Sujet Précédent Sujet Suivant

PC lent....

Résolu/Fermé
fredlof - 25 nov. 2009 à 11:14
 Utilisateur anonyme - 30 nov. 2009 à 12:26
Bonjour,
mon pc est un peu long depuis un moment, de plus j'ai basculé ci vers sfr, je vous parle pas du b....l !!
Il me semble qu'il y a des lignes pas normal pourriez vous m'aidez!!

voici le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:10:15, on 25/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iSafer\iSaferSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iSafer\iSafer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Vincent\Bureau\scanner.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - (no file)
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min/nosplash
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Moniteur Fax-Voix.lnk = C:\OLIFAXVX\MONITEUR.EXE
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: iSafer.lnk = C:\Program Files\iSafer\iSafer.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sélection intelligente HP - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iSafer - Personal Firewall (iSafer) - http://winsockfirewall.sourceforge.net - C:\Program Files\iSafer\iSaferSvr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
A voir également:

34 réponses

  • 1
  • 2
Réponse 1 / 34
fredlof
27 nov. 2009 à 11:45
bonjour,
voici la suite, merci encore :


############################## | FindyKill V5.020 |

# User : Vincent (Administrateurs) # VIVACLIM
# Update on 26/11/2009 by Chiquitine29
# Start at: 11:32:09 | 27/11/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html
# Contact : FindyKill.Contact@gmail.com

# Intel(R) Pentium(R) 4 CPU 2.93GHz
# Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Disabled
# AV : AntiVir Desktop 9.0.1.32 [ Enabled | Updated ]

# C:\ # Disque fixe local # 78,13 Go (57,36 Go free) # NTFS
# D:\ # Disque fixe local # 70,91 Go (22,96 Go free) [Fred] # NTFS
# E:\ # Disque amovible
# F:\ # Disque amovible
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque CD-ROM
# J:\ # Disque CD-ROM
# K:\ # Disque amovible # 14,92 Go (14,92 Go free) [PKBACK# 001] # FAT32
# L:\ # Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iSafer\iSaferSvr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |


################## | C:\WINDOWS |


################## | C:\WINDOWS\system32 |


################## | C:\WINDOWS\system32\drivers |


################## | C:\Documents and Settings\Vincent\Application Data |


################## | Autres detections ... |

################## | Temporary Internet Files |


################## | Registre / Clés infectieuses |

Présent ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"
Présent ! [HKLM\software\microsoft\security center] "AntiVirusOverride"
Présent ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"
Présent ! [HKLM\software\microsoft\security center] "FirewallOverride"
Présent ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"
Présent ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"

################## | Etat / Services / Informations |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 3 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )


################## | Cracks / Keygens / Serials |

"D:\LOGICIELS\winzip 8.0 fr\Crack.exe"
15/08/2000 12:08 |Size 44544 |Crc32 8bafc100 |Md5 2b7f83d8cede0ea3c48a9624dc4f710e


################## | ! Fin du rapport # FindyKill V5.020 ! |
1
Réponse 2 / 34
Utilisateur anonyme
25 nov. 2009 à 13:23
salut desinstalle AD-Aware

ensuite :


▶ Télécharge Ad-remover ( de C_XX ) sur ton bureau :


▶ Déconnecte toi et ferme toutes applications en cours !

▶ Double clique sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .

▶ Double-clique sur le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis l'option "L" et tape sur [entrée] .

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )

▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
0
Réponse 3 / 34
fredlof
26 nov. 2009 à 14:55
Salut,
merci de ta réponse, je m'exécute...
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_D | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 25.11.2009 à 18:47
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 14:38:32, 26/11/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: VIVACLIM | Utilisateur actuel: Vincent
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
.
HKCU\software\appdatalow\AskBarDis
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}
HKLM\software\appdatalow\AskBarDis
HKLM\software\AskBarDis
HKLM\Software\Classes\CLSID\{b0de3308-5d5a-470d-81b9-634fc078393b}
HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98}

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.5 [fr] *
.
Nom du profil: hawkrvol.default (Vincent)
.
(Vincent, prefs.js) Browser.download.dir, C:\Documents and Settings\Vincent\Bureau
(Vincent, prefs.js) Browser.download.lastDir, D:\PHOTOS\Images divers
(Vincent, prefs.js) Browser.search.selectedEngine, eBay France
(Vincent, prefs.js) Browser.startup.homepage, hxxp://www.google.fr
(Vincent, prefs.js) Privacy.popups.showBrowserMessage, false
.
.
* Internet Explorer Version 8.0.6001.18702 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
2368 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
0 Fichier(s) - C:\DOCUME~1\Vincent\LOCALS~1\Temp
2 Fichier(s) - C:\WINDOWS\Temp
.
18 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 14:45:36 | 26/11/2009 - CLEAN[1]
.
============== E.O.F ==============
.
0
Réponse 4 / 34
Utilisateur anonyme
26 nov. 2009 à 15:04
Télécharge OTL de OLDTimer

enregistre le sur ton Bureau.

