Ctfmon, phime2002a, nvcpldeamon et autres...
Fadoz
Messages postés
6
Statut
Membre
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,
Bon voila, mon pc (portable) est vieux et rame pas mal, j'ai essayé de le booster un peu et je suis tombée sur ces petites choses (ctfmon, phime2002a, nvcpldeamon) dans mes démarrage. Qu'est ce que c'est ? des virus? des log microsoft?
Je pense que la lenteur vient de son "age" car mon antivirus (AVG) n'a rien détecté de suspect depuis un moment. Mais j'ai parfois des 'beug' : page internet qui se ferme sans raison, dossiers ou fichier que je ne peux suppr., ou logiciel qui bloque.
Je me demande si je n'ai pas un virus.
On m'a conseillé de poster ici un logefile de hijackthis pour obtenir de l'aide.
Savoir ce que sont les log nommés plus haut.
Savoir si oui ou il y a un virus sur mon pc, et sinon/sioui comment le booster un peu.
Merci de votre aide
Logfile of HijackThis v1.99.1
Scan saved at 03:17:13, on 08/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\ozeray\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {60270dc7-9ea0-472f-9b77-66652c06246e} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\ozeray\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
Bon voila, mon pc (portable) est vieux et rame pas mal, j'ai essayé de le booster un peu et je suis tombée sur ces petites choses (ctfmon, phime2002a, nvcpldeamon) dans mes démarrage. Qu'est ce que c'est ? des virus? des log microsoft?
Je pense que la lenteur vient de son "age" car mon antivirus (AVG) n'a rien détecté de suspect depuis un moment. Mais j'ai parfois des 'beug' : page internet qui se ferme sans raison, dossiers ou fichier que je ne peux suppr., ou logiciel qui bloque.
Je me demande si je n'ai pas un virus.
On m'a conseillé de poster ici un logefile de hijackthis pour obtenir de l'aide.
Savoir ce que sont les log nommés plus haut.
Savoir si oui ou il y a un virus sur mon pc, et sinon/sioui comment le booster un peu.
Merci de votre aide
Logfile of HijackThis v1.99.1
Scan saved at 03:17:13, on 08/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAP\DAP.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\ozeray\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {60270dc7-9ea0-472f-9b77-66652c06246e} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\ozeray\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
A voir également:
- Ctfmon, phime2002a, nvcpldeamon et autres...
- Ctfmon unknown hard error - Forum Windows 10
10 réponses
slt colle un rapport de recherche avec le logiciel malwarebyte antimalware après l'avoir mis à jour
a plus
a plus
Voila le rapport de recherche :
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 5072
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
08/11/2010 12:33:03
mbam-log-2010-11-08 (12-33-03).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 141569
Temps écoulé: 13 minute(s), 32 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0d39a900-0f3a-4c29-a254-3e65244fdc34} (Adware.PLayMP3z) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PLayMP3z) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\zango 10.3.74.0 (Adware.Zango) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\net-nucleus.com\awbeta\http (Hijack.TrustedZone) -> Bad: (2) Good: (4) -> No action taken.
Dossier(s) infecté(s):
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll (Adware.Seekmo) -> No action taken.
Merci encore!
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Version de la base de données: 5072
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
08/11/2010 12:33:03
mbam-log-2010-11-08 (12-33-03).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 141569
Temps écoulé: 13 minute(s), 32 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 10
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0d39a900-0f3a-4c29-a254-3e65244fdc34} (Adware.PLayMP3z) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{2aa2fbf8-9c76-4e97-a226-25c5f4ab6358} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PLayMP3z) -> No action taken.
Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{90b8b761-df2b-48ac-bbe0-bcc03a819b3b} (Adware.Zango) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\zango 10.3.74.0 (Adware.Zango) -> No action taken.
Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\net-nucleus.com\awbeta\http (Hijack.TrustedZone) -> Bad: (2) Good: (4) -> No action taken.
Dossier(s) infecté(s):
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> No action taken.
Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll (Adware.Seekmo) -> No action taken.
Merci encore!
il faut supprimer ce qui est trouvé
puis
Télécharge OTL de OLDTimer ici :
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/
et enregistre le sur ton Bureau.
Double clic sur OTL.exe pour le lancer.
Coche les 2 cases Lop et Purity
Coche la case devant "scan all users"
Clic sur Run Scan.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
Pour me le transmettre clique sur ce lien :
http://www.cijoint.fr/
Clique sur Parcourir et cherche le fichier ci-dessus.
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
puis
Télécharge OTL de OLDTimer ici :
http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/
et enregistre le sur ton Bureau.
Double clic sur OTL.exe pour le lancer.
Coche les 2 cases Lop et Purity
Coche la case devant "scan all users"
Clic sur Run Scan.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
Pour me le transmettre clique sur ce lien :
http://www.cijoint.fr/
Clique sur Parcourir et cherche le fichier ci-dessus.
Clique sur Ouvrir.
Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt
est ajouté dans la page.
Copie ce lien dans ta réponse.
VOila le lien du fichier OTL.txt
http://www.cijoint.fr/cjlink.php?file=cj201011/cij1s9Wfny.txt
Par contre OTL a ouvert un 2ème fichier bloc note nommé extra.txt, dois-je le poster aussi?
Merci!
http://www.cijoint.fr/cjlink.php?file=cj201011/cij1s9Wfny.txt
Par contre OTL a ouvert un 2ème fichier bloc note nommé extra.txt, dois-je le poster aussi?
Merci!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok
branche tes supports externes et colle un rapport de nettoyage avec le logiciel usbfix
http://www.teamxscript.org/usbfix.html
puis colle un rapport de nettoyage avec ad remover
http://www.teamxscript.org/tools.html
puis
Mettre a jour java:
https://javara.fr.malavida.com/
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
________________
puis mettre la dernière version d'AVG antivirus: la version 10 !!!
a plus
branche tes supports externes et colle un rapport de nettoyage avec le logiciel usbfix
http://www.teamxscript.org/usbfix.html
puis colle un rapport de nettoyage avec ad remover
http://www.teamxscript.org/tools.html
puis
Mettre a jour java:
https://javara.fr.malavida.com/
Télécharge JavaRa.zip de Paul 'Prm753' McLain et Fred de Vries.
Décompresse le fichier sur ton bureau (clique droit > Extraire tout.)
Double-clique sur le répertoire JavaRa obtenu.
Puis double-clique sur le fichier JavaRa.exe (le .exe peut ne pas s'afficher)
Clique sur Search For Updates.
Sélectionne Update Using jucheck.exe puis clique sur Search.
Autorise le processus à se connecter s'il te le demande, clique sur Install et suis les instructions d'installation. Cela prendra quelques minutes.
Quand l'installation est terminée, revient à l'écran de JavaRa et clique sur Remove Older Versions.
Clique sur Oui pour confirmer. L'outil va travailler, clique ensuite sur Ok, puis une deuxième fois sur Ok.
Un rapport va s'ouvrir, copie-colle le dans ta prochaine réponse.
Note : le rapport se trouve aussi à la racine de la partition système, en général C:\ sous le nom JavaRa.log
(c:\JavaRa.log)
Ferme l'application.
si cela ne fonctionne pas
https://www.java.com/fr/download/windows_manual.jsp?locale=fr&host=www.java.com:80
tu peux désinstaller les vieilles versions.
________________
puis mettre la dernière version d'AVG antivirus: la version 10 !!!
a plus
Déjà pour ce qui est de nettoyage d'usb fix et ad remover
usbfix:
############################## | UsbFix 7.034 | [Recherche]
Utilisateur: ozeray (Administrateur) # FANNYOZERAY [ ]
Mis à jour le 25/10/10 par El Desaparecido / C_XX
Lancé à 18:45:01 | 08/11/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Genuine Intel(R) CPU T2300 @ 1.66GHz
CPU 2: Genuine Intel(R) CPU T2300 @ 1.66GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Activé
Antivirus: AVG Anti-Virus Free 9.0 [(!) Disabled | Updated]
RAM -> 1022 Mo
C:\ (%systemdrive%) -> Disque fixe # 44 Go (15 Go libre(s) - 35%) [ACER] # FAT32
D:\ -> Disque fixe # 45 Go (44 Go libre(s) - 99%) [ACERDATA] # FAT32
E:\ -> CD-ROM
F:\ -> CD-ROM
H:\ -> Disque fixe # 233 Go (29 Go libre(s) - 13%) [LaVoleuseDImage] # NTFS
################## | Éléments infectieux |
Présent! C:\DOCUME~1\ozeray\LOCALS~1\Temp\IXP000.TMP
################## | Registre |
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDesktop
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFind
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRun
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoViewContextMenu
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{746c0ec2-53d1-11dc-b73f-0013021868bb}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL OzERAY.EXE
HKCU\.\.\.\.\Explorer\MountPoints2\{74c00dfe-5aa6-11df-bb1c-0013021868bb}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NdKol.EXe
HKCU\.\.\.\.\Explorer\MountPoints2\{a669bb1c-55d8-11de-b9af-0013021868bb}
Shell\AutoRun\Command = G:\ReCycLEr\S-1-5-21-1482276501-1663491937-6831267430-1013\svchost.exe
Shell\OpEN\Command = G:\ReCycLEr\S-1-5-21-1482276501-1663491937-6831267430-1013\svchost.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{fb120a2e-95ef-11dd-b82c-0013021868bb}
Shell\AutoRun\Command = F:\WD_Windows_Tools\Setup.exe
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
ad remover :
======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 07/11/10 à 01:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:52:20 le 08/11/2010, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
ozeray@FANNYOZERAY ( )
============== ACTION(S) ==============
Fichier supprimé: C:\Program Files\Mozilla FireFox\regxpcom.exe
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\ozeray\Application Data\Mozilla\FireFox\Profiles\awx90qmr.default\Prefs.js --
Ligne supprimée:
Ligne supprimée:
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&Sea...
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3788E535-897B-463d-B6D6-FEE5B86EC144}
Clé supprimée: HKLM\Software\Classes\CLSID\{47C6C527-6204-4F91-849D-66E234DEE015}
Clé supprimée: HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}
Clé supprimée: HKLM\Software\Classes\CLSID\{B791A095-A4AC-4312-8894-5B7E8FF5B3CD}
Clé supprimée: HKLM\Software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
Clé supprimée: HKLM\Software\Classes\Interface\{1B8DF249-91E2-4179-A57A-F8A11F9ABB3C}
Clé supprimée: HKLM\Software\Classes\Interface\{49B68757-5EFE-4C09-A528-F481F70D7A4A}
Clé supprimée: HKLM\Software\Classes\Interface\{6FE1ECBE-6690-4728-B66A-45424A4F59DA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.12 (fr)] **
-- C:\Documents and Settings\ozeray\Application Data\Mozilla\FireFox\Profiles\awx90qmr.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\ozeray\\Bureau\\Nouveau dossier\\hp7\\Sosie
browser.search.defaultenginename, Yahoo! Search
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_fr&p=
========================================
** Internet Explorer Version [8.0.6001.18702] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 1 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 08/11/2010 (3830 Octet(s))
C:\Ad-Report-CLEAN[1].txt - 08/11/2010 (867 Octet(s))
Fin à: 18:53:33, 08/11/2010
============== E.O.F ==============
usbfix:
############################## | UsbFix 7.034 | [Recherche]
Utilisateur: ozeray (Administrateur) # FANNYOZERAY [ ]
Mis à jour le 25/10/10 par El Desaparecido / C_XX
Lancé à 18:45:01 | 08/11/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Genuine Intel(R) CPU T2300 @ 1.66GHz
CPU 2: Genuine Intel(R) CPU T2300 @ 1.66GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Activé
Antivirus: AVG Anti-Virus Free 9.0 [(!) Disabled | Updated]
RAM -> 1022 Mo
C:\ (%systemdrive%) -> Disque fixe # 44 Go (15 Go libre(s) - 35%) [ACER] # FAT32
D:\ -> Disque fixe # 45 Go (44 Go libre(s) - 99%) [ACERDATA] # FAT32
E:\ -> CD-ROM
F:\ -> CD-ROM
H:\ -> Disque fixe # 233 Go (29 Go libre(s) - 13%) [LaVoleuseDImage] # NTFS
################## | Éléments infectieux |
Présent! C:\DOCUME~1\ozeray\LOCALS~1\Temp\IXP000.TMP
################## | Registre |
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDesktop
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFind
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoFolderOptions
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoRun
Présent! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoViewContextMenu
################## | Mountpoints2 |
HKCU\.\.\.\.\Explorer\MountPoints2\{746c0ec2-53d1-11dc-b73f-0013021868bb}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL OzERAY.EXE
HKCU\.\.\.\.\Explorer\MountPoints2\{74c00dfe-5aa6-11df-bb1c-0013021868bb}
Shell\AutoRun\Command = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL NdKol.EXe
HKCU\.\.\.\.\Explorer\MountPoints2\{a669bb1c-55d8-11de-b9af-0013021868bb}
Shell\AutoRun\Command = G:\ReCycLEr\S-1-5-21-1482276501-1663491937-6831267430-1013\svchost.exe
Shell\OpEN\Command = G:\ReCycLEr\S-1-5-21-1482276501-1663491937-6831267430-1013\svchost.exe
HKCU\.\.\.\.\Explorer\MountPoints2\{fb120a2e-95ef-11dd-b82c-0013021868bb}
Shell\AutoRun\Command = F:\WD_Windows_Tools\Setup.exe
################## | Vaccin |
(!) Cet ordinateur n'est pas vacciné!
################## | E.O.F |
ad remover :
======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======
Mis à jour par TeamXscript le 07/11/10 à 01:00
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org
C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 18:52:20 le 08/11/2010, Mode normal
Microsoft Windows XP Édition familiale Service Pack 3 (X86)
ozeray@FANNYOZERAY ( )
============== ACTION(S) ==============
Fichier supprimé: C:\Program Files\Mozilla FireFox\regxpcom.exe
(!) -- Fichiers temporaires supprimés.
-- Fichier ouvert: C:\Documents and Settings\ozeray\Application Data\Mozilla\FireFox\Profiles\awx90qmr.default\Prefs.js --
Ligne supprimée:
Ligne supprimée:
Ligne supprimée: user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&Sea...
-- Fichier Fermé --
Clé supprimée: HKLM\Software\Classes\CLSID\{3788E535-897B-463d-B6D6-FEE5B86EC144}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3788E535-897B-463d-B6D6-FEE5B86EC144}
Clé supprimée: HKLM\Software\Classes\CLSID\{47C6C527-6204-4F91-849D-66E234DEE015}
Clé supprimée: HKLM\Software\Classes\CLSID\{9461b922-3c5a-11d2-bf8b-00c04fb93661}
Clé supprimée: HKLM\Software\Classes\CLSID\{B791A095-A4AC-4312-8894-5B7E8FF5B3CD}
Clé supprimée: HKLM\Software\Classes\CLSID\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F940EA-4E87-423b-9091-934E1E4FCEAE}
Clé supprimée: HKLM\Software\Classes\Interface\{1B8DF249-91E2-4179-A57A-F8A11F9ABB3C}
Clé supprimée: HKLM\Software\Classes\Interface\{49B68757-5EFE-4C09-A528-F481F70D7A4A}
Clé supprimée: HKLM\Software\Classes\Interface\{6FE1ECBE-6690-4728-B66A-45424A4F59DA}
Clé supprimée: HKLM\Software\Classes\TypeLib\{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
============== SCAN ADDITIONNEL ==============
** Mozilla Firefox Version [3.6.12 (fr)] **
-- C:\Documents and Settings\ozeray\Application Data\Mozilla\FireFox\Profiles\awx90qmr.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\ozeray\\Bureau\\Nouveau dossier\\hp7\\Sosie
browser.search.defaultenginename, Yahoo! Search
browser.startup.homepage, www.google.fr
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://fr.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_fr&p=
========================================
** Internet Explorer Version [8.0.6001.18702] **
[HKCU\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1
Use Search Asst: no
[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/
[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm
========================================
C:\Program Files\Ad-Remover\Quarantine: 1 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)
C:\Ad-Report-SCAN[1].txt - 08/11/2010 (3830 Octet(s))
C:\Ad-Report-CLEAN[1].txt - 08/11/2010 (867 Octet(s))
Fin à: 18:53:33, 08/11/2010
============== E.O.F ==============
et le rapport de java :
JavaRa 1.16 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Mon Nov 08 19:19:06 2010
Found and removed: C:\Program Files\Java\jre1.5.0_10
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_11
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_13
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_15
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_16
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_17
Found and removed: Software\JavaSoft\Java2D\1.5.0_06
Found and removed: Software\JavaSoft\Java2D\1.5.0_09
Found and removed: Software\JavaSoft\Java2D\1.5.0_10
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\JavaPlugin.150_10
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
JavaRa 1.16 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Mon Nov 08 19:19:25 2010
------------------------------------
Finished reporting.
JavaRa 1.16 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Mon Nov 08 19:19:06 2010
Found and removed: C:\Program Files\Java\jre1.5.0_10
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_11
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_13
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_15
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_16
Found and removed: C:\Documents and Settings\ozeray\Application Data\Sun\Java\jre1.6.0_17
Found and removed: Software\JavaSoft\Java2D\1.5.0_06
Found and removed: Software\JavaSoft\Java2D\1.5.0_09
Found and removed: Software\JavaSoft\Java2D\1.5.0_10
Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Classes\JavaPlugin.150_10
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5
Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10
Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2
Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
JavaRa 1.16 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Mon Nov 08 19:19:25 2010
------------------------------------
Finished reporting.
pour usbfix tu as fais une recherche et non un nettoyage ...
a plus
puis mets à jour avg
puis dis nous comment va ton pc et si avg trouve des infections (si il en trouve colle nous le rapport)
a plus
a plus
puis mets à jour avg
puis dis nous comment va ton pc et si avg trouve des infections (si il en trouve colle nous le rapport)
a plus
Voila le rapport de nettoyage d'usbfix
############################## | UsbFix 7.034 | [Suppression]
Utilisateur: ozeray (Administrateur) # FANNYOZERAY [ ]
Mis à jour le 25/10/10 par El Desaparecido / C_XX
Lancé à 10:27:50 | 13/11/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Genuine Intel(R) CPU T2300 @ 1.66GHz
CPU 2: Genuine Intel(R) CPU T2300 @ 1.66GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Activé
Antivirus: AVG Anti-Virus Free Edition 2011 10.0 [(!) Disabled | Updated]
RAM -> 1022 Mo
C:\ (%systemdrive%) -> Disque fixe # 44 Go (15 Go libre(s) - 34%) [ACER] # FAT32
D:\ -> Disque fixe # 45 Go (44 Go libre(s) - 99%) [ACERDATA] # FAT32
E:\ -> CD-ROM
F:\ -> CD-ROM
H:\ -> Disque fixe # 233 Go (29 Go libre(s) - 13%) [LaVoleuseDImage] # NTFS
################## | Éléments infectieux |
Supprimé! H:\$RECYCLE.BIN\S-1-5-21-1597008263-1911753700-599847662-1000
Supprimé! H:\$RECYCLE.BIN\S-1-5-21-344904952-3433875832-3459217552-1000
Supprimé! H:\Recycler\S-1-5-21-868838754-2457959687-1053659783-1006
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{74c00dfe-5aa6-11df-bb1c-0013021868bb}
################## | Listing |
[15/10/2004 - 11:33:18 | D ] C:\I386
[15/10/2004 - 11:36:38 | D ] C:\DOCS
[15/10/2004 - 11:36:38 | D ] C:\DOTNETFX
[15/10/2004 - 11:36:48 | D ] C:\SUPPORT
[15/10/2004 - 11:36:52 | D ] C:\VALUEADD
[02/02/2009 - 11:52:04 | D ] C:\FOUND.000
[15/10/2004 - 11:37:00 | D ] C:\ELEMENTS
[15/10/2004 - 11:47:16 | D ] C:\WINDOWS
[15/10/2004 - 11:51:22 | D ] C:\Documents and Settings
[15/10/2004 - 11:59:30 | D ] C:\Program Files
[14/04/2006 - 15:58:10 | D ] C:\BOOK
[14/04/2006 - 18:58:10 | D ] C:\sysinfo
[15/10/2004 - 11:41:16 | N | 512] C:\BOOTSECT.DOS
[05/08/2004 - 05:00:00 | N | 4952] C:\Bootfont.bin
[18/04/2009 - 23:40:54 | N | 252240] C:\ntldr
[05/08/2004 - 05:00:00 | N | 47564] C:\NTDETECT.COM
[18/04/2009 - 23:22:20 | N | 216] C:\boot.ini
[15/10/2004 - 12:01:06 | N | 0] C:\IO.SYS
[15/10/2004 - 12:01:06 | N | 0] C:\MSDOS.SYS
[14/04/2006 - 15:59:44 | N | 4] C:\wps.dat
[14/04/2006 - 18:57:12 | N | 65] C:\Preload.rev
[14/04/2006 - 18:57:12 | N | 65] C:\preload.aaa
[18/02/2009 - 15:30:10 | D ] C:\FOUND.001
[21/04/2006 - 15:51:14 | N | 1210] C:\Patch.rev
[13/11/2010 - 09:55:32 | ASH | 1610612736] C:\pagefile.sys
[24/07/2006 - 23:25:20 | SHD ] C:\System Volume Information
[12/11/2008 - 13:42:36 | N | 115343872] C:\eDS_PSD_drive.vmdf
[05/03/2009 - 23:34:52 | D ] C:\FOUND.002
[07/03/2009 - 02:37:22 | D ] C:\FOUND.003
[24/07/2009 - 19:17:40 | D ] C:\FOUND.004
[24/07/2006 - 23:31:54 | D ] C:\Acer
[13/04/2010 - 17:25:48 | D ] C:\FOUND.007
[22/04/2010 - 11:30:26 | D ] C:\FOUND.008
[30/12/2007 - 21:43:26 | D ] C:\FOUND.010
[11/02/2008 - 12:30:14 | D ] C:\FOUND.011
[01/10/2009 - 10:35:56 | D ] C:\FOUND.005
[17/01/2010 - 11:53:56 | D ] C:\FOUND.006
[13/11/2010 - 09:55:34 | ASH | 1071828992] C:\hiberfil.sys
[06/04/2010 - 23:02:14 | D ] C:\$AVG
[30/04/2010 - 00:10:22 | D ] C:\FOUND.009
[08/11/2010 - 18:41:24 | D ] C:\UsbFix
[08/11/2010 - 19:19:28 | N | 8150] C:\JavaRa.log
[08/11/2010 - 21:04:00 | RASHD ] C:\Autorun.inf
[13/11/2010 - 10:26:22 | N | 1162] C:\UsbFix.txt
[08/11/2010 - 21:04:02 | N | 119815] C:\UsbFix_Upload_Me_FANNYOZERAY.zip
[24/07/2006 - 19:39:22 | SHD ] C:\Recycled
[22/05/2008 - 10:35:04 | N | 244] C:\sqmnoopt00.sqm
[22/05/2008 - 10:35:04 | N | 232] C:\sqmdata00.sqm
[22/05/2008 - 10:46:00 | N | 244] C:\sqmnoopt01.sqm
[22/05/2008 - 10:46:00 | N | 232] C:\sqmdata01.sqm
[22/05/2008 - 11:54:26 | N | 244] C:\sqmnoopt02.sqm
[22/05/2008 - 11:54:26 | N | 232] C:\sqmdata02.sqm
[23/05/2008 - 19:22:02 | N | 244] C:\sqmnoopt03.sqm
[23/05/2008 - 19:22:02 | N | 232] C:\sqmdata03.sqm
[23/05/2008 - 19:23:02 | N | 244] C:\sqmnoopt04.sqm
[23/05/2008 - 19:23:02 | N | 232] C:\sqmdata04.sqm
[23/05/2008 - 19:26:04 | N | 244] C:\sqmnoopt05.sqm
[23/05/2008 - 19:26:04 | N | 232] C:\sqmdata05.sqm
[23/05/2008 - 19:27:32 | N | 244] C:\sqmnoopt06.sqm
[23/05/2008 - 19:27:32 | N | 232] C:\sqmdata06.sqm
[30/06/2008 - 20:03:12 | N | 244] C:\sqmnoopt07.sqm
[30/06/2008 - 20:03:12 | N | 268] C:\sqmdata07.sqm
[15/07/2008 - 20:22:12 | N | 244] C:\sqmnoopt08.sqm
[15/07/2008 - 20:22:12 | N | 268] C:\sqmdata08.sqm
[15/07/2008 - 20:24:36 | N | 244] C:\sqmnoopt09.sqm
[15/07/2008 - 20:24:36 | N | 232] C:\sqmdata09.sqm
[20/01/2009 - 11:25:12 | N | 244] C:\sqmnoopt10.sqm
[20/01/2009 - 11:25:12 | N | 268] C:\sqmdata10.sqm
[20/05/2008 - 21:03:50 | N | 244] C:\sqmnoopt11.sqm
[20/05/2008 - 21:03:50 | N | 232] C:\sqmdata11.sqm
[21/05/2008 - 15:15:46 | N | 244] C:\sqmnoopt12.sqm
[21/05/2008 - 15:15:46 | N | 232] C:\sqmdata12.sqm
[21/05/2008 - 15:24:28 | N | 244] C:\sqmnoopt13.sqm
[21/05/2008 - 15:24:28 | N | 232] C:\sqmdata13.sqm
[21/05/2008 - 15:24:42 | N | 244] C:\sqmnoopt14.sqm
[21/05/2008 - 15:24:42 | N | 232] C:\sqmdata14.sqm
[21/05/2008 - 15:42:34 | N | 244] C:\sqmnoopt15.sqm
[21/05/2008 - 15:42:34 | N | 232] C:\sqmdata15.sqm
[21/05/2008 - 18:10:56 | N | 244] C:\sqmnoopt16.sqm
[21/05/2008 - 18:10:56 | N | 232] C:\sqmdata16.sqm
[21/05/2008 - 19:09:26 | N | 244] C:\sqmnoopt17.sqm
[21/05/2008 - 19:09:26 | N | 232] C:\sqmdata17.sqm
[21/05/2008 - 19:09:34 | N | 244] C:\sqmnoopt18.sqm
[21/05/2008 - 19:09:34 | N | 232] C:\sqmdata18.sqm
[03/09/2006 - 20:03:58 | N | 0] C:\adorage-protocol.txt
[22/05/2008 - 10:29:20 | N | 244] C:\sqmnoopt19.sqm
[22/05/2008 - 10:29:20 | N | 232] C:\sqmdata19.sqm
[01/09/2006 - 11:11:22 | D ] C:\Config.Msi
[24/05/2001 - 12:59:30 | N | 162304] C:\UNWISE.EXE
[08/10/2006 - 16:56:02 | N | 1120] C:\INSTALL.LOG
[08/11/2010 - 17:50:06 | D ] D:\ZIP
[24/07/2006 - 23:27:30 | SHD ] D:\System Volume Information
[08/11/2010 - 21:04:00 | RASHD ] D:\Autorun.inf
[17/10/2009 - 11:06:22 | D ] D:\KompoZer-0.8b1
[08/08/2010 - 14:08:40 | N | 3027] D:\Français.lng
[06/03/2010 - 21:56:10 | D ] D:\Notepad++
[06/04/2010 - 23:02:14 | D ] D:\$AVG
[09/01/2010 - 19:08:38 | D ] D:\BSplayer
[21/03/2010 - 19:20:12 | D ] D:\FileZilla-3.3.2.1
[14/10/2010 - 17:59:40 | N | 351259] D:\JavaRa.def
[09/08/2010 - 19:02:06 | N | 641473] D:\JavaRa.exe
[07/11/2010 - 21:13:18 | D ] D:\Rapid CSS 2010
[08/11/2010 - 12:12:04 | D ] D:\Malwarebytes' Anti-Malware
[24/07/2006 - 19:30:44 | RHD ] D:\MSOCache
[08/11/2010 - 02:21:02 | D ] D:\Ccleaner
[24/07/2006 - 19:40:48 | SHD ] D:\Recycled
[07/11/2008 - 00:18:42 | D ] D:\Daemon Tool
[04/12/2008 - 17:48:44 | D ] D:\Open Office
[18/02/2009 - 15:07:56 | D ] D:\PDFCreator
[13/11/2010 - 10:29:44 | SHD ] H:\$RECYCLE.BIN
[07/11/2010 - 21:35:15 | D ] H:\Bibliothèque
[08/12/2008 - 16:56:26 | D ] H:\C.G.U
[16/06/2009 - 21:45:19 | D ] H:\CV
[15/10/2008 - 16:07:25 | D ] H:\donjon-saison1
[18/02/2009 - 21:51:50 | D ] H:\DVix
[22/09/2009 - 12:23:20 | D ] H:\Ecrits
[27/10/2010 - 23:12:36 | D ] H:\en vrac
[11/06/2009 - 17:36:17 | D ] H:\How I Met Your Mother
[05/10/2010 - 22:04:41 | D ] H:\Musique
[07/11/2010 - 21:45:02 | D ] H:\Nouveau dossier
[08/12/2008 - 16:56:08 | D ] H:\numérisation des albums
[05/10/2010 - 21:29:14 | D ] H:\Photos
[27/10/2010 - 23:12:14 | D ] H:\PLURIELLE
[30/01/2009 - 01:10:41 | D ] H:\Recorded TV
[13/11/2010 - 10:29:44 | SHD ] H:\RECYCLER
[15/10/2008 - 16:39:31 | D ] H:\SPREV
[30/10/2008 - 21:10:53 | SHD ] H:\System Volume Information
[27/10/2010 - 23:10:49 | D ] H:\Vidéo
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_FANNYOZERAY.zip
http://www.teamxscript.org/Sample/Upload.php
Merci de votre contribution.
################## | E.O.F |
Bon pc semble allez mieux!!! Il s'allume plus vite, et je n'ai, pour l'instant, pas eu de pb genre fermeture de page, ou logiviel bloqué!!!
J'ai pas encore pris le tps de réinstaller un de mes jeux pour voir si il tourne mieux! Mais je pense que oui!
Merci encore pour ton aide!!!
Ps : pour avg j'ai pas pensé à sauvgarder le rapport qd j'ai lancé l'anlyse T_T tanpis!!!
############################## | UsbFix 7.034 | [Suppression]
Utilisateur: ozeray (Administrateur) # FANNYOZERAY [ ]
Mis à jour le 25/10/10 par El Desaparecido / C_XX
Lancé à 10:27:50 | 13/11/2010
Site Web: http://www.teamxscript.org
Contact: eldesaparecido@teamxscript.org
CPU: Genuine Intel(R) CPU T2300 @ 1.66GHz
CPU 2: Genuine Intel(R) CPU T2300 @ 1.66GHz
Microsoft Windows XP Édition familiale (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Pare-feu Windows: Activé
Antivirus: AVG Anti-Virus Free Edition 2011 10.0 [(!) Disabled | Updated]
RAM -> 1022 Mo
C:\ (%systemdrive%) -> Disque fixe # 44 Go (15 Go libre(s) - 34%) [ACER] # FAT32
D:\ -> Disque fixe # 45 Go (44 Go libre(s) - 99%) [ACERDATA] # FAT32
E:\ -> CD-ROM
F:\ -> CD-ROM
H:\ -> Disque fixe # 233 Go (29 Go libre(s) - 13%) [LaVoleuseDImage] # NTFS
################## | Éléments infectieux |
Supprimé! H:\$RECYCLE.BIN\S-1-5-21-1597008263-1911753700-599847662-1000
Supprimé! H:\$RECYCLE.BIN\S-1-5-21-344904952-3433875832-3459217552-1000
Supprimé! H:\Recycler\S-1-5-21-868838754-2457959687-1053659783-1006
################## | Registre |
################## | Mountpoints2 |
Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{74c00dfe-5aa6-11df-bb1c-0013021868bb}
################## | Listing |
[15/10/2004 - 11:33:18 | D ] C:\I386
[15/10/2004 - 11:36:38 | D ] C:\DOCS
[15/10/2004 - 11:36:38 | D ] C:\DOTNETFX
[15/10/2004 - 11:36:48 | D ] C:\SUPPORT
[15/10/2004 - 11:36:52 | D ] C:\VALUEADD
[02/02/2009 - 11:52:04 | D ] C:\FOUND.000
[15/10/2004 - 11:37:00 | D ] C:\ELEMENTS
[15/10/2004 - 11:47:16 | D ] C:\WINDOWS
[15/10/2004 - 11:51:22 | D ] C:\Documents and Settings
[15/10/2004 - 11:59:30 | D ] C:\Program Files
[14/04/2006 - 15:58:10 | D ] C:\BOOK
[14/04/2006 - 18:58:10 | D ] C:\sysinfo
[15/10/2004 - 11:41:16 | N | 512] C:\BOOTSECT.DOS
[05/08/2004 - 05:00:00 | N | 4952] C:\Bootfont.bin
[18/04/2009 - 23:40:54 | N | 252240] C:\ntldr
[05/08/2004 - 05:00:00 | N | 47564] C:\NTDETECT.COM
[18/04/2009 - 23:22:20 | N | 216] C:\boot.ini
[15/10/2004 - 12:01:06 | N | 0] C:\IO.SYS
[15/10/2004 - 12:01:06 | N | 0] C:\MSDOS.SYS
[14/04/2006 - 15:59:44 | N | 4] C:\wps.dat
[14/04/2006 - 18:57:12 | N | 65] C:\Preload.rev
[14/04/2006 - 18:57:12 | N | 65] C:\preload.aaa
[18/02/2009 - 15:30:10 | D ] C:\FOUND.001
[21/04/2006 - 15:51:14 | N | 1210] C:\Patch.rev
[13/11/2010 - 09:55:32 | ASH | 1610612736] C:\pagefile.sys
[24/07/2006 - 23:25:20 | SHD ] C:\System Volume Information
[12/11/2008 - 13:42:36 | N | 115343872] C:\eDS_PSD_drive.vmdf
[05/03/2009 - 23:34:52 | D ] C:\FOUND.002
[07/03/2009 - 02:37:22 | D ] C:\FOUND.003
[24/07/2009 - 19:17:40 | D ] C:\FOUND.004
[24/07/2006 - 23:31:54 | D ] C:\Acer
[13/04/2010 - 17:25:48 | D ] C:\FOUND.007
[22/04/2010 - 11:30:26 | D ] C:\FOUND.008
[30/12/2007 - 21:43:26 | D ] C:\FOUND.010
[11/02/2008 - 12:30:14 | D ] C:\FOUND.011
[01/10/2009 - 10:35:56 | D ] C:\FOUND.005
[17/01/2010 - 11:53:56 | D ] C:\FOUND.006
[13/11/2010 - 09:55:34 | ASH | 1071828992] C:\hiberfil.sys
[06/04/2010 - 23:02:14 | D ] C:\$AVG
[30/04/2010 - 00:10:22 | D ] C:\FOUND.009
[08/11/2010 - 18:41:24 | D ] C:\UsbFix
[08/11/2010 - 19:19:28 | N | 8150] C:\JavaRa.log
[08/11/2010 - 21:04:00 | RASHD ] C:\Autorun.inf
[13/11/2010 - 10:26:22 | N | 1162] C:\UsbFix.txt
[08/11/2010 - 21:04:02 | N | 119815] C:\UsbFix_Upload_Me_FANNYOZERAY.zip
[24/07/2006 - 19:39:22 | SHD ] C:\Recycled
[22/05/2008 - 10:35:04 | N | 244] C:\sqmnoopt00.sqm
[22/05/2008 - 10:35:04 | N | 232] C:\sqmdata00.sqm
[22/05/2008 - 10:46:00 | N | 244] C:\sqmnoopt01.sqm
[22/05/2008 - 10:46:00 | N | 232] C:\sqmdata01.sqm
[22/05/2008 - 11:54:26 | N | 244] C:\sqmnoopt02.sqm
[22/05/2008 - 11:54:26 | N | 232] C:\sqmdata02.sqm
[23/05/2008 - 19:22:02 | N | 244] C:\sqmnoopt03.sqm
[23/05/2008 - 19:22:02 | N | 232] C:\sqmdata03.sqm
[23/05/2008 - 19:23:02 | N | 244] C:\sqmnoopt04.sqm
[23/05/2008 - 19:23:02 | N | 232] C:\sqmdata04.sqm
[23/05/2008 - 19:26:04 | N | 244] C:\sqmnoopt05.sqm
[23/05/2008 - 19:26:04 | N | 232] C:\sqmdata05.sqm
[23/05/2008 - 19:27:32 | N | 244] C:\sqmnoopt06.sqm
[23/05/2008 - 19:27:32 | N | 232] C:\sqmdata06.sqm
[30/06/2008 - 20:03:12 | N | 244] C:\sqmnoopt07.sqm
[30/06/2008 - 20:03:12 | N | 268] C:\sqmdata07.sqm
[15/07/2008 - 20:22:12 | N | 244] C:\sqmnoopt08.sqm
[15/07/2008 - 20:22:12 | N | 268] C:\sqmdata08.sqm
[15/07/2008 - 20:24:36 | N | 244] C:\sqmnoopt09.sqm
[15/07/2008 - 20:24:36 | N | 232] C:\sqmdata09.sqm
[20/01/2009 - 11:25:12 | N | 244] C:\sqmnoopt10.sqm
[20/01/2009 - 11:25:12 | N | 268] C:\sqmdata10.sqm
[20/05/2008 - 21:03:50 | N | 244] C:\sqmnoopt11.sqm
[20/05/2008 - 21:03:50 | N | 232] C:\sqmdata11.sqm
[21/05/2008 - 15:15:46 | N | 244] C:\sqmnoopt12.sqm
[21/05/2008 - 15:15:46 | N | 232] C:\sqmdata12.sqm
[21/05/2008 - 15:24:28 | N | 244] C:\sqmnoopt13.sqm
[21/05/2008 - 15:24:28 | N | 232] C:\sqmdata13.sqm
[21/05/2008 - 15:24:42 | N | 244] C:\sqmnoopt14.sqm
[21/05/2008 - 15:24:42 | N | 232] C:\sqmdata14.sqm
[21/05/2008 - 15:42:34 | N | 244] C:\sqmnoopt15.sqm
[21/05/2008 - 15:42:34 | N | 232] C:\sqmdata15.sqm
[21/05/2008 - 18:10:56 | N | 244] C:\sqmnoopt16.sqm
[21/05/2008 - 18:10:56 | N | 232] C:\sqmdata16.sqm
[21/05/2008 - 19:09:26 | N | 244] C:\sqmnoopt17.sqm
[21/05/2008 - 19:09:26 | N | 232] C:\sqmdata17.sqm
[21/05/2008 - 19:09:34 | N | 244] C:\sqmnoopt18.sqm
[21/05/2008 - 19:09:34 | N | 232] C:\sqmdata18.sqm
[03/09/2006 - 20:03:58 | N | 0] C:\adorage-protocol.txt
[22/05/2008 - 10:29:20 | N | 244] C:\sqmnoopt19.sqm
[22/05/2008 - 10:29:20 | N | 232] C:\sqmdata19.sqm
[01/09/2006 - 11:11:22 | D ] C:\Config.Msi
[24/05/2001 - 12:59:30 | N | 162304] C:\UNWISE.EXE
[08/10/2006 - 16:56:02 | N | 1120] C:\INSTALL.LOG
[08/11/2010 - 17:50:06 | D ] D:\ZIP
[24/07/2006 - 23:27:30 | SHD ] D:\System Volume Information
[08/11/2010 - 21:04:00 | RASHD ] D:\Autorun.inf
[17/10/2009 - 11:06:22 | D ] D:\KompoZer-0.8b1
[08/08/2010 - 14:08:40 | N | 3027] D:\Français.lng
[06/03/2010 - 21:56:10 | D ] D:\Notepad++
[06/04/2010 - 23:02:14 | D ] D:\$AVG
[09/01/2010 - 19:08:38 | D ] D:\BSplayer
[21/03/2010 - 19:20:12 | D ] D:\FileZilla-3.3.2.1
[14/10/2010 - 17:59:40 | N | 351259] D:\JavaRa.def
[09/08/2010 - 19:02:06 | N | 641473] D:\JavaRa.exe
[07/11/2010 - 21:13:18 | D ] D:\Rapid CSS 2010
[08/11/2010 - 12:12:04 | D ] D:\Malwarebytes' Anti-Malware
[24/07/2006 - 19:30:44 | RHD ] D:\MSOCache
[08/11/2010 - 02:21:02 | D ] D:\Ccleaner
[24/07/2006 - 19:40:48 | SHD ] D:\Recycled
[07/11/2008 - 00:18:42 | D ] D:\Daemon Tool
[04/12/2008 - 17:48:44 | D ] D:\Open Office
[18/02/2009 - 15:07:56 | D ] D:\PDFCreator
[13/11/2010 - 10:29:44 | SHD ] H:\$RECYCLE.BIN
[07/11/2010 - 21:35:15 | D ] H:\Bibliothèque
[08/12/2008 - 16:56:26 | D ] H:\C.G.U
[16/06/2009 - 21:45:19 | D ] H:\CV
[15/10/2008 - 16:07:25 | D ] H:\donjon-saison1
[18/02/2009 - 21:51:50 | D ] H:\DVix
[22/09/2009 - 12:23:20 | D ] H:\Ecrits
[27/10/2010 - 23:12:36 | D ] H:\en vrac
[11/06/2009 - 17:36:17 | D ] H:\How I Met Your Mother
[05/10/2010 - 22:04:41 | D ] H:\Musique
[07/11/2010 - 21:45:02 | D ] H:\Nouveau dossier
[08/12/2008 - 16:56:08 | D ] H:\numérisation des albums
[05/10/2010 - 21:29:14 | D ] H:\Photos
[27/10/2010 - 23:12:14 | D ] H:\PLURIELLE
[30/01/2009 - 01:10:41 | D ] H:\Recorded TV
[13/11/2010 - 10:29:44 | SHD ] H:\RECYCLER
[15/10/2008 - 16:39:31 | D ] H:\SPREV
[30/10/2008 - 21:10:53 | SHD ] H:\System Volume Information
[27/10/2010 - 23:10:49 | D ] H:\Vidéo
################## | Vaccin |
C:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Dossier créé par UsbFix (El Desaparecido & C_XX)
################## | Upload |
Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_FANNYOZERAY.zip
http://www.teamxscript.org/Sample/Upload.php
Merci de votre contribution.
################## | E.O.F |
Bon pc semble allez mieux!!! Il s'allume plus vite, et je n'ai, pour l'instant, pas eu de pb genre fermeture de page, ou logiviel bloqué!!!
J'ai pas encore pris le tps de réinstaller un de mes jeux pour voir si il tourne mieux! Mais je pense que oui!
Merci encore pour ton aide!!!
Ps : pour avg j'ai pas pensé à sauvgarder le rapport qd j'ai lancé l'anlyse T_T tanpis!!!
