Infecté de virus

Plopation -  
 heraultais34600 -
Bonjour,

J'ai fait un scan avec Avira et j'ai trouver plein de petite( ou grosse ) chose:

-5 Cheval de Troie TR/Banker.awdr.16 logé dans des dossier de jeu en ligne donc possibilité de supprimé sans problème
-1 Cheval de Troie TR/Click.Agent.SAL.31 et un truk je sais pas ce que c'est "contient le modèle de détection du logiciel espion ou publicitaire ADSPY.agent.Sxr Dans systéme volume information. Me semble que c'est les sauvegarde jai donc supprimé les sauvegarde ( désactive sauvegarde automatique et les re ativer).
-1 Cheval de Troie TR/Click.Agent.SAL.31 dans GoodWay202Free et dans Web Media Player.

J'ai aussi fait un scan avec Malwarebytes:

-plein Adware Widgi Toolbar
-et plein de Trojan.Vundo dans Registry Key

Alors je voulais savoir comment supprimé ses problèmes ( principalement ceux sur les Clés registre)
Savoir si vous avez des logiciel ou solution pour désinfecté mon ordinateur ( car il doit y en avoir autre)
Savoir a quoi sert de formater son disque Dur et si c'est utile dans mon cas
Merci de vos Reponses
A voir également:

104 réponses

Précédent
Réponse 41 / 104
Plopation
 
Rapport pour le fichier userinit.exe:

File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:

MD5: e74ddb12188c2ff57a78624dbf7332fc
Date first seen: 2009-02-13 09:46:26 (UTC)
Date last seen: 2011-11-08 07:49:03 (UTC)
Detection ratio: 0/43
What do you wish to do?


Nom du fichier: userinit.exe
Date de soumission: 10/11/2011 17:12:46 (UTC)
Situation actuelle: terminée
Résultat: 0 / 43 (0,0%)

MD5 : e74ddb12188c2ff57a78624dbf7332fc
SHA1 : 37514e0296ac819c1f5b304bd9087ef52c12a652
SHA256: 22362cab11561d7bbae99bff4a8811fa33920b48f2027e736e1bdccb9b617cbd
ssdeep: 768:RioJi8jDLIDSAaQFxfftjaLacmkLGKyGo:R/JbDMDSA7FxffJaLaSLGxGo
File size : 26624 bytes
First seen: 2009-02-13 09:46:26
Last seen : 2011-11-10 17:26:15
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. Tous droits r_serv_s.
product......: Syst_me d_exploitation Microsoft_ Windows_
description..: Application d_ouverture de session Userinit
original name: USERINIT.EXE
internal name: userinit
file version.: 5.1.2600.5512 (xpsp.080413-2113)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x54AD
timedatestamp....: 0x480251A8 (Sun Apr 13 18:32:08 2008)
machinetype......: 0x14c (I386)

[[ 3 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x520E, 0x5400, 5.95, ff337745ae690578fb9ef2b2b041b87b
.data, 0x7000, 0x14C, 0x200, 1.86, 0bb948f267e82975313a03d8c0e8a1cf
.rsrc, 0x8000, 0xD64, 0xE00, 3.64, 73a99b08ab227beece0410fedc594efd

