Virus , trogent ou Spyware
Résolu
danielle
-
kalimusic Messages postés 14619 Statut Contributeur sécurité -
kalimusic Messages postés 14619 Statut Contributeur sécurité -
Bonjour,
J'ai tout essayé les logiciels pour faire disparaitre mon problème. mais sans succès.
des page de pub s ouvre je regarde des chose sens êtres sur un site et de la musique joue tout seul lolllllllll je suis un peu tanner pourriez vous m'aider s.v.p
J'ai tout essayé les logiciels pour faire disparaitre mon problème. mais sans succès.
des page de pub s ouvre je regarde des chose sens êtres sur un site et de la musique joue tout seul lolllllllll je suis un peu tanner pourriez vous m'aider s.v.p
124 réponses
Bonsoir,
Nous allons d'abord utiliser cet outil de diagnostic afin d'identifier les problèmes de ton ordinateur.
Télécharge OTL (de OldTimer) sur ton Bureau.
!! Ferme toutes tes applications en cours !!
* Lance OTL.exe
- Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
* L'interface principale s'ouvre :
* Dans la section Rapport en haut à droite de la fenêtre, coche Rapport minimal
* Coche également les cases Recherche LOP et Recherche Purity
* Laisse tous les autres paramètres par défaut (âge du fichier 30 jours)
* Clique sur le bouton Analyse, patiente pendant le balayage du système.
* 2 rapports vont s'ouvrir au format bloc-note : OTL.txt (qui sera affiché) ainsi que de Extras.txt (réduit dans la barre des tâches)
Ne les poste pas sur le forum, ils seraient trop long !
Pour me les transmettre tu dois te rendre sur ce site http://www.cijoint.fr/ , tu cliques sur parcourir et tu sélectionnes le premier rapport sur ton bureau, tu coches "Rendre public le fichier" et ensuite tu cliques sur "Cliquez ici pour déposer le fichier", il va te donner un lien de ce type http://www.cijoint.fr/cjlink.php?file=cj200906/XcijvLjYL5L.txt que tu copies/colles dans ton message. idem pour le 2nd rapport.
A +
Nous allons d'abord utiliser cet outil de diagnostic afin d'identifier les problèmes de ton ordinateur.
Télécharge OTL (de OldTimer) sur ton Bureau.
!! Ferme toutes tes applications en cours !!
* Lance OTL.exe
- Sous XP double-clic sur l'icône pour lancer l'outil.
- Sous Vista/Seven clic-droit sur l'icône et choisir "Exécuter en tant qu'administrateur" dans le menu contextuel.
* L'interface principale s'ouvre :
* Dans la section Rapport en haut à droite de la fenêtre, coche Rapport minimal
* Coche également les cases Recherche LOP et Recherche Purity
* Laisse tous les autres paramètres par défaut (âge du fichier 30 jours)
* Clique sur le bouton Analyse, patiente pendant le balayage du système.
* 2 rapports vont s'ouvrir au format bloc-note : OTL.txt (qui sera affiché) ainsi que de Extras.txt (réduit dans la barre des tâches)
Ne les poste pas sur le forum, ils seraient trop long !
Pour me les transmettre tu dois te rendre sur ce site http://www.cijoint.fr/ , tu cliques sur parcourir et tu sélectionnes le premier rapport sur ton bureau, tu coches "Rendre public le fichier" et ensuite tu cliques sur "Cliquez ici pour déposer le fichier", il va te donner un lien de ce type http://www.cijoint.fr/cjlink.php?file=cj200906/XcijvLjYL5L.txt que tu copies/colles dans ton message. idem pour le 2nd rapport.
A +
danielle,
Durant la désinfection, il est préférable de ne pas :
1. Ajouter de programmes à ton PC
2. Utiliser d'outil de désinfection de ta propre initiative
3. Suivre d'autres conseils afin de ne pas interférer sur la procédure en cours
Il est préférable de terminer la procédure même si ton PC semble aller mieux.
N'hésite pas à me faire part d'éventuelles difficultés dans les manipulations demandées.
Afin de permettre aux outils de désinfection de travailler correctement :
Tu dois désactiver le module Tea Timer de Spybot S&D.
*****
Télécharge et installe UsbFix (par C_XX & El Desaparecido) sur le Bureau
! ! Branche tous tes supports amovibles (clés USB, DD externes, etc...) sans les ouvrir !!
* lance UsbFix
- Sous XP double-clic sur l'icône pour lancer l'outil.
* Clique sur le bouton "Recherche"
* Patiente le temps du balayage qui peut durer plusieurs minutes
* Le rapport doit s'ouvrir spontanément à la fin du scan
* Copie/colle le rapport dans le prochain message
Le rapport est sauvegardé à la racine du disque C:\Usbfix.txt
"Process.exe" est détecté par certains antivirus comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Le mieux étant de désactiver temporairement ton antivirus
A +
Durant la désinfection, il est préférable de ne pas :
1. Ajouter de programmes à ton PC
2. Utiliser d'outil de désinfection de ta propre initiative
3. Suivre d'autres conseils afin de ne pas interférer sur la procédure en cours
Il est préférable de terminer la procédure même si ton PC semble aller mieux.
N'hésite pas à me faire part d'éventuelles difficultés dans les manipulations demandées.
Afin de permettre aux outils de désinfection de travailler correctement :
Tu dois désactiver le module Tea Timer de Spybot S&D.
*****
Télécharge et installe UsbFix (par C_XX & El Desaparecido) sur le Bureau
! ! Branche tous tes supports amovibles (clés USB, DD externes, etc...) sans les ouvrir !!
* lance UsbFix
- Sous XP double-clic sur l'icône pour lancer l'outil.
* Clique sur le bouton "Recherche"
* Patiente le temps du balayage qui peut durer plusieurs minutes
* Le rapport doit s'ouvrir spontanément à la fin du scan
* Copie/colle le rapport dans le prochain message
Le rapport est sauvegardé à la racine du disque C:\Usbfix.txt
"Process.exe" est détecté par certains antivirus comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Le mieux étant de désactiver temporairement ton antivirus
A +
############################## | UsbFix 7.015 | [Recherche]
Utilisateur: Administrateur (Administrateur) # ORDI-XPSP2 [ ]
Mis à jour le 01/07/10 par El Desaparecido / C_XX
Lancé à 19:14:37 | 03/07/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
CPU 2: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Pare-feu Windows: Activé
Antivirus: avast! Antivirus 5.0.83886674 [(!) Disabled | Updated]
RAM -> 2037 Mo
C:\ (%systemdrive%) -> Disque fixe # 466 Go (191 Go libre(s) - 41%) [] # NTFS
D:\ -> CD-ROM
F:\ -> CD-ROM
################## | Éléments infectieux |
Présent! C:\WINDOWS\system32\USB.ocx
Présent! C:\WINDOWS\Tasks\At1.job
Présent! C:\WINDOWS\Tasks\At2.job
Présent! C:\WINDOWS\Tasks\At3.job
Présent! C:\WINDOWS\Tasks\At4.job
Présent! C:\WINDOWS\Tasks\At5.job
Présent! C:\WINDOWS\Tasks\At6.job
Présent! C:\WINDOWS\Tasks\At7.job
Présent! C:\WINDOWS\Tasks\At8.job
Présent! C:\WINDOWS\Tasks\At9.job
Présent! C:\WINDOWS\Tasks\At10.job
Présent! C:\WINDOWS\Tasks\At11.job
Présent! C:\WINDOWS\Tasks\At12.job
Présent! C:\WINDOWS\Tasks\At13.job
Présent! C:\WINDOWS\Tasks\At14.job
Présent! C:\WINDOWS\Tasks\At15.job
Présent! C:\WINDOWS\Tasks\At16.job
Présent! C:\WINDOWS\Tasks\At17.job
Présent! C:\WINDOWS\Tasks\At18.job
Présent! C:\WINDOWS\Tasks\At19.job
Présent! C:\WINDOWS\Tasks\At20.job
Présent! C:\WINDOWS\Tasks\At21.job
Présent! C:\WINDOWS\Tasks\At22.job
Présent! C:\WINDOWS\Tasks\At23.job
Présent! C:\WINDOWS\Tasks\At24.job
################## | Registre |
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRecentDocsMenu
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{7bff3784-07f0-11de-91a8-001fd0d1c9ef}
Shell\AutoRun\Command = G:\install32.bat
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
Utilisateur: Administrateur (Administrateur) # ORDI-XPSP2 [ ]
Mis à jour le 01/07/10 par El Desaparecido / C_XX
Lancé à 19:14:37 | 03/07/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
CPU 2: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Pare-feu Windows: Activé
Antivirus: avast! Antivirus 5.0.83886674 [(!) Disabled | Updated]
RAM -> 2037 Mo
C:\ (%systemdrive%) -> Disque fixe # 466 Go (191 Go libre(s) - 41%) [] # NTFS
D:\ -> CD-ROM
F:\ -> CD-ROM
################## | Éléments infectieux |
Présent! C:\WINDOWS\system32\USB.ocx
Présent! C:\WINDOWS\Tasks\At1.job
Présent! C:\WINDOWS\Tasks\At2.job
Présent! C:\WINDOWS\Tasks\At3.job
Présent! C:\WINDOWS\Tasks\At4.job
Présent! C:\WINDOWS\Tasks\At5.job
Présent! C:\WINDOWS\Tasks\At6.job
Présent! C:\WINDOWS\Tasks\At7.job
Présent! C:\WINDOWS\Tasks\At8.job
Présent! C:\WINDOWS\Tasks\At9.job
Présent! C:\WINDOWS\Tasks\At10.job
Présent! C:\WINDOWS\Tasks\At11.job
Présent! C:\WINDOWS\Tasks\At12.job
Présent! C:\WINDOWS\Tasks\At13.job
Présent! C:\WINDOWS\Tasks\At14.job
Présent! C:\WINDOWS\Tasks\At15.job
Présent! C:\WINDOWS\Tasks\At16.job
Présent! C:\WINDOWS\Tasks\At17.job
Présent! C:\WINDOWS\Tasks\At18.job
Présent! C:\WINDOWS\Tasks\At19.job
Présent! C:\WINDOWS\Tasks\At20.job
Présent! C:\WINDOWS\Tasks\At21.job
Présent! C:\WINDOWS\Tasks\At22.job
Présent! C:\WINDOWS\Tasks\At23.job
Présent! C:\WINDOWS\Tasks\At24.job
################## | Registre |
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRecentDocsMenu
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{7bff3784-07f0-11de-91a8-001fd0d1c9ef}
Shell\AutoRun\Command = G:\install32.bat
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
!! Ferme toutes tes applications en cours et désactive la protection résidente de ton anti-virus et tea timer !!
Branche tous tes supports amovibles (clés USB, DD externes, etc...) sans les ouvrir
* Relance UsbFix en choisissant maintenant "Suppression"
- Sous XP double-clic sur l'icône pour lancer l'outil.
* UsbFix scanne ton pc, laisse travailler l'outil (le bureau peut disparaitre)
* A la fin du nettoyage, clique sur OK dans la boite de dialogue
* Upload le dossier zip demandé
* Le rapport doit s'ouvrir spontanément, copie/colle le dans le prochain message
Il est recommandé de redémarrer le pc après cette opération
Le rapport est sauvegardé à la racine du disque C:\Usbfix.txt
Rappel : "Process.exe" est détecté par certains antivirus comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus
A +
!! Ferme toutes tes applications en cours et désactive la protection résidente de ton anti-virus et tea timer !!
Branche tous tes supports amovibles (clés USB, DD externes, etc...) sans les ouvrir
* Relance UsbFix en choisissant maintenant "Suppression"
- Sous XP double-clic sur l'icône pour lancer l'outil.
* UsbFix scanne ton pc, laisse travailler l'outil (le bureau peut disparaitre)
* A la fin du nettoyage, clique sur OK dans la boite de dialogue
* Upload le dossier zip demandé
* Le rapport doit s'ouvrir spontanément, copie/colle le dans le prochain message
Il est recommandé de redémarrer le pc après cette opération
Le rapport est sauvegardé à la racine du disque C:\Usbfix.txt
Rappel : "Process.exe" est détecté par certains antivirus comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus
A +
############################## | UsbFix 7.015 | [Suppression]
Utilisateur: Administrateur (Administrateur) # ORDI-XPSP2 [ ]
Mis à jour le 01/07/10 par El Desaparecido / C_XX
Lancé à 11:49:31 | 04/07/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
CPU 2: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Pare-feu Windows: Activé
Antivirus: avast! Antivirus 5.0.83886674 [(!) Disabled | Updated]
RAM -> 2037 Mo
C:\ (%systemdrive%) -> Disque fixe # 466 Go (190 Go libre(s) - 41%) [] # NTFS
D:\ -> CD-ROM
F:\ -> CD-ROM
################## | Éléments infectieux |
Supprimé! C:\WINDOWS\system32\USB.ocx
Supprimé! C:\WINDOWS\Tasks\At1.job
Supprimé! C:\WINDOWS\Tasks\At2.job
Supprimé! C:\WINDOWS\Tasks\At3.job
Supprimé! C:\WINDOWS\Tasks\At4.job
Supprimé! C:\WINDOWS\Tasks\At5.job
Supprimé! C:\WINDOWS\Tasks\At6.job
Supprimé! C:\WINDOWS\Tasks\At7.job
Supprimé! C:\WINDOWS\Tasks\At8.job
Supprimé! C:\WINDOWS\Tasks\At9.job
Supprimé! C:\WINDOWS\Tasks\At10.job
Supprimé! C:\WINDOWS\Tasks\At11.job
Supprimé! C:\WINDOWS\Tasks\At12.job
Supprimé! C:\WINDOWS\Tasks\At13.job
Supprimé! C:\WINDOWS\Tasks\At14.job
Supprimé! C:\WINDOWS\Tasks\At15.job
Supprimé! C:\WINDOWS\Tasks\At16.job
Supprimé! C:\WINDOWS\Tasks\At17.job
Supprimé! C:\WINDOWS\Tasks\At18.job
Supprimé! C:\WINDOWS\Tasks\At19.job
Supprimé! C:\WINDOWS\Tasks\At20.job
Supprimé! C:\WINDOWS\Tasks\At21.job
Supprimé! C:\WINDOWS\Tasks\At22.job
Supprimé! C:\WINDOWS\Tasks\At23.job
Supprimé! C:\WINDOWS\Tasks\At24.job
################## | Registre |
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRecentDocsMenu
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{7bff3784-07f0-11de-91a8-001fd0d1c9ef}
################## | Listing |
[23/04/2009 - 18:48:16 | A | 6839] C:\$$RENAME.TXT
[06/04/2010 - 22:47:05 | HD ] C:\$AVG
[27/12/2009 - 21:03:03 | D ] C:\audacity_temp
[02/03/2009 - 10:28:51 | A | 0] C:\AUTOEXEC.BAT
[30/05/2010 - 12:52:39 | SH | 212] C:\boot.ini
[24/08/2001 - 08:00:00 | RASH | 4952] C:\Bootfont.bin
[30/06/2010 - 03:42:03 | HD ] C:\Config.Msi
[02/03/2009 - 10:28:51 | A | 0] C:\CONFIG.SYS
[03/03/2009 - 07:54:44 | A | 10] C:\csb.log
[02/03/2009 - 10:31:28 | D ] C:\Documents and Settings
[03/04/2010 - 18:39:15 | D ] C:\Garmin
[21/03/2009 - 21:54:01 | A | 230424] C:\img2-001.raw
[03/03/2009 - 07:51:10 | D ] C:\Intel
[02/03/2009 - 10:28:51 | RASH | 0] C:\IO.SYS
[02/03/2010 - 09:40:44 | A | 6892] C:\LgDSetup.log
[02/03/2010 - 09:38:21 | A | 90] C:\LogiSetup.log
[13/03/2010 - 00:35:29 | D ] C:\MapSource
[28/06/2010 - 12:52:04 | A | 127] C:\mbam-error.txt
[02/03/2009 - 10:28:51 | RASH | 0] C:\MSDOS.SYS
[29/03/2009 - 20:45:12 | D ] C:\MyWorks
[03/08/2004 - 16:38:34 | RASH | 47564] C:\NTDETECT.COM
[03/08/2004 - 16:59:44 | RASH | 251712] C:\ntldr
[02/03/2010 - 01:04:08 | D ] C:\OtsLabs
[04/07/2010 - 10:52:32 | ASH | 2145386496] C:\pagefile.sys
[10/06/2009 - 08:12:55 | A | 0] C:\plx_proxy.log
[01/07/2010 - 00:42:03 | RD ] C:\Program Files
[04/07/2010 - 11:52:34 | SHD ] C:\RECYCLER
[03/03/2009 - 07:53:26 | A | 429] C:\RHDSetup.log
[04/07/2010 - 10:54:16 | A | 125] C:\service.log
[12/02/2010 - 21:07:31 | D ] C:\Sounds
[02/03/2010 - 09:38:39 | D ] C:\SXS
[01/06/2010 - 20:52:04 | SHD ] C:\System Volume Information
[07/05/2009 - 21:18:32 | D ] C:\tmp
[05/07/2005 - 11:47:38 | A | 40448] C:\trial_setup.exe
[05/07/2005 - 11:47:38 | A | 777] C:\trial_setup.ini
[05/07/2005 - 11:47:38 | A | 5133312] C:\trial_setup.msi
[04/07/2010 - 11:52:34 | D ] C:\UsbFix
[04/07/2010 - 11:52:39 | A | 1826] C:\UsbFix.txt
[11/03/2010 - 22:34:24 | A | 6321440] C:\WebUpdaterforWindows_242.exe
[02/07/2010 - 06:57:47 | D ] C:\WINDOWS
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_ORDI-XPSP2.zip
https://www.ionos.fr/?affiliate_id=77097
Merci de votre contribution.
