Infecte par malware defense

so13 Messages postés 461 Statut Membre -  
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   -
Bonjour,
mon antivirus avast est perimé depuis quelques temps et malware defense s 'est insallé en meme temps et du coup j'ai plein de spam qui s'affiche.... un petit coup de main s'il vous plait ...
mon log hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:49:15, on 27/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ALICE\ALICE Back-up\ALICE Back-up.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\richtx64.exe
C:\Program Files\Malware Defense\mdefense.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\wscsvc32.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\ALICE\ALICE Back-up\AGMailAgent.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\H189RAUO\HiJackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ALICE Back-up] "C:\Program Files\ALICE\ALICE Back-up\ALICE Back-up.exe" /delayed
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [richtx64.exe] C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\richtx64.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Global Startup: Assistant Smart Wizard NETGEAR pour WG311v3.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab?AuthParam=1209676345_1ca3f70ec9becd41fc85a500859f3383&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c99c2323a8a2d4) (gupdate1c99c2323a8a2d4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:

19 réponses

Réponse 1 / 19
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Salut,

Telecharges RSIT " Random's System Information Tool " sur ton bureau : http://images.malwareremoval.com/random/RSIT.exe

- Fermes toutes les applications en cours et double clic sur RSIT.exe
- Selectionnes " Continue " à l'ecran >> RSIT va analyser le pc et verifier si l'outil hijackthis ( version à jour) est present sur le pc, si ce n'est pas le cas, RSIT le telechargera >> acceptes la license
- Une fois l'analyse terminée, 2 rapports.txt s'ouvrent, log.txt à l'écran et info.txt dans la barre des taches
- Postes le contenu des 2 rapports
.
1
Réponse 2 / 19
dédétraqué Messages postés 4522 Statut Contributeur sécurité 286
 
Salut so13


Bonne désinfection


@++ :)

Salut Ced_King
0
Réponse 3 / 19
so13 Messages postés 461 Statut Membre 12
 
merci de repondre si vite voici les 2 log

Logfile of random's system information tool 1.06 (written by random/random)
Run by ordi chinoi at 2009-12-27 19:59:16
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 27 GB (34%) free of 78 GB
Total RAM: 1023 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:24, on 27/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ALICE\ALICE Back-up\ALICE Back-up.exe
C:\Program Files\Messenger\msmsgs.exe
C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\richtx64.exe
C:\Program Files\Malware Defense\mdefense.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\wscsvc32.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\ALICE\ALICE Back-up\AGMailAgent.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\H189RAUO\HiJackThis[1].exe
C:\Documents and Settings\ordi chinoi\Bureau\RSIT.exe
C:\Program Files\trend micro\ordi chinoi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ALICE Back-up] "C:\Program Files\ALICE\ALICE Back-up\ALICE Back-up.exe" /delayed
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [richtx64.exe] C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\richtx64.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Global Startup: Assistant Smart Wizard NETGEAR pour WG311v3.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab?AuthParam=1209676345_1ca3f70ec9becd41fc85a500859f3383&GroupName=JSC&BHost=javadl.sun.com&FilePath=/ESD40/JSCDL/jre/6u5-b19/jinstall-6u5-windows-i586-jc.cab&File=jinstall-6u5-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c99c2323a8a2d4) (gupdate1c99c2323a8a2d4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 4 / 19
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
•Télécharge OTM (OldTimer) sur ton Bureau.
•Double Clique sur OTM.exe
•Copie (Ctrl+C) le texte suivant ci-dessous : 

:processes 
explorer.exe 

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"richtx64.exe"=-
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malware Defense]

:files
C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\wscsvc32.exe
C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\richtx64.exe 
C:\Program Files\Malware Defense\mdefense.exe 
C:\Documents and Settings\All Users\Application Data\sysReserve.ini 

:commands 
[purity] 
[emptytemp] 
[reboot]





•Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
•Clique maintenant sur le bouton MoveIt! puis ferme OTM.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.



•Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 19
so13 Messages postés 461 Statut Membre 12
 
Error: Unable to interpret <info.txt logfile of random's system information tool 1.06 2009-12-27 19:59:27> in the current context!
Error: Unable to interpret <======Uninstall list======> in the current context!
Error: Unable to interpret <-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE> in the current context!
Error: Unable to interpret <-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf> in the current context!
Error: Unable to interpret <ACE Mega CoDecS Pack-->"C:\Program Files\ACE Mega CoDecS Pack\unins000.exe"> in the current context!
Error: Unable to interpret <Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe> in the current context!
Error: Unable to interpret <Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}> in the current context!
Error: Unable to interpret <Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"> in the current context!
Error: Unable to interpret <ALICE Back-up v0.9.10-->"C:\Program Files\ALICE\ALICE Back-up\unins000.exe"> in the current context!
Error: Unable to interpret <Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}> in the current context!
Error: Unable to interpret <Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}> in the current context!
Error: Unable to interpret <Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe> in the current context!
Error: Unable to interpret <Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}> in the current context!
Error: Unable to interpret <avast! Internet Security-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup> in the current context!
Error: Unable to interpret <Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}> in the current context!
Error: Unable to interpret <CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"> in the current context!
Error: Unable to interpret <Correctif pour Lecteur Windows Media 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Correctif pour Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Correctif pour Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Correctif pour Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Correctif pour Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <dBpoweramp Music Converter-->"C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat> in the current context!
Error: Unable to interpret <EasyRecovery Professional-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A8BB9906-E618-406A-B161-7383AFF46C39} /l1036 > in the current context!
Error: Unable to interpret <eMule-->"C:\Program Files\eMule\Uninstall.exe"> in the current context!
Error: Unable to interpret <Galerie de photos Windows Live-->MsiExec.exe /X{B131E59D-202C-43C6-84C9-68F0C37541F1}> in the current context!
Error: Unable to interpret <Google Chrome-->"C:\Program Files\Google\Chrome\Application\3.0.195.38\Installer\setup.exe" --uninstall --system-level> in the current context!
Error: Unable to interpret <Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall> in the current context!
Error: Unable to interpret <Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}> in the current context!
Error: Unable to interpret <Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}> in the current context!
Error: Unable to interpret <Google Earth-->MsiExec.exe /X{C084BC61-E537-11DE-8616-005056806466}> in the current context!
Error: Unable to interpret <High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <HijackThis 2.0.2-->"C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\H189RAUO\HijackThis.exe" /uninstall> in the current context!
Error: Unable to interpret <Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""> in the current context!
Error: Unable to interpret <Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""> in the current context!
Error: Unable to interpret <Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe> in the current context!
Error: Unable to interpret <Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}> in the current context!
Error: Unable to interpret <iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}> in the current context!
Error: Unable to interpret <Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}> in the current context!
Error: Unable to interpret <Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}> in the current context!
Error: Unable to interpret <K-Lite Codec Pack 4.5.3 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"> in the current context!
Error: Unable to interpret <Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall> in the current context!
Error: Unable to interpret <LogMeIn-->MsiExec.exe /I{A83C6C34-3007-422A-9E56-A74996BCCDBD}> in the current context!
Error: Unable to interpret <Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}> in the current context!
Error: Unable to interpret <Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}> in the current context!
Error: Unable to interpret <Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe> in the current context!
Error: Unable to interpret <Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}> in the current context!
Error: Unable to interpret <Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}> in the current context!
Error: Unable to interpret <Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}> in the current context!
Error: Unable to interpret <Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-040C-0000-0000000FF1CE}> in the current context!
Error: Unable to interpret <Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}> in the current context!
Error: Unable to interpret <Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}> in the current context!
Error: Unable to interpret <Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}> in the current context!
Error: Unable to interpret <Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}> in the current context!
Error: Unable to interpret <Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}> in the current context!
Error: Unable to interpret <Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}> in the current context!
