Sujet Précédent Sujet Suivant

Infecté par Malware defender : A l'aide !

Résolu/Fermé
Inifinitii Messages postés 1 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 28 décembre 2009 - 26 déc. 2009 à 17:11
Inifinitii Messages postés 1 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 28 décembre 2009 - 27 déc. 2009 à 19:54
Bonjour, donc j'ai été infecté par un espece de virus qui s'appelle Malware defender 2009

Se virus m'ouvre des fenetre pour me dire que j'ai soit disant été infecté par un Trojan (Cheval de troie) ou d'autre pour acheter se logiciel.

En bref se truc me pourrie la vie...
J'ai éssayer de faire des analyse avec : Avast, Windows defender et Malware Bites ils n'ont rien trouvé

je ne sait plus quoi faire donc... j'aurais besoin d'aide pour carboniser se virus a coups de blaster ;)


Merci d'avance pour les réponse.
A voir également:

24 réponses

Précédent
  • 1
  • 2
Réponse 21 / 24
Utilisateur anonyme
27 déc. 2009 à 11:34
Bonjours ,

Comment va le pc ?

Refais un scan RSIT et post log.txt pour faire le point .
0
Réponse 22 / 24
Inifinitii Messages postés 1 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 28 décembre 2009
27 déc. 2009 à 19:20
Mieux depuis que Malware defender a dégager

-------------------------------------

Logfile of random's system information tool 1.06 (written by random/random)
Run by pascal at 2009-12-27 19:18:12
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 42 GB (28%) free of 148 GB
Total RAM: 3066 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:27, on 27/12/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Users\pascal\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\pascal\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\wlcsdk.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\pascal\Downloads\RSIT.exe
C:\Program Files\trend micro\pascal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHP0.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHP0.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHP0.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [ZPdtWzdVitaKey MC3000] "C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe" show
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Users\pascal\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - Startup: Notification de cadeaux MSN.lnk = C:\Users\pascal\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra 'Tools' menuitem: Quick-Launching Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files\Acer\Acer Bio Protection\PwdBank.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} (SonyOnlineInstallerX) - http://www.freerealms.com/gamedata/FreeRealmsInstaller.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Service Google Update (gupdate1c9e8145afa2a40) (gupdate1c9e8145afa2a40) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
0
Réponse 23 / 24
Utilisateur anonyme
27 déc. 2009 à 19:30
Ok , on termine :

▶ Télécharge OTM de OldTimer sur ton Bureau.

• Double-clique sur OTM.exe afin de le lancer.

• Copie (Ctrl+C) le texte suivant ci-dessous :



:processes
explorer.exe

:services
catchme
EagleNT
Bonjour Service

:files
C:\Program Files\Ad-Remover
C:\ComboFix.txt
C:\Windows\zip.exe
C:\Windows\SWSC.exe
C:\Windows\SWREG.exe
C:\Windows\sed.exe
C:\Windows\PEV.exe
C:\Windows\NIRCMD.exe
C:\Windows\MBR.exe
C:\Windows\grep.exe
C:\Windows\ERDNT
C:\Windows\SWXCACLS.exe
C:\Qoobox
C:\RemoveMD
C:\Program Files\trend micro
C:\rsit
C:\ProgramData\sysReserve.ini
C:\Program Files\Iminent

:commands
[emptytemp]
[reboot]



• Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

• Clique maintenant sur le bouton MoveIt! puis ferme OTM.

▶ Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
▶ Accepte en cliquant sur YES.

Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log


#######

Maintenant , nous allons supprimer les logiciels de désinfection que je t'ai fait téléchargé.
En effet , s'en servir est dangereux pour le pc si l'on ne s'y connais pas.
De plus ils sont mis régulièrement à jours.

→ Ferme toutes les applications en cours, puis télécharge ToolsCleaner2 sur ton Bureau.

→ Fais un clic droit sur ToolsCleaner2.exe
→ Choisis executer en tant qu administrateur
→ Clique sur .Recherche
→ puis sur Suppression quand la liste est trouvée.
→ Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

Note : ton bureau RISQUE de disparaître, c'est normal. S'il n'apparaît pas à la fin du scan, fais la manip suivante :

CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

Tape explorer.exe et valide. Cela fera re-apparaître le Bureau


########

tuto vista : Désactive et reactive ta restauration
0
Réponse 24 / 24
Inifinitii Messages postés 1 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 28 décembre 2009
27 déc. 2009 à 19:54
Voila, Mon bureau a éffectivement disparu puis le programme a eu un "ne répond pas" du coups j'ai eu peur et j'ai voulu plutot faire la comande pour internet explorer xD (Iexplorer).

---------------------------------

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Service catchme stopped successfully!
Service catchme deleted successfully!
Service EagleNT stopped successfully!
Service EagleNT deleted successfully!
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
========== FILES ==========
C:\Program Files\Ad-Remover\QUARANTINE\Windows\INSTAL~1\{E1B94~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Windows\INSTAL~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Windows folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\pascal\AppData\Local folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\pascal\AppData folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users\pascal folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\Users folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\IMBOOS~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1\Windows\STARTM~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1\Windows folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\MICROS~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\Iminent\IMINEN~1\Updates folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\Iminent\IMINEN~1\Raw\3 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\Iminent\IMINEN~1\Raw\2 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\Iminent\IMINEN~1\Raw\1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\Iminent\IMINEN~1\Raw folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\Iminent\IMINEN~1\Cache\APIIMI~1.COM folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\Iminent\IMINEN~1\Cache folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\Iminent\IMINEN~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2\Iminent folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~2 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MOZILL~1\SEARCH~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MOZILL~1\EXTENS~1\LINKCO~1\COMPON~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MOZILL~1\EXTENS~1\LINKCO~1\chrome\content folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MOZILL~1\EXTENS~1\LINKCO~1\chrome folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MOZILL~1\EXTENS~1\LINKCO~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MOZILL~1\EXTENS~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\MOZILL~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\SEARCH~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\IMBOOS~1\ro folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\IMBOOS~1\pt folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\IMBOOS~1\it folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\IMBOOS~1\inst folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\IMBOOS~1\fr folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\IMBOOS~1\es folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\IMBOOS~1\en folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\IMBOOS~1\de folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent\IMBOOS~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1\Iminent folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE\PROGRA~1 folder moved successfully.
C:\Program Files\Ad-Remover\QUARANTINE folder moved successfully.
C:\Program Files\Ad-Remover\ERUNT folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP\Registry 26-12-2009\Users\00000002 folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP\Registry 26-12-2009\Users\00000001 folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP\Registry 26-12-2009\Users folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP\Registry 26-12-2009 folder moved successfully.
C:\Program Files\Ad-Remover\BACKUP folder moved successfully.
C:\Program Files\Ad-Remover\1 folder moved successfully.
C:\Program Files\Ad-Remover folder moved successfully.
C:\ComboFix.txt moved successfully.
C:\Windows\zip.exe moved successfully.
C:\Windows\SWSC.exe moved successfully.
C:\Windows\SWREG.exe moved successfully.
C:\Windows\sed.exe moved successfully.
C:\Windows\PEV.exe moved successfully.
C:\Windows\NIRCMD.exe moved successfully.
C:\Windows\MBR.exe moved successfully.
C:\Windows\grep.exe moved successfully.
C:\Windows\ERDNT\subs\Users\00000004 folder moved successfully.
C:\Windows\ERDNT\subs\Users\00000003 folder moved successfully.
C:\Windows\ERDNT\subs\Users\00000002 folder moved successfully.
C:\Windows\ERDNT\subs\Users\00000001 folder moved successfully.
C:\Windows\ERDNT\subs\Users folder moved successfully.
C:\Windows\ERDNT\subs folder moved successfully.
C:\Windows\ERDNT\Hiv-backup\Users\00000004 folder moved successfully.
C:\Windows\ERDNT\Hiv-backup\Users\00000003 folder moved successfully.
C:\Windows\ERDNT\Hiv-backup\Users\00000002 folder moved successfully.
C:\Windows\ERDNT\Hiv-backup\Users\00000001 folder moved successfully.
C:\Windows\ERDNT\Hiv-backup\Users folder moved successfully.
C:\Windows\ERDNT\Hiv-backup folder moved successfully.
C:\Windows\ERDNT\cache folder moved successfully.
C:\Windows\ERDNT folder moved successfully.
C:\Windows\SWXCACLS.exe moved successfully.
C:\Qoobox\Quarantine\Registry_backups folder moved successfully.
C:\Qoobox\Quarantine\C\Windows\System32 folder moved successfully.
C:\Qoobox\Quarantine\C\Windows folder moved successfully.
C:\Qoobox\Quarantine\C\Users\pascal\AppData\Roaming\.# folder moved successfully.
C:\Qoobox\Quarantine\C\Users\pascal\AppData\Roaming folder moved successfully.
C:\Qoobox\Quarantine\C\Users\pascal\AppData\Local\Microsoft\Windows\Temporary Internet Files folder moved successfully.
C:\Qoobox\Quarantine\C\Users\pascal\AppData\Local\Microsoft\Windows folder moved successfully.
C:\Qoobox\Quarantine\C\Users\pascal\AppData\Local\Microsoft folder moved successfully.
C:\Qoobox\Quarantine\C\Users\pascal\AppData\Local folder moved successfully.
C:\Qoobox\Quarantine\C\Users\pascal\AppData folder moved successfully.
C:\Qoobox\Quarantine\C\Users\pascal folder moved successfully.
C:\Qoobox\Quarantine\C\Users folder moved successfully.
C:\Qoobox\Quarantine\C folder moved successfully.
C:\Qoobox\Quarantine folder moved successfully.
C:\Qoobox\BackEnv folder moved successfully.
C:\Qoobox folder moved successfully.
C:\RemoveMD folder moved successfully.
C:\Program Files\trend micro folder moved successfully.
C:\rsit folder moved successfully.
C:\ProgramData\sysReserve.ini moved successfully.
C:\Program Files\Iminent\IMBooster folder moved successfully.
C:\Program Files\Iminent folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes

User: pascal
->Temp folder emptied: 4679048 bytes
->Java cache emptied: 49506035 bytes
->FireFox cache emptied: 69149400 bytes
->Google Chrome cache emptied: 6222435 bytes
->Apple Safari cache emptied: 1224928 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 45043712 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 275872 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 25494475 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 192,00 mb


OTM by OldTimer - Version 3.1.4.0 log created on 12272009_194357
All processes killed

OTM by OldTimer - Version 3.1.4.0 log created on 12272009_194353

Files moved on Reboot...
File C:\Users\pascal\AppData\Local\Temp\eDatasecurity\FileList.txt not found!
File C:\Windows\temp\_avast4_\Webshlock.txt not found!
File C:\Windows\temp\mcafee_CaI2pT3ofZ6CfBs not found!
File C:\Windows\temp\mcmsc_AK0W9dPg87LYlbO not found!
File C:\Windows\temp\mcmsc_Dho0coeKfGdhijt not found!
File C:\Windows\temp\mcmsc_RMgaiRBVbVSrrHp not found!
C:\Windows\temp\sqlite_eJ3rtO2SIyjQz9R moved successfully.
C:\Windows\temp\sqlite_UGuFmhIc6IRGZ9r moved successfully.

Registry entries deleted on Reboot...
0

Discussions similaires

Comment supprimer tor.jack sur Android
sabinelouisonbruno -
akaloupile -

4 réponses
Win64:Malware-gen
ptb35 -
MisteryBean -

3 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
Pc infecté ? Analyse de Gridinsoft
slimocb -
bazfile -

7 réponses
Problème de malware
jbijp -
MisteryBean -

1 réponse