▶ Double clic ( pour vista => clic droit "executer en tant qu'administrateur") sur OTL.exe pour le lancer.

▶ Coche les 2 cases Lop et Purity

▶ Coche la case devant scan all users

▶ règle-le sur "60 Days"

▶ dans la colonne de gauche , mets tout sur all

ne modifie pas ceci :

"files created whithin" et "files modified whithin"

▶Clic sur Run Scan.

A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).

Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)

▶▶▶ NE LE POSTE PAS SUR LE FORUM

Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/

▶ Clique sur Parcourir et cherche le fichier ci-dessus.

▶ Clique sur Ouvrir.

▶ Clique sur "Cliquez ici pour déposer le fichier".

Un lien de cette forme :

http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt

est ajouté dans la page.

▶ Copie ce lien dans ta réponse.

▶▶ Tu feras la meme chose avec le "Extra.txt".
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 34
fredlof
26 nov. 2009 à 15:14
j'ai fait ce que tu as dit, il me met un message avant l'arret du scan,
windows - pas de disque
x exception processing message c0000013 Parameters 75afbf7c 4 75afbf7c 75afbf7c
annuler recommencer continuer????
que faire
0
Réponse 6 / 34
fredlof
26 nov. 2009 à 15:16
oups ok il fait le scan
0
Réponse 7 / 34
fredlof
26 nov. 2009 à 15:24
voici le 1er :
http://www.cijoint.fr/cjlink.php?file=cj200911/cij1DwZUam.txt

et le 2e :
http://www.cijoint.fr/cjlink.php?file=cj200911/cijtudCyxN.txt
0
Réponse 8 / 34
Utilisateur anonyme
26 nov. 2009 à 15:40
Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

▶ Télécharge List&Kill'em et enregistre le sur ton bureau

▶ dezippe-le , (clic droit/ extraire.....)

Il ne necessite pas d'installation

▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

choisis la langue puis choisis l'option 1 = Mode Recherche

▶laisse travailler l'outil

▶Poste le contenu du rapport qui s'ouvre

0
Réponse 9 / 34
fredlof
26 nov. 2009 à 15:50
ok,
List'em by g3n-h@ckm@n 1.0.5.6

Thx to Chiquitine29.....

User : Vincent (Administrateurs) # VIVACLIM
Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
Start at: 15:45:44 | 26/11/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) 4 CPU 2.93GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]

C:\ -> Disque fixe local | 78,13 Go (57,34 Go free) | NTFS
D:\ -> Disque fixe local | 70,91 Go (22,96 Go free) [Fred] | NTFS
E:\ -> Disque amovible
F:\ -> Disque amovible
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque CD-ROM
J:\ -> Disque CD-ROM
K:\ -> Disque amovible | 1,88 Go (915,31 Mo free) [PKBACK# 001] | FAT
L:\ -> Disque amovible

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours

C:\WINDOWS\System32\smss.exe 516
C:\WINDOWS\system32\csrss.exe 576
C:\WINDOWS\system32\winlogon.exe 604
C:\WINDOWS\system32\services.exe 648
C:\WINDOWS\system32\lsass.exe 660
C:\WINDOWS\system32\Ati2evxx.exe 824
C:\WINDOWS\system32\svchost.exe 840
C:\WINDOWS\system32\svchost.exe 912
C:\WINDOWS\System32\svchost.exe 944
C:\WINDOWS\system32\svchost.exe 992
C:\WINDOWS\system32\svchost.exe 1152
C:\WINDOWS\system32\svchost.exe 1240
C:\WINDOWS\system32\spoolsv.exe 1332
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1380
C:\WINDOWS\system32\svchost.exe 1440
C:\Program Files\a-squared Free\a2service.exe 1540
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1692
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1720
C:\Program Files\Bonjour\mDNSResponder.exe 1756
C:\WINDOWS\system32\svchost.exe 1792
C:\WINDOWS\system32\svchost.exe 1908
C:\WINDOWS\system32\Ati2evxx.exe 1936
C:\WINDOWS\system32\svchost.exe 2044
C:\Program Files\iSafer\iSaferSvr.exe 200
C:\Program Files\Java\jre6\bin\jqs.exe 412
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 116
C:\WINDOWS\System32\svchost.exe 1236
C:\Program Files\Java\jre6\bin\jusched.exe 1476
C:\WINDOWS\SOUNDMAN.EXE 1488
C:\WINDOWS\System32\svchost.exe 1484
C:\Program Files\Microsoft IntelliType Pro\itype.exe 1512
C:\Program Files\Microsoft IntelliPoint\ipoint.exe 1572
C:\Program Files\BroadJump\Client Foundation\CFD.exe 1620
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1628
C:\WINDOWS\system32\slserv.exe 1776
C:\WINDOWS\ALCWZRD.EXE 1992
C:\WINDOWS\system32\svchost.exe 2080
C:\Program Files\iTunes\iTunesHelper.exe 2156
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 2188
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe 2276
C:\WINDOWS\system32\ctfmon.exe 2308
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 2488
C:\Program Files\iPod\bin\iPodService.exe 3244
C:\WINDOWS\System32\alg.exe 3332
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3660
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 4012
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe 4084
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe 1024
C:\WINDOWS\explorer.exe 3696
C:\Program Files\Mozilla Firefox\firefox.exe 744
C:\WINDOWS\system32\wscntfy.exe 2324
C:\Documents and Settings\Vincent\Bureau\List_Kill'em.exe 3132
C:\WINDOWS\system32\cmd.exe 1192
C:\WINDOWS\system32\wbem\wmiprvse.exe 536
C:\Documents and Settings\Vincent\Local Settings\Temp\1A.tmp\pv.exe 3100

