Adresse introuvable
Valé
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour à tous,
J'ai un problème de connexion internet ( adresse introuvable,pour tout ), suite à la suppression de dossiers infectés, j'ai supprimé ces dossiers car une réparation n'était pas acceptée.
J'ai certainement supprimé ce qu'il ne fallait pas!
Je passe par mon ordi portable pour avoir la connexion, c'est mon fixe qui est atteind!
Je demande de l'aide de la part de ceux qui s'y connaissent en informatique, s'il vous plait!
Voici ci-dessous l'examen rapide de mon fixe par Malwarebytes.
Merci
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2421
Windows 5.1.2600 Service Pack 3
17/06/2010 13:59:22
rapport mal
Type de recherche: Examen rapide
Eléments examinés: 95415
Temps écoulé: 7 minute(s), 37 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\documents and settings\utilisateur\local settings\temporary internet files\pse_350_fra.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\secupdat.dat (Backdoor.Bot) -> No action taken.
J'ai un problème de connexion internet ( adresse introuvable,pour tout ), suite à la suppression de dossiers infectés, j'ai supprimé ces dossiers car une réparation n'était pas acceptée.
J'ai certainement supprimé ce qu'il ne fallait pas!
Je passe par mon ordi portable pour avoir la connexion, c'est mon fixe qui est atteind!
Je demande de l'aide de la part de ceux qui s'y connaissent en informatique, s'il vous plait!
Voici ci-dessous l'examen rapide de mon fixe par Malwarebytes.
Merci
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2421
Windows 5.1.2600 Service Pack 3
17/06/2010 13:59:22
rapport mal
Type de recherche: Examen rapide
Eléments examinés: 95415
Temps écoulé: 7 minute(s), 37 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\documents and settings\utilisateur\local settings\temporary internet files\pse_350_fra.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\secupdat.dat (Backdoor.Bot) -> No action taken.
A voir également:
- Adresse introuvable
- Adresse mac - Guide
- Darkino nouvelle adresse - Guide
- Changer adresse dns - Guide
- Comment connaître son adresse ip - Guide
- Adresse url - Guide
57 réponses
Télécharge OTL de OLDTimer
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ Coche les 2 cases Lop et Purity
▶ Coche la case devant tous les utilisateurs
▶ règle age du fichier sur "60 jours"
▶ dans la moitié gauche , mets tout sur "tous"
ne modifie pas ceci :
"fichiers créés" et "fichiers Modifiés"
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ Coche les 2 cases Lop et Purity
▶ Coche la case devant tous les utilisateurs
▶ règle age du fichier sur "60 jours"
▶ dans la moitié gauche , mets tout sur "tous"
ne modifie pas ceci :
"fichiers créés" et "fichiers Modifiés"
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
lien OTL.Txt
http://www.cijoint.fr/cjlink.php?file=cj201006/cijzEu2NDq.txt
lien extra.Txt
http://www.cijoint.fr/cjlink.php?file=cj201006/cijaT9eQws.txt
http://www.cijoint.fr/cjlink.php?file=cj201006/cijzEu2NDq.txt
lien extra.Txt
http://www.cijoint.fr/cjlink.php?file=cj201006/cijaT9eQws.txt
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
▶ Télécharge ici : Ad-remover ( de C_XX ) sur ton bureau :
▶ Déconnecte toi et ferme toutes applications en cours !
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .
▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
▶ Déconnecte toi et ferme toutes applications en cours !
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
▶ sur "Ad-R.exe" pour lancer l'installation et laisse les paramètres d'installation par défaut .
▶ clique le raccourci Ad-remover qui est sur ton bureau pour lancer l'outil .
▶ Au menu principal choisis "option Nettoyer" et tape sur [entrée] .
▶ Laisse travailler l'outil et ne touche à rien ...
▶ Poste le rapport qui apparait à la fin , sur le forum ...
( Le rapport est sauvegardé aussi sous C:\Ad-report.log )
( CTRL+A Pour tout sélectionner , CTRL+C pour copier et CTRL+V pour coller )
▶ Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Ad-report-CLEAN.txt :
======= RAPPORT D'AD-REMOVER 2.0.0.1,C | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par C_XX le 17/06/10 à 18:00
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 16:52:16 le 18/06/2010, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
utilisateur, LSDBOT-III ( )
============== ACTION(S) ==============
0,Fichier supprimé: C:\Documents and Settings\utilisateur\Application Data\Mozilla\FireFox\Profiles\57yjdxja.default\searchplugins\mywebsearch.xml
0,Dossier supprimé: C:\Program Files\AskTBar
0,Dossier supprimé: C:\Documents and Settings\utilisateur\Application Data\EoRezo
0,Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Everest Poker
0,Dossier supprimé: C:\Program Files\FBSearch Toolbar
0,Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GamesBar
0,Dossier supprimé: C:\Program Files\Macrogaming
0,Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer
3,Fichier supprimé: C:\WINDOWS\Installer\59f6785.msi
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\utilisateur\Application Data\Mozilla\FireFox\Profiles\57yjdxja.default\Prefs.js --
Ligne supprimée: user_pref("browser.search.defaultenginename", "Fast Browser Search");
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&...
Ligne supprimée: user_pref("browser.search.order.1", "Fast Browser Search");
Ligne supprimée: user_pref("browser.search.selectedEngine", "Fast Browser Search");
Ligne supprimée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea...
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://fr.search.yahoo.com/search?ei=utf-8&fr=megaup...
Ligne supprimée: user_pref("keyword.URL", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={723...
-- Fichier Fermé --
1,Clé supprimée: HKLM\Software\Classes\CLSID\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
0,Clé supprimée: HKLM\Software\GamesBar
0,Clé supprimée: HKLM\Software\GamesBarSetup
0,Clé supprimée: HKCU\Software\GamesBar
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Gamesbar
0,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
0,Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A
0,Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
0,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
0,Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser|{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.3 (fr)] **
-- C:\Documents and Settings\utilisateur\Application Data\Mozilla\FireFox\Profiles\57yjdxja.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\utilisateur\\Mes documents\\Mes images
browser.startup.homepage, hxxp://google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.3
========================================
** Internet Explorer Version [6.0.2900.5512] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 83 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 18/06/2010 (2197 Octet(s))
Fin à: 16:56:33, 18/06/2010
============== E.O.F ==============
======= RAPPORT D'AD-REMOVER 2.0.0.1,C | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par C_XX le 17/06/10 à 18:00
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 16:52:16 le 18/06/2010, Mode normal
Microsoft Windows XP Professionnel Service Pack 3 (X86)
utilisateur, LSDBOT-III ( )
============== ACTION(S) ==============
0,Fichier supprimé: C:\Documents and Settings\utilisateur\Application Data\Mozilla\FireFox\Profiles\57yjdxja.default\searchplugins\mywebsearch.xml
0,Dossier supprimé: C:\Program Files\AskTBar
0,Dossier supprimé: C:\Documents and Settings\utilisateur\Application Data\EoRezo
0,Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Everest Poker
0,Dossier supprimé: C:\Program Files\FBSearch Toolbar
0,Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GamesBar
0,Dossier supprimé: C:\Program Files\Macrogaming
0,Dossier supprimé: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WebMediaPlayer
3,Fichier supprimé: C:\WINDOWS\Installer\59f6785.msi
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\utilisateur\Application Data\Mozilla\FireFox\Profiles\57yjdxja.default\Prefs.js --
Ligne supprimée: user_pref("browser.search.defaultenginename", "Fast Browser Search");
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=DEF&...
Ligne supprimée: user_pref("browser.search.order.1", "Fast Browser Search");
Ligne supprimée: user_pref("browser.search.selectedEngine", "Fast Browser Search");
Ligne supprimée: user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensea...
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Ligne supprimée: user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://fr.search.yahoo.com/search?ei=utf-8&fr=megaup...
Ligne supprimée: user_pref("keyword.URL", "hxxp://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={723...
-- Fichier Fermé --
1,Clé supprimée: HKLM\Software\Classes\CLSID\{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}
0,Clé supprimée: HKLM\Software\GamesBar
0,Clé supprimée: HKLM\Software\GamesBarSetup
0,Clé supprimée: HKCU\Software\GamesBar
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6D63A65-BD23-46F3-B9A3-87F442423481}
0,Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Gamesbar
0,Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
0,Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A
0,Clé supprimée: HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
0,Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
0,Valeur supprimée: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser|{BC4FFE41-DE9F-46FA-B455-AAD49B9F9938}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser|{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
0,Valeur supprimée: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.3 (fr)] **
-- C:\Documents and Settings\utilisateur\Application Data\Mozilla\FireFox\Profiles\57yjdxja.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\utilisateur\\Mes documents\\Mes images
browser.startup.homepage, hxxp://google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.3
========================================
** Internet Explorer Version [6.0.2900.5512] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 83 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 18/06/2010 (2197 Octet(s))
Fin à: 16:56:33, 18/06/2010
============== E.O.F ==============
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
:OTL
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={7234AAB1-350A-3A76-3125-C84E549C4965}&q="
[2009/09/21 00:18:05 | 000,000,000 | ---D | M] (My Web Tattoo (Fast Browser Search)) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Firefox\Profiles\57yjdxja.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2009/11/24 00:39:06 | 000,155,648 | ---- | M] (PopCap Games) -- C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll File not found
O3 - HKU\S-1-5-21-436374069-1958367476-839522115-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-436374069-1958367476-839522115-1003..\Run: [DigiClock] File not found
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
@Alternate Data Stream - 725744 bytes -> C:\WINDOWS\Temp:temp
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0ED4AC2F
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2C57161
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"DAEMON Tools-1033"=-
"iTunesHelper"=-
"QuickTime Task"=-
:Files
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
C:\Documents and Settings\utilisateur\winbrd.jpg
C:\WINDOWS\System32\Y9Y9
C:\Documents and Settings\utilisateur\mdusys.s
C:\Documents and Settings\utilisateur\mdsys.s
C:\WINDOWS\mdusys.s
C:\Documents and Settings\All Users\Application Data\BOONTY
C:\Documents and Settings\All Users\Application Data\MGS
C:\Documents and Settings\All Users\Application Data\PopCap
C:\Documents and Settings\utilisateur\Application Data\.trackballs
C:\Documents and Settings\utilisateur\Application Data\AVP 2009
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
:OTL
FF - prefs.js..browser.search.defaultenginename: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q="
FF - prefs.js..browser.search.order.1: "Fast Browser Search"
FF - prefs.js..browser.search.selectedEngine: "Fast Browser Search"
FF - prefs.js..keyword.URL: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={7234AAB1-350A-3A76-3125-C84E549C4965}&q="
[2009/09/21 00:18:05 | 000,000,000 | ---D | M] (My Web Tattoo (Fast Browser Search)) -- C:\Documents and Settings\utilisateur\Application Data\Mozilla\Firefox\Profiles\57yjdxja.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}
[2009/11/24 00:39:06 | 000,155,648 | ---- | M] (PopCap Games) -- C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll File not found
O3 - HKU\S-1-5-21-436374069-1958367476-839522115-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\S-1-5-21-436374069-1958367476-839522115-1003..\Run: [DigiClock] File not found
O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} http://codecs.microsoft.com/codecs/i386/fhg.CAB (Reg Error: Key error.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
@Alternate Data Stream - 725744 bytes -> C:\WINDOWS\Temp:temp
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0ED4AC2F
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2C57161
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"DAEMON Tools-1033"=-
"iTunesHelper"=-
"QuickTime Task"=-
:Files
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
C:\Documents and Settings\utilisateur\winbrd.jpg
C:\WINDOWS\System32\Y9Y9
C:\Documents and Settings\utilisateur\mdusys.s
C:\Documents and Settings\utilisateur\mdsys.s
C:\WINDOWS\mdusys.s
C:\Documents and Settings\All Users\Application Data\BOONTY
C:\Documents and Settings\All Users\Application Data\MGS
C:\Documents and Settings\All Users\Application Data\PopCap
C:\Documents and Settings\utilisateur\Application Data\.trackballs
C:\Documents and Settings\utilisateur\Application Data\AVP 2009
:commands
[emptytemp]
[start explorer]
[reboot]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Prefs.js: "Fast Browser Search" removed from browser.search.defaultenginename
Prefs.js: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q=" removed from browser.search.defaulturl
Prefs.js: "Fast Browser Search" removed from browser.search.order.1
Prefs.js: "Fast Browser Search" removed from browser.search.selectedEngine
Prefs.js: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={7234AAB1-350A-3A76-3125-C84E549C4965}&q=" removed from keyword.URL
C:\Documents and Settings\utilisateur\Application Data\Mozilla\Firefox\Profiles\57yjdxja.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}\META-INF folder moved successfully.
C:\Documents and Settings\utilisateur\Application Data\Mozilla\Firefox\Profiles\57yjdxja.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}\chrome folder moved successfully.
C:\Documents and Settings\utilisateur\Application Data\Mozilla\Firefox\Profiles\57yjdxja.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB} folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-436374069-1958367476-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_USERS\S-1-5-21-436374069-1958367476-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DigiClock deleted successfully.
Starting removal of ActiveX control {00000055-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\fhg.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
ADS C:\WINDOWS\Temp:temp deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0ED4AC2F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D2C57161 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools-1033 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} folder moved successfully.
C:\Documents and Settings\utilisateur\winbrd.jpg moved successfully.
File\Folder C:\WINDOWS\System32\Y9Y9 not found.
C:\Documents and Settings\utilisateur\mdusys.s moved successfully.
C:\Documents and Settings\utilisateur\mdsys.s moved successfully.
C:\WINDOWS\mdusys.s moved successfully.
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses folder moved successfully.
C:\Documents and Settings\All Users\Application Data\BOONTY folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\_ folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\y folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\x folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\w folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\v folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\t folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\s folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\r folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\p folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\o folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\n folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\m folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\l folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\k folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\j folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\i folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\h folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\g folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\f folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\e folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\d folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\c folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\b folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\a folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\5 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\3 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\2 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\1 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\sounds\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\sounds folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\spiral2\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\spiral2 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\overlap\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\overlap folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\dynomite\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\dynomite folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\doubledip\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\doubledip folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\images\upsell\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\images\upsell folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\images\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\images folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\fonts\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\fonts folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\data folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap folder moved successfully.
C:\Documents and Settings\utilisateur\Application Data\.trackballs folder moved successfully.
C:\Documents and Settings\utilisateur\Application Data\AVP 2009 folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 83 bytes
User: Invité
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 83 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3421489 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1362742 bytes
User: utilisateur
->Temp folder emptied: 117614 bytes
->Temporary Internet Files folder emptied: 21018793 bytes
->Java cache emptied: 6421920 bytes
->FireFox cache emptied: 29673731 bytes
->Flash cache emptied: 2041504 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 376832 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7928 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23968376 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34230 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 84,00 mb
OTL by OldTimer - Version 3.2.6.0 log created on 06182010_182028
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== PROCESSES ==========
Process explorer.exe killed successfully!
No active process named iexplore.exe was found!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
========== OTL ==========
Prefs.js: "Fast Browser Search" removed from browser.search.defaultenginename
Prefs.js: "http://www.fastbrowsersearch.com/results/results.aspx?s=DEF&v=18&q=" removed from browser.search.defaulturl
Prefs.js: "Fast Browser Search" removed from browser.search.order.1
Prefs.js: "Fast Browser Search" removed from browser.search.selectedEngine
Prefs.js: "http://www.fastbrowsersearch.com/results/results.aspx?s=NAUS&v=18&tid={7234AAB1-350A-3A76-3125-C84E549C4965}&q=" removed from keyword.URL
C:\Documents and Settings\utilisateur\Application Data\Mozilla\Firefox\Profiles\57yjdxja.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}\META-INF folder moved successfully.
C:\Documents and Settings\utilisateur\Application Data\Mozilla\Firefox\Profiles\57yjdxja.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB}\chrome folder moved successfully.
C:\Documents and Settings\utilisateur\Application Data\Mozilla\Firefox\Profiles\57yjdxja.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB} folder moved successfully.
C:\Program Files\Mozilla Firefox\plugins\nppopcaploader.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-436374069-1958367476-839522115-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry value HKEY_USERS\S-1-5-21-436374069-1958367476-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DigiClock deleted successfully.
Starting removal of ActiveX control {00000055-9980-0010-8000-00AA00389B71}
C:\WINDOWS\Downloaded Program Files\fhg.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{00000055-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000055-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
ADS C:\WINDOWS\Temp:temp deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0ED4AC2F deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D507B5A8 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D2C57161 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools-1033 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
========== FILES ==========
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} folder moved successfully.
C:\Documents and Settings\utilisateur\winbrd.jpg moved successfully.
File\Folder C:\WINDOWS\System32\Y9Y9 not found.
C:\Documents and Settings\utilisateur\mdusys.s moved successfully.
C:\Documents and Settings\utilisateur\mdsys.s moved successfully.
C:\WINDOWS\mdusys.s moved successfully.
C:\Documents and Settings\All Users\Application Data\BOONTY\Licenses folder moved successfully.
C:\Documents and Settings\All Users\Application Data\BOONTY folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\_ folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\y folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\x folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\w folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\v folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\t folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\s folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\r folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\p folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\o folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\n folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\m folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\l folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\k folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\j folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\i folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\h folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\g folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\f folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\e folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\d folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\c folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\b folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\a folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\5 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\3 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\2 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache\1 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS\cache folder moved successfully.
C:\Documents and Settings\All Users\Application Data\MGS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\sounds\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\sounds folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\spiral2\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\spiral2 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\overlap\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\overlap folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\dynomite\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\dynomite folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\doubledip\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\doubledip folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\levels folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\images\upsell\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\images\upsell folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\images\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\images folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\fonts\CVS folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\fonts folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma\data folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR\zuma folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader\BestofmediaFR folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap\PopCapLoader folder moved successfully.
C:\Documents and Settings\All Users\Application Data\PopCap folder moved successfully.
C:\Documents and Settings\utilisateur\Application Data\.trackballs folder moved successfully.
C:\Documents and Settings\utilisateur\Application Data\AVP 2009 folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 83 bytes
User: Invité
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 83 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3421489 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1362742 bytes
User: utilisateur
->Temp folder emptied: 117614 bytes
->Temporary Internet Files folder emptied: 21018793 bytes
->Java cache emptied: 6421920 bytes
->FireFox cache emptied: 29673731 bytes
->Flash cache emptied: 2041504 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 376832 bytes
%systemroot%\System32 .tmp files removed: 3072 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7928 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23968376 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 34230 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 84,00 mb
OTL by OldTimer - Version 3.2.6.0 log created on 06182010_182028
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
▶ Télécharge :
Malwarebytes
ou :
Malwarebytes
▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX
▶ Potasses le Tuto pour te familiariser avec le prg :
( cela dit, il est très simple d'utilisation ).
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
▶ Lance Malwarebyte's .
Fais un examen dit "Complet" .
▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
▶ Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
▶ Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
▶ Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
▶ Télécharge :
Malwarebytes
ou :
Malwarebytes
▶ Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
(NB : Si tu as un message d'erreur t'indiquant qu'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX
▶ Potasses le Tuto pour te familiariser avec le prg :
( cela dit, il est très simple d'utilisation ).
relance malwarebytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
▶ Lance Malwarebyte's .
Fais un examen dit "Complet" .
▶ Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
▶ à la fin tu cliques sur "résultat" .
▶ Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .
▶ Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
▶ Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4052
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
18/06/2010 21:26:26
mbam-log-2010-06-18 (21-26-26).txt
Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Elément(s) analysé(s): 221708
Temps écoulé: 2 heure(s), 27 minute(s), 34 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B536926C-DA2A-4AAF-B4CB-A89650CD963D}\RP227\A0057849.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B536926C-DA2A-4AAF-B4CB-A89650CD963D}\RP227\A0057851.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B536926C-DA2A-4AAF-B4CB-A89650CD963D}\RP227\A0057939.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 4052
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
18/06/2010 21:26:26
mbam-log-2010-06-18 (21-26-26).txt
Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Elément(s) analysé(s): 221708
Temps écoulé: 2 heure(s), 27 minute(s), 34 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B536926C-DA2A-4AAF-B4CB-A89650CD963D}\RP227\A0057849.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B536926C-DA2A-4AAF-B4CB-A89650CD963D}\RP227\A0057851.exe (Rogue.AntivirusDoktor) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B536926C-DA2A-4AAF-B4CB-A89650CD963D}\RP227\A0057939.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
Oui, la connexion est bonne mais impossible d'ouvrir une page internet :
ADRESSE INTROUVABLE
Firefox ne peut trouver le serveur à l'adresse www.....................
ADRESSE INTROUVABLE
Firefox ne peut trouver le serveur à l'adresse www.....................