[[ 9 import(s) ]]
USER32.dll: CreateWindowExW, DestroyWindow, RegisterClassExW, DefWindowProcW, LoadRemoteFonts, wsprintfW, GetSystemMetrics, GetKeyboardLayout, SystemParametersInfoW, GetDesktopWindow, LoadStringW, MessageBoxW, ExitWindowsEx, CharNextW
ADVAPI32.dll: RegOpenKeyExA, ReportEventW, RegisterEventSourceW, DeregisterEventSource, OpenProcessToken, RegCreateKeyExW, RegSetValueExW, GetUserNameW, RegQueryValueExW, RegOpenKeyExW, RegQueryInfoKeyW, RegCloseKey, RegQueryValueExA
CRYPT32.dll: CryptProtectData
WINSPOOL.DRV: SpoolerInit
ntdll.dll: RtlLengthSid, RtlCopySid, _itow, RtlFreeUnicodeString, DbgPrint, wcslen, wcscpy, wcscat, wcscmp, RtlInitUnicodeString, NtOpenKey, NtClose, _wcsicmp, memmove, RtlConvertSidToUnicodeString, NtQueryInformationToken
NETAPI32.dll: DsGetDcNameW, NetApiBufferFree
WLDAP32.dll: -, -, -, -, -, -
msvcrt.dll: __setusermatherr, _initterm, __getmainargs, _acmdln, _adjust_fdiv, _XcptFilter, _exit, _c_exit, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, _cexit, exit
KERNEL32.dll: CompareFileTime, LoadLibraryW, GetProcAddress, FreeLibrary, lstrcpyW, CreateProcessW, lstrlenW, GetVersionExW, LocalFree, LocalAlloc, GetEnvironmentVariableW, CloseHandle, lstrcatW, WaitForSingleObject, DelayLoadFailureHook, GetStartupInfoA, GetModuleHandleA, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, GetSystemTimeAsFileTime, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, LoadLibraryA, InterlockedCompareExchange, LocalReAlloc, GetSystemTime, lstrcmpW, GetCurrentThread, SetThreadPriority, ExpandEnvironmentStringsW, SearchPathW, GetLastError, CreateThread, GetFileAttributesExW, GetSystemDirectoryW, SetCurrentDirectoryW, FormatMessageW, lstrcmpiW, GetCurrentProcess, GetUserDefaultLangID, GetCurrentProcessId, SetEvent, OpenEventW, Sleep, SetEnvironmentVariableW
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 21504
CompanyName: Microsoft Corporation
EntryPoint: 0x54ad
FileDescription: Application d'ouverture de session Userinit
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 26 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 5.1.2600.5512 (xpsp.080413-2113)
FileVersionNumber: 5.1.2600.5512
ImageVersion: 5.1
InitializedDataSize: 4096
InternalName: userinit
LanguageCode: French
LegalCopyright: Microsoft Corporation. Tous droits r serv s.
LinkerVersion: 7.1
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 5.1
ObjectFileType: Executable application
OriginalFilename: USERINIT.EXE
PEType: PE32
ProductName: Syst me d'exploitation Microsoft Windows
ProductVersion: 5.1.2600.5512
ProductVersionNumber: 5.1.2600.5512
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2008:04:13 20:32:08+02:00
UninitializedDataSize: 0





Pour libmysql_d.dll:

File already submitted: The file sent has already been analysed by VirusTotal in the past. This is same basic info regarding the sample itself and its last analysis:

MD5: d012ca96ba57b1fb88d397a99211b6fc
Date first seen: 2009-07-18 12:20:22 (UTC)
Date last seen: 2011-10-29 01:16:51 (UTC)
Detection ratio: 0/43
What do you wish to do?

File name: libmysql_d.dll
Submission date: 2011-11-10 17:22:53 (UTC)
Current status: finished
Result: 0/ 43 (0.0%)


Additional informationShow all
MD5 : d012ca96ba57b1fb88d397a99211b6fc
SHA1 : 3ce2999357d518d5e7dd8c75c0ea1a1019375845
SHA256: fcd16b5ebbd341cb19095ac5c55576ee65ecd3a33d7d0768b8a346e975d85090
ssdeep: 24576:d0mRpyJBTHVkUT9MmyRflHfH8KaLRNGaPfh:d0m/IN3T6ZRfxcRLRJ3h
File size : 1589248 bytes
First seen: 2009-07-18 12:20:22
Last seen : 2011-11-10 17:22:53
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x56304
timedatestamp....: 0x4A56C4A0 (Fri Jul 10 04:33:36 2009)
machinetype......: 0x14c (I386)

[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x67FCD, 0x68000, 6.76, 67fa952af8ec23586ca15abf02bae261
.rdata, 0x69000, 0x16D77, 0x17000, 6.68, 3e18faeb7b70b51628758ca838fa2e38
.data, 0x80000, 0xFE438, 0xFC000, 5.33, ca7c4589350785a7fe86c1ecc896f142
.rsrc, 0x17F000, 0xB0, 0x1000, 3.06, 64e7ff9369f2eeb7492907670b1296e5
.reloc, 0x180000, 0x68AE, 0x7000, 5.16, 5f8c82e1bb23e642cbaf0da0f44a3dad

