Problème : 3 virus/rogue/trojans !
caroline
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
j'ai depuis vendredi soir, 3 foutus virus, rogue ou trojan je ne sais pas le nom que je dois leur donner, dnas les fenetres qui m'apparaissent, ils se nomment : "windows restore" "xp anti-spyware'' "centre de sécurité".
Résultat:
-fond D'écran disparu
-document, musique, favoris et photos disparus
-programme disparu
-internet marche 5 minutes et ensuite je suis redigiré vers des spams et je dois redemarrer
-jai de la musique ou le son d'une video qui provient de je sais pas ou qui sort de mes haut-parleurs mais il n'y a aucune autre fenetre d'ouverte
les .exe ne marche plus
ddésolée j'écris vite, ca recommence
dephuis hier, j'ai essayer pleins de trucs, mbam, rogue killer, en mode normal ou sans echec. rien ne marche et on dirait que dès que le virus voit que j'esaie de le supprimer, les fenetres spam et autrers trucs s'intensifient alors je dois rebooter,
j'attends vos solutions miracle , je panique un peu je dosi vous avourer, jai deja eu des problemes dnas le passée que jai resolue toute seule mais la ca depasse ems comppetencwes
merci
j'ai depuis vendredi soir, 3 foutus virus, rogue ou trojan je ne sais pas le nom que je dois leur donner, dnas les fenetres qui m'apparaissent, ils se nomment : "windows restore" "xp anti-spyware'' "centre de sécurité".
Résultat:
-fond D'écran disparu
-document, musique, favoris et photos disparus
-programme disparu
-internet marche 5 minutes et ensuite je suis redigiré vers des spams et je dois redemarrer
-jai de la musique ou le son d'une video qui provient de je sais pas ou qui sort de mes haut-parleurs mais il n'y a aucune autre fenetre d'ouverte
les .exe ne marche plus
ddésolée j'écris vite, ca recommence
dephuis hier, j'ai essayer pleins de trucs, mbam, rogue killer, en mode normal ou sans echec. rien ne marche et on dirait que dès que le virus voit que j'esaie de le supprimer, les fenetres spam et autrers trucs s'intensifient alors je dois rebooter,
j'attends vos solutions miracle , je panique un peu je dosi vous avourer, jai deja eu des problemes dnas le passée que jai resolue toute seule mais la ca depasse ems comppetencwes
merci
160 réponses
bon jai passee lair comprimee et relancer la machine niet marche pas plus
Oui les ventilos marche a merveille, trop meme surtout quand il reboot lol je pourrais couper une carotte dessus
Dautree suggeetions?
Merci
Oui les ventilos marche a merveille, trop meme surtout quand il reboot lol je pourrais couper une carotte dessus
Dautree suggeetions?
Merci
je suis revenue !!!! pour de bon j'espere,
j'ai enlever la nouvelle barette de memoire de 1go que jai ajouté il y a un 2 mois, et laisser les originales qui totalisent 512mb, redemarre il se passe rien ya juste la fan qui a parti, le processus a jamais parti, alors je remets la barette de 1 go a la premiere place, et la l'ordi a demarrer, yééé!!!!!
et d'ailleurs la premiere chose qui a apparu sur mon fond d'écran cest un message dans une cacse grise me disant que le fichir 872zn est introuvable et bla bla, foutu virus de m.....
est ce que je faistoujurs la derniere étape que tu mas dit avant que je disparaisse ??
j'ai enlever la nouvelle barette de memoire de 1go que jai ajouté il y a un 2 mois, et laisser les originales qui totalisent 512mb, redemarre il se passe rien ya juste la fan qui a parti, le processus a jamais parti, alors je remets la barette de 1 go a la premiere place, et la l'ordi a demarrer, yééé!!!!!
et d'ailleurs la premiere chose qui a apparu sur mon fond d'écran cest un message dans une cacse grise me disant que le fichir 872zn est introuvable et bla bla, foutu virus de m.....
est ce que je faistoujurs la derniere étape que tu mas dit avant que je disparaisse ??
Télécharge ici :OTL
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Configuration
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
▶ enregistre le sur ton Bureau.
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶ => Configuration
▶Clic sur Analyse.
A la fin du scan, le Bloc-Notes va s'ouvrir avec le rapport (OTL.txt).
Ce fichier est sur ton Bureau (en général C:\Documents and settings\le_nom_de_ta_session\OTL.txt)
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
Pour me le transmettre clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
juste au niveau du bouton , en fin de chargement du fichier , Un lien de cette forme apparaitra :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
▶ Copie ce lien dans ta réponse.
▶▶ Tu feras la meme chose avec le "Extra.txt" qui logiquement sera aussi sur ton bureau.
voici les rapports :
http://www.cijoint.fr/cjlink.php?file=cj201105/cijqdvOGzn.txt
http://www.cijoint.fr/cjlink.php?file=cj201105/cijTHixMGs.txt
merci
http://www.cijoint.fr/cjlink.php?file=cj201105/cijqdvOGzn.txt
http://www.cijoint.fr/cjlink.php?file=cj201105/cijTHixMGs.txt
merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
quelle horreur !!!
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
Itp.exe
rundll32.exe
:Services
MouseDriver
:OTL
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} https://www.oracle.com/java/technologies/ (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.165.192,93.188.160.163
C:\Documents and Settings\All Users\Application Data\lL28601HmIlL28601
C:\Documents and Settings\All Users\Application Data\pO28603HcDeE28603
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Qyaxojiliqu"=-
"NtWqIVLZEWZU"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"=-
:Files
C:\Documents and Settings\Owner\Local Settings\temp\Itp.exe
C:\WINDOWS\ojetucigenoguq.dll
C:\Documents and Settings\Owner\Local Settings\temp\MouseDriver.bat
C:\Program Files\*.exe
C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
C:\WINDOWS\Kkusaratiqefame.dat
C:\WINDOWS\Tqizuxunakami.bin
C:\WINDOWS\tasks\Kltt.job
C:\WINDOWS\tasks\OZZPDDMP.job
C:\WINDOWS\tasks\EVSYXGT.job
C:\Documents and Settings\Owner\Local Settings\Application Data\dc07rr824sfs4vx1456egb2r5o
C:\Documents and Settings\All Users\Application Data\dc07rr824sfs4vx1456egb2r5o
C:\fsqwr.bmp
C:\Documents and Settings\Owner\Application Data\E9AE.D4E
C:\Documents and Settings\Owner\Local Settings\Application Data\i2152v11p7d4sg8
C:\Documents and Settings\All Users\Application Data\i2152v11p7d4sg8
C:\Documents and Settings\Owner\Local Settings\Application Data\x5si1vjuiny5
C:\Documents and Settings\All Users\Application Data\x5si1vjuiny5
C:\Documents and Settings\Owner\Local Settings\Application Data\8577pbl4k146s4547xpb05o
C:\Documents and Settings\All Users\Application Data\8577pbl4k146s4547xpb05o
C:\Documents and Settings\Owner\Local Settings\Application Data\gcv50onu1sl7cbx2yx06ni368lqw4y18h3u11tp
C:\Documents and Settings\All Users\Application Data\gcv50onu1sl7cbx2yx06ni368lqw4y18h3u11tp
C:\Documents and Settings\All Users\Application Data\n8c7doyeb3gnc0s7668val88vask
C:\Documents and Settings\Owner\Local Settings\Application Data\n8c7doyeb3gnc0s7668val88vask
C:\Documents and Settings\Owner\Local Settings\Application Data\320678denltbl50eg3g1l57brju58b5n2
C:\Documents and Settings\All Users\Application Data\320678denltbl50eg3g1l57brju58b5n2
C:\Documents and Settings\Owner\Local Settings\Application Data\4dv6261vsr86
C:\Documents and Settings\All Users\Application Data\4dv6261vsr86
C:\Documents and Settings\Owner\Local Settings\Application Data\5f2ph51m052ajruj700xx2hor734170i6dmv3o246y7n4n4
C:\Documents and Settings\All Users\Application Data\5f2ph51m052ajruj700xx2hor734170i6dmv3o246y7n4n4
C:\Documents and Settings\Owner\Local Settings\Application Data\42imyb828hpk7d273c0sn3ht33x084yqd28386ryfx8k
C:\Documents and Settings\All Users\Application Data\42imyb828hpk7d273c0sn3ht33x084yqd28386ryfx8k
C:\Documents and Settings\Owner\Local Settings\Application Data\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh
C:\Documents and Settings\All Users\Application Data\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh
C:\Documents and Settings\Owner\Local Settings\Application Data\o0sd122fjvcq817q7r722h74dfs2m7kd5d185pd472
C:\Documents and Settings\All Users\Application Data\o0sd122fjvcq817q7r722h74dfs2m7kd5d185pd472
C:\Documents and Settings\All Users\Application Data\~18538292r
C:\Documents and Settings\All Users\Application Data\~18538292
C:\Documents and Settings\All Users\Application Data\18538292
C:\Documents and Settings\Owner\Local Settings\Application Data\178748ryx4
C:\Documents and Settings\All Users\Application Data\178748ryx4
C:\Documents and Settings\Owner\Local Settings\Application Data\17qem3l4c6h5k
C:\Documents and Settings\All Users\Application Data\17qem3l4c6h5k
C:\Documents and Settings\All Users\Application Data\~19324724r
C:\Documents and Settings\All Users\Application Data\~19324724
C:\Documents and Settings\All Users\Application Data\19324724
C:\WINDOWS\Etn32.dll
C:\Documents and Settings\Owner\Application Data\5eT7WQpJat.gif
C:\Documents and Settings\Owner\Application Data\5eT7WQpJzn.gif
C:\Documents and Settings\Owner\Application Data\5eT7WQpJby.gif
C:\Program Files\easysetup.exe
C:\WINDOWS\_delis32.ini
C:\Program Files\mpc2kxp6490.zip
C:\WINDOWS\sel3110.exe
C:\WINDOWS\wallpe.exe
C:\WINDOWS\yedlat.dll
C:\Program Files\setup_blazemp.exe
C:\WINDOWS\ojetucigenoguq.dll
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
:commands
[start explorer]
[reboot]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
ATTENTION !!! : Script personnalisé pour cette machine uniquement , ne pas reproduire !!
si tu as XP => double clique
si tu as Vista ou windows 7 => clic droit "executer en tant que...."
sur OTL.exe pour le lancer.
▶Copie la liste qui se trouve en gras ci-dessous,
▶ colle-la dans la zone sous "Personnalisation" :
:processes
explorer.exe
iexplore.exe
firefox.exe
msnmsgr.exe
Teatimer.exe
Itp.exe
rundll32.exe
:Services
MouseDriver
:OTL
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} https://www.oracle.com/java/technologies/ (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.165.192,93.188.160.163
C:\Documents and Settings\All Users\Application Data\lL28601HmIlL28601
C:\Documents and Settings\All Users\Application Data\pO28603HcDeE28603
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Qyaxojiliqu"=-
"NtWqIVLZEWZU"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"=-
:Files
C:\Documents and Settings\Owner\Local Settings\temp\Itp.exe
C:\WINDOWS\ojetucigenoguq.dll
C:\Documents and Settings\Owner\Local Settings\temp\MouseDriver.bat
C:\Program Files\*.exe
C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
C:\WINDOWS\Kkusaratiqefame.dat
C:\WINDOWS\Tqizuxunakami.bin
C:\WINDOWS\tasks\Kltt.job
C:\WINDOWS\tasks\OZZPDDMP.job
C:\WINDOWS\tasks\EVSYXGT.job
C:\Documents and Settings\Owner\Local Settings\Application Data\dc07rr824sfs4vx1456egb2r5o
C:\Documents and Settings\All Users\Application Data\dc07rr824sfs4vx1456egb2r5o
C:\fsqwr.bmp
C:\Documents and Settings\Owner\Application Data\E9AE.D4E
C:\Documents and Settings\Owner\Local Settings\Application Data\i2152v11p7d4sg8
C:\Documents and Settings\All Users\Application Data\i2152v11p7d4sg8
C:\Documents and Settings\Owner\Local Settings\Application Data\x5si1vjuiny5
C:\Documents and Settings\All Users\Application Data\x5si1vjuiny5
C:\Documents and Settings\Owner\Local Settings\Application Data\8577pbl4k146s4547xpb05o
C:\Documents and Settings\All Users\Application Data\8577pbl4k146s4547xpb05o
C:\Documents and Settings\Owner\Local Settings\Application Data\gcv50onu1sl7cbx2yx06ni368lqw4y18h3u11tp
C:\Documents and Settings\All Users\Application Data\gcv50onu1sl7cbx2yx06ni368lqw4y18h3u11tp
C:\Documents and Settings\All Users\Application Data\n8c7doyeb3gnc0s7668val88vask
C:\Documents and Settings\Owner\Local Settings\Application Data\n8c7doyeb3gnc0s7668val88vask
C:\Documents and Settings\Owner\Local Settings\Application Data\320678denltbl50eg3g1l57brju58b5n2
C:\Documents and Settings\All Users\Application Data\320678denltbl50eg3g1l57brju58b5n2
C:\Documents and Settings\Owner\Local Settings\Application Data\4dv6261vsr86
C:\Documents and Settings\All Users\Application Data\4dv6261vsr86
C:\Documents and Settings\Owner\Local Settings\Application Data\5f2ph51m052ajruj700xx2hor734170i6dmv3o246y7n4n4
C:\Documents and Settings\All Users\Application Data\5f2ph51m052ajruj700xx2hor734170i6dmv3o246y7n4n4
C:\Documents and Settings\Owner\Local Settings\Application Data\42imyb828hpk7d273c0sn3ht33x084yqd28386ryfx8k
C:\Documents and Settings\All Users\Application Data\42imyb828hpk7d273c0sn3ht33x084yqd28386ryfx8k
C:\Documents and Settings\Owner\Local Settings\Application Data\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh
C:\Documents and Settings\All Users\Application Data\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh
C:\Documents and Settings\Owner\Local Settings\Application Data\o0sd122fjvcq817q7r722h74dfs2m7kd5d185pd472
C:\Documents and Settings\All Users\Application Data\o0sd122fjvcq817q7r722h74dfs2m7kd5d185pd472
C:\Documents and Settings\All Users\Application Data\~18538292r
C:\Documents and Settings\All Users\Application Data\~18538292
C:\Documents and Settings\All Users\Application Data\18538292
C:\Documents and Settings\Owner\Local Settings\Application Data\178748ryx4
C:\Documents and Settings\All Users\Application Data\178748ryx4
C:\Documents and Settings\Owner\Local Settings\Application Data\17qem3l4c6h5k
C:\Documents and Settings\All Users\Application Data\17qem3l4c6h5k
C:\Documents and Settings\All Users\Application Data\~19324724r
C:\Documents and Settings\All Users\Application Data\~19324724
C:\Documents and Settings\All Users\Application Data\19324724
C:\WINDOWS\Etn32.dll
C:\Documents and Settings\Owner\Application Data\5eT7WQpJat.gif
C:\Documents and Settings\Owner\Application Data\5eT7WQpJzn.gif
C:\Documents and Settings\Owner\Application Data\5eT7WQpJby.gif
C:\Program Files\easysetup.exe
C:\WINDOWS\_delis32.ini
C:\Program Files\mpc2kxp6490.zip
C:\WINDOWS\sel3110.exe
C:\WINDOWS\wallpe.exe
C:\WINDOWS\yedlat.dll
C:\Program Files\setup_blazemp.exe
C:\WINDOWS\ojetucigenoguq.dll
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
:commands
[start explorer]
[reboot]
▶ Clique sur "Correction" pour lancer la suppression.
▶ Poste le rapport qui logiquement s'ouvrira tout seul en fin de travail appres le redemarrage.
bon le rapport est bel et bien apparu apres le redemarrage mais je l'ai ferme croyant qu'il s'était deja enregirstre sur le bureau comme pour l'analyse fait un peu plus tot, mais la je constate que cest pas le cas, merde je suis desolée,
la je suis en train de refaire une analyse otl, et posterai le nouveau rapport. si ca peut aider
merci
la je suis en train de refaire une analyse otl, et posterai le nouveau rapport. si ca peut aider
merci
bon je viens de trouver le rapport apres reparation mais ci-joint ne prends pas les fichier .log, je le colle dans le forum ?
et aussi, ya mes fichiers musique qui manquent, jen ai juste 500 sur pres de 2000!! J'ai fait afficher les ficheirs cachés et ca reste a 500. ???? :(
et aussi, ya mes fichiers musique qui manquent, jen ai juste 500 sur pres de 2000!! J'ai fait afficher les ficheirs cachés et ca reste a 500. ???? :(
========== PROCESSES ==========
Process explorer.exe killed successfully!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
Process Itp.exe killed successfully!
Process rundll32.exe killed successfully!
========== SERVICES/DRIVERS ==========
Service MouseDriver stopped successfully!
Service MouseDriver deleted successfully!
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\NameServer| /E : value set successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Qyaxojiliqu deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NtWqIVLZEWZU not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3389:TCP deleted successfully.
========== FILES ==========
C:\Documents and Settings\Owner\Local Settings\temp\Itp.exe moved successfully.
C:\WINDOWS\ojetucigenoguq.dll moved successfully.
C:\Documents and Settings\Owner\Local Settings\temp\MouseDriver.bat moved successfully.
C:\Program Files\Decompression.exe moved successfully.
C:\Program Files\easysetup.exe moved successfully.
C:\Program Files\iTunesSetup.exe moved successfully.
C:\Program Files\setup_av_free.exe moved successfully.
C:\Program Files\setup_blazemp.exe moved successfully.
C:\Program Files\VirtualExpander_flashdemo1.02.01(WW).exe moved successfully.
C:\Program Files\VirtualExpander_v21.exe moved successfully.
C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job moved successfully.
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job moved successfully.
C:\WINDOWS\Kkusaratiqefame.dat moved successfully.
C:\WINDOWS\Tqizuxunakami.bin moved successfully.
C:\WINDOWS\tasks\Kltt.job moved successfully.
C:\WINDOWS\tasks\OZZPDDMP.job moved successfully.
C:\WINDOWS\tasks\EVSYXGT.job moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\dc07rr824sfs4vx1456egb2r5o moved successfully.
C:\Documents and Settings\All Users\Application Data\dc07rr824sfs4vx1456egb2r5o moved successfully.
C:\fsqwr.bmp moved successfully.
C:\Documents and Settings\Owner\Application Data\E9AE.D4E moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\i2152v11p7d4sg8 moved successfully.
C:\Documents and Settings\All Users\Application Data\i2152v11p7d4sg8 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\x5si1vjuiny5 moved successfully.
C:\Documents and Settings\All Users\Application Data\x5si1vjuiny5 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\8577pbl4k146s4547xpb05o moved successfully.
C:\Documents and Settings\All Users\Application Data\8577pbl4k146s4547xpb05o moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\gcv50onu1sl7cbx2yx06ni368lqw4y18h3u11tp moved successfully.
C:\Documents and Settings\All Users\Application Data\gcv50onu1sl7cbx2yx06ni368lqw4y18h3u11tp moved successfully.
C:\Documents and Settings\All Users\Application Data\n8c7doyeb3gnc0s7668val88vask moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\n8c7doyeb3gnc0s7668val88vask moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\320678denltbl50eg3g1l57brju58b5n2 moved successfully.
C:\Documents and Settings\All Users\Application Data\320678denltbl50eg3g1l57brju58b5n2 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\4dv6261vsr86 moved successfully.
C:\Documents and Settings\All Users\Application Data\4dv6261vsr86 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\5f2ph51m052ajruj700xx2hor734170i6dmv3o246y7n4n4 moved successfully.
C:\Documents and Settings\All Users\Application Data\5f2ph51m052ajruj700xx2hor734170i6dmv3o246y7n4n4 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\42imyb828hpk7d273c0sn3ht33x084yqd28386ryfx8k moved successfully.
C:\Documents and Settings\All Users\Application Data\42imyb828hpk7d273c0sn3ht33x084yqd28386ryfx8k moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh moved successfully.
C:\Documents and Settings\All Users\Application Data\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\o0sd122fjvcq817q7r722h74dfs2m7kd5d185pd472 moved successfully.
C:\Documents and Settings\All Users\Application Data\o0sd122fjvcq817q7r722h74dfs2m7kd5d185pd472 moved successfully.
C:\Documents and Settings\All Users\Application Data\~18538292r moved successfully.
C:\Documents and Settings\All Users\Application Data\~18538292 moved successfully.
C:\Documents and Settings\All Users\Application Data\18538292 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\178748ryx4 moved successfully.
C:\Documents and Settings\All Users\Application Data\178748ryx4 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\17qem3l4c6h5k moved successfully.
C:\Documents and Settings\All Users\Application Data\17qem3l4c6h5k moved successfully.
C:\Documents and Settings\All Users\Application Data\~19324724r moved successfully.
C:\Documents and Settings\All Users\Application Data\~19324724 moved successfully.
C:\Documents and Settings\All Users\Application Data\19324724 moved successfully.
C:\WINDOWS\Etn32.dll moved successfully.
C:\Documents and Settings\Owner\Application Data\5eT7WQpJat.gif moved successfully.
C:\Documents and Settings\Owner\Application Data\5eT7WQpJzn.gif moved successfully.
C:\Documents and Settings\Owner\Application Data\5eT7WQpJby.gif moved successfully.
File\Folder C:\Program Files\easysetup.exe not found.
C:\WINDOWS\_delis32.ini moved successfully.
C:\Program Files\mpc2kxp6490.zip moved successfully.
C:\WINDOWS\sel3110.exe moved successfully.
C:\WINDOWS\wallpe.exe moved successfully.
C:\WINDOWS\yedlat.dll moved successfully.
File\Folder C:\Program Files\setup_blazemp.exe not found.
File\Folder C:\WINDOWS\ojetucigenoguq.dll not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
========== COMMANDS ==========
OTL by OldTimer - Version 3.2.23.0 log created on 05292011_192523
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Process explorer.exe killed successfully!
Process iexplore.exe killed successfully!
No active process named firefox.exe was found!
No active process named msnmsgr.exe was found!
No active process named Teatimer.exe was found!
Process Itp.exe killed successfully!
Process rundll32.exe killed successfully!
========== SERVICES/DRIVERS ==========
Service MouseDriver stopped successfully!
Service MouseDriver deleted successfully!
========== OTL ==========
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\NameServer| /E : value set successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Qyaxojiliqu deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NtWqIVLZEWZU not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\3389:TCP deleted successfully.
========== FILES ==========
C:\Documents and Settings\Owner\Local Settings\temp\Itp.exe moved successfully.
C:\WINDOWS\ojetucigenoguq.dll moved successfully.
C:\Documents and Settings\Owner\Local Settings\temp\MouseDriver.bat moved successfully.
C:\Program Files\Decompression.exe moved successfully.
C:\Program Files\easysetup.exe moved successfully.
C:\Program Files\iTunesSetup.exe moved successfully.
C:\Program Files\setup_av_free.exe moved successfully.
C:\Program Files\setup_blazemp.exe moved successfully.
C:\Program Files\VirtualExpander_flashdemo1.02.01(WW).exe moved successfully.
C:\Program Files\VirtualExpander_v21.exe moved successfully.
C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job moved successfully.
C:\WINDOWS\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job moved successfully.
C:\WINDOWS\Kkusaratiqefame.dat moved successfully.
C:\WINDOWS\Tqizuxunakami.bin moved successfully.
C:\WINDOWS\tasks\Kltt.job moved successfully.
C:\WINDOWS\tasks\OZZPDDMP.job moved successfully.
C:\WINDOWS\tasks\EVSYXGT.job moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\dc07rr824sfs4vx1456egb2r5o moved successfully.
C:\Documents and Settings\All Users\Application Data\dc07rr824sfs4vx1456egb2r5o moved successfully.
C:\fsqwr.bmp moved successfully.
C:\Documents and Settings\Owner\Application Data\E9AE.D4E moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\i2152v11p7d4sg8 moved successfully.
C:\Documents and Settings\All Users\Application Data\i2152v11p7d4sg8 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\x5si1vjuiny5 moved successfully.
C:\Documents and Settings\All Users\Application Data\x5si1vjuiny5 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\8577pbl4k146s4547xpb05o moved successfully.
C:\Documents and Settings\All Users\Application Data\8577pbl4k146s4547xpb05o moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\gcv50onu1sl7cbx2yx06ni368lqw4y18h3u11tp moved successfully.
C:\Documents and Settings\All Users\Application Data\gcv50onu1sl7cbx2yx06ni368lqw4y18h3u11tp moved successfully.
C:\Documents and Settings\All Users\Application Data\n8c7doyeb3gnc0s7668val88vask moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\n8c7doyeb3gnc0s7668val88vask moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\320678denltbl50eg3g1l57brju58b5n2 moved successfully.
C:\Documents and Settings\All Users\Application Data\320678denltbl50eg3g1l57brju58b5n2 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\4dv6261vsr86 moved successfully.
C:\Documents and Settings\All Users\Application Data\4dv6261vsr86 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\5f2ph51m052ajruj700xx2hor734170i6dmv3o246y7n4n4 moved successfully.
C:\Documents and Settings\All Users\Application Data\5f2ph51m052ajruj700xx2hor734170i6dmv3o246y7n4n4 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\42imyb828hpk7d273c0sn3ht33x084yqd28386ryfx8k moved successfully.
C:\Documents and Settings\All Users\Application Data\42imyb828hpk7d273c0sn3ht33x084yqd28386ryfx8k moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh moved successfully.
C:\Documents and Settings\All Users\Application Data\p035dbpjt3svb8585w6y4q3422bq336n0wyhmjh moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\o0sd122fjvcq817q7r722h74dfs2m7kd5d185pd472 moved successfully.
C:\Documents and Settings\All Users\Application Data\o0sd122fjvcq817q7r722h74dfs2m7kd5d185pd472 moved successfully.
C:\Documents and Settings\All Users\Application Data\~18538292r moved successfully.
C:\Documents and Settings\All Users\Application Data\~18538292 moved successfully.
C:\Documents and Settings\All Users\Application Data\18538292 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\178748ryx4 moved successfully.
C:\Documents and Settings\All Users\Application Data\178748ryx4 moved successfully.
C:\Documents and Settings\Owner\Local Settings\Application Data\17qem3l4c6h5k moved successfully.
C:\Documents and Settings\All Users\Application Data\17qem3l4c6h5k moved successfully.
C:\Documents and Settings\All Users\Application Data\~19324724r moved successfully.
C:\Documents and Settings\All Users\Application Data\~19324724 moved successfully.
C:\Documents and Settings\All Users\Application Data\19324724 moved successfully.
C:\WINDOWS\Etn32.dll moved successfully.
C:\Documents and Settings\Owner\Application Data\5eT7WQpJat.gif moved successfully.
C:\Documents and Settings\Owner\Application Data\5eT7WQpJzn.gif moved successfully.
C:\Documents and Settings\Owner\Application Data\5eT7WQpJby.gif moved successfully.
File\Folder C:\Program Files\easysetup.exe not found.
C:\WINDOWS\_delis32.ini moved successfully.
C:\Program Files\mpc2kxp6490.zip moved successfully.
C:\WINDOWS\sel3110.exe moved successfully.
C:\WINDOWS\wallpe.exe moved successfully.
C:\WINDOWS\yedlat.dll moved successfully.
File\Folder C:\Program Files\setup_blazemp.exe not found.
File\Folder C:\WINDOWS\ojetucigenoguq.dll not found.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
========== COMMANDS ==========
OTL by OldTimer - Version 3.2.23.0 log created on 05292011_192523
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction courte du bureau --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut que l'outil soit un peu long sur la reattribution des fichiers tout depend combien tu en as , laisse-le travailler
Poste Pre_Scan.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction courte du bureau --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut que l'outil soit un peu long sur la reattribution des fichiers tout depend combien tu en as , laisse-le travailler
Poste Pre_Scan.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
allo,
bon alors jai lancer prescan, il a fait comme tu as dit, mais ensuite je n'y ai pas toucher pendant une demi-heure, et il ne se passait rien, aucun icone visible sur le bureau, seulement l'image de mon fond d'écran, et aucune fenetre quelconque du programme apparrente, alors qu'au debut quand je alai lancer oui il y a eu du travail visible, donc apres une demi-hrs jai fait ctl-atl-del pour le gestionnaire des taches qui est apparu sans probleme et dans application aucune programme ne roulait , jai donc redemarrer , mais pas de trace de fichier prescan.txt.
est ce que je recommence et attends plus longtemps ?
merci
caro
bon alors jai lancer prescan, il a fait comme tu as dit, mais ensuite je n'y ai pas toucher pendant une demi-heure, et il ne se passait rien, aucun icone visible sur le bureau, seulement l'image de mon fond d'écran, et aucune fenetre quelconque du programme apparrente, alors qu'au debut quand je alai lancer oui il y a eu du travail visible, donc apres une demi-hrs jai fait ctl-atl-del pour le gestionnaire des taches qui est apparu sans probleme et dans application aucune programme ne roulait , jai donc redemarrer , mais pas de trace de fichier prescan.txt.
est ce que je recommence et attends plus longtemps ?
merci
caro
bonjour (peu dormi en fait !) ^^
alors je t'explique ce qu'il devrait se passer aujourd'hui :)
on vire le maxi d'inutile avec OTL
on vire le maxi d'inutile avec zhpdiag
on fait un grand menage
on se dit adieu ^^
alors je t'explique ce qu'il devrait se passer aujourd'hui :)
on vire le maxi d'inutile avec OTL
on vire le maxi d'inutile avec zhpdiag
on fait un grand menage
on se dit adieu ^^
je sais pas ce que tu fais mais tu te reinfectes sans arret
on recommence :
▶ Télécharge DelFix sur ton bureau.
▶ Lance le, tape suppression puis valide
Patiente pendant le scan jusqu'à l'ouverture du rapport.
▶ Copie/Colle le contenu du rapport dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\DelFix.txt
tu peux le desinstaller
___________________________________________________
desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction courte du bureau --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut que l'outil soit un peu long sur la reattribution des fichiers tout depend combien tu en as , laisse-le travailler
Poste Pre_Scan.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
on recommence :
▶ Télécharge DelFix sur ton bureau.
▶ Lance le, tape suppression puis valide
Patiente pendant le scan jusqu'à l'ouverture du rapport.
▶ Copie/Colle le contenu du rapport dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\DelFix.txt
tu peux le desinstaller
___________________________________________________
desactive ton antivirus
desactive Windows defender si présent
desactive ton pare-feu
Ferme toutes tes appilications en cours
telecharge et enregistre ceci sur ton bureau :
Pre_Scan
s'il n'est pas sur ton bureau coupe-le de ton dossier telechargements et colle-le sur ton bureau
Avertissement: Il y aura une extinction courte du bureau --> pas de panique.
une fois telechargé lance-le , laisse faire le scan jusqu'à l'apparition de "Pre_scan.txt" sur le bureau.
si l'outil detecte un proxy et que tu n'en as pas installé clique sur "supprimer le proxy"
si l'outil semble ne pas avoir fonctionné renomme-le winlogon , ou change son extension en .com ou .scr
Il se peut que l'outil soit un peu long sur la reattribution des fichiers tout depend combien tu en as , laisse-le travailler
Poste Pre_Scan.txt qui apparaitra sur le bureau en fin de scan
▶▶▶ NE LE POSTE PAS SUR LE FORUM (il est trop long)
clique sur ce lien : http://www.cijoint.fr/
▶ Clique sur Parcourir et cherche le fichier ci-dessus.
▶ Clique sur Ouvrir.
▶ Clique sur "Cliquez ici pour déposer le fichier".
Un lien de cette forme :
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt
est ajouté dans la page.
▶ Copie ce lien dans ta réponse.
quel processus ?
voici le rapport de delfix, il a supprimé toute les icones des programmes que vous m'aviez fait télécharger pour reparer
# DelFix v8.0 - Rapport créé le 01/06/2011 à 22:50
# Mis à jour le 01/06/11 à 13h par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : Owner - CAROLINE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\Owner\Bureau\delfix0.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
Supprimé : C:\_OTL
Supprimé : C:\Kill'em
Supprimé : C:\Program Files\SEAF
Supprimé : C:\Program Files\ZHPDiag
Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\TDSSKiller.2.5.1.0_16.05.2011_19.56.23_log.txt
Supprimé : C:\TDSSKiller.2.5.1.0_16.05.2011_21.04.50_log.txt
Supprimé : C:\ZHPExportRegistry-2011-05-18-23-08-34.txt
Supprimé : C:\Documents and Settings\Owner\Bureau\aswMBR.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\OTL.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\OTL.Txt
Supprimé : C:\Documents and Settings\Owner\Bureau\Pre_scan.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\Pre_Script.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\Reload_Tdsskiller.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\RogueKiller.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\SEAF.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\TDSSKiller.exe
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKCU\SOFTWARE\g3n-h@ckm@n
Clé Supprimée : HKLM\Software\OldTimer Tools
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SEAF
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
ACL -> [F] & Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~~~~~~ Autre ~~~~~~
voici le rapport de delfix, il a supprimé toute les icones des programmes que vous m'aviez fait télécharger pour reparer
# DelFix v8.0 - Rapport créé le 01/06/2011 à 22:50
# Mis à jour le 01/06/11 à 13h par Xplode
# Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
# Nom d'utilisateur : Owner - CAROLINE (Administrateur)
# Exécuté depuis : C:\Documents and Settings\Owner\Bureau\delfix0.exe
# Option [Suppression]
~~~~~~ Dossier(s) ~~~~~~
Supprimé : C:\_OTL
Supprimé : C:\Kill'em
Supprimé : C:\Program Files\SEAF
Supprimé : C:\Program Files\ZHPDiag
Supprimé : C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ZHP
~~~~~~ Fichier(s) ~~~~~~
Supprimé : C:\PhysicalDisk0_MBR.bin
Supprimé : C:\TDSSKiller.2.5.1.0_16.05.2011_19.56.23_log.txt
Supprimé : C:\TDSSKiller.2.5.1.0_16.05.2011_21.04.50_log.txt
Supprimé : C:\ZHPExportRegistry-2011-05-18-23-08-34.txt
Supprimé : C:\Documents and Settings\Owner\Bureau\aswMBR.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\OTL.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\OTL.Txt
Supprimé : C:\Documents and Settings\Owner\Bureau\Pre_scan.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\Pre_Script.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\Reload_Tdsskiller.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\RogueKiller.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\SEAF.exe
Supprimé : C:\Documents and Settings\Owner\Bureau\TDSSKiller.exe
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPDiag.lnk
Supprimé : C:\Documents and Settings\All Users\Bureau\ZHPFix.lnk
~~~~~~ Registre ~~~~~~
Clé Supprimée : HKCU\SOFTWARE\g3n-h@ckm@n
Clé Supprimée : HKLM\Software\OldTimer Tools
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SEAF
Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZHPDiag_is1
ACL -> [F] & Clé Supprimée : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~~~~~~ Autre ~~~~~~