Error: Unable to interpret <Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}> in the current context!
Error: Unable to interpret <Mise à jour critique pour Lecteur Windows Media 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Lecteur Windows Media 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}> in the current context!
Error: Unable to interpret <MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}> in the current context!
Error: Unable to interpret <MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}> in the current context!
Error: Unable to interpret <Nero 6-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL> in the current context!
Error: Unable to interpret <NETGEAR WG111v3 wireless USB 2.0 adapter-->C:\Program Files\InstallShield Installation Information\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\setup.exe -runfromtemp -l0x040c> in the current context!
Error: Unable to interpret <Norton Security Scan-->C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.3.0.44\InstStub.exe /X> in the current context!
Error: Unable to interpret <NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI> in the current context!
Error: Unable to interpret <OtsTurntables Free 1.00.027-->"C:\WINDOWS\OTS_UI.EXE" "C:\OtsLabs\OtsTTfre.osi"> in the current context!
Error: Unable to interpret <Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall> in the current context!
Error: Unable to interpret <Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}> in the current context!
Error: Unable to interpret <PC Wizard 2006.1.691-->"C:\Program Files\PC Wizard 2006\unins000.exe"> in the current context!
Error: Unable to interpret <PokerStars.net-->"C:\Program Files\PokerStars.NET\PokerStarsUninstall.exe" /u:PokerStars.net> in the current context!
Error: Unable to interpret <PowerQuest PartitionMagic 8.0-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804} > in the current context!
Error: Unable to interpret <QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}> in the current context!
Error: Unable to interpret <REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\SETUP.EXE -runfromtemp -l0x040c -removeonly> in the current context!
Error: Unable to interpret <Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x40c -removeonly> in the current context!
Error: Unable to interpret <SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe> in the current context!
Error: Unable to interpret <SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe> in the current context!
Error: Unable to interpret <Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe> in the current context!
Error: Unable to interpret <SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe> in the current context!
Error: Unable to interpret <SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe> in the current context!
Error: Unable to interpret <Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly> in the current context!
Error: Unable to interpret <Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly> in the current context!
Error: Unable to interpret <Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}> in the current context!
Error: Unable to interpret <Unibet Poker-->C:\MICROG~1\Poker\UNIBET~1\UNIBET~1\UNWISE.EXE C:\MICROG~1\Poker\UNIBET~1\UNIBET~1\INSTALL.LOG> in the current context!
Error: Unable to interpret <Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""> in the current context!
Error: Unable to interpret <VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe> in the current context!
Error: Unable to interpret <WD Diagnostics-->MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}> in the current context!
Error: Unable to interpret <Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}> in the current context!
Error: Unable to interpret <Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}> in the current context!
Error: Unable to interpret <Windows Live Contrôle parental-->MsiExec.exe /X{D5D81435-B8DE-4CAF-867F-7998F2B92CFC}> in the current context!
Error: Unable to interpret <Windows Live FolderShare-->MsiExec.exe /X{2075CB0A-D26F-4DAA-B424-5079296B43BA}> in the current context!
Error: Unable to interpret <Windows Live Mail-->MsiExec.exe /I{5DD76286-9BE7-4894-A990-E905E91AC818}> in the current context!
Error: Unable to interpret <Windows Live Messenger-->MsiExec.exe /X{770F1BEC-2871-4E70-B837-FB8525FFA3B1}> in the current context!
Error: Unable to interpret <Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}> in the current context!
Error: Unable to interpret <Windows Live Writer-->MsiExec.exe /X{4634B21A-CC07-4396-890C-2B8168661FEA}> in the current context!
Error: Unable to interpret <Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll> in the current context!
Error: Unable to interpret <Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"> in the current context!
Error: Unable to interpret <Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE> in the current context!
Error: Unable to interpret <======Hosts File======> in the current context!
Error: Unable to interpret <66.98.148.65 auto.search.msn.com> in the current context!
Error: Unable to interpret <66.98.148.65 auto.search.msn.es> in the current context!
Error: Unable to interpret <127.0.0.1 mpa.one.microsoft.com> in the current context!
Error: Unable to interpret <======Security center information======> in the current context!
Error: Unable to interpret <AV: Malware Defense (outdated)> in the current context!
Error: Unable to interpret <AV: avast! antivirus 4.8.1169 [VPS 091226-0]> in the current context!
Error: Unable to interpret <======System event log======> in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 7035> in the current context!
Error: Unable to interpret <Message: Un contrôle Démarrer a correctement été envoyé au service Service de la passerelle de la couche Application.> in the current context!
Error: Unable to interpret <Record Number: 14320> in the current context!
Error: Unable to interpret <Source Name: Service Control Manager> in the current context!
Error: Unable to interpret <Time Written: 20091025142701.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: AUTORITE NT\SYSTEM> in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 7035> in the current context!
Error: Unable to interpret <Message: Un contrôle Démarrer a correctement été envoyé au service aswRdr.> in the current context!
Error: Unable to interpret <Record Number: 14319> in the current context!
Error: Unable to interpret <Source Name: Service Control Manager> in the current context!
Error: Unable to interpret <Time Written: 20091025142700.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: AUTORITE NT\SYSTEM> in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 7036> in the current context!
Error: Unable to interpret <Message: Le service Service de découvertes SSDP est entré dans l'état : en cours d'exécution.> in the current context!
Error: Unable to interpret <Record Number: 14318> in the current context!
Error: Unable to interpret <Source Name: Service Control Manager> in the current context!
Error: Unable to interpret <Time Written: 20091025142700.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: > in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 7035> in the current context!
Error: Unable to interpret <Message: Un contrôle Démarrer a correctement été envoyé au service Service de découvertes SSDP.> in the current context!
Error: Unable to interpret <Record Number: 14317> in the current context!
Error: Unable to interpret <Source Name: Service Control Manager> in the current context!
Error: Unable to interpret <Time Written: 20091025142700.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: AUTORITE NT\SYSTEM> in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 4201> in the current context!
Error: Unable to interpret <Message: Le système a détecté que la carte réseau \DEVICE\TCPIP_{BB0F18A6-B1EA-4C80-8220-4741DB003EAF} était connectée au réseau,> in the current context!
Error: Unable to interpret <et a lancé une opération normale sur la carte réseau.> in the current context!
Error: Unable to interpret <Record Number: 14316> in the current context!
Error: Unable to interpret <Source Name: Tcpip> in the current context!
Error: Unable to interpret <Time Written: 20091025142659.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: > in the current context!
Error: Unable to interpret <=====Application event log=====> in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 100> in the current context!
Error: Unable to interpret <Message: The Service has started.> in the current context!
Error: Unable to interpret <Record Number: 5> in the current context!
Error: Unable to interpret <Source Name: LogMeIn> in the current context!
Error: Unable to interpret <Time Written: 20091130225624.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: AUTORITE NT\SYSTEM> in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 0> in the current context!
Error: Unable to interpret <Message: Service started> in the current context!
Error: Unable to interpret <Record Number: 4> in the current context!
Error: Unable to interpret <Source Name: SeaPort> in the current context!
Error: Unable to interpret <Time Written: 20091130225618.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: > in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 1> in the current context!
Error: Unable to interpret <Message: > in the current context!
Error: Unable to interpret <Record Number: 3> in the current context!
Error: Unable to interpret <Source Name: Bonjour Service> in the current context!
Error: Unable to interpret <Time Written: 20091130225614.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: > in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 0> in the current context!
Error: Unable to interpret <Message: > in the current context!
Error: Unable to interpret <Record Number: 2> in the current context!
Error: Unable to interpret <Source Name: gusvc> in the current context!
Error: Unable to interpret <Time Written: 20091130225614.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: > in the current context!
Error: Unable to interpret <Computer Name: XPSP2-E4FD56EAE> in the current context!
Error: Unable to interpret <Event Code: 0> in the current context!
Error: Unable to interpret <Message: > in the current context!
Error: Unable to interpret <Record Number: 1> in the current context!
Error: Unable to interpret <Source Name: gupdate1c99c2323a8a2d4> in the current context!
Error: Unable to interpret <Time Written: 20091130225614.000000+060> in the current context!
Error: Unable to interpret <Event Type: Informations> in the current context!
Error: Unable to interpret <User: > in the current context!
Error: Unable to interpret <======Environment variables======> in the current context!
Error: Unable to interpret <"ComSpec"=%SystemRoot%\system32\cmd.exe> in the current context!
Error: Unable to interpret <"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\QuickTime\QTSystem\> in the current context!
Error: Unable to interpret <"windir"=%SystemRoot%> in the current context!
Error: Unable to interpret <"FP_NO_HOST_CHECK"=NO> in the current context!
Error: Unable to interpret <"OS"=Windows_NT> in the current context!
Error: Unable to interpret <"PROCESSOR_ARCHITECTURE"=x86> in the current context!
Error: Unable to interpret <"PROCESSOR_LEVEL"=15> in the current context!
Error: Unable to interpret <"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel> in the current context!
Error: Unable to interpret <"PROCESSOR_REVISION"=0304> in the current context!
Error: Unable to interpret <"NUMBER_OF_PROCESSORS"=2> in the current context!
Error: Unable to interpret <"TEMP"=%SystemRoot%\TEMP> in the current context!
Error: Unable to interpret <"TMP"=%SystemRoot%\TEMP> in the current context!
Error: Unable to interpret <"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH> in the current context!
Error: Unable to interpret <"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip> in the current context!
Error: Unable to interpret <"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip> in the current context!
Error: Unable to interpret <-----------------EOF-----------------> in the current context!

OTM by OldTimer - Version 3.1.4.0 log created on 12272009_201417
0
Réponse 6 / 19
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Fais attention à ce que tu fais et à ce que tu colles dans Otm --> tu as collé le rapport RSIT

recommence la manip, mais cette fois en prenant soin de copié/collé correctement...
0
Réponse 7 / 19
so13 Messages postés 461 Statut Membre 12
 
desole mais je crois que j'ai supprimé le rapport donc j'ai refais la manip


Files moved on Reboot...

Registry entries deleted on Reboot...

Files moved on Reboot...
File move failed. C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\SJ9CX6Q8\signin[1].htm scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\AAJ2HOMP\affich-15861764-infecte-par-malware-defense[2].htm scheduled to be moved on reboot.

Registry entries deleted on Reboot..
0
Réponse 8 / 19
so13 Messages postés 461 Statut Membre 12
 
??
0
Réponse 9 / 19
so13 Messages postés 461 Statut Membre 12
 
??
0
Réponse 10 / 19
so13 Messages postés 461 Statut Membre 12
 
???
0
Réponse 11 / 19
Utilisateur anonyme
 
tu a redémarrer le pc?

puis a minuit et 05h30 du matin les gens dorme...
0
Réponse 12 / 19
so13 Messages postés 461 Statut Membre 12
 
bonjour
non je suis resté à attendre une réponse
je l'ai redemarré hier soir
0
Réponse 13 / 19
Utilisateur anonyme
 
oui mais bon les gens on une vie aussi (moi je boss de nuit xD)
enfin bref apres ton poste N°10 à 21:32:22 faut que tu redémarre le pc si tu la pas fait.
et ensuite va dormir le temps qu'il reviennent ;)
0
Réponse 14 / 19
so13 Messages postés 461 Statut Membre 12
 
merci dorgane,
je suis épuisé je file
0
Réponse 15 / 19
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Salut,

Merci dorgane ;-)

so13, peux-tu poster un nouveau rapport RSIT, je n'ai pas l'impression que la manip avec OTM soit correcte...

As-tu fais ce que je t'ai demandé au post 4, c'est à dire :

•Double Clique sur OTM.exe
•Copie (Ctrl+C) le texte (en gras) ci-dessous : 



:processes 
explorer.exe 

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion­\Run] 
"richtx64.exe"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malware Defense]

:files
C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\wscsvc32.exe
C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\richtx64.exe 
C:\Program Files\Malware Defense\mdefense.exe 
C:\Documents and Settings\All Users\Application Data\sysReserve.ini 

:commands 
[purity] 
[emptytemp] 
[reboot]





•Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
•Clique maintenant sur le bouton MoveIt! puis ferme OTM.

---> Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.



•Poste le rapport situé dans ce dossier : C:\_OTM\MovedFiles\
---> Le nom du rapport correspond au moment de sa création : date_heure.log

_______________________

Puis,

- Télécharge Malwarebytes' Anti-Malware :
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Installe le > double-clic sur Mbam-setup.exe, à la fin de l'installation, il se mettra automatiquement à jour
- Une fois installé, fermes toutes les applications en cours et lances Malwarebytes
- Exécute un examen rapide du pc ( tu n'auras pas accés à internet pendant l'analyse)
- A la fin du scan clic sur " Afficher les resultats ", si Malwarebytes a trouvé des infections >> clic sur " Supprimer la selection "
- Si il a besoin de redémarrer le pc pour finir la désinfection, acceptes
- Un rapport s'etablira, postes son contenu.

