Rlvknlg.exe a cesser de fonctionner
T0in0u
Messages postés
41
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
Depuis Une Petite semaine Au Démarrage De mon PC une fenêtre de Vista s'affiche et me dit que : "rlvknlg.exe a cessé de fonctionner" j'ai regarder sur les autres forums et j'ai vu que c'était un virus. On y disait d'aller dans "msconfig" et démarrage pour desactiver le fichier sauf que je ne le trouve pas et je n'arrive pas a m'en débarasser.
Comment Faire ???!
Merci de Vos réponses ;)
Depuis Une Petite semaine Au Démarrage De mon PC une fenêtre de Vista s'affiche et me dit que : "rlvknlg.exe a cessé de fonctionner" j'ai regarder sur les autres forums et j'ai vu que c'était un virus. On y disait d'aller dans "msconfig" et démarrage pour desactiver le fichier sauf que je ne le trouve pas et je n'arrive pas a m'en débarasser.
Comment Faire ???!
Merci de Vos réponses ;)
A voir également:
- Rlvknlg.exe a cesser de fonctionner
- Comment faire fonctionner le chromecast - Guide
- Main a cessé de fonctionner autocom ✓ - Forum C
- Tvapi a cessé de fonctionner fermer l'appli que faire - Forum TV & Vidéo
- Problème Delphi -Bug- ✓ - Forum Delphi
- Votre messagerie gmail cessera de fonctionner - Guide
26 réponses
Oui Oui tout a été désintallé ;)
Voila le nouveau Rapport : http://www.cijoint.fr/cjlink.php?file=cj200912/cij10nfhkQ.txt
Voila le nouveau Rapport : http://www.cijoint.fr/cjlink.php?file=cj200912/cij10nfhkQ.txt
tu connais ca ? :
Canneverbe_Limited
▶ clic droit "executer en tant qu'administrateur" sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous Customs Scans/Fixes :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
:services
BOONTY
:OTL
IE - HKU\S-1-5-21-878254511-3643810499-2642686041-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UacDisableNotify = 0
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{67f60abf-e387-11dc-83e4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{67f60abf-e387-11dc-83e4-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2009/04/30 03:57:32 | 00,054,544 | R--- | M] (Electronic Arts)
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A95A95AC
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:F3F0FB8D
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:7B212553
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:24051EFF
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:798A3728
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:9F683177
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"TkBellExe"=-
:files
C:\Kill'em
C:\Program Files\SeekappSrch
C:\Users\ANTOINE\AppData\Local\noffmmm.bat
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Clique sur RunFix pour lancer la suppression.
▶ Poste le rapport.
Canneverbe_Limited
▶ clic droit "executer en tant qu'administrateur" sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous Customs Scans/Fixes :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
:services
BOONTY
:OTL
IE - HKU\S-1-5-21-878254511-3643810499-2642686041-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar avec bloqueur de fenêtres pop-up) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UacDisableNotify = 0
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O33 - MountPoints2\{67f60abf-e387-11dc-83e4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{67f60abf-e387-11dc-83e4-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2009/04/30 03:57:32 | 00,054,544 | R--- | M] (Electronic Arts)
@Alternate Data Stream - 487 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:A95A95AC
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:F3F0FB8D
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:7B212553
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:24051EFF
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:798A3728
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:9F683177
:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"TkBellExe"=-
:files
C:\Kill'em
C:\Program Files\SeekappSrch
C:\Users\ANTOINE\AppData\Local\noffmmm.bat
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Clique sur RunFix pour lancer la suppression.
▶ Poste le rapport.
Bonjouuur, Je sais plus quoi dire en debut de phrase tellement y'a de rapports ^^
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
Process msnmsgr.exe killed successfully!
No active process named Teatimer.exe was found!
========== SERVICES/DRIVERS ==========
Error: No service named BOONTY was found to stop!
Unable to stop service BOONTY!
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-878254511-3643810499-2642686041-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\UacDisableNotify deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67f60abf-e387-11dc-83e4-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67f60abf-e387-11dc-83e4-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67f60abf-e387-11dc-83e4-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67f60abf-e387-11dc-83e4-806e6f6e6963}\ not found.
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
ADS C:\ProgramData\TEMP:A95A95AC deleted successfully.
ADS C:\ProgramData\TEMP:F3F0FB8D deleted successfully.
ADS C:\ProgramData\TEMP:7B212553 deleted successfully.
ADS C:\ProgramData\TEMP:24051EFF deleted successfully.
ADS C:\ProgramData\TEMP:798A3728 deleted successfully.
ADS C:\ProgramData\TEMP:9F683177 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
========== FILES ==========
C:\Kill'em\Quarantine\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em\x86\x86 folder moved successfully.
C:\Kill'em\Quarantine\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em\x86 folder moved successfully.
C:\Kill'em\Quarantine\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em folder moved successfully.
