Sujet Précédent Sujet Suivant

Trojans - Mon rapport Hijackthis

Résolu/Fermé
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009 - 16 nov. 2008 à 10:49
 Utilisateur anonyme - 18 nov. 2008 à 19:04
Bonjour,

J'ai des trojans répétitifs à longueur de journée "horst.b etc..."
Impossible de les virer (Super anti-spyware...)
Voici mon rapport Hijackthis ; HELP ME !
Merci

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:42:53, on 16/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\vVX3000.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Eric\AppData\Local\Temp\cisvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Windows Live Toolbar\msn_sl.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\Eric\AppData\Local\Temp\cisvc.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1100458 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SIMBAR={1707BC50-53F8-11DC-8666-001A920FDAA1}; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.2; .NET CLR 1.1.4322)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe

14 réponses

Réponse 1 / 14
Utilisateur anonyme
16 nov. 2008 à 11:06
Désactive L'uac : https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html , on le réactivera après la désinfection

Télécharges ToolBar S&D ( de Eric_71 ) :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )

!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipulation !!
* double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
* Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
* Choisis l'option 1 ( « recherche ») et tapes « entrée » .
* Une fois le scan finit, un rapport va apparaître, copie/colles l'intégralité de son contenu dans ta prochaine réponse ...
(Le rapport est en outre sauvegardé ici -> C:\TB.txt )

0
Black-Fish
16 nov. 2008 à 13:40
-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Eric ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Pare-feu Windows Live OneCare 1.0.0 (Activated)
C:\ (Local Disk) - NTFS - Total:292 Go (Free:13 Go)
D:\ (Local Disk) - NTFS - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( 16/11/2008|13:36 )

[ UAC => 0 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\Multi_Media
C:\Program Files\Multi_Media\INSTALL.LOG

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://actus.sfr.fr"
"Search Bar"="https://actus.sfr.fr"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Search_URL"="https://actus.sfr.fr"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"


--------------------\\ Recherche d'autres infections

C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At10.job
C:\Windows\Tasks\At11.job
C:\Windows\Tasks\At12.job
C:\Windows\Tasks\At13.job
C:\Windows\Tasks\At14.job
C:\Windows\Tasks\At15.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At5.job
C:\Windows\Tasks\At6.job
C:\Windows\Tasks\At7.job
C:\Windows\Tasks\At8.job
C:\Windows\Tasks\At9.job

--------------------\\ Cracks & Keygens ..

C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Crack (2).lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\crack no cd sims2 academie.mdf.lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\[PC GAME] Blacksite Area 51 Proper Crackfix-Reloaded.lnk
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Blacksite (Pc Game - Crack) Area 51 - No Cd Crack.rar
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\BlackSite.Area.51-RELOADED-ENG.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\BlackSite.Area.51.Crackfix-RELOADED.rar
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Crysis-Razor1911.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Far.Cry.2-Razor1911-LcKtM.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\FarCry2.exe
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\FC2.dll
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\flt-p2.[www.osiolek.com].par.www.emule-box.com.bin
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\flt-pst2.par.www.emule-box.com.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Ghost Recon Advanced Warfighter 2 Crack NoCD - Activation Multilanguage - certified -.zip
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Ghost Recon Advanced Warfighter 2 Serial.txt
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Ghost.Recon.Advanced.Warfighter.2-SKIDROW.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Les Sims 2 Academie Code.txt
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Need.For.Speed.Prostreet.FRENCH-ReVOLVeR.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\SERIAL FAR CRY 2.txt
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Silent.Hill.4.FRENCH.DVDRIP.RITUEL.Shared.By.[T.U.A.&.A.D.S.].par.www.emule-box.com.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\The.Sims.Castaway.Stories.PROPER.READNFO-ViTALiTY.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\[PC GAME] Blacksite Area 51 Proper Crackfix-Reloaded.rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack\MOHA.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen\keygen.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack\trl.exe
C:\Users\Eric\Jeux EDU\Crack
C:\Users\Eric\Jeux EDU\Sim's Glamour\Crack
C:\Users\Eric\Jeux EDU\Sim's Glamour\Crack\Infos_Fr.txt
C:\Users\Eric\Jeux Eric\DUPLICATOR\Keygen
C:\Users\Eric\Jeux Eric\DUPLICATOR\Keygen\keygen.exe
C:\Users\Eric\Jeux Eric\DUPLICATOR\Keygen\Keygen2.exe
C:\Users\Eric\Jeux Eric\Sim's Pet\ViTALiTY\keygen.exe
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\keygen
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista Manager Version 32 bits
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista Manager Version 64 bits
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN.nfo
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\keygen\arn.nfo
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\keygen\VistaManagerKeygen.exe
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista Manager Version 32 bits\vistamanager.exe
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista Manager Version 64 bits\vistamanager_x64.exe
C:\Users\Eric\Jeux Gazou\crack no cd sims2 academie.mdf