_________________________
0
Réponse 16 / 19
so13 Messages postés 461 Statut Membre 12
 
salut,
j'ai suivi vos instructions et voici le rapport

Malwarebytes' Anti-Malware 1.42
Version de la base de données: 3445
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

28/12/2009 20:33:16
mbam-log-2009-12-28 (20-33-16).txt

Type de recherche: Examen rapide
Eléments examinés: 104451
Temps écoulé: 4 minute(s), 19 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 13

Processus mémoire infecté(s):
C:\Program Files\Malware Defense\mdefense.exe (Trojan.FakeAlert) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\Program Files\Malware Defense\mdext.dll (Trojan.FakeAlert) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\malware defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malware defense (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\richtx64.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\malware Defense (Rogue.MalwareDefense) -> Delete on reboot.
C:\Documents and Settings\ordi chinoi\Menu Démarrer\Programmes\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Malware Defense\mdext.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\Program Files\Malware Defense\mdefense.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ordi chinoi\Local Settings\Temp\richtx64.exe (Rogue.Installer) -> Delete on reboot.
C:\Documents and Settings\ordi chinoi\Local Settings\Temp\dhdhtrdhdrtr5y (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\ordi chinoi\Local Settings\Temp\Installer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\ordi chinoi\Local Settings\Temp\wscsvc32.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Program Files\malware Defense\help.ico (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
C:\Program Files\malware Defense\md.db (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
C:\Program Files\malware Defense\uninstall.exe (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
C:\Documents and Settings\ordi chinoi\Menu Démarrer\Programmes\malware Defense\Malware Defense Support.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
C:\Documents and Settings\ordi chinoi\Menu Démarrer\Programmes\malware Defense\Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
C:\Documents and Settings\ordi chinoi\Menu Démarrer\Programmes\malware Defense\Uninstall Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
C:\Documents and Settings\ordi chinoi\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Defense.lnk (Rogue.MalwareDefense) -> Quarantined and deleted successfully.
0
Réponse 17 / 19
so13 Messages postés 461 Statut Membre 12
 
un nouveau rapport rsit
Logfile of random's system information tool 1.06 (written by random/random)
Run by ordi chinoi at 2009-12-28 21:00:57
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 29 GB (37%) free of 78 GB
Total RAM: 1023 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:01:01, on 28/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ALICE\ALICE Back-up\ALICE Back-up.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ALICE\ALICE Back-up\AGMailAgent.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ordi chinoi\Bureau\RSIT.exe
C:\Program Files\trend micro\ordi chinoi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ALICE Back-up] "C:\Program Files\ALICE\ALICE Back-up\ALICE Back-up.exe" /delayed
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Global Startup: Assistant Smart Wizard NETGEAR pour WG311v3.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Unibet Poker - {C53BFCFC-7A54-4627-AEBA-2CD4871FCA97} - C:\Microgaming\Poker\UnibetpokerMPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{2668EA7E-2C4B-4ADF-8E86-41589BFD8161}: NameServer = 213.36.80.1
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service Google Update (gupdate1c99c2323a8a2d4) (gupdate1c99c2323a8a2d4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
0
Réponse 18 / 19
so13 Messages postés 461 Statut Membre 12
 
et le rapport otm

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion­­\Run not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malware Defense\ deleted successfully.
========== FILES ==========
File/Folder C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\wscsvc32.exe not found.
File/Folder C:\DOCUME~1\ORDICH~1\LOCALS~1\Temp\richtx64.exe not found.
File/Folder C:\Program Files\Malware Defense\mdefense.exe not found.
File/Folder C:\Documents and Settings\All Users\Application Data\sysReserve.ini not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: ordi chinoi
->Temp folder emptied: 605855 bytes
->Temporary Internet Files folder emptied: 591354549 bytes
->Java cache emptied: 3421824 bytes
->Google Chrome cache emptied: 6053089 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2133582 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
Windows Temp folder emptied: 31755124 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23932000 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 1162293683 bytes

Total Files Cleaned = 1 737,00 mb


OTM by OldTimer - Version 3.1.4.0 log created on 12282009_175520

Files moved on Reboot...
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\SJ9CX6Q8\1071065798@Top,Right,Middle,Middle1,Middle2,x01,x02,x03,x04,x05,x25,x26[1] not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\SJ9CX6Q8\1739110579@Top,Right,Middle,Middle1,Middle2,x01,x02,x03,x04,x05,x25,x26[1] not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\SJ9CX6Q8\1[3].jpg not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\SJ9CX6Q8\fade[1].gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\SJ9CX6Q8\gift194_2[1].png not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\SJ9CX6Q8\img-50970[1].gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\SJ9CX6Q8\pmufr_v[10].gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\19ICAODYLXHCAYYKM3FCAN63073CATFHZTICASG9YITCAXMI9OCCANPC15ZCABGHFF8CAHKGFP2CACUGPD0CA5578K2CADC21K8CALRY4ISCA35CB82CAHX042PCA6YV3R7CAIO4QIJCA13QKQXCA6DB90S not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\A0L8R8WCAJXPKC1CAY0J1UPCACOCZYZCAIEKVJYCAF6BU4ZCAFW1V8JCAXW79VOCAXQJOPGCAA0TUV5CABA5TZRCAMKL9WUCAPJPGRVCAJE8RGMCAM94SRWCA1803D3CAXY4Q3ECA19NB6JCALL1I4N.gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\AKN56ZECAZ1PH17CAKPP3L3CAG480SOCAKIV7FVCAYY3SQRCAT2C77LCAWJNRYACA4AKODCCAYA6EMNCAJ4WEGPCAOWWRAJCAICK33ICA5ATUMPCA8LBFL2CAM94H93CAQMMKKCCAWYQ85BCAAI19X3.gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\flashwrite_1_2[1].js not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\hitCA8YVP1M.gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\hitCAUO8RI4.gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\hitCAW4AQ7D.gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\img-489[1].gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\img-7805[1].gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\imp not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\imp[4] not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\pmufr_v[9].gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\pronostic-hippique[1].gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\R6I3QP0H\s_32c48f4f1846e1ee1c2639b85db05e80[1].jpg not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\10[5].htm not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\127[1].gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\19173_103250119700725_100000472131042_82897_809305_a[1].jpg not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\5850776s[1].jpg not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\5850780s[1].jpg not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\5850781s[1].jpg not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\5850782s[1].jpg not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\77xbrdqq[1].gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\A04AGYFCAG0M05TCASZ28QFCATDXJCTCAMFXVQQCAACBBQDCARPWAZ1CARIDP10CAMPFQ24CA59LPKQCAIEZORCCA5FBG44CA2UOHKFCAVAS41GCAF5XYMECAYPAAS4CAW09UNDCAN1TWKGCA2ATRGK.txt not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\A4382YFCAMJKOD6CAMF0X3ACAOF700ICAL8P5PVCACA1U5ZCA1MMHPTCAP7UDNGCAUXCEFLCAY886LKCACYLFRWCAD7LCAZCAEL2XOYCANGW4D3CAGPFL7ZCAYJRBRQCAUH3U27CAJ0YWJFCA5ZNPMX.gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\AKA83KKCA4115FVCAUJXHF1CAZ2BAWGCAMNDS09CAWVG717CA3UYS1VCA6Q6A5ICASX20D4CAU704V8CADDPKIICADF8DRECA4H0BK0CAYJ724KCAFGJZM6CAMC9UGSCAYJ9ONCCAAP52R7CAVHQ19T.gif not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\ATMW4D9CAWIB3R5CAAZG16NCAB4293RCA6LEAM3CAPFBTD0CAPVD1D0CAPSOQHWCA7NWUGCCAP33IP3CAQGFMPYCA36FZXPCAT7Z6IRCAG3QITYCAOEZYGVCA816F6SCA6XSI0GCABGC5B0CAUO3X5O.txt not found!
File C:\Documents and Settings\ordi chinoi\Local Settings\Temporary Internet Files\Content.IE5\PC9AZA9V\c_557705Y[1].gif not found!

Registry entries deleted on Reboot...
0
Réponse 19 / 19
Ced_King Messages postés 3519 Date d'inscription   Statut Contributeur Dernière intervention   572
 
Désolé pour ce contre-temps,

Vide la quarantaine de Malwarebytes --> Onglet "Quarantaine" et supprime son contenu, puis redémarre l'ordi.

