Sujet Précédent Sujet Suivant

Analyse Log Hijackthis

Résolu/Fermé
Fab1200 Messages postés 9 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 10 avril 2010 - 26 déc. 2009 à 17:29
 Utilisateur anonyme - 1 janv. 2010 à 18:21
Bonjour

Cela fait deux semaines que je n'arrive pas à résoudre le problème suivant :

J'ai constaté que lors de navigation internet, des fenetres s'ouvrent automatiquement ( concours, jeux, rencontres) ... Internet explorer plante souvent ... fermeture inopinée ... et Cie ... et une perte de vitesse en général j'ai l'impression.

Ce matin AVAST m'a détecté un virus que j'ai mis directement en quarantaine... J'ai automatiquement passé CC Cleaner, Ad-Aware, SpyBot etc.... mais les problèmes persistent.

Là je viens de faire un scan Hijackthis ... pourriez-vous y jeter un coup d'oeil et me dire ce que je dois faire ?

Je vous en saurais très reconnaissant !

Merci d'avance

ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:14:35, on 26.12.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\mrt.exe
C:\Windows\system32\mrt.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.ch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bluewin.ch/de/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOn.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1870\CMWIE.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: TCP - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1610\TCPIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\3.1.0.1840\wso.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\Fabrice\AppData\Local\Temp\NERO1003370\Setupx.exe"
O4 - HKLM\..\Run: [Internet Today Task] "C:\Program Files\Internet Today\1.1.0.1190\InternetToday.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: QuestService Service - Unknown owner - C:\ProgramData\QuestService\questservice127.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
A voir également:

7 réponses

Réponse 1 / 7
Utilisateur anonyme
27 déc. 2009 à 18:15 
Et en tant que controle quotidien que dois je faire désormais pour éviter ce genre de "bordel" ? 

Lors de téléchargements ?


==> Ne pas clicker sur n'importe quoi....le meilleur antivirus se situe entre
la chaise et l'écan !
==> Utilises Ccleaner et malwarebytes régulièrement(sans oublier de le mette àjour à
chaque fois)


Comment se comporte le pc ? si ok on pourra finir.


a+

1
Fab1200 Messages postés 9 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 10 avril 2010
27 déc. 2009 à 21:29
Oui ... je sais ... je fais au maximum attention ... mais quand on est que des amateurs ... hélas ... ns sommes à l'abri de rien ...

Ecoute pour l'instant tout va bien ... plus de fenêtre intempestives lors de la navigation et j'ai remarqué un gain de rapidiité ... ... Je vais surveiller cela pendant quelques jours et si OK on pourra finir !

Je vais utiliser les deux programmes mentionnés régulièrement ....

ET encore un grand MERCI !!!

Je te tiens au courant d'ici mercredi.

A++
0
Fab1200 Messages postés 9 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 10 avril 2010
31 déc. 2009 à 15:26
Voilà je pense que le problème est résolu ... :O)

Merci encore pour ton aide !

Je te souhaite une bonne fête de fin d'année.

A++
0
Réponse 2 / 7
Utilisateur anonyme
26 déc. 2009 à 18:04
Bonsoir Fab1200

Il ya effectivemment quelques véroles sur ton pc !

Impératif sous vista:
desactives tes comptes d'utilisateur:
https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

Puis:

---> Télécharge OTM (OldTimer) sur ton Bureau :
http: http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/


---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant en gras ci-dessous :

:processes
explorer.exe

:files
c:\program files\internet today\1.1.0.1190\internettoday.exe
c:\program files\automated content enhancer\4.1.0.5190\aceieaddon.dll
c:\program files\content management wizard\1.1.0.1870\cmwie.dll
c:\program files\internet today\1.1.0.1190\internettoday.exe
c:\program files\questservice\questservice127.exe


:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Internet Today Task"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestService Service]


:commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

---> Colle (Ctrl+V) le texte précédemment copié dans le cadre:
Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

a+








0
Fab1200 Messages postés 9 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 10 avril 2010
26 déc. 2009 à 21:05
Je te remercie infiniement Archet9 ... Ta réponse déjà ainsi que ta rapidité, je t'en suis très reconnaissent.

Cela m'a fait pas mal de ménage j'ai l'impression...