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 16/11/2008|13:36 - Option : [1]

-----------\\ Fin du rapport a 13:36:42,74
0
Réponse 2 / 14
Utilisateur anonyme
16 nov. 2008 à 13:45
Relance le option 2 (supprime tout tes cracks !)
0
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 13:50
-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Eric ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Pare-feu Windows Live OneCare 1.0.0 (Activated)
C:\ (Local Disk) - NTFS - Total:292 Go (Free:13 Go)
D:\ (Local Disk) - NTFS - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [2] ( 16/11/2008|13:47 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\Multi_Media\INSTALL.LOG
Supprime! - C:\Program Files\Multi_Media

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://actus.sfr.fr"
0
Réponse 3 / 14
Utilisateur anonyme
16 nov. 2008 à 13:54
télécharge OTMoveIt https://www.luanagames.com/index.fr.html (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At10.job
C:\Windows\Tasks\At11.job
C:\Windows\Tasks\At12.job
C:\Windows\Tasks\At13.job
C:\Windows\Tasks\At14.job
C:\Windows\Tasks\At15.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At5.job
C:\Windows\Tasks\At6.job
C:\Windows\Tasks\At7.job
C:\Windows\Tasks\At8.job
C:\Windows\Tasks\At9.job
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Crack (2).lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\crack no cd sims2 academie.mdf.lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\[PC GAME] Blacksite Area 51 Proper Crackfix-Reloaded.lnk
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Blacksite (Pc Game - Crack) Area 51 - No Cd Crack.rar
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\BlackSite.Area.51-RELOADED-ENG.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\BlackSite.Area.51.Crackfix-RELOADED.rar
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Crysis-Razor1911.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Far.Cry.2-Razor1911-LcKtM.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\FarCry2.exe
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\FC2.dll
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\flt-p2.[www.osiolek.com].par.www.emule-box.com.bin
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\flt-pst2.par.www.emule-box.com.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Ghost Recon Advanced Warfighter 2 Crack NoCD - Activation Multilanguage - certified -.zip
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Ghost Recon Advanced Warfighter 2 Serial.txt
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Ghost.Recon.Advanced.Warfighter.2-SKIDROW.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Les Sims 2 Academie Code.txt
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Need.For.Speed.Prostreet.FRENCH-ReVOLVeR.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\SERIAL FAR CRY 2.txt
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\Silent.Hill.4.FRENCH.DVDRIP.RITUEL.Shared.By.[T.U.A.&.A.D.S.].par.www.emule-box.com.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Crack - Codes\The.Sims.Castaway.Stories.PROPER.READNFO-ViTALiTY.nfo
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\[PC GAME] Blacksite Area 51 Proper Crackfix-Reloaded.rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack\MOHA.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen\keygen.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack\trl.exe
C:\Users\Eric\Jeux EDU\Crack
C:\Users\Eric\Jeux EDU\Sim's Glamour\Crack
C:\Users\Eric\Jeux EDU\Sim's Glamour\Crack\Infos_Fr.txt
C:\Users\Eric\Jeux Eric\DUPLICATOR\Keygen
C:\Users\Eric\Jeux Eric\DUPLICATOR\Keygen\keygen.exe
C:\Users\Eric\Jeux Eric\DUPLICATOR\Keygen\Keygen2.exe
C:\Users\Eric\Jeux Eric\Sim's Pet\ViTALiTY\keygen.exe
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\keygen
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista Manager Version 32 bits
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista Manager Version 64 bits
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN.nfo
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\keygen\arn.nfo
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\keygen\VistaManagerKeygen.exe
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista Manager Version 32 bits\vistamanager.exe
C:\Users\Eric\Jeux Eric\Vista Manager\Vista.Manager.v.1.1.2.x64.x86.JiNo22.Incl.keygen.ARN\Vista Manager Version 64 bits\vistamanager_x64.exe
C:\Users\Eric\Jeux Gazou\crack no cd sims2 academie.mdf