################## | E.O.F |
Utilisateur: Administrateur (Administrateur) # ORDI-XPSP2 [ ]
Mis à jour le 01/07/10 par El Desaparecido / C_XX
Lancé à 11:49:31 | 04/07/2010
Site Web: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com
CPU: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
CPU 2: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Microsoft Windows XP Professionnel (5.1.2600 32-Bit) # Service Pack 2
Internet Explorer 6.0.2900.2180
Pare-feu Windows: Activé
Antivirus: avast! Antivirus 5.0.83886674 [(!) Disabled | Updated]
RAM -> 2037 Mo
C:\ (%systemdrive%) -> Disque fixe # 466 Go (190 Go libre(s) - 41%) [] # NTFS
D:\ -> CD-ROM
F:\ -> CD-ROM
################## | Éléments infectieux |
Supprimé! C:\WINDOWS\system32\USB.ocx
Supprimé! C:\WINDOWS\Tasks\At1.job
Supprimé! C:\WINDOWS\Tasks\At2.job
Supprimé! C:\WINDOWS\Tasks\At3.job
Supprimé! C:\WINDOWS\Tasks\At4.job
Supprimé! C:\WINDOWS\Tasks\At5.job
Supprimé! C:\WINDOWS\Tasks\At6.job
Supprimé! C:\WINDOWS\Tasks\At7.job
Supprimé! C:\WINDOWS\Tasks\At8.job
Supprimé! C:\WINDOWS\Tasks\At9.job
Supprimé! C:\WINDOWS\Tasks\At10.job
Supprimé! C:\WINDOWS\Tasks\At11.job
Supprimé! C:\WINDOWS\Tasks\At12.job
Supprimé! C:\WINDOWS\Tasks\At13.job
Supprimé! C:\WINDOWS\Tasks\At14.job
Supprimé! C:\WINDOWS\Tasks\At15.job
Supprimé! C:\WINDOWS\Tasks\At16.job
Supprimé! C:\WINDOWS\Tasks\At17.job
Supprimé! C:\WINDOWS\Tasks\At18.job
Supprimé! C:\WINDOWS\Tasks\At19.job
Supprimé! C:\WINDOWS\Tasks\At20.job
Supprimé! C:\WINDOWS\Tasks\At21.job
Supprimé! C:\WINDOWS\Tasks\At22.job
Supprimé! C:\WINDOWS\Tasks\At23.job
Supprimé! C:\WINDOWS\Tasks\At24.job
################## | Registre |
Supprimé! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRecentDocsMenu
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{7bff3784-07f0-11de-91a8-001fd0d1c9ef}
################## | Listing |
[23/04/2009 - 18:48:16 | A | 6839] C:\$$RENAME.TXT
[06/04/2010 - 22:47:05 | HD ] C:\$AVG
[27/12/2009 - 21:03:03 | D ] C:\audacity_temp
[02/03/2009 - 10:28:51 | A | 0] C:\AUTOEXEC.BAT
[30/05/2010 - 12:52:39 | SH | 212] C:\boot.ini
[24/08/2001 - 08:00:00 | RASH | 4952] C:\Bootfont.bin
[30/06/2010 - 03:42:03 | HD ] C:\Config.Msi
[02/03/2009 - 10:28:51 | A | 0] C:\CONFIG.SYS
[03/03/2009 - 07:54:44 | A | 10] C:\csb.log
[02/03/2009 - 10:31:28 | D ] C:\Documents and Settings
[03/04/2010 - 18:39:15 | D ] C:\Garmin
[21/03/2009 - 21:54:01 | A | 230424] C:\img2-001.raw
[03/03/2009 - 07:51:10 | D ] C:\Intel
[02/03/2009 - 10:28:51 | RASH | 0] C:\IO.SYS
[02/03/2010 - 09:40:44 | A | 6892] C:\LgDSetup.log
[02/03/2010 - 09:38:21 | A | 90] C:\LogiSetup.log
[13/03/2010 - 00:35:29 | D ] C:\MapSource
[28/06/2010 - 12:52:04 | A | 127] C:\mbam-error.txt
[02/03/2009 - 10:28:51 | RASH | 0] C:\MSDOS.SYS
[29/03/2009 - 20:45:12 | D ] C:\MyWorks
[03/08/2004 - 16:38:34 | RASH | 47564] C:\NTDETECT.COM
[03/08/2004 - 16:59:44 | RASH | 251712] C:\ntldr
[02/03/2010 - 01:04:08 | D ] C:\OtsLabs
[04/07/2010 - 10:52:32 | ASH | 2145386496] C:\pagefile.sys
[10/06/2009 - 08:12:55 | A | 0] C:\plx_proxy.log
[01/07/2010 - 00:42:03 | RD ] C:\Program Files
[04/07/2010 - 11:52:34 | SHD ] C:\RECYCLER
[03/03/2009 - 07:53:26 | A | 429] C:\RHDSetup.log
[04/07/2010 - 10:54:16 | A | 125] C:\service.log
[12/02/2010 - 21:07:31 | D ] C:\Sounds
[02/03/2010 - 09:38:39 | D ] C:\SXS
[01/06/2010 - 20:52:04 | SHD ] C:\System Volume Information
[07/05/2009 - 21:18:32 | D ] C:\tmp
[05/07/2005 - 11:47:38 | A | 40448] C:\trial_setup.exe
[05/07/2005 - 11:47:38 | A | 777] C:\trial_setup.ini
[05/07/2005 - 11:47:38 | A | 5133312] C:\trial_setup.msi
[04/07/2010 - 11:52:34 | D ] C:\UsbFix
[04/07/2010 - 11:52:39 | A | 1826] C:\UsbFix.txt
[11/03/2010 - 22:34:24 | A | 6321440] C:\WebUpdaterforWindows_242.exe
[02/07/2010 - 06:57:47 | D ] C:\WINDOWS
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_ORDI-XPSP2.zip
https://www.ionos.fr/?affiliate_id=77097
Merci de votre contribution.
################## | E.O.F |
Bonjour,
1. Relance OTL
- Sous XP double-clic sur l'icône pour lancer l'outil.
* L'interface principale s'ouvre :
* Dans la partie du bas "Personnalisation", copie/colle la liste en citation :
* Clique sur le bouton Correction, patiente pendant le travail de l'outil, à la fin il va redémarrer le PC.