Lance Hijackthis, il s'agit de ce fichier : C:\Program Files\trend micro\ordi chinoi.exe


Clic sur Do a scan only et coche les cases des lignes suivantes : 

O1 - Hosts: 66.98.148.65 auto.search.msn.com 
O1 - Hosts: 66.98.148.65 auto.search.msn.es 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) 
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE 
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" 
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" 
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime 
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" 
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe


Clic sur Fic checked et répond oui à hijackthis, puis referme le programme..

__________________________________

Télecharges Rhost :
http://siri.urz.free.fr/RHosts.php

Double-clique dessus et cliques sur " Restore Original Hosts "

puis referme le programme

___________________________________

Télécharge et installe ccleaner : https://filehippo.com/download_ccleaner/
- Durant l'installation, décoche la case proposant la barre d'outils yahoo
- Une fois installé, ferme toutes les applications en cours et lance ccleaner
- clic -->> option -->> avancé et décoche "effacer les fichiers etc... plus vieux que 24h"
- Selectionne "nettoyeur" -->> clic sur Analyse puis nettoyage, puis referme le programme
-Clic sur "Registre" --> chercher des erreurs --> réparer les erreurs--> recommence l'opération jusqu'à plus d'erreurs, réponds "oui" à la sauvegarde, tu la supprimeras plus tard..

______________________________________

Je vois que tu as installer la verion béta d'Avast5 et qu'il y a des restes d'Avast 4, je te conseille de les desinstaller pour un antivirus plus fiable comme Antivir :

Regarde ce comparatif récent : https://www.commentcamarche.net/faq/24835-comparatif-2009-des-antivirus-gratuits-antivir-avast-avg-mse

Pour supprimer Avast correctement, sers-toi de l'utilitaire de désinstallation :
https://www.avast.com/fr-fr/uninstall-utility

Si tu es d'accord, télécharge Avira Antivir : http://dlce.antivir.com/package/wks_avira/win32/fr/pecl/avira_antivir_personal_fr.exe

Sers-toi de ce tuto pour le paramétrer correctement :
https://www.commentcamarche.net/faq/16831-tutoriel-configuration-optimale-d-antivir-personal

_________________________________________
Mets Adobe à jour :
https://get2.adobe.com/reader/otherversions/

---------------------
* Installes la dernière version de Java :
https://www.java.com/fr/download/manual.jsp

-------------------
* Une fois à jour, télécharges JavaRa.zip
http://raproducts.org/click/click.php?id=1
---> Autorise le processus a se connecter si il te le demande
. Cliques sur Install et suis les instructions

- Quand l'installation est finie, reviens à l'écran JavaRa

-Clic sur "Remove Old Versions" ou "supprimer d'anciennes versions" --> cliques sur "oui"

-l'outil va travailler, clique ensuite sur "Ok" et à nouveau sur Ok

- Un rapport s'ouvrira, refermes l'application puis postes le

__________________________________

Une fois fait, lance un scan de ton pc avec Antivir en mode sans échec :

Au démarrage du pc, tapote sur la touche F8 de ton clavier
Un écran noir apparait avec plusieurs choix
Choisis mode sans échec et valide par "Entrée"

Lance le scan en ayant pris soin d'avoir paramétrer correctement Antivir
Un rapport sera généré à la fin, poste son contenu

__________________________________

Si tu préfères garder Avast, alors fais ce scan en ligne :

https://www.commentcamarche.net/faq/8872-scanner-en-ligne-avec-bitdefender (avec internet explorer)

ou celui-ci :
https://www.eset.com/
Cocher toutes les cases à chaque fois
Le rapport se trouve à C:\Program Files\EsetOnlineScanner\log.txt

___________________________________
0

Discussions similaires

supprimer tor.jack android
sabinelouisonbruno -
akaloupile -

4 réponses
Tor.Jack.Malware
Camille -
bazfile -

1 réponse
urldefense.com : Kézaco?
Tessel75 -
Tessel75 -

4 réponses
Win64 malware gen
jules555 -
bazfile -

1 réponse
Win64:Malware-gen
ptb35 -
MisteryBean -

3 réponses