Et fait MoveIt!
0
Réponse 4 / 14
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 14:10
Ok, fait ! Ensuite...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
Utilisateur anonyme
16 nov. 2008 à 14:13
Refait ToolbarSD option 1 et montre le rapport
0
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 14:18
-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Eric ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Pare-feu Windows Live OneCare 1.0.0 (Activated)
C:\ (Local Disk) - NTFS - Total:292 Go (Free:12 Go)
D:\ (Local Disk) - NTFS - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( 16/11/2008|14:17 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://actus.sfr.fr"
"Search Bar"="https://actus.sfr.fr"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Search_URL"="https://actus.sfr.fr"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Crack (2).lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\crack no cd sims2 academie.mdf.lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].lnk
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\[PC GAME] Blacksite Area 51 Proper Crackfix-Reloaded.rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack\MOHA.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen\keygen.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack\trl.exe


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 16/11/2008|13:36 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 16/11/2008|13:48 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 16/11/2008|14:17 - Option : [1]

-----------\\ Fin du rapport a 14:17:44,03
0
Réponse 6 / 14
Utilisateur anonyme
16 nov. 2008 à 14:25
double-clique sur OTMoveIt.exe pour le lancer.
Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Crack (2).lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\crack no cd sims2 academie.mdf.lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].lnk
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\[PC GAME] Blacksite Area 51 Proper Crackfix-Reloaded.rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack\MOHA.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen\keygen.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack\trl.exe

Et fait MoveIt!

Montre le rapport afficher ensuite !
0
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 14:35
-----------\\ ToolBar S&D 1.2.4 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Eric ( Administrator )
BOOT : Normal boot
Antivirus : Norton Internet Security 2007 (Activated)
Firewall : Pare-feu Windows Live OneCare 1.0.0 (Activated)
C:\ (Local Disk) - NTFS - Total:292 Go (Free:12 Go)
D:\ (Local Disk) - NTFS - Total:5 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)
K:\ (CD or DVD)
L:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 27-10-2008|09:25 )
Option : [1] ( 16/11/2008|14:34 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://actus.sfr.fr"
"Search Bar"="https://actus.sfr.fr"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF"
"Default_Search_URL"="https://actus.sfr.fr"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Crack (2).lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\crack no cd sims2 academie.mdf.lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].lnk
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\[PC GAME] Blacksite Area 51 Proper Crackfix-Reloaded.rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack\MOHA.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen\keygen.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack\trl.exe


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 16/11/2008|13:36 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 16/11/2008|13:48 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 16/11/2008|14:17 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 16/11/2008|14:34 - Option : [1]

-----------\\ Fin du rapport a 14:34:54,34
0
Réponse 7 / 14
Utilisateur anonyme
16 nov. 2008 à 14:37
Tu n'a pas compris, relance OTMoveIt.exe
ssure toi que la case Unregister Dll's and Ocx's soit bien cochée
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Crack­ (2).lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\crack­ no cd sims2 academie.mdf.lnk
C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Far.C­ry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].lnk
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].­rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\[PC GAME] Blacksite Area 51 Proper Crackfix-Reloaded.rar
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack\M­OHA.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen\­keygen.exe
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack
C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack\trl.exe

Et fait MoveIt!

Montre le rapport afficher ensuite !
0
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 14:42
File/Folder C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Crack­­ (2).lnk not found.
File/Folder C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\crack­­ no cd sims2 academie.mdf.lnk not found.
File/Folder C:\Users\Eric\AppData\Roaming\Microsoft\Windows\Recent\Far.C­­ry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].lnk not found.
File/Folder C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\Far.Cry.2-Inclu.Crack-Razor1911-LcKtM[eMule-Box.com].­­rar not found.
File/Folder C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\[PC GAME] Blacksite Area 51 Proper Crackfix-Reloaded.rar not found.
File/Folder C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack not found.
File/Folder C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen not found.
File/Folder C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Crack\M­­OHA.exe not found.
File/Folder C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\PC-Medal.Of.Honor.Airborne.Multi9.up.by.eufra\Keygen\­­keygen.exe not found.
File/Folder C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack not found.
File/Folