\wmiprvse.exe 3200
    C:\Documents and Settings\Vincent\Local Settings\Temp\1B.tmp\pv.exe 3684

    Fichiers analysés :
    =================

    ¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

    "C:\WINDOWS\aucfg.ini"
    "C:\WINDOWS\jautoexp.dat"
    "C:\WINDOWS\patch.exe"
    "C:\WINDOWS\System32\drivers\etc\hosts.msn"
    C:\WINDOWS\System32\SETF8.tmp

    ¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :

    Quarantaine :

    aucfg.ini.Kill'em
    hosts.msn.Kill'em
    jautoexp.dat.Kill'em
    PATCH.EXE.Kill'em
    SETF8.tmp.Kill'em

    ====================
    Fichiers hosts nettoyés
    ====================
    ¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch

    Layout.ini
    NTOSBOOT-B00DFAAD.pf

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  12. gen-hackman
     
    ok refais OTL comme precedemment demandé
    0
  13. fredlof
     
    http://www.cijoint.fr/cjlink.php?file=cj200911/cijHHzdpUH.txt

    je n'ai pas l'autre extra!!
    0
  14. fredlof
     
    je suis obligée de m'absenter... je continue dès que je rentre, merci de ton aide.
    A tout à l'heure.
    0
  15. gen-hackman
     
    ▶ Télécharge HostXpert sur ton Bureau :

    ▶ Décompresse-le (Clic droit >> Extraire ici)

    ▶ Double-clique sur HostsXpert pour le lancer

    ▶ clique sur le bouton "Restore MS Hosts File" puis ferme le programme

    PS : Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur.

    ▶ s'il est fermé , clique dessus :)

    ensuite :

    ▶ Télécharge Zeb-Restoreet enregistre ce fichier sur le bureau.

    ▶-Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.

    ▶-Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe

    ▶- Coche la case devant : sites de confiance

    ▶- Ne coche aucune autre case

    ▶-Clique sur Restaurer

    ▶-Redémarre ton PC

    ensuite :

    ▶ Double clic sur OTL.exe pour le lancer.

    ▶Copie la liste qui se trouve en gras ci-dessous,

    ▶ colle-la dans la zone sous Customs Scans/Fixes :

    :processes
    explorer.exe
    iexplore.exe
    firefox.exe
    msnmsgr.exe
    Teatimer.exe

    :OTL
    FF - prefs.js..browser.search.selectedEngine: "eBay France"
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
    O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [KernelFaultCheck] File not found
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present
    O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Main present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present
    O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Main present
    O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Main present
    O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Main present
    O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} http://www.inoculer.com/antivirus/Msie/bitdefender.cab (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
    @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

    :reg
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"=-
    "HP Software Update"=-
    "iTunesHelper"=-
    "QuickTime Task"=-
    "SoundMan"=-

    :files
    C:\Kill'em
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
    C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}

    :commands
    [emptytemp]
    [start explorer]
    [reboot]


    ▶ Clique sur RunFix pour lancer la suppression.

    ▶ Poste le rapport.
    0
  16. fredlof
     
    bonsoir,
    me revoilà...
    voici le rapport :