======================
Cles de demarrage "Run"
======================

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
MSMSGS REG_SZ "C:\Program Files\Messenger\msmsgs.exe" /background
LightScribe Control Panel REG_SZ C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre6\bin\jusched.exe"
SoundMan REG_SZ SOUNDMAN.EXE
Raccourci vers la page des propriétés de High Definition Audio REG_SZ HDAShCut.exe
KernelFaultCheck REG_SZ %systemroot%\system32\dumprep 0 -k
itype REG_SZ "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
IntelliPoint REG_SZ "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
BluetoothAuthenticationAgent REG_SZ rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
BJCFD REG_SZ C:\Program Files\BroadJump\Client Foundation\CFD.exe
avgnt REG_SZ "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min/nosplash
AlcWzrd REG_SZ ALCWZRD.EXE
Adobe Reader Speed Launcher REG_SZ "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
Adobe ARM REG_SZ "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"
HP Software Update REG_SZ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
<SANS NOM> REG_SZ

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
=====================
cles additionnelles
=====================

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
dontdisplaylastusername REG_DWORD 0x0
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 0x1
undockwithoutlogon REG_DWORD 0x1
DisableRegistryTools REG_DWORD 0x0
HideLegacyLogonScripts REG_DWORD 0x0
HideLogoffScripts REG_DWORD 0x0
RunLogonScriptSync REG_DWORD 0x1
RunStartupScriptSync REG_DWORD 0x0
HideStartupScripts REG_DWORD 0x0
ConsentPromptBehaviorAdmin REG_DWORD 0x2
===============
===============
BHO :
======

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
EapHost : 0x3
SharedAccess : 0x2
wuauserv : 0x2
=========