C:\Kill'em\Quarantine\x64.Kill'em folder moved successfully.
C:\Kill'em\Quarantine\Search Settings.Kill'em\kb127\temp folder moved successfully.
C:\Kill'em\Quarantine\Search Settings.Kill'em\kb127\res folder moved successfully.
C:\Kill'em\Quarantine\Search Settings.Kill'em\kb127 folder moved successfully.
C:\Kill'em\Quarantine\Search Settings.Kill'em folder moved successfully.
C:\Kill'em\Quarantine\RelevantKnowledge.Kill'em\components folder moved successfully.
C:\Kill'em\Quarantine\RelevantKnowledge.Kill'em folder moved successfully.
C:\Kill'em\Quarantine folder moved successfully.
C:\Kill'em folder moved successfully.
C:\Program Files\SeekappSrch folder moved successfully.
C:\Users\ANTOINE\AppData\Local\noffmmm.bat moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: ANTOINE
->Temp folder emptied: 381874 bytes
->Temporary Internet Files folder emptied: 174301910 bytes
->Java cache emptied: 33089878 bytes
->FireFox cache emptied: 54459490 bytes
->Google Chrome cache emptied: 89648068 bytes
->Apple Safari cache emptied: 106238601 bytes
User: Autres
->Temp folder emptied: 32284 bytes
->Temporary Internet Files folder emptied: 1758457 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 1744 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 438,64 mb
OTL by OldTimer - Version 3.1.16.0 log created on 12132009_110806
Files\Folders moved on Reboot...
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
Process msnmsgr.exe killed successfully!
No active process named Teatimer.exe was found!
========== SERVICES/DRIVERS ==========
Error: No service named BOONTY was found to stop!
Unable to stop service BOONTY!
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-878254511-3643810499-2642686041-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\UacDisableNotify deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67f60abf-e387-11dc-83e4-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67f60abf-e387-11dc-83e4-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67f60abf-e387-11dc-83e4-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67f60abf-e387-11dc-83e4-806e6f6e6963}\ not found.
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
ADS C:\ProgramData\TEMP:A95A95AC deleted successfully.
ADS C:\ProgramData\TEMP:F3F0FB8D deleted successfully.
ADS C:\ProgramData\TEMP:7B212553 deleted successfully.
ADS C:\ProgramData\TEMP:24051EFF deleted successfully.
ADS C:\ProgramData\TEMP:798A3728 deleted successfully.
ADS C:\ProgramData\TEMP:9F683177 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
========== FILES ==========
C:\Kill'em\Quarantine\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em\x86\x86 folder moved successfully.
C:\Kill'em\Quarantine\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em\x86 folder moved successfully.
C:\Kill'em\Quarantine\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}.Kill'em folder moved successfully.
C:\Kill'em\Quarantine\x64.Kill'em folder moved successfully.
C:\Kill'em\Quarantine\Search Settings.Kill'em\kb127\temp folder moved successfully.
C:\Kill'em\Quarantine\Search Settings.Kill'em\kb127\res folder moved successfully.
C:\Kill'em\Quarantine\Search Settings.Kill'em\kb127 folder moved successfully.
C:\Kill'em\Quarantine\Search Settings.Kill'em folder moved successfully.
C:\Kill'em\Quarantine\RelevantKnowledge.Kill'em\components folder moved successfully.
C:\Kill'em\Quarantine\RelevantKnowledge.Kill'em folder moved successfully.
C:\Kill'em\Quarantine folder moved successfully.
C:\Kill'em folder moved successfully.
C:\Program Files\SeekappSrch folder moved successfully.
C:\Users\ANTOINE\AppData\Local\noffmmm.bat moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: ANTOINE
->Temp folder emptied: 381874 bytes
->Temporary Internet Files folder emptied: 174301910 bytes
->Java cache emptied: 33089878 bytes
->FireFox cache emptied: 54459490 bytes
->Google Chrome cache emptied: 89648068 bytes
->Apple Safari cache emptied: 106238601 bytes
User: Autres
->Temp folder emptied: 32284 bytes
->Temporary Internet Files folder emptied: 1758457 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 1744 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 438,64 mb
OTL by OldTimer - Version 3.1.16.0 log created on 12132009_110806
Files\Folders moved on Reboot...
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
▶ Télécharge :
Malwarebytes
ou :
Malwarebytes
▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX
▶ Potasses le Tuto pour te familiariser avec le prg :
( cela dit, il est très simple d'utilisation ).
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
▶ Lance Malwarebyte's .
Fais un examen dit "Complet" .
▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
▶ Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
▶ Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
▶ Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
▶ Télécharge :
Malwarebytes
ou :
Malwarebytes
▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX
▶ Potasses le Tuto pour te familiariser avec le prg :
( cela dit, il est très simple d'utilisation ).
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
▶ Lance Malwarebyte's .
Fais un examen dit "Complet" .
▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
▶ Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
▶ Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
▶ Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