    All processes killed
    ========== PROCESSES ==========
    No active process named explorer.exe was found!
    No active process named iexplore.exe was found!
    Process firefox.exe killed successfully!
    No active process named msnmsgr.exe was found!
    No active process named Teatimer.exe was found!
    ========== OTL ==========
    Prefs.js: "eBay France" removed from browser.search.selectedEngine
    Prefs.js: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15 removed from extensions.enabledItems
    Prefs.js: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 removed from extensions.enabledItems
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{327C2873-E90D-4c37-AA9D-10AC9BABA46C} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{327C2873-E90D-4c37-AA9D-10AC9BABA46C}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
    Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
    Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
    Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
    Registry key HKEY_USERS\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
    Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
    Registry key HKEY_USERS\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
    Registry key HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
    Registry key HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Main\ deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
    Registry key HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
    Registry key HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
    Starting removal of ActiveX control {80DD2229-B8E4-4C77-B72F-F22972D723EA}
    C:\WINDOWS\Downloaded Program Files\bitdefender.inf moved successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ not found.
    Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
    C:\WINDOWS\Downloaded Program Files\gp.inf not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
    File oft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab not found.
    Starting removal of ActiveX control Microsoft XML Parser for Java
    Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
    ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SoundMan deleted successfully.
    ========== FILES ==========
    C:\Kill'em folder moved successfully.
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk moved successfully.
    C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\x86 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\FF3002AF folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\F9AC7BDE folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\F6D2B47C folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\F63615A0 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\F2F4B043 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\EF097077 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\E2BD2D8F folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\E12F5DF3 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\D7C567DF folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\D36D453C folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\D28D455E folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\C240B45B folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\C0FB366C folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\BBAF3FD9 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B773950A folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B5732ADD folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B47E00C4 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B28FF60B folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B2812DF9 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\AD48AE3B folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\A6B65F24 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\9446755D folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\86264A68 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\8188F5AA folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\7ADB891D folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\6E75CDB7 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\6CE74E5E folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\6AA0711 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\69C69A4B folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\61941FA9 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\60CE1A11 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\5C82C5C2 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\50AA1203 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\4AFCF052 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\46CAF3C0 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\424A63E3 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\3EF2EE6C folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\392E7757 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\38340066 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\2C8DEF3D folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\257BCF86 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\14A18533 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\140EC001 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\BC46104D\F0C31B37 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\BC46104D folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\A7E6F7C8\B96DB9C8 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\A7E6F7C8 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\6F56682\F3E84CB7 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\6F56682 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\63D7AFB3\C30AF04B folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\63D7AFB3 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\56A5F27A\CE84CD41 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\56A5F27A folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\31607C66\F512B6F6 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\31607C66 folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline folder moved successfully.
    C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526} folder moved successfully.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: Administrateur
    ->Temp folder emptied: 49 bytes
    ->Temporary Internet Files folder emptied: 235582 bytes

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33706 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 49554 bytes

    User: Vincent
    ->Temp folder emptied: 1971463 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Java cache emptied: 18771 bytes
    ->FireFox cache emptied: 82041879 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    Windows Temp folder emptied: 63983 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23461748 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 1201841 bytes

    Total Files Cleaned = 104,12 mb

    OTL by OldTimer - Version 3.1.10.1 log created on 11262009_185720

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...
    0
  17. gen-hackman
     
    bien

    ########### [ Option 1 ( Recherche ) ]

    ▶ Télécharge FindyKill de Chiquitine29 sur ton bureau :

    https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

    ! Déconnecte toi et ferme toutes applications en cours !

    ▶ Double clique (clic droit "en tant qu'administrateur" pour Vista) sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .

    ▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

    ▶ Double-clique (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

    ▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

    ▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

    ▶ Laisse travailler l'outil et ne touche à rien ...

    ▶ Poste le rapport qui apparait à la fin , sur le forum ...

    ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
    ( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
    0
  18. fredlof
     
    je ferais ca demain je suis occupée, merci encore, à demain j'espère;
    bonne soirée
    0
  19. gen-hackman
     
    ok ;)

    findykill nous remettra ceci conforme :

    ========
    Services
    ========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

    Ndisuio : 0x3
    EapHost : 0x3
    SharedAccess : 0x2
    wuauserv : 0x2
    =========
    0
  20. gen-hackman
     
    ########### [ Option 2 ( Suppression ) ]

    ▶ Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .

    ▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

    ▶ Relance "FindyKill" (clic droit "en tant qu'administrateur" pour Vista): au menu principal choisis l'option " F " pour français et tape sur [entrée] .

    ▶ Au second menu choisis l'option 2 (suppression) et tape sur [entrée]

    ▶ Le pc va redémarrer automatiquement ...

    ▶ le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !

    ▶ Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )

    ▶ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
    0
  • 1
  • 2