* Après le re-démarrage, le rapport indiquant les actions réalisées par OTL doit s'ouvrir spontanément
* Copie/colle le dans ton prochain message
Tu peux le retrouver le fichier à la racine du disque : C:\_OTL\MovedFiles (Vérifie la date si besoin : jjmmaaaa_xxxxxxxx.log)
2. On va utiliser un logiciel déjà présent sur ton PC : Malwarebytes' Anti-Malware
* !! Effectue la mise à jour !!
* Clique dans l'onglet du haut "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"
A la fin de l'analyse, si MBAM n'a rien trouvé :
* Clique sur OK, le rapport s'ouvre spontanément
Si des menaces ont été détectées :
* Clique sur OK puis "Afficher les résultats"
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
* Sinon le rapport s'ouvre automatiquement après la suppression
Quelque soit le résultat, copie/colle le rapport dans le prochain message
A +
1. Relance OTL
- Sous XP double-clic sur l'icône pour lancer l'outil.
* L'interface principale s'ouvre :
* Dans la partie du bas "Personnalisation", copie/colle la liste en citation :
:OTL
PRC - C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe ()
MOD - C:\WINDOWS\elokecikotadoq.dll ()
O2 - BHO: (no name) - {0190BE17-E996-4DF1-97F5-1714319F6E45} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4562096D-4B1E-46B4-AAF2-E3492D44118E} - No CLSID value found.
O4 - HKLM\..\Run: [] File not found
O4 - HKLM\..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM\..\Run: [GEST] File not found
O4 - HKLM\..\Run: [Ixeliloxegiri] C:\WINDOWS\elokecikotadoq.DLL ()
O4 - HKLM\..\Run: [qnfcqaui] C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe ()
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask .exe (Apple Inc.)
O4 - HKCU\..\Run: [Njosocohuvi] C:\WINDOWS\kbasapi.DLL (MaresWEB)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
:Files
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners
C:\Documents and Settings\Administrateur\Application Data\Street-Ads
C:\Documents and Settings\Administrateur\Y;Y
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
C:\Documents and Settings\All Users\Application Data\RY0gYnao.dat
C:\Documents and Settings\All Users\Application Data\JmP3jYM6.exe
C:\WINDOWS\Scotobacagayusa.bin
C:\WINDOWS\System32\yT1dyqVC.dll
C:\WINDOWS\_delis32.ini
C:\WINDOWS\Ywifilaha.dat
C:\WINDOWS\tasks\At*.job
C:\WINDOWS\elokecikotadoq.dll
:Commands
[emptyflash]
[emptytemp]
* Clique sur le bouton Correction, patiente pendant le travail de l'outil, à la fin il va redémarrer le PC.
* Après le re-démarrage, le rapport indiquant les actions réalisées par OTL doit s'ouvrir spontanément
* Copie/colle le dans ton prochain message
Tu peux le retrouver le fichier à la racine du disque : C:\_OTL\MovedFiles (Vérifie la date si besoin : jjmmaaaa_xxxxxxxx.log)
2. On va utiliser un logiciel déjà présent sur ton PC : Malwarebytes' Anti-Malware
* !! Effectue la mise à jour !!
* Clique dans l'onglet du haut "Recherche"
* Coche l'option "Exécuter un examen complet" puis sur le bouton "Rechercher"
* Choisis de scanner tous tes disques durs, puis clique sur 'Lancer l'examen"
A la fin de l'analyse, si MBAM n'a rien trouvé :
* Clique sur OK, le rapport s'ouvre spontanément
Si des menaces ont été détectées :
* Clique sur OK puis "Afficher les résultats"
* Choisis l'option "Supprimer la sélection"
* Si MBAM demande le redémarrage de Windows : Clique sur "Oui"
* Une fois le PC redémarré, le rapport se trouve dans l'onglet "Rapports/Logs"
* Sinon le rapport s'ouvre automatiquement après la suppression
Quelque soit le résultat, copie/colle le rapport dans le prochain message
A +
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 4275
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
2010-07-04 13:50:48
mbam-log-2010-07-04 (13-50-48).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 321943
Temps écoulé: 53 minute(s), 39 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wxfosvmrn\exjcgkxtssd.exe (Trojan.Downloader) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{84c3c236-f588-4c93-84f4-147b2abbe67b} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c6a91056-83e0-4c6e-8dcc-43fc0dfe7a0a} (Trojan.SearchRedir.M) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bshjpyzdorrztgxrz (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ninxvygc (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ninxvygc (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qnfcqaui (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\$NtUninstallWTF1012$ (Adware.EZLife) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtUninstallMTF1011$ (Adware.Adrotator) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wxfosvmrn\exjcgkxtssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B98E5317-EAC9-4439-A777-16592519E4D8}\RP32\A0018279.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bshjpyzdorrztgxrz.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\_OTL\MovedFiles\07042010_122723\C_Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\_OTL\MovedFiles\07042010_122723\C_WINDOWS\kbasapi.dll (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully.
C:\_OTL\MovedFiles\07042010_122723\C_WINDOWS\System32\yT1dyqVC.dll (Trojan.SearchRedir.M) -> Quarantined and deleted successfully.
www.malwarebytes.org
Version de la base de données: 4275
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
2010-07-04 13:50:48
mbam-log-2010-07-04 (13-50-48).txt
Type d'examen: Examen complet (C:\|)
Elément(s) analysé(s): 321943
Temps écoulé: 53 minute(s), 39 seconde(s)
Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 11
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 6
Processus mémoire infecté(s):
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wxfosvmrn\exjcgkxtssd.exe (Trojan.Downloader) -> Unloaded process successfully.
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AppID\{84c3c236-f588-4c93-84f4-147b2abbe67b} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c6a91056-83e0-4c6e-8dcc-43fc0dfe7a0a} (Trojan.SearchRedir.M) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bshjpyzdorrztgxrz (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ninxvygc (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ninxvygc (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\qnfcqaui (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\$NtUninstallWTF1012$ (Adware.EZLife) -> Quarantined and deleted successfully.
C:\WINDOWS\$NtUninstallMTF1011$ (Adware.Adrotator) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wxfosvmrn\exjcgkxtssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B98E5317-EAC9-4439-A777-16592519E4D8}\RP32\A0018279.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bshjpyzdorrztgxrz.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\_OTL\MovedFiles\07042010_122723\C_Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\_OTL\MovedFiles\07042010_122723\C_WINDOWS\kbasapi.dll (Trojan.Hiloti.Gen) -> Quarantined and deleted successfully.
C:\_OTL\MovedFiles\07042010_122723\C_WINDOWS\System32\yT1dyqVC.dll (Trojan.SearchRedir.M) -> Quarantined and deleted successfully.
je copie ça
:OTL
PRC - C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe ()
MOD - C:\WINDOWS\elokecikotadoq.dll ()
O2 - BHO: (no name) - {0190BE17-E996-4DF1-97F5-1714319F6E45} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4562096D-4B1E-46B4-AAF2-E3492D44118E} - No CLSID value found.
O4 - HKLM\..\Run: [] File not found
O4 - HKLM\..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM\..\Run: [GEST] File not found
O4 - HKLM\..\Run: [Ixeliloxegiri] C:\WINDOWS\elokecikotadoq.DLL ()
O4 - HKLM\..\Run: [qnfcqaui] C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe ()
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask .exe (Apple Inc.)
O4 - HKCU\..\Run: [Njosocohuvi] C:\WINDOWS\kbasapi.DLL (MaresWEB)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
:Files
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners
C:\Documents and Settings\Administrateur\Application Data\Street-Ads
C:\Documents and Settings\Administrateur\Y;Y
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
C:\Documents and Settings\All Users\Application Data\RY0gYnao.dat
C:\Documents and Settings\All Users\Application Data\JmP3jYM6.exe
C:\WINDOWS\Scotobacagayusa.bin
C:\WINDOWS\System32\yT1dyqVC.dll
C:\WINDOWS\_delis32.ini
C:\WINDOWS\Ywifilaha.dat
C:\WINDOWS\tasks\At*.job
C:\WINDOWS\elokecikotadoq.dll
:Commands
[emptyflash]
[emptytemp]
:OTL
PRC - C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe ()
MOD - C:\WINDOWS\elokecikotadoq.dll ()
O2 - BHO: (no name) - {0190BE17-E996-4DF1-97F5-1714319F6E45} - No CLSID value found.
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (no name) - {57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {4562096D-4B1E-46B4-AAF2-E3492D44118E} - No CLSID value found.
O4 - HKLM\..\Run: [] File not found
O4 - HKLM\..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM\..\Run: [GEST] File not found
O4 - HKLM\..\Run: [Ixeliloxegiri] C:\WINDOWS\elokecikotadoq.DLL ()
O4 - HKLM\..\Run: [qnfcqaui] C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe ()
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask .exe (Apple Inc.)
O4 - HKCU\..\Run: [Njosocohuvi] C:\WINDOWS\kbasapi.DLL (MaresWEB)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://www.zebulon.fr/scan8/oscan8.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
:Files
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners
C:\Documents and Settings\Administrateur\Application Data\Street-Ads
C:\Documents and Settings\Administrateur\Y;Y
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
C:\Documents and Settings\All Users\Application Data\RY0gYnao.dat
C:\Documents and Settings\All Users\Application Data\JmP3jYM6.exe
C:\WINDOWS\Scotobacagayusa.bin
C:\WINDOWS\System32\yT1dyqVC.dll
C:\WINDOWS\_delis32.ini
C:\WINDOWS\Ywifilaha.dat
C:\WINDOWS\tasks\At*.job
C:\WINDOWS\elokecikotadoq.dll
:Commands
[emptyflash]
[emptytemp]
All processes killed
========== OTL ==========
No active process named jquiogctssd.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4562096D-4B1E-46B4-AAF2-E3492D44118E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4562096D-4B1E-46B4-AAF2-E3492D44118E}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\Alcmtr.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\elokecikotadoq.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Program Files\QuickTime\qttask .exe not found.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\kbasapi.dll moved successfully.
Starting removal of ActiveX control {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners\skb folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads\sta folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads folder moved successfully.
File\Folder C:\Documents and Settings\Administrateur\Y;Y not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome\content folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\RY0gYnao.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\JmP3jYM6.exe moved successfully.
C:\WINDOWS\Scotobacagayusa.bin moved successfully.
C:\WINDOWS\System32\yT1dyqVC.dll moved successfully.
C:\WINDOWS\_delis32.ini moved successfully.
C:\WINDOWS\Ywifilaha.dat moved successfully.
C:\WINDOWS\tasks\At337.job moved successfully.
C:\WINDOWS\tasks\At338.job moved successfully.
C:\WINDOWS\tasks\At339.job moved successfully.
C:\WINDOWS\tasks\At340.job moved successfully.
C:\WINDOWS\tasks\At341.job moved successfully.
C:\WINDOWS\tasks\At342.job moved successfully.
C:\WINDOWS\tasks\At343.job moved successfully.
C:\WINDOWS\tasks\At344.job moved successfully.
C:\WINDOWS\tasks\At345.job moved successfully.
C:\WINDOWS\tasks\At346.job moved successfully.
C:\WINDOWS\tasks\At347.job moved successfully.
C:\WINDOWS\tasks\At348.job moved successfully.
C:\WINDOWS\tasks\At349.job moved successfully.
C:\WINDOWS\tasks\At350.job moved successfully.
C:\WINDOWS\tasks\At351.job moved successfully.
C:\WINDOWS\tasks\At352.job moved successfully.
C:\WINDOWS\tasks\At353.job moved successfully.
C:\WINDOWS\tasks\At354.job moved successfully.
C:\WINDOWS\tasks\At355.job moved successfully.
C:\WINDOWS\tasks\At356.job moved successfully.
C:\WINDOWS\tasks\At357.job moved successfully.
C:\WINDOWS\tasks\At358.job moved successfully.
C:\WINDOWS\tasks\At359.job moved successfully.
C:\WINDOWS\tasks\At360.job moved successfully.
C:\WINDOWS\tasks\At361.job moved successfully.
C:\WINDOWS\tasks\At362.job moved successfully.
C:\WINDOWS\tasks\At363.job moved successfully.
C:\WINDOWS\tasks\At364.job moved successfully.
C:\WINDOWS\tasks\At365.job moved successfully.
C:\WINDOWS\tasks\At366.job moved successfully.
C:\WINDOWS\tasks\At367.job moved successfully.
C:\WINDOWS\tasks\At368.job moved successfully.
C:\WINDOWS\tasks\At369.job moved successfully.
C:\WINDOWS\tasks\At370.job moved successfully.
C:\WINDOWS\tasks\At371.job moved successfully.
C:\WINDOWS\tasks\At372.job moved successfully.
C:\WINDOWS\tasks\At373.job moved successfully.
C:\WINDOWS\tasks\At374.job moved successfully.
C:\WINDOWS\tasks\At375.job moved successfully.
C:\WINDOWS\tasks\At376.job moved successfully.
C:\WINDOWS\tasks\At377.job moved successfully.
C:\WINDOWS\tasks\At378.job moved successfully.
C:\WINDOWS\tasks\At379.job moved successfully.
C:\WINDOWS\tasks\At380.job moved successfully.
C:\WINDOWS\tasks\At381.job moved successfully.
C:\WINDOWS\tasks\At382.job moved successfully.
C:\WINDOWS\tasks\At383.job moved successfully.
C:\WINDOWS\tasks\At384.job moved successfully.
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named jquiogctssd.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4562096D-4B1E-46B4-AAF2-E3492D44118E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4562096D-4B1E-46B4-AAF2-E3492D44118E}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\Alcmtr.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\elokecikotadoq.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Program Files\QuickTime\qttask .exe not found.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\kbasapi.dll moved successfully.
Starting removal of ActiveX control {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners\skb folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads\sta folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads folder moved successfully.
File\Folder C:\Documents and Settings\Administrateur\Y;Y not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome\content folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\RY0gYnao.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\JmP3jYM6.exe moved successfully.
C:\WINDOWS\Scotobacagayusa.bin moved successfully.
C:\WINDOWS\System32\yT1dyqVC.dll moved successfully.
C:\WINDOWS\_delis32.ini moved successfully.
C:\WINDOWS\Ywifilaha.dat moved successfully.
C:\WINDOWS\tasks\At337.job moved successfully.
C:\WINDOWS\tasks\At338.job moved successfully.
C:\WINDOWS\tasks\At339.job moved successfully.
C:\WINDOWS\tasks\At340.job moved successfully.
C:\WINDOWS\tasks\At341.job moved successfully.
C:\WINDOWS\tasks\At342.job moved successfully.
C:\WINDOWS\tasks\At343.job moved successfully.
C:\WINDOWS\tasks\At344.job moved successfully.
C:\WINDOWS\tasks\At345.job moved successfully.
C:\WINDOWS\tasks\At346.job moved successfully.
C:\WINDOWS\tasks\At347.job moved successfully.
C:\WINDOWS\tasks\At348.job moved successfully.
C:\WINDOWS\tasks\At349.job moved successfully.
C:\WINDOWS\tasks\At350.job moved successfully.
C:\WINDOWS\tasks\At351.job moved successfully.
C:\WINDOWS\tasks\At352.job moved successfully.
C:\WINDOWS\tasks\At353.job moved successfully.
C:\WINDOWS\tasks\At354.job moved successfully.
C:\WINDOWS\tasks\At355.job moved successfully.
C:\WINDOWS\tasks\At356.job moved successfully.
C:\WINDOWS\tasks\At357.job moved successfully.
C:\WINDOWS\tasks\At358.job moved successfully.
C:\WINDOWS\tasks\At359.job moved successfully.
C:\WINDOWS\tasks\At360.job moved successfully.
C:\WINDOWS\tasks\At361.job moved successfully.
C:\WINDOWS\tasks\At362.job moved successfully.
C:\WINDOWS\tasks\At363.job moved successfully.
C:\WINDOWS\tasks\At364.job moved successfully.
C:\WINDOWS\tasks\At365.job moved successfully.
C:\WINDOWS\tasks\At366.job moved successfully.
C:\WINDOWS\tasks\At367.job moved successfully.
C:\WINDOWS\tasks\At368.job moved successfully.
C:\WINDOWS\tasks\At369.job moved successfully.
C:\WINDOWS\tasks\At370.job moved successfully.
C:\WINDOWS\tasks\At371.job moved successfully.
C:\WINDOWS\tasks\At372.job moved successfully.
C:\WINDOWS\tasks\At373.job moved successfully.
C:\WINDOWS\tasks\At374.job moved successfully.
C:\WINDOWS\tasks\At375.job moved successfully.
C:\WINDOWS\tasks\At376.job moved successfully.
C:\WINDOWS\tasks\At377.job moved successfully.
C:\WINDOWS\tasks\At378.job moved successfully.
C:\WINDOWS\tasks\At379.job moved successfully.
C:\WINDOWS\tasks\At380.job moved successfully.
C:\WINDOWS\tasks\At381.job moved successfully.
C:\WINDOWS\tasks\At382.job moved successfully.
C:\WINDOWS\tasks\At383.job moved successfully.
C:\WINDOWS\tasks\At384.job moved successfully.
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
re,
Oui, c'est exactement ce qu'il faut copier.
Après les suppressions effectuées par OTL, j'ai bon espoir que MBAM fasse le travail sinon, bien sûr, on tapera plus fort. De toute façon il y aura d'autres manipulations ou/et d'autre outils à passer, ton système est très infecté.
A +
Oui, c'est exactement ce qu'il faut copier.
Après les suppressions effectuées par OTL, j'ai bon espoir que MBAM fasse le travail sinon, bien sûr, on tapera plus fort. De toute façon il y aura d'autres manipulations ou/et d'autre outils à passer, ton système est très infecté.
A +
ca je le sais qu'il est très infecter :) la le logiciel scane et a trouvé jusqu'à présent 6 infecter lol mais dit moi qu es ce qui la infecter comme ça ?
danielle,
J'ai vu le rapport de MBAM, avais-tu réaliser OTL comme demandé avant ?
Poste le rapport de suppression OTL stp
Pour les infections, je te répondrais lorsque l'on sera sorti d'affaire, afin de ne pas recommencer les mêmes erreurs :)
A +
J'ai vu le rapport de MBAM, avais-tu réaliser OTL comme demandé avant ?
Poste le rapport de suppression OTL stp
Pour les infections, je te répondrais lorsque l'on sera sorti d'affaire, afin de ne pas recommencer les mêmes erreurs :)
A +
All processes killed
========== OTL ==========
No active process named jquiogctssd.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4562096D-4B1E-46B4-AAF2-E3492D44118E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4562096D-4B1E-46B4-AAF2-E3492D44118E}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\Alcmtr.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\elokecikotadoq.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Program Files\QuickTime\qttask .exe not found.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\kbasapi.dll moved successfully.
Starting removal of ActiveX control {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners\skb folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads\sta folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads folder moved successfully.
File\Folder C:\Documents and Settings\Administrateur\Y;Y not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome\content folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\RY0gYnao.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\JmP3jYM6.exe moved successfully.
C:\WINDOWS\Scotobacagayusa.bin moved successfully.
C:\WINDOWS\System32\yT1dyqVC.dll moved successfully.
C:\WINDOWS\_delis32.ini moved successfully.
C:\WINDOWS\Ywifilaha.dat moved successfully.
C:\WINDOWS\tasks\At337.job moved successfully.
C:\WINDOWS\tasks\At338.job moved successfully.
C:\WINDOWS\tasks\At339.job moved successfully.
C:\WINDOWS\tasks\At340.job moved successfully.
C:\WINDOWS\tasks\At341.job moved successfully.
C:\WINDOWS\tasks\At342.job moved successfully.
C:\WINDOWS\tasks\At343.job moved successfully.
C:\WINDOWS\tasks\At344.job moved successfully.
C:\WINDOWS\tasks\At345.job moved successfully.
C:\WINDOWS\tasks\At346.job moved successfully.
C:\WINDOWS\tasks\At347.job moved successfully.
C:\WINDOWS\tasks\At348.job moved successfully.
C:\WINDOWS\tasks\At349.job moved successfully.
C:\WINDOWS\tasks\At350.job moved successfully.
C:\WINDOWS\tasks\At351.job moved successfully.
C:\WINDOWS\tasks\At352.job moved successfully.
C:\WINDOWS\tasks\At353.job moved successfully.
C:\WINDOWS\tasks\At354.job moved successfully.
C:\WINDOWS\tasks\At355.job moved successfully.
C:\WINDOWS\tasks\At356.job moved successfully.
C:\WINDOWS\tasks\At357.job moved successfully.
C:\WINDOWS\tasks\At358.job moved successfully.
C:\WINDOWS\tasks\At359.job moved successfully.
C:\WINDOWS\tasks\At360.job moved successfully.
C:\WINDOWS\tasks\At361.job moved successfully.
C:\WINDOWS\tasks\At362.job moved successfully.
C:\WINDOWS\tasks\At363.job moved successfully.
C:\WINDOWS\tasks\At364.job moved successfully.
C:\WINDOWS\tasks\At365.job moved successfully.
C:\WINDOWS\tasks\At366.job moved successfully.
C:\WINDOWS\tasks\At367.job moved successfully.
C:\WINDOWS\tasks\At368.job moved successfully.
C:\WINDOWS\tasks\At369.job moved successfully.
C:\WINDOWS\tasks\At370.job moved successfully.
C:\WINDOWS\tasks\At371.job moved successfully.
C:\WINDOWS\tasks\At372.job moved successfully.
C:\WINDOWS\tasks\At373.job moved successfully.
C:\WINDOWS\tasks\At374.job moved successfully.
C:\WINDOWS\tasks\At375.job moved successfully.
C:\WINDOWS\tasks\At376.job moved successfully.
C:\WINDOWS\tasks\At377.job moved successfully.
C:\WINDOWS\tasks\At378.job moved successfully.
C:\WINDOWS\tasks\At379.job moved successfully.
C:\WINDOWS\tasks\At380.job moved successfully.
C:\WINDOWS\tasks\At381.job moved successfully.
C:\WINDOWS\tasks\At382.job moved successfully.
C:\WINDOWS\tasks\At383.job moved successfully.
C:\WINDOWS\tasks\At384.job moved successfully.
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named jquiogctssd.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4562096D-4B1E-46B4-AAF2-E3492D44118E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4562096D-4B1E-46B4-AAF2-E3492D44118E}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\Alcmtr.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\elokecikotadoq.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Program Files\QuickTime\qttask .exe not found.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\kbasapi.dll moved successfully.
Starting removal of ActiveX control {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners\skb folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads\sta folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads folder moved successfully.
File\Folder C:\Documents and Settings\Administrateur\Y;Y not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome\content folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\RY0gYnao.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\JmP3jYM6.exe moved successfully.
C:\WINDOWS\Scotobacagayusa.bin moved successfully.
C:\WINDOWS\System32\yT1dyqVC.dll moved successfully.
C:\WINDOWS\_delis32.ini moved successfully.
C:\WINDOWS\Ywifilaha.dat moved successfully.
C:\WINDOWS\tasks\At337.job moved successfully.
C:\WINDOWS\tasks\At338.job moved successfully.
C:\WINDOWS\tasks\At339.job moved successfully.
C:\WINDOWS\tasks\At340.job moved successfully.
C:\WINDOWS\tasks\At341.job moved successfully.
C:\WINDOWS\tasks\At342.job moved successfully.
C:\WINDOWS\tasks\At343.job moved successfully.
C:\WINDOWS\tasks\At344.job moved successfully.
C:\WINDOWS\tasks\At345.job moved successfully.
C:\WINDOWS\tasks\At346.job moved successfully.
C:\WINDOWS\tasks\At347.job moved successfully.
C:\WINDOWS\tasks\At348.job moved successfully.
C:\WINDOWS\tasks\At349.job moved successfully.
C:\WINDOWS\tasks\At350.job moved successfully.
C:\WINDOWS\tasks\At351.job moved successfully.
C:\WINDOWS\tasks\At352.job moved successfully.
C:\WINDOWS\tasks\At353.job moved successfully.
C:\WINDOWS\tasks\At354.job moved successfully.
C:\WINDOWS\tasks\At355.job moved successfully.
C:\WINDOWS\tasks\At356.job moved successfully.
C:\WINDOWS\tasks\At357.job moved successfully.
C:\WINDOWS\tasks\At358.job moved successfully.
C:\WINDOWS\tasks\At359.job moved successfully.
C:\WINDOWS\tasks\At360.job moved successfully.
C:\WINDOWS\tasks\At361.job moved successfully.
C:\WINDOWS\tasks\At362.job moved successfully.
C:\WINDOWS\tasks\At363.job moved successfully.
C:\WINDOWS\tasks\At364.job moved successfully.
C:\WINDOWS\tasks\At365.job moved successfully.
C:\WINDOWS\tasks\At366.job moved successfully.
C:\WINDOWS\tasks\At367.job moved successfully.
C:\WINDOWS\tasks\At368.job moved successfully.
C:\WINDOWS\tasks\At369.job moved successfully.
C:\WINDOWS\tasks\At370.job moved successfully.
C:\WINDOWS\tasks\At371.job moved successfully.
C:\WINDOWS\tasks\At372.job moved successfully.
C:\WINDOWS\tasks\At373.job moved successfully.
C:\WINDOWS\tasks\At374.job moved successfully.
C:\WINDOWS\tasks\At375.job moved successfully.
C:\WINDOWS\tasks\At376.job moved successfully.
C:\WINDOWS\tasks\At377.job moved successfully.
C:\WINDOWS\tasks\At378.job moved successfully.
C:\WINDOWS\tasks\At379.job moved successfully.
C:\WINDOWS\tasks\At380.job moved successfully.
C:\WINDOWS\tasks\At381.job moved successfully.
C:\WINDOWS\tasks\At382.job moved successfully.
C:\WINDOWS\tasks\At383.job moved successfully.
C:\WINDOWS\tasks\At384.job moved successfully.
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
No active process named jquiogctssd.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4562096D-4B1E-46B4-AAF2-E3492D44118E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4562096D-4B1E-46B4-AAF2-E3492D44118E}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\Alcmtr.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\elokecikotadoq.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Program Files\QuickTime\qttask .exe not found.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\kbasapi.dll moved successfully.
Starting removal of ActiveX control {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners\skb folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads\sta folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads folder moved successfully.
File\Folder C:\Documents and Settings\Administrateur\Y;Y not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome\content folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\RY0gYnao.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\JmP3jYM6.exe moved successfully.
C:\WINDOWS\Scotobacagayusa.bin moved successfully.
C:\WINDOWS\System32\yT1dyqVC.dll moved successfully.
C:\WINDOWS\_delis32.ini moved successfully.
C:\WINDOWS\Ywifilaha.dat moved successfully.
C:\WINDOWS\tasks\At337.job moved successfully.
C:\WINDOWS\tasks\At338.job moved successfully.
C:\WINDOWS\tasks\At339.job moved successfully.
C:\WINDOWS\tasks\At340.job moved successfully.
C:\WINDOWS\tasks\At341.job moved successfully.
C:\WINDOWS\tasks\At342.job moved successfully.
C:\WINDOWS\tasks\At343.job moved successfully.
C:\WINDOWS\tasks\At344.job moved successfully.
C:\WINDOWS\tasks\At345.job moved successfully.
C:\WINDOWS\tasks\At346.job moved successfully.
C:\WINDOWS\tasks\At347.job moved successfully.
C:\WINDOWS\tasks\At348.job moved successfully.
C:\WINDOWS\tasks\At349.job moved successfully.
C:\WINDOWS\tasks\At350.job moved successfully.
C:\WINDOWS\tasks\At351.job moved successfully.
C:\WINDOWS\tasks\At352.job moved successfully.
C:\WINDOWS\tasks\At353.job moved successfully.
C:\WINDOWS\tasks\At354.job moved successfully.
C:\WINDOWS\tasks\At355.job moved successfully.
C:\WINDOWS\tasks\At356.job moved successfully.
C:\WINDOWS\tasks\At357.job moved successfully.
C:\WINDOWS\tasks\At358.job moved successfully.
C:\WINDOWS\tasks\At359.job moved successfully.
C:\WINDOWS\tasks\At360.job moved successfully.
C:\WINDOWS\tasks\At361.job moved successfully.
C:\WINDOWS\tasks\At362.job moved successfully.
C:\WINDOWS\tasks\At363.job moved successfully.
C:\WINDOWS\tasks\At364.job moved successfully.
C:\WINDOWS\tasks\At365.job moved successfully.
C:\WINDOWS\tasks\At366.job moved successfully.
C:\WINDOWS\tasks\At367.job moved successfully.
C:\WINDOWS\tasks\At368.job moved successfully.
C:\WINDOWS\tasks\At369.job moved successfully.
C:\WINDOWS\tasks\At370.job moved successfully.
C:\WINDOWS\tasks\At371.job moved successfully.
C:\WINDOWS\tasks\At372.job moved successfully.
C:\WINDOWS\tasks\At373.job moved successfully.
C:\WINDOWS\tasks\At374.job moved successfully.
C:\WINDOWS\tasks\At375.job moved successfully.
C:\WINDOWS\tasks\At376.job moved successfully.
C:\WINDOWS\tasks\At377.job moved successfully.
C:\WINDOWS\tasks\At378.job moved successfully.
C:\WINDOWS\tasks\At379.job moved successfully.
C:\WINDOWS\tasks\At380.job moved successfully.
C:\WINDOWS\tasks\At381.job moved successfully.
C:\WINDOWS\tasks\At382.job moved successfully.
C:\WINDOWS\tasks\At383.job moved successfully.
C:\WINDOWS\tasks\At384.job moved successfully.
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named jquiogctssd.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0190BE17-E996-4DF1-97F5-1714319F6E45}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57D8D2FF-0A0C-8B7F-9151-A2126D6D2BA9}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{4562096D-4B1E-46B4-AAF2-E3492D44118E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4562096D-4B1E-46B4-AAF2-E3492D44118E}\ not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\Alcmtr.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\elokecikotadoq.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb\jquiogctssd.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\\Software\Microsoft\Windows\CurrentVersion\Run not found.
File C:\Program Files\QuickTime\qttask .exe not found.
Registry key HKEY_CURRENT_USER\\Software\Microsoft\Windows\CurrentVersion\Run not found.
C:\WINDOWS\kbasapi.dll moved successfully.
Starting removal of ActiveX control {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== FILES ==========
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners\skb folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Sky-Banners folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads\sta folder moved successfully.
C:\Documents and Settings\Administrateur\Application Data\Street-Ads folder moved successfully.
File\Folder C:\Documents and Settings\Administrateur\Y;Y not found.
C:\Documents and Settings\NetworkService\Local Settings\Application Data\wtvycusdb folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome\content folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D}\chrome folder moved successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\{6B1EB3FC-96EA-4683-9330-A0A26361AB1D} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86 folder moved successfully.
C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} folder moved successfully.
C:\Documents and Settings\All Users\Application Data\RY0gYnao.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\JmP3jYM6.exe moved successfully.
C:\WINDOWS\Scotobacagayusa.bin moved successfully.
C:\WINDOWS\System32\yT1dyqVC.dll moved successfully.
C:\WINDOWS\_delis32.ini moved successfully.
C:\WINDOWS\Ywifilaha.dat moved successfully.
C:\WINDOWS\tasks\At337.job moved successfully.
C:\WINDOWS\tasks\At338.job moved successfully.
C:\WINDOWS\tasks\At339.job moved successfully.
C:\WINDOWS\tasks\At340.job moved successfully.
C:\WINDOWS\tasks\At341.job moved successfully.
C:\WINDOWS\tasks\At342.job moved successfully.
C:\WINDOWS\tasks\At343.job moved successfully.
C:\WINDOWS\tasks\At344.job moved successfully.
C:\WINDOWS\tasks\At345.job moved successfully.
C:\WINDOWS\tasks\At346.job moved successfully.
C:\WINDOWS\tasks\At347.job moved successfully.
C:\WINDOWS\tasks\At348.job moved successfully.
C:\WINDOWS\tasks\At349.job moved successfully.
C:\WINDOWS\tasks\At350.job moved successfully.
C:\WINDOWS\tasks\At351.job moved successfully.
C:\WINDOWS\tasks\At352.job moved successfully.
C:\WINDOWS\tasks\At353.job moved successfully.
C:\WINDOWS\tasks\At354.job moved successfully.
C:\WINDOWS\tasks\At355.job moved successfully.
C:\WINDOWS\tasks\At356.job moved successfully.
C:\WINDOWS\tasks\At357.job moved successfully.
C:\WINDOWS\tasks\At358.job moved successfully.
C:\WINDOWS\tasks\At359.job moved successfully.
C:\WINDOWS\tasks\At360.job moved successfully.
C:\WINDOWS\tasks\At361.job moved successfully.
C:\WINDOWS\tasks\At362.job moved successfully.
C:\WINDOWS\tasks\At363.job moved successfully.
C:\WINDOWS\tasks\At364.job moved successfully.
C:\WINDOWS\tasks\At365.job moved successfully.
C:\WINDOWS\tasks\At366.job moved successfully.
C:\WINDOWS\tasks\At367.job moved successfully.
C:\WINDOWS\tasks\At368.job moved successfully.
C:\WINDOWS\tasks\At369.job moved successfully.
C:\WINDOWS\tasks\At370.job moved successfully.
C:\WINDOWS\tasks\At371.job moved successfully.
C:\WINDOWS\tasks\At372.job moved successfully.
C:\WINDOWS\tasks\At373.job moved successfully.
C:\WINDOWS\tasks\At374.job moved successfully.
C:\WINDOWS\tasks\At375.job moved successfully.
C:\WINDOWS\tasks\At376.job moved successfully.
C:\WINDOWS\tasks\At377.job moved successfully.
C:\WINDOWS\tasks\At378.job moved successfully.
C:\WINDOWS\tasks\At379.job moved successfully.
C:\WINDOWS\tasks\At380.job moved successfully.
C:\WINDOWS\tasks\At381.job moved successfully.
C:\WINDOWS\tasks\At382.job moved successfully.
C:\WINDOWS\tasks\At383.job moved successfully.
C:\WINDOWS\tasks\At384.job moved successfully.
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
danielle,
Comment se comporte le PC maintenant ?
On va refaire un diagnostic mais personnalisé cette fois :
!! Ferme toutes tes applications en cours !!
Relance OTL
* Double-clique sur OTL.exe pour le lancer.
* L'interface principale s'ouvre :
* Dans la section Rapport en haut à droite de la fenêtre, coche Rapport minimal
* Laisse tous les autres paramètres par défaut
* Dans la partie du bas "Personnalisation", copie/colle la liste en citation :
* Clique sur le bouton Analyse rapide , patiente pendant le balayage du système.
* Le rapport OTL.txt va s'ouvrir au format bloc-note pour me le transmettre http://www.cijoint.fr/
A +
Comment se comporte le PC maintenant ?
On va refaire un diagnostic mais personnalisé cette fois :
!! Ferme toutes tes applications en cours !!
Relance OTL
* Double-clique sur OTL.exe pour le lancer.
* L'interface principale s'ouvre :
* Dans la section Rapport en haut à droite de la fenêtre, coche Rapport minimal
* Laisse tous les autres paramètres par défaut
* Dans la partie du bas "Personnalisation", copie/colle la liste en citation :
C:\Documents and Settings\Administrateur\Application Data\Publish Providers\* /s C:\Documents and Settings\All Users\Application Data\vsosdk\* /s netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %SYSTEMDRIVE%\*.exe /md5start iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys vaxscsi.sys nvatabus.sys SiSRaid.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys nvstor32.sys ahcix86s.sys nvrd32.sys /md5stop %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles CREATERESTOREPOINT
* Clique sur le bouton Analyse rapide , patiente pendant le balayage du système.
* Le rapport OTL.txt va s'ouvrir au format bloc-note pour me le transmettre http://www.cijoint.fr/
A +
la suite ....
C:\WINDOWS\tasks\At384.job moved successfully.
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
C:\WINDOWS\tasks\At384.job moved successfully.
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
C:\WINDOWS\tasks\At384.job moved successfully.
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
C:\WINDOWS\tasks\At385.job moved successfully.
C:\WINDOWS\tasks\At386.job moved successfully.
C:\WINDOWS\tasks\At387.job moved successfully.
C:\WINDOWS\tasks\At388.job moved successfully.
C:\WINDOWS\tasks\At389.job moved successfully.
C:\WINDOWS\tasks\At390.job moved successfully.
C:\WINDOWS\tasks\At391.job moved successfully.
C:\WINDOWS\tasks\At392.job moved successfully.
C:\WINDOWS\tasks\At393.job moved successfully.
C:\WINDOWS\tasks\At394.job moved successfully.
C:\WINDOWS\tasks\At395.job moved successfully.
C:\WINDOWS\tasks\At396.job moved successfully.
C:\WINDOWS\tasks\At397.job moved successfully.
C:\WINDOWS\tasks\At398.job moved successfully.
C:\WINDOWS\tasks\At399.job moved successfully.
C:\WINDOWS\tasks\At400.job moved successfully.
C:\WINDOWS\tasks\At401.job moved successfully.
C:\WINDOWS\tasks\At402.job moved successfully.
C:\WINDOWS\tasks\At403.job moved successfully.
C:\WINDOWS\tasks\At404.job moved successfully.
C:\WINDOWS\tasks\At405.job moved successfully.
C:\WINDOWS\tasks\At406.job moved successfully.
C:\WINDOWS\tasks\At407.job moved successfully.
C:\WINDOWS\tasks\At408.job moved successfully.
C:\WINDOWS\tasks\At409.job moved successfully.
C:\WINDOWS\tasks\At410.job moved successfully.
C:\WINDOWS\tasks\At411.job moved successfully.
C:\WINDOWS\tasks\At412.job moved successfully.
C:\WINDOWS\tasks\At413.job moved successfully.
C:\WINDOWS\tasks\At414.job moved successfully.
C:\WINDOWS\tasks\At415.job moved successfully.
C:\WINDOWS\tasks\At416.job moved successfully.
C:\WINDOWS\tasks\At417.job moved successfully.
C:\WINDOWS\tasks\At418.job moved successfully.
C:\WINDOWS\tasks\At419.job moved successfully.
C:\WINDOWS\tasks\At420.job moved successfully.
C:\WINDOWS\tasks\At421.job moved successfully.
C:\WINDOWS\tasks\At422.job moved successfully.
C:\WINDOWS\tasks\At423.job moved successfully.
C:\WINDOWS\tasks\At424.job moved successfully.
C:\WINDOWS\tasks\At425.job moved successfully.
C:\WINDOWS\tasks\At426.job moved successfully.
C:\WINDOWS\tasks\At427.job moved successfully.
C:\WINDOWS\tasks\At428.job moved successfully.
C:\WINDOWS\tasks\At429.job moved successfully.
C:\WINDOWS\tasks\At430.job moved successfully.
C:\WINDOWS\tasks\At431.job moved successfully.
C:\WINDOWS\tasks\At432.job moved successfully.
File\Folder C:\WINDOWS\elokecikotadoq.dll not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: Administrateur
->Flash cache emptied: 7554 bytes
User: All Users
User: Default User
User: LocalService
->Flash cache emptied: 2974 bytes
User: NetworkService
->Flash cache emptied: 14304 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: Administrateur
->Temp folder emptied: 1461405 bytes
->Temporary Internet Files folder emptied: 411345 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40687713 bytes
->Flash cache emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 131933 bytes
->Temporary Internet Files folder emptied: 103739316 bytes
->Flash cache emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 229483 bytes
->Java cache emptied: 3139 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6344811 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309343331 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 441,00 mb
OTL by OldTimer - Version 3.2.7.0 log created on 07042010_122723
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Tu dois me mettre les liens obtenus sans ta réponse afin que je puisse les consulter, A +
http://www.cijoint.fr/cjlink.php?file=cj201007/cijts7kvXx.txt
il devait y avoir un second rapport extra.txt, il sera utile par la suite, peux tu faire la même chose et me transmettre le lien.
A +