Pour mon info ... c'était quoi comme genre de bestioles ? Tu as une astuce pour m'en prévenir ?


Voici le rapport final :


All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\program files\internet today\1.1.0.1190\internettoday.exe not found.
File/Folder c:\program files\automated content enhancer\4.1.0.5190\aceieaddon.dll not found.
File/Folder c:\program files\content management wizard\1.1.0.1870\cmwie.dll not found.
File/Folder c:\program files\internet today\1.1.0.1190\internettoday.exe not found.
File/Folder c:\program files\questservice\questservice127.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D74E9DD-8987-448b-B2CB-67FFF2B8A932}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B72681C0-A222-4b21-A0E2-53A5A5CA3D41}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAC89FF9-34A9-4431-8CFE-292A47F843BC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Internet Today Task not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestService Service\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Anemone
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Fabrice
->Temp folder emptied: 11734268 bytes
->Temporary Internet Files folder emptied: 3389046 bytes
->Java cache emptied: 43730203 bytes
->Apple Safari cache emptied: 140157 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 2962 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 7002742 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 63.00 mb


OTM by OldTimer - Version 3.1.4.0 log created on 12262009_205511

Files moved on Reboot...
File C:\Windows\temp\_avast4_\Webshlock.txt not found!

Registry entries deleted on Reboot...
0
Réponse 3 / 7
Utilisateur anonyme
26 déc. 2009 à 21:38
Contrairement à ton enthousiasme le log que tu viens d'exécuter
n'a pas modifié grand chose !!!!


Fais un scan avec cet antispyware :
Malwarebytes + tutoriel

Tu l´installes; mets le a jour...(onglet mise a jour)
Click maintenant sur l´onglet recherche et coche la case :
"Executer un examen rapide".
Puis click sur "rechercher".
Laisses le scanner le pc...
A la fin du scan, clique sur Afficher les résultats
Si des elements on ete trouvés :
> click sur supprimer la selection.
si il t´es demandé de redemarrer > click sur "oui".
A la fin un rapport va s´ouvrir;
sauvegarde le de maniere a le retrouver en vue de le poster sur le forum.
Copies et colles le rapport stp.

a+












0
Fab1200 Messages postés 9 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 10 avril 2010
27 déc. 2009 à 13:13
Ah bon .... :O(

Voici le rapport de Malwarebytes :

Et .. merci encore !!

Fab


Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3438
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18865

27.12.2009 12:55:08
mbam-log-2009-12-27 (12-55-08).txt

Type de recherche: Examen rapide
Eléments examinés: 106650
Temps écoulé: 4 minute(s), 7 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 37
Valeur(s) du Registre infectée(s): 4
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 33
Fichier(s) infecté(s): 65

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\explorerbar.funexplorer (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funexplorer.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\explorerbar.tcp.1 (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ac5ab953-ed25-4f9c-87f0-b086b0178ffa} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{42c7c39f-3128-4a17-bdb7-91c46032b5b9} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1d74e9dd-8987-448b-b2cb-67fff2b8a932} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b72681c0-a222-4b21-a0e2-53a5a5ca3d41} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{eb4a577d-bcad-4b1c-8af2-9a74b8dd3431} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{2a743834-05f4-4ed4-8a1c-41332b10ac0c} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1081d532-7de4-40bd-b912-388fa6b27c78} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\questservice (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AppDataLow\SOFTWARE\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Internet Today (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\for_anti_av (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\for_anti_av\1.1.0.1610 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870 (Adware.Agent) -> Quarantined and deleted successfully.
C:\ProgramData\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\QuestService (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Internet Today (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Textual Content Provider (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Textual Content Provider\1.1.0.1610 (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Web Search Operator (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Web Search Operator\3.1.0.1840 (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Web Search Operator\3.1.0.1840\WSO.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\InternetToday.ico (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\InternetToday.skf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\mfc80.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\Microsoft.VC80.MFC.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\PixelLogExe.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\SkinCrafterDll.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Today\1.1.0.1190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Web Search Operator\3.1.0.1840\WSOCommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\TCPIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\tcppx.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\data\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\data\TP_Config.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\data\TP_Data.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\data\TP_DomainExcludeList.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Textual Content Provider\1.1.0.1610\for_anti_av\1.1.0.1610\TCPIE.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACECommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOnSub.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\ACEIEAddOnSubL.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\acepx.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\ACEAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\content\ACEAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\chrome\content\ACEAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPACommon.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOnSub.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\CPAIEAddOnSubL.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\cpapx.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\Data\config.md (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome.manifest (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\install.rdf (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\CPAAddOn.jar (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\chrome\content\CPAAddOn.xul (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFAddOn.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFAddOn.xpt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFHelperComponent.js (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\cmwpx.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\cmwsh.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\config.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\data.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\exclude.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\MatchingData.zd5 (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\pxtmpdata.mx (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\unins000.dat (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Content Management Wizard\1.1.0.1870\unins000.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\ProgramData\QuestService\questservice127.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\QuestService\questservice.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\QuestService\uninstall.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_Data.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Textual Content Provider\1.1.0.1610\Data\TP_DomainExcludeList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Users\Fabrice\Local Settings\Application Data\Web Search Operator\3.1.0.1840\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
0
Réponse 4 / 7
Utilisateur anonyme
27 déc. 2009 à 13:26
Par contre, Malwarebytes a fait un beau ménage !