[[ 3 import(s) ]]
KERNEL32.dll: GetLastError, UnmapViewOfFile, WaitForSingleObject, SetEvent, MapViewOfFile, OpenFileMappingA, OpenEventA, GetSystemDirectoryA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetWindowsDirectoryA, Sleep, DeleteCriticalSection, InitializeCriticalSection, InterlockedIncrement, GetFileAttributesExA, SetEndOfFile, CreateFileA, GetFileAttributesA, TlsFree, GetSystemTimeAsFileTime, TlsSetValue, TlsGetValue, TlsAlloc, CreateEventA, ResetEvent, WaitForMultipleObjects, ReadFile, WriteFile, FindClose, FindNextFileA, FindFirstFileA, QueryPerformanceCounter, QueryPerformanceFrequency, GetCurrentThreadId, WaitNamedPipeA, SetNamedPipeHandleState, CloseHandle, GetLocaleInfoA, EnterCriticalSection, SetFilePointer, LeaveCriticalSection, GetConsoleOutputCP, WriteConsoleA, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, SetEnvironmentVariableA, CompareStringW, CompareStringA, GetCurrentProcessId, GetTickCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, ExitProcess, GetConsoleMode, SetStdHandle, GetFileType, WideCharToMultiByte, GetTimeZoneInformation, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, FileTimeToSystemTime, FileTimeToLocalFileTime, GetFileInformationByHandle, PeekNamedPipe, GetDriveTypeA, HeapAlloc, HeapFree, HeapReAlloc, WriteConsoleW, GetStdHandle, GetModuleFileNameW, GetCommandLineA, GetVersionExA, GetProcessHeap, SetLastError, InterlockedDecrement, LoadLibraryA, SetHandleCount, GetStartupInfoA, GetCPInfo, GetACP, GetOEMCP, RtlUnwind, MultiByteToWideChar, GetConsoleCP, FlushFileBuffers, GetFullPathNameA, GetCurrentDirectoryA, VirtualFree, VirtualAlloc, HeapDestroy, HeapCreate, RaiseException, LoadLibraryW, HeapSize, FreeEnvironmentStringsA, SetEnvironmentVariableW
ADVAPI32.dll: CryptReleaseContext, CryptAcquireContextA, RegOpenKeyExA, RegEnumValueA, RegCloseKey, CryptGenRandom
WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

[[ 150 export(s) ]]
_dig_vec_lower, _dig_vec_upper, bmove_upp, client_errors, delete_dynamic, free_defaults, get_defaults_options, getopt_compare_strings, getopt_ull_limit_value, handle_options, init_dynamic_array, insert_dynamic, int2str, is_prefix, list_add, list_delete, load_defaults, modify_defaults_file, my_end, my_getopt_print_errors, my_init, my_malloc, my_memdup, my_no_flags_free, my_path, my_print_help, my_print_variables, my_realloc, my_strdup, myodbc_remove_escape, mysql_affected_rows, mysql_autocommit, mysql_change_user, mysql_character_set_name, mysql_close, mysql_commit, mysql_data_seek, mysql_debug, mysql_disable_reads_from_master, mysql_disable_rpl_parse, mysql_dump_debug_info, mysql_embedded, mysql_enable_reads_from_master, mysql_enable_rpl_parse, mysql_eof, mysql_errno, mysql_error, mysql_escape_string, mysql_fetch_field, mysql_fetch_field_direct, mysql_fetch_fields, mysql_fetch_lengths, mysql_fetch_row, mysql_field_count, mysql_field_seek, mysql_field_tell, mysql_free_result, mysql_get_character_set_info, mysql_get_client_info, mysql_get_client_version, mysql_get_host_info, mysql_get_parameters, mysql_get_proto_info, mysql_get_server_info, mysql_get_server_version, mysql_get_ssl_cipher, mysql_hex_string, mysql_info, mysql_init, mysql_insert_id, mysql_kill, mysql_list_dbs, mysql_list_fields, mysql_list_processes, mysql_list_tables, mysql_master_query, mysql_more_results, mysql_next_result, mysql_num_fields, mysql_num_rows, mysql_options, mysql_ping, mysql_query, mysql_read_query_result, mysql_real_connect, mysql_real_escape_string, mysql_real_query, mysql_refresh, mysql_rollback, mysql_row_seek, mysql_row_tell, mysql_rpl_parse_enabled, mysql_rpl_probe, mysql_rpl_query_type, mysql_select_db, mysql_send_query, mysql_server_end, mysql_server_init, mysql_set_character_set, mysql_set_local_infile_default, mysql_set_local_infile_handler, mysql_set_server_option, mysql_shutdown, mysql_slave_query, mysql_sqlstate, mysql_ssl_set, mysql_stat, mysql_stmt_affected_rows, mysql_stmt_attr_get, mysql_stmt_attr_set, mysql_stmt_bind_param, mysql_stmt_bind_result, mysql_stmt_close, mysql_stmt_data_seek, mysql_stmt_errno, mysql_stmt_error, mysql_stmt_execute, mysql_stmt_fetch, mysql_stmt_fetch_column, mysql_stmt_field_count, mysql_stmt_free_result, mysql_stmt_init, mysql_stmt_insert_id, mysql_stmt_num_rows, mysql_stmt_param_count, mysql_stmt_param_metadata, mysql_stmt_prepare, mysql_stmt_reset, mysql_stmt_result_metadata, mysql_stmt_row_seek, mysql_stmt_row_tell, mysql_stmt_send_long_data, mysql_stmt_sqlstate, mysql_stmt_store_result, mysql_store_result, mysql_thread_end, mysql_thread_id, mysql_thread_init, mysql_thread_safe, mysql_use_result, mysql_warning_count, set_dynamic, strcend, strcont, strdup_root, strfill, strinstr, strmake, strmov, strxmov
ExifTool:
file metadata
CodeSize: 425984
EntryPoint: 0x56304
FileSize: 1552 kB
FileType: Win32 DLL
ImageVersion: 6.0
InitializedDataSize: 1159168
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
PEType: PE32
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2009:07:10 06:33:36+02:00
UninitializedDataSize: 0
0
Réponse 42 / 104
Plopation
 
lors du lancement de Usbfox (après lavoir telecharger) rien ne se lance :s
0
Réponse 43 / 104
heraultais34600 Messages postés 776 Statut Membre 97
 
Bonjour poplation,

OK pour les deux fichiers analysés avec virustotal

Essaye de réaliser toutes ces étapes (OTL et USBFix) en mode sans échec.

-----------------------------------------------------------------------------------------------
Si cela ne fonctionne pas, dirige toi vers un scan ZHPDiag en mode normal.
Si cela ne fonctionne toujours pas essaye de scanner avec ZHPDiag en mode sans échec.
-----------------------------------------------------------------------------------------------

Il me faut connaître l'état des infections pour poursuivre la tâche.

@+
0
Réponse 44 / 104
Plopation
 
d'accord je vais essayer tout ca
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 104
Plopation
 
Le script je prend celui de ton 1er message car celui ou tu a ecrit ICI ne fonctionne pas ( le lien)
0
Réponse 46 / 104
Plopation
 
voila le rapport de la correction OTL:

Cijoint je ne peut pas y accéder donc voici le rapport ;

All processes killed
Error: Unable to interpret <[2011/11/05 20:17:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Moussette\Application Data\Mozilla\Firefox\Profiles\712pttg1.default\extensions > in the current context!
Error: Unable to interpret <[2011/05/20 16:20:13 | 000,000,000 | ---D | M] (Free software Gooofull toolbar) -- C:\Documents and Settings\Moussette\Application Data\Mozilla\Firefox\Profiles\712pttg1.default\extensions\{181F4BBC-2453-40D2-B42C-3135E3B07C7B} > in the current context!
Error: Unable to interpret <[2010/10/08 20:32:29 | 000,000,000 | ---D | M] (Softonic_France Toolbar) -- C:\Documents and Settings\Moussette\Application Data\Mozilla\Firefox\Profiles\712pttg1.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f} > in the current context!
Error: Unable to interpret <[2011/09/11 11:31:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} > in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {F362CD01-3540-4D7E-B7D6-CE94D0BEDFAF} - No CLSID value found. > in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - No CLSID value found. > in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found. > in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - No CLSID value found. > in the current context!
Error: Unable to interpret <O9 - Extra Button: Free software Gooofull toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - Reg Error: Key error. File not found > in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Free software Gooofull toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} - Reg Error: Key error. File not found > in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *) > in the current context!
Error: Unable to interpret <[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] > in the current context!
Error: Unable to interpret <MsConfig - StartUpReg: [b]nwiz/b - hkey= - key= - C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () > in the current context!
Error: Unable to interpret <[2009/10/23 20:33:10 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat > in the current context!
Error: Unable to interpret <[2011/11/05 22:22:04 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_3 > in the current context!
Error: Unable to interpret <[2011/11/05 22:22:02 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_1 > in the current context!
Error: Unable to interpret <[2011/11/05 21:19:17 | 000,000,008 | ---- | M] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_4 > in the current context!
Error: Unable to interpret <[2011/10/30 17:54:55 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\ildpwwfu.sys > in the current context!
Error: Unable to interpret <[2011/10/28 22:27:30 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_2 > in the current context!
Error: Unable to interpret <[2011/10/29 13:32:25 | 001,773,122 | -HS- | C] () -- C:\WINDOWS\System32\qcpmpbcl.ini > in the current context!
Error: Unable to interpret <[2011/10/29 13:32:25 | 001,587,842 | -HS- | C] () -- C:\WINDOWS\System32\oltxjccg.ini > in the current context!
Error: Unable to interpret <[2011/10/29 13:32:25 | 000,195,506 | -HS- | C] () -- C:\WINDOWS\System32\RYJQrtwa.ini > in the current context!
Error: Unable to interpret <[2011/10/29 13:32:25 | 000,195,506 | ---- | C] () -- C:\WINDOWS\System32\RYJQrtwa.ini2 > in the current context!
Error: Unable to interpret <[2011/06/22 19:37:30 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_7 > in the current context!
Error: Unable to interpret <[2011/06/14 21:38:04 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_6 > in the current context!
Error: Unable to interpret <[2011/03/03 15:27:34 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_5 > in the current context!
Error: Unable to interpret <[2010/10/25 15:34:41 | 000,002,354 | ---- | C] () -- C:\Documents and Settings\Moussette\Application Data\SAS7_000.DAT > in the current context!
Error: Unable to interpret <[2010/10/25 09:44:25 | 000,000,041 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib > in the current context!
Error: Unable to interpret <[2010/03/27 15:15:52 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_4 > in the current context!
Error: Unable to interpret <[2010/03/19 20:06:10 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_3 > in the current context!
Error: Unable to interpret <[2010/03/14 23:33:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_2 > in the current context!
Error: Unable to interpret <[2010/03/14 21:43:27 | 000,000,008 | ---- | C] () -- C:\Documents and Settings\Moussette\Application Data\DofusAppId0_1 > in the current context!
Error: Unable to interpret <[2008/07/04 15:56:33 | 000,004,892 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\dyaniilw.kxq > in the current context!
Error: Unable to interpret <[2010/03/14 23:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2010/03/19 20:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2010/03/27 15:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2011/03/03 15:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2011/06/14 21:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-6.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2011/06/22 19:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-7.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2010/03/14 21:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2010/03/14 23:33:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2010/03/19 20:06:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2010/03/27 15:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-4.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2011/03/03 15:27:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-5.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2011/06/14 21:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-6.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2011/06/22 19:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus-7.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
Error: Unable to interpret <[2010/03/14 21:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Moussette\Application Data\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1 > in the current context!
========== FILES ==========
ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

User: LocalService
->Temp folder emptied: 115772 bytes
->Temporary Internet Files folder emptied: 49554 bytes
->FireFox cache emptied: 3892032 bytes
->Flash cache emptied: 649 bytes

User: Moussette
->Temp folder emptied: 553021 bytes
->Temporary Internet Files folder emptied: 1137131 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 59278750 bytes
->Google Chrome cache emptied: 30455914 bytes
->Flash cache emptied: 732 bytes

User: NetworkService
->Temp folder emptied: 1608062 bytes
->Temporary Internet Files folder emptied: 1037745 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 54781808 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24722 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 226772135 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 362,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11112011_103159

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Moussette\Local Settings\Temp\OICE_F989665F-9CB8-4A57-833A-6818F6D346BC.0\1EA4E27. not found!
File move failed. C:\WINDOWS\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...
0
Réponse 47 / 104
Plopation
 
Pour usbFix il ne se lance pas comment allume tu le pc en mode sans echec ?
0
Réponse 48 / 104
heraultais34600 Messages postés 776 Statut Membre 97
 
Bonsoir plopation,

A priori, OTL ne semble pas avoir bien fonctionné.
Pourrais-tu essayer de lancer un ZHPDiag en mode sans échec (voir ci-dessous) et m'envoyer le rapport stp.

Lorsque tu démarres ton pc, à l'affichage de l'écran du constructeur ou de la carte mère (cela dépend des ordinateurs), tu tapotes la touche F8, jusqu'à apparition d'un écran avec des lignes blanches sur fond noir.
Là tu sélectionneras mode sans échec avec les touches directionnelles de ton clavier.

Puisque le site www.cijoint.fr ne fonctionne plus, utilise celui-ci

Bonne soirée
0
Réponse 49 / 104
Plopation
 
Alors pour le mode sans echec avec UsbFox, il ne se lance toujours pas et pour ZHPDiag il fait toujours planter le pc ^^
0
Réponse 50 / 104
heraultais34600 Messages postés 776 Statut Membre 97
 
On change encore d'outil:

* Télécharge Random's System Information Tool (RSIT) de Random/Random, et enregistre le sur ton Bureau.
* Ensuite double clique sur RSIT.exe pour lancer l'outil.
* Clique sur "Continue" à l'écran Disclaimer.
* Si l'outil HijackThis n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu s'il te le demande) et tu devras accepter la licence.
* Une fois le scan terminé, deux rapports vont apparaître : poste les dans deux messages séparés et envoie-les ICI

Tutoriel illustré pour t'aider

@+
0
Réponse 51 / 104
Plopation
 
Voici le 1er rapport qu'il ma affiché

http://pjjoint.malekal.com/files.php?id=k15w12i13l5l12o14r11d8i12n12p12m5l115k11u7b7n6k9m8
0
Réponse 52 / 104
Plopation
 
et le second:

http://pjjoint.malekal.com/files.php?id=o10o14i5e5r9e8y5x12k8y14u10v13w6o11d12v9u13h5x5j11
0
Réponse 53 / 104
heraultais34600 Messages postés 776 Statut Membre 97
 
Dis-moi poplation est-ce que tu peux lancer ZHPFix qui est ton bureau.
je dis bien ZHPFix. OK!!

@+
0
Réponse 54 / 104
heraultais34600 Messages postés 776 Statut Membre 97
 
Salut poplation,

Fais ceci en attendant d'avoir un rapport ZHPDiag opérationnel.

Relance OTL
Copie/colle le script ci-dessous en gras dans la zone "Personnalisation"

:files
C:\WINDOWS\system32\RYJQrtwa.ini2
E:\FXDrv32.sys
C:\Documents and Settings\Moussette\Application Data\Mozilla\Firefox\Profiles\712pttg1.default\extensions\
{364d4e0c-543f-4b85-abe3-19551139da4f}
C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
D:\Téléchargements\SweetImSetup(2).exe
:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
:commands
[emtytemp]

Désinstalle Java 6 Update 5 par panneau de configuration --> "Ajout/Suppression de programmes"


Clique sur le bouton "Correction"
Envoie-moi le rapport ICI
@+
0
Réponse 55 / 104
Plopation
 
java desinstallé et voici le rapport OTL:

http://pjjoint.malekal.com/files.php?id=e5d8h5p7n14r8d8u8z15t9m10l8c10s8v9w10q11t5l6m12


la je vais essayer pour ZHPFIx
0
Réponse 56 / 104
Plopation
 
ZhpFix se lance correctement aprés reste a voir si il marche
0
Réponse 57 / 104
heraultais34600 Messages postés 776 Statut Membre 97
 
OK poplation,

Quelques infections supprimées avec OTL après passage du script.

* Peux-tu après redémarrage de ton PC lancer un ZHPDiag?
* Si ce n'est pas possible, essaye en mode sans échec
* Si ce n'est toujours pas possible relance un scan avec OTL.
Envoie-moi au moins un rapport.

@+
0
Réponse 58 / 104
Plopation
 
Voici un rapport d'une analyse complete OTL:

http://pjjoint.malekal.com/files.php?id=o13k15k8w10h9p13b9p15y14o6j9s15c9w11i11n5s8m5w14j6

Je vais essayer une dernière fois de faire un scan avec ZHP diag si tu ne vois pas de nouveau rapport c'est que mon pc a planter et je ne peut plus le rallumer car je doit partir pour la semaine=)

Donc on se dit au week end prochain =)

Merci encore pour toute ton aide et ta patience

MERCI
0
Réponse 59 / 104
Plopation
 
Bonjour comme ta pu le voir mon pc a planter sauf que j'ai réussi à aller un peut plus loin que d'habitude car après le scan la disquette est apparue jai cliqué dessus puis au moment de cliqué sur le bouton pour le mettre sur le bureau ba il a planter a se moment la ^^

voila bonne soirée
0
Réponse 60 / 104
heraultais34600 Messages postés 776 Statut Membre 97
 
Bonjour plopation,

Tu n'aurais pas un fichier zhpdiag.txt sur le bureau par hasard?

Dis-moi un peu comment se comporte ton PC:
Y a t-il toujours des ralentissements?
Fenêtres publicitaires?
Autres symptômes?

@ bientôt.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Erreur 0x800700E1
Didiervd -
Viktimz -

11 réponses