=========================
Environnement variables :
=========================

AdMin00=~NVous devez etre l'administrateur de ce PC pour continuer !!~N~NDans ces conditions, Le programme ne peut continuer a s'executer...~N~NVeuillez en parler a la personne qui vous aide
AdMin01=... ATTENTION !!!
Administrative Tools=C:\DOCUME~1\Vincent\MENUDM~1\PROGRA~1\OUTILS~1
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\DOCUME~1\Vincent\APPLIC~1
AUTHOR=C_XX
BKCOUNT=18
BOOTMODE=Mode Normal
Cache=C:\DOCUME~1\Vincent\LOCALS~1\TEMPOR~1
CD Burning=C:\DOCUME~1\Vincent\LOCALS~1\APPLIC~1\MICROS~1\CDBURN~1
CHOICE=L
choix=1
CLASSPATH=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
CLIENTNAME=Console
Common Administrative Tools=C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\OUTILS~1
Common AppData=C:\DOCUME~1\ALLUSE~1\APPLIC~1
Common Desktop=C:\DOCUME~1\ALLUSE~1\Bureau
Common Documents=C:\DOCUME~1\ALLUSE~1\DOCUME~1
Common Favorites=C:\DOCUME~1\ALLUSE~1\Favoris
Common Music=C:\DOCUME~1\ALLUSE~1\DOCUME~1\MAMUSI~1
Common Pictures=C:\DOCUME~1\ALLUSE~1\DOCUME~1\MESIMA~1
Common Programs=C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1
Common Start Menu=C:\DOCUME~1\ALLUSE~1\MENUDM~1
Common Startup=C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1
Common Templates=C:\DOCUME~1\ALLUSE~1\MODLES~1
Common Video=C:\DOCUME~1\ALLUSE~1\DOCUME~1\MESVID~1
CommonProgramFiles=C:\Program Files\Fichiers communs
COMPUTERNAME=VIVACLIM
ComSpec=C:\WINDOWS\system32\cmd.exe
Cookies=C:\DOCUME~1\Vincent\Cookies
CurrReport=1
Desktop=C:\DOCUME~1\Vincent\Bureau
DISPLAY00=CALL DISPLAY ³³³³³
DISPLAY01=CALL DISPLAY ³³³³³³³³
DISPLAY02=CALL DISPLAY ³³³³³³³³³³³³
DISPLAY03=CALL DISPLAY ³³³³³³³³³³³³³³³³
DISPLAY04=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³
DISPLAY05=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY06=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY07=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY08=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY09=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY10=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY11=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY12=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY13=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY14=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY15=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY16=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY17=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY18=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY19=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY20=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY21=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY22=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY23=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY24=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY25=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY26=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY27=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY28=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
DISPLAY29=CALL DISPLAY ³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³³
Do00=Move.bat
Do01=DelKeys.bat
Do02=DelValues.bat
DPF=C:\WINDOWS\Downloaded Program Files
Favorites=C:\DOCUME~1\Vincent\Favoris
FF=hawkrvol.default
Fonts=C:\WINDOWS\Fonts
FP_NO_HOST_CHECK=NO
History=C:\DOCUME~1\Vincent\LOCALS~1\HISTOR~1
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Vincent
IE=C:\Program Files\Internet Explorer
Incompatible OS 00=~NCe programme ne peut fonctionner que sous Windows XP,Vista et 7 !~N~Ncliquez sur ~qOK~q pour quitter.
Incompatible OS 01=... Systeme d'exploitation incompatible !!!
INSTALLER=C:\WINDOWS\Installer
L01=Veuillez patienter ...
L02=~NERREUR ! -- Un ou plusieurs composant(s) est/sont manquant(s) !~NAppuyer sur 'Ok' pour quitter.~N~N
L05=Termin‚! le rapport est sauvegard‚ ici:
L06=Choisissez et appuyez sur entr‚e pour continuer
L07=Scan additionnel termin‚
L07A=Scan additionnel
L08=Nettoyage des fichiers temporaires termin‚
L09=Impossible d'obtenir la version
L10=Administrateur
L10A=N'est pas administrateur
L11=Scanner ^(Aucune suppression n'est effectu‚e^)
L12=Lancer le nettoyage
L13=D‚sinstaller
L14=Quitter
L15=RAPPORT D'AD-REMOVER 1.1.4.6_D ^| UNIQUEMENT XP/VISTA/7
L16=Mit à jour par C_XX le 25.11.2009 à 18:47
L17=Contact: AdRemover.contact@gmail.com
L18=Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
L19=Lancé à: 14:38:32, 26/11/2009 ^| Mode Normal
L20=Exécuté de:
L21=Système d'exploitation:
L22=Nom du PC: VIVACLIM ^| Utilisateur actuel: Vincent
L23=Option:
L24=Scan en cours, veuillez patienter le temps de la recherche.
L25=ÉLÉMENT^(S^) NEUTRALISÉ^(S^)
L25A=ÉLÉMENT^(S^) TROUVÉ^(S^)
L26=Fichiers temporaires supprimés.
L27=Fin à:
L28=Nom du profil:
Local AppData=C:\DOCUME~1\Vincent\LOCALS~1\APPLIC~1
LOCALAPPDATA=C:\Documents and Settings\Vincent\Local Settings\Application Data
LOCALLOW=C:\Documents and Settings\Vincent\AppData\LocalLow
LOGONSERVER=\\VIVACLIM
misc=Octet
misc2=Fichier
misc3=EFFACE
misc4=TROUVE
misc5=Progression du scan ..
Mode=CLEAN
MSN=C:\Program Files\MSN Messenger
My Music=C:\DOCUME~1\Vincent\MESDOC~1\MAMUSI~1
My Pictures=C:\DOCUME~1\Vincent\MESDOC~1\MESIMA~1
NAME=AD-REMOVER
NBC02=1
NBS02=1
NetHood=C:\DOCUME~1\Vincent\VOISIN~1
Nondelete=... [b]ERREUR SUPPRESSION !!/b
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
OS_SP=Service Pack 3
Page_Values=Default_Page_URL|Default_Search_URL|SearchAssistant|Search bar|Search Page|Start Page|Start Page Restore|First Home Page
Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\QuickTime\QTSystem;C:\Program Files\Fichiers communs\HP\Digital Imaging\bin;C:\Program Files\HP\Digital Imaging\bin\;C:\Program Files\HP\Digital Imaging\bin\Qt\Qt 4.3.3;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
Personal=C:\DOCUME~1\Vincent\MESDOC~1
PrintHood=C:\DOCUME~1\Vincent\VOISIN~2
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 3 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0304
ProgramFiles=C:\Program Files
Programs=C:\DOCUME~1\Vincent\MENUDM~1\PROGRA~1
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
QUCOUNT=0
QUICK LAUNCH=C:\DOCUME~1\Vincent\APPLIC~1\Microsoft\Internet Explorer\Quick Launch
Recent=C:\DOCUME~1\Vincent\Recent
REPORT=C:\Ad-Report-CLEAN[1].log
SE=Windows XP
SendTo=C:\DOCUME~1\Vincent\SendTo
Services=ASK(Service|Upgrade)|MyWebSearchService|OneStepS(rch|earch) Service|OneStep Search Service|PremierOpinion|RelevantKnowledge|(SearchIn1Step|Seekapp|SeekappSrch|Seekeen) Service|SeekService Service
SESSIONNAME=Console
SE_=0
Start Menu=C:\DOCUME~1\Vincent\MENUDM~1
Startup=C:\DOCUME~1\Vincent\MENUDM~1\PROGRA~1\DMARRA~1
SYSTEM32=C:\WINDOWS\System32
SystemDrive=C:
SystemRoot=C:\WINDOWS
TbPath=Software\Microsoft\Internet Explorer\Toolbar
Teatimer00=~NLe resident ~qTeaTimer.exe~q de ~qSpybot - Search ^& Destroy~q est actif !~N~NDans ces conditions, Le programme ne peut continuer a s'executer...~N~NVeuillez en parler a la personne qui vous aide
Teatimer01=... ATTENTION !!!
TEMP=C:\DOCUME~1\Vincent\LOCALS~1\Temp
TEMP2=C:\WINDOWS\Temp
Templates=C:\DOCUME~1\Vincent\MODLES~1
TMP=C:\DOCUME~1\Vincent\LOCALS~1\Temp
ToSrch01=Eorezo|FunWebProducts|ItsLabel|Kiwee Toolbar
ToSrch02=Bingo Day|Casino-On-Net|Casino Del Rio|Casino\.com Poker|EmpirePoker|Europa Casino|iMesh.lnk|My Speedy Alert|Pacific Poker|PartyPoker|Titan Poker|Vegas Red Casino|888poker\.net
UAC00=~NLe ~qControle des comptes utilisateur~q est actif !~N~NDans ces conditions, Le programme ne peut continuer a s'executer...~N~NVeuillez en parler a la personne qui vous aide
UAC01=... ATTENTION !!!
UPDATE_DATE=25.11.2009
UPDATE_TIME=18:47
USER=S-1-5-21-1123561945-261478967-725345543-1003
USERDOMAIN=VIVACLIM
USERNAME=Vincent
USERPROFILE=C:\Documents and Settings\Vincent
VER=1.1.4.6_D
VERFF=3.5.5 [fr]
VERIE=8.0.6001.18702
VERW=v5.1.2600
windir=C:\WINDOWS
WLM=C:\Program Files\Windows Live\Messenger


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

C:\WINDOWS\aucfg.ini
C:\WINDOWS\jautoexp.dat
C:\WINDOWS\patch.exe
C:\WINDOWS\System32\drivers\etc\hosts.msn
C:\WINDOWS\System32\SETF8.tmp

¤¤¤¤¤¤¤¤¤¤ Clés de registre Presentes :

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}"
HKLM\SYSTEM\CurrentControlSet\Services\mchInjDrv

=====================
Verification Rootkits
=====================

disk not found C:\

please note that you need administrator rights to perform deep scan

¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch :

ACRORD32INFO.EXE-3686C6FE.pf
AD-R.EXE-295E01CC.pf
ALG.EXE-0037216C.pf
APPLEMOBILEDEVICEHELPER.EXE-14B1C894.pf
AVCENTER.EXE-327D1785.pf
AVGNT.EXE-2584822D.pf
AVNOTIFY.EXE-1DD367BD.pf
AVWSC.EXE-051736A1.pf
CCLEANER.EXE-2DA27B30.pf
CHCP.COM-33B74DB3.pf
CMD.EXE-1757A515.pf
CSCRIPT.EXE-3889D978.pf
DEVIS.EXE-0B89F1C6.pf
ERUNT.COM-16C0F406.pf
EXPLORER.EXE-0BD44A36.pf
FIREFOX.EXE-2D86FE5D.pf
GREP.COM-2FDECA7C.pf
HELPCTR.EXE-0D31BA78.pf
HELPSVC.EXE-1ABD1CE3.pf
HPQBAM08.EXE-19AE6796.pf
HPQGPC01.EXE-29296286.pf
HPQSTE08.EXE-1FDB76E2.pf
HPQUSGL.EXE-324CAFC6.pf
IMAPI.EXE-244838D0.pf
IPODSERVICE.EXE-085C0DD6.pf
ISADMIN.COM-0C3EDDA7.pf
ISAFER.EXE-03E12380.pf
ITUNES.EXE-214C1E02.pf
JQSNOTIFY.EXE-0E310DCF.pf
Layout.ini
LIST_KILL'EM.EXE-2A2E2ED8.pf
LOGONUI.EXE-11719815.pf
MODE.COM-0B95623F.pf
MSIEXEC.EXE-1326CB42.pf
NIRCMD.COM-1BF8F327.pf
NOTEPAD.EXE-0E40B726.pf
NOTEPAD.EXE-16FF903D.pf
NTOSBOOT-B00DFAAD.pf
OTL.EXE-0E0C852A.pf
OUTLOOK.EXE-02B37452.pf
OUTLOOKSYNCCLIENT.EXE-01AD90A4.pf
PROCESS.COM-27D162FD.pf
PV.COM-114E47A4.pf
PV.EXE-30A2F225.pf
REG.EXE-03DA8496.pf
REG.EXE-1C06FB0B.pf
REGDACL.COM-22FB26B9.pf
RUNDLL32.EXE-0B7DCCBB.pf
RUNDLL32.EXE-0EE62C6A.pf
RUNDLL32.EXE-197BDB03.pf
RUNDLL32.EXE-24D5C4FA.pf
RUNDLL32.EXE-37799188.pf
RUNDLL32.EXE-380F9E2D.pf
SED.COM-047C962B.pf
SETPATH.COM-1397489E.pf
SORT.EXE-23B2D5B1.pf
SWREG.COM-3514A06D.pf
SWSC.COM-0E328E9B.pf
TASKMGR.EXE-00EE63BA.pf
THUNDERBIRD.EXE-0047D6EC.pf
UNIQ.COM-11A62396.pf
UPDATE.EXE-144818A8.pf
VERCLSID.EXE-23D808F5.pf
WIAACMGR.EXE-2E3EFD0B.pf
WINRAR.EXE-39EF02AC.pf
WINWORD.EXE-02222DB5.pf
WMIAPSRV.EXE-23354B79.pf
WMIPRVSE.EXE-2E05DC7D.pf
WSCNTFY.EXE-3788B757.pf
WUAUCLT.EXE-32CC1C14.pf




¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 10 / 34
Utilisateur anonyme
26 nov. 2009 à 15:54
▶ Relance List&Kill'em comme tu as fait pour l'option 1 (soit en clic droit pour vista),

mais cette fois-ci :

▶ choisis l'option 2 = Mode Destruction

laisse travailler l'outil.

en fin de scan un rapport s'ouvre

▶ colle le contenu dans ta reponse
0
Réponse 11 / 34
fredlof
26 nov. 2009 à 15:57
Kill'em by g3n-h@ckm@n 1.0.5.6

User : Vincent (Administrateurs) # VIVACLIM
Update on 25/11/2009 by g3n-h@ckm@n ::::: 13:00
Start at: 15:55:14 | 26/11/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Pentium(R) 4 CPU 2.93GHz
Microsoft Windows XP Professionnel (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : AntiVir Desktop 9.0.1.32 [ (!) Disabled | Updated ]

C:\ -> Disque fixe local | 78,13 Go (57,34 Go free) | NTFS
D:\ -> Disque fixe local | 70,91 Go (22,96 Go free) [Fred] | NTFS
I:\ -> Disque CD-ROM
J:\ -> Disque CD-ROM


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processus en cours


C:\WINDOWS\System32\smss.exe 516
C:\WINDOWS\system32\csrss.exe 576
C:\WINDOWS\system32\winlogon.exe 604
C:\WINDOWS\system32\services.exe 648
C:\WINDOWS\system32\lsass.exe 660
C:\WINDOWS\system32\Ati2evxx.exe 824
C:\WINDOWS\system32\svchost.exe 840
C:\WINDOWS\system32\svchost.exe 912
C:\WINDOWS\System32\svchost.exe 944
C:\WINDOWS\system32\svchost.exe 992
C:\WINDOWS\system32\svchost.exe 1152
C:\WINDOWS\system32\svchost.exe 1240
C:\WINDOWS\system32\spoolsv.exe 1332
C:\Program Files\Avira\AntiVir Desktop\sched.exe 1380
C:\WINDOWS\system32\svchost.exe 1440
C:\Program Files\a-squared Free\a2service.exe 1540
C:\Program Files\Avira\AntiVir Desktop\avguard.exe 1692
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1720
C:\Program Files\Bonjour\mDNSResponder.exe 1756
C:\WINDOWS\system32\svchost.exe 1792
C:\WINDOWS\system32\svchost.exe 1908
C:\WINDOWS\system32\Ati2evxx.exe 1936
C:\WINDOWS\system32\svchost.exe 2044
C:\Program Files\iSafer\iSaferSvr.exe 200
C:\Program Files\Java\jre6\bin\jqs.exe 412
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe 116
C:\WINDOWS\System32\svchost.exe 1236
C:\Program Files\Java\jre6\bin\jusched.exe 1476
C:\WINDOWS\SOUNDMAN.EXE 1488
C:\WINDOWS\System32\svchost.exe 1484
C:\Program Files\Microsoft IntelliType Pro\itype.exe 1512
C:\Program Files\Microsoft IntelliPoint\ipoint.exe 1572
C:\Program Files\BroadJump\Client Foundation\CFD.exe 1620
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 1628
C:\WINDOWS\system32\slserv.exe 1776
C:\WINDOWS\ALCWZRD.EXE 1992
C:\WINDOWS\system32\svchost.exe 2080
C:\Program Files\iTunes\iTunesHelper.exe 2156
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 2188
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe 2276
C:\WINDOWS\system32\ctfmon.exe 2308
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 2488
C:\Program Files\iPod\bin\iPodService.exe 3244
C:\WINDOWS\System32\alg.exe 3332
C:\WINDOWS\system32\wbem\wmiapsrv.exe 3660
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 4012
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe 4084
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe 1024
C:\WINDOWS\explorer.exe 3696
C:\WINDOWS\system32\wscntfy.exe 2324
C:\Documents and Settings\Vincent\Bureau\List_Kill'em.exe 1980
C:\WINDOWS\system32\cmd.exe 3828
C:\WINDOWS\system32\wbem\wmiprvse.exe 3200
C:\Documents and Settings\Vincent\Local Settings\Temp\1B.tmp\pv.exe 3684

Fichiers analysés :
=================


¤¤¤¤¤¤¤¤¤¤ Fichiers et dossiers presents :

"C:\WINDOWS\aucfg.ini"
"C:\WINDOWS\jautoexp.dat"
"C:\WINDOWS\patch.exe"
"C:\WINDOWS\System32\drivers\etc\hosts.msn"
C:\WINDOWS\System32\SETF8.tmp


¤¤¤¤¤¤¤¤¤¤ Action sur les fichiers :

Quarantaine :

aucfg.ini.Kill'em
hosts.msn.Kill'em
jautoexp.dat.Kill'em
PATCH.EXE.Kill'em
SETF8.tmp.Kill'em

====================
Fichiers hosts nettoyés
====================
¤¤¤¤¤¤¤¤¤¤ C:\WINDOWS\Prefetch

Layout.ini
NTOSBOOT-B00DFAAD.pf



¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 12 / 34
Utilisateur anonyme
26 nov. 2009 à 16:04
ok refais OTL comme precedemment demandé
0
Réponse 13 / 34
fredlof
26 nov. 2009 à 16:26
http://www.cijoint.fr/cjlink.php?file=cj200911/cijHHzdpUH.txt

je n'ai pas l'autre extra!!
0
Réponse 14 / 34
fredlof
26 nov. 2009 à 16:31
je suis obligée de m'absenter... je continue dès que je rentre, merci de ton aide.
A tout à l'heure.
0
Réponse 15 / 34
Utilisateur anonyme
26 nov. 2009 à 16:38
▶ Télécharge HostXpert sur ton Bureau :

▶ Décompresse-le (Clic droit >> Extraire ici)

▶ Double-clique sur HostsXpert pour le lancer

▶ clique sur le bouton "Restore MS Hosts File" puis ferme le programme

PS : Avant de cliquer sur le bouton "Restore MS Hosts File", vérifie que le cadenas en haut à gauche est ouvert sinon tu vas avoir un message d'erreur.

▶ s'il est fermé , clique dessus :)

ensuite :

▶ Télécharge Zeb-Restoreet enregistre ce fichier sur le bureau.

▶-Clic droit Zeb-Restore.zip ==> Extraire tout choisis comme lieu d'enregistrement le bureau.

▶-Ouvre le dossier ZR_1.0.0.37 ==> double clic sur Zeb-Restore.exe

▶- Coche la case devant : sites de confiance

▶- Ne coche aucune autre case

▶-Clique sur Restaurer

▶-Redémarre ton PC

ensuite :

▶ Double clic sur OTL.exe pour le lancer.


▶Copie la liste qui se trouve en gras ci-dessous,

▶ colle-la dans la zone sous Customs Scans/Fixes :

:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe

:OTL
FF - prefs.js..browser.search.selectedEngine: "eBay France"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-261478967-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Main present
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} http://www.inoculer.com/antivirus/Msie/bitdefender.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
@Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"HP Software Update"=-
"iTunesHelper"=-
"QuickTime Task"=-
"SoundMan"=-

:files
C:\Kill'em
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}

:commands
[emptytemp]
[start explorer]
[reboot]


▶ Clique sur RunFix pour lancer la suppression.


▶ Poste le rapport.
0
Réponse 16 / 34
fredlof
26 nov. 2009 à 19:03
bonsoir,
me revoilà...
voici le rapport :

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
Process firefox.exe killed successfully!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Prefs.js: "eBay France" removed from browser.search.selectedEngine
Prefs.js: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{327C2873-E90D-4c37-AA9D-10AC9BABA46C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{327C2873-E90D-4c37-AA9D-10AC9BABA46C}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Registry key HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003\Software\Policies\Microsoft\Internet Explorer\Main\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-1123561945-261478967-725345543-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Main\ not found.
Starting removal of ActiveX control {80DD2229-B8E4-4C77-B72F-F22972D723EA}
C:\WINDOWS\Downloaded Program Files\bitdefender.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80DD2229-B8E4-4C77-B72F-F22972D723EA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
File oft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab not found.
Starting removal of ActiveX control Microsoft XML Parser for Java
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SoundMan deleted successfully.
========== FILES ==========
C:\Kill'em folder moved successfully.
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk moved successfully.
C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\FF3002AF folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\F9AC7BDE folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\F6D2B47C folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\F63615A0 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\F2F4B043 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\EF097077 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\E2BD2D8F folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\E12F5DF3 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\D7C567DF folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\D36D453C folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\D28D455E folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\C240B45B folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\C0FB366C folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\BBAF3FD9 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B773950A folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B5732ADD folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B47E00C4 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B28FF60B folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\B2812DF9 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\AD48AE3B folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\A6B65F24 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\9446755D folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\86264A68 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\8188F5AA folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\7ADB891D folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\6E75CDB7 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\6CE74E5E folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\6AA0711 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\69C69A4B folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\61941FA9 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\60CE1A11 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\5C82C5C2 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\50AA1203 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\4AFCF052 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\46CAF3C0 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\424A63E3 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\3EF2EE6C folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\392E7757 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\38340066 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\2C8DEF3D folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\257BCF86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\14A18533 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963\140EC001 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\FA97A963 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\BC46104D\F0C31B37 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\BC46104D folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\A7E6F7C8\B96DB9C8 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\A7E6F7C8 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\6F56682\F3E84CB7 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\6F56682 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\63D7AFB3\C30AF04B folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\63D7AFB3 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\56A5F27A\CE84CD41 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\56A5F27A folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\31607C66\F512B6F6 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline\31607C66 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526}\offline folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{A315C3EF-A00E-402F-AA1D-045A2F9CF526} folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 49 bytes
->Temporary Internet Files folder emptied: 235582 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33706 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 49554 bytes

User: Vincent
->Temp folder emptied: 1971463 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 18771 bytes
->FireFox cache emptied: 82041879 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 63983 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23461748 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1201841 bytes

Total Files Cleaned = 104,12 mb


OTL by OldTimer - Version 3.1.10.1 log created on 11262009_185720

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
0
Réponse 17 / 34
Utilisateur anonyme
26 nov. 2009 à 19:41
bien

########### [ Option 1 ( Recherche ) ]


▶ Télécharge FindyKill de Chiquitine29 sur ton bureau :

https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

! Déconnecte toi et ferme toutes applications en cours !

▶ Double clique (clic droit "en tant qu'administrateur" pour Vista) sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .

▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

▶ Double-clique (clic droit "en tant qu'administrateur" pour Vista)sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

▶ Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

▶ Laisse travailler l'outil et ne touche à rien ...

▶ Poste le rapport qui apparait à la fin , sur le forum ...

( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
0
Réponse 18 / 34
fredlof
26 nov. 2009 à 19:46
je ferais ca demain je suis occupée, merci encore, à demain j'espère;
bonne soirée
0
Réponse 19 / 34
Utilisateur anonyme
26 nov. 2009 à 19:54
ok ;)

findykill nous remettra ceci conforme :

========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
EapHost : 0x3
SharedAccess : 0x2
wuauserv : 0x2
=========
0
Réponse 20 / 34
Utilisateur anonyme
27 nov. 2009 à 12:58
########### [ Option 2 ( Suppression ) ]



▶ Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .

▶ Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

▶ Relance "FindyKill" (clic droit "en tant qu'administrateur" pour Vista): au menu principal choisis l'option " F " pour français et tape sur [entrée] .

▶ Au second menu choisis l'option 2 (suppression) et tape sur [entrée]

▶ Le pc va redémarrer automatiquement ...

▶ le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !

▶ Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )

▶ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide
0