Télécharge RSIT (de random/random) sur le bureau :

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur "Continue" dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenu de log.txt plus info.txt (réduit ds la barre de taches) à la fin de l’analyse .

Les rapports sont dans le dossier ici C:\rsit
a+
0
Fab1200 Messages postés 9 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 10 avril 2010
27 déc. 2009 à 14:11
Voici les rapports de RSIT ...

Penses -tu que c'est en ordre ?

Logfile of random's system information tool 1.06 (written by random/random)
Run by Fabrice at 2009-12-27 14:07:08
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 364 GB (61%) free of 595 GB
Total RAM: 3326 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:07:13, on 27.12.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\iTunes\iTunes.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Fabrice\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Fabrice.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.ch/ig/dell?hl=fr&client=dell-row&channel=ch&ibd=5090319
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Dell DataSafe Online] "C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe" /m
O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RestartNeroSetup] "C:\Users\Fabrice\AppData\Local\Temp\NERO1003370\Setupx.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/fr/scan8/oscan8.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 7
Utilisateur anonyme
27 déc. 2009 à 15:47 
Penses -tu que c'est en ordre ?


==> C'est beaucoup mieux...mais il reste une infection.

• Télécharge USBFIX
http://pagesperso-orange.fr/NosTools/Chiquitine29/UsbFix.exe­



(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptibles d'avoir été infectés sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur ton bureau .

• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

• Au second menu Choisis l'option " 2 " (supression) et tape sur [entrée]

• Laisse travailler l'outil.

• Ensuite post le rapport UsbFix.txt qui apparaitra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.







0
Fab1200 Messages postés 9 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 10 avril 2010
27 déc. 2009 à 16:26
Voilà le rapport ...

Sans toi je ne sais pas ce que j'aurais fais ... Et en tant que controle quotidien que dois je faire désormais pour éviter ce genre de "bordel" ?

Lors de téléchargements ?

Merci infiniement !

Fab


############################# | UsbFix V6.067 |

User : Fabrice (Administrateurs) # PC-DE-FABRICE
Update on 24/12/2009 by Chiquitine29, C_XX & Chimay8
Start at: 16:10:29 | 27.12.2009
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 8.0.6001.18865
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 581.09 Go (355.11 Go free) [OS] # NTFS
D:\ -> Disque fixe local # 596.17 Go (596.06 Go free) [Amusements] # NTFS
E:\ -> Disque fixe local # 15 Go (9.58 Go free) [RECOVERY] # NTFS
F:\ -> Disque CD-ROM
G:\ -> Disque amovible
H:\ -> Disque amovible
I:\ -> Disque amovible
J:\ -> Disque amovible
K:\ -> Disque fixe local # 931.28 Go (902.48 Go free) [My Book] # FAT32
L:\ -> Disque fixe local # 149.01 Go (3.73 Go free) [WD USB 2] # FAT32

############################## | Processus actifs |

C:\Windows\System32\smss.exe 464
C:\Windows\system32\csrss.exe 540
C:\Windows\system32\wininit.exe 600
C:\Windows\system32\csrss.exe 612
C:\Windows\system32\services.exe 652
C:\Windows\system32\lsass.exe 664
C:\Windows\system32\lsm.exe 680
C:\Windows\system32\svchost.exe 836
C:\Windows\system32\winlogon.exe 872
C:\Windows\system32\svchost.exe 960
C:\Windows\System32\svchost.exe 1024
C:\Windows\system32\Ati2evxx.exe 1060
C:\Windows\System32\svchost.exe 1084
C:\Windows\System32\svchost.exe 1116
C:\Windows\system32\svchost.exe 1140
C:\Windows\system32\LogonUI.exe 1220
C:\Windows\system32\svchost.exe 1284
C:\Windows\system32\SLsvc.exe 1304
C:\Windows\system32\svchost.exe 1336
C:\Program Files\Dell\DellDock\DockLogin.exe 1448
C:\Windows\system32\svchost.exe 1544
C:\Windows\System32\WLTRYSVC.EXE 1784
C:\Windows\system32\Ati2evxx.exe 1800
C:\Windows\System32\bcmwltry.exe 1820
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1828
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1852
C:\Windows\system32\WLANExt.exe 1860
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 1916
C:\Windows\system32\Dwm.exe 1160
C:\Windows\Explorer.EXE 1320
C:\Program Files\Dell\DellDock\DellDock.exe 1840
C:\Windows\system32\runonce.exe 592
C:\Windows\System32\spoolsv.exe 2132
C:\Windows\system32\svchost.exe 2168
C:\Windows\system32\taskeng.exe 2184
C:\Windows\system32\conime.exe 2200
C:\Windows\system32\taskeng.exe 2576
C:\Windows\system32\AERTSrv.exe 3116
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 3132
C:\Program Files\Bonjour\mDNSResponder.exe 3148
C:\Program Files\Common Files\LightScribe\LSSrvc.exe 3188
C:\Windows\system32\svchost.exe 3340
C:\Windows\system32\svchost.exe 3360
C:\Windows\System32\svchost.exe 3388
C:\Windows\system32\SearchIndexer.exe 3436
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe 3644
C:\Windows\system32\WUDFHost.exe 3904
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe 3932
C:\Windows\system32\wbem\unsecapp.exe 3940
C:\Windows\system32\wbem\wmiprvse.exe 4036
C:\Windows\system32\wbem\wmiprvse.exe 4044
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe 4052

################## | Elements infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-21-3395499582-3656299844-1299793059-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3993845033-3186360981-3420624323-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3993845033-3186360981-3420624323-1001
Supprimé ! C:\$Recycle.Bin\S-1-5-21-3993845033-3186360981-3420624323-500
Supprimé ! D:\$Recycle.Bin\S-1-5-21-3993845033-3186360981-3420624323-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-3993845033-3186360981-3420624323-1001
Supprimé ! D:\$Recycle.Bin\S-1-5-21-3993845033-3186360981-3420624323-500
Supprimé ! E:\$Recycle.Bin\S-1-5-21-3993845033-3186360981-3420624323-1000
Supprimé ! E:\$Recycle.Bin\S-1-5-21-3993845033-3186360981-3420624323-1001
Supprimé ! E:\$Recycle.Bin\S-1-5-21-3993845033-3186360981-3420624323-500
Supprimé ! K:\autorun.inf
Supprimé ! L:\autorun.inf

################## | Registre |


################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\K\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{017129e1-5b53-11de-9491-002170425dec}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{058dc480-4487-11de-b6c3-002170425dec}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{1b792a7a-a4fd-11de-b6b7-002170425dec}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{69aeb208-af6a-11de-8d00-002170425dec}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{80a98987-13ed-11de-b894-806e6f6e6963}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{9601f96e-5a73-11de-b226-002170425dec}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[27.12.2009 16:09|--a------|5596] C:\aaw7boot.log
[18.09.2006 22:43|--a------|24] C:\autoexec.bat
[21.01.2008 03:24|-rahs----|333203] C:\bootmgr
[18.09.2006 22:43|--a------|10] C:\config.sys
[19.03.2009 03:46|-rah-----|5012] C:\dell.sdr
[?|?|?] C:\pagefile.sys
[24.03.2009 21:14|--a------|86] C:\SetupLCV.log
[27.12.2009 16:13|--a------|5254] C:\UsbFix.txt
[31.03.2008 11:57|--a------|87] K:\Install.ini
[01.12.2008 09:35|--a------|78] K:\Install.log
[03.12.2008 13:38|--a------|319488] K:\Setup.exe
[21.11.2009 14:46|--a------|734400512] K:\2012.THE.MOVIE.FRENCH.TS.MD.XviD.REPACK.1CD-BOWSER.avi
[22.11.2009 19:45|--a------|736679936] K:\Surrogates.FRENCH.R5.MD.XviD-EldoRATdo.avi
[28.08.2005 11:12|--ahs----|80896] L:\Thumbs.db
[19.05.2009 18:29|--a------|0] L:\Film25Yves.stx

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.
# E:\autorun.inf -> Dossier créé par UsbFix.
# K:\autorun.inf -> Dossier créé par UsbFix.
# L:\autorun.inf -> Dossier créé par UsbFix.

################## | Cracks / Keygens / Serials |

"C:\Users\Public\Documents\Pinnacle\Content\HollywoodFX\HfxSerial.exe"
15.04.2008 10:20 |Size 79120 |Crc32 5cf1b191 |Md5 4e5ba3b0dce8785928a460b62369a472


################## | Upload |

Veuillez envoyer le fichier : C:\Users\Fabrice\Desktop\UsbFix_Upload_Me_PC-de-Fabrice.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.067 ! |
0
Réponse 6 / 7
Utilisateur anonyme
31 déc. 2009 à 15:38
Bonnes fêtes à toi aussi ...

Pour desinstaller les outils utilisés

Telecharge ToolsCleaner2--> http://pc-system.fr/
-Une fois téléchargé, installe-le et lance-le
-Clique sur Recherche et laisse le scan se terminer
-Clique sur SUPPRESSION
-Clique sur Quitter pour que le rapport puisse se créer
-Poste moi le rapport se trouvant ici--> C:\TCleaner.txt


puis

---> Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs tant de fois qu il en trouve a l analyse(Sauvegarde la base de registre).
* Décoche la case plus vieux que 24 h

TRES IMPORTANT:

---> Il est nécessaire de désactiver,redémarrer puis réactiver la restauration système pour la purger :
XP:
https://www.tayo.fr/desactiver-restauration-systeme-sur-windows-xp-tutoriel.php
VISTA:
https://www.tayo.fr/desactiver-restauration-windows-vista-tutoriel.php

---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://www.vulgarisation-informatique.com/creer-point-restauration.php


---> Changes le statut de ce topic :
et mets le en "résolu"
https://www.commentcamarche.net/infos/25917-marquer-un-fil-de-discussion-comme-etant-resolu/


a+









0
Fab1200 Messages postés 9 Date d'inscription samedi 26 décembre 2009 Statut Membre Dernière intervention 10 avril 2010
1 janv. 2010 à 18:13
Re !

Alors j'ai commencé à faire ce que tu m'as dit ... mais le programme "Tools Cleaner" ne veut pas éditer un rapport ... j'ai essayé plusieurs fois ... et j'ai du supprimer un programme qu'il a detecté lui ... mais qu'il n'a pas effacé.

Sinon j'ai tout fait avec CCleaner ... (bcp d'erreurs corrigées) ...

Avant de commencer le point de restauration et Cie je voulais savoir ce que je devais faire .... ??

Merci beaucoup.

Fab
0
Réponse 7 / 7
Utilisateur anonyme
1 janv. 2010 à 18:21
Meilleurs voeux...

Pour "Tools Cleaner" ....
faire un clic droit et "exécuter en tant qu'administrateur"

a+
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
TI college plus (calculatrice probleme)
help39 -
Whismeril -

3 réponses
échec de l'analyse antivirus
StalkerShadows -
ness -

19 réponses
Echec analyse antivirus lors de téléchargement
mathelp_3935 -
Malekal_morte- -

19 réponses
Probleme bogue
Ines -
Pimmer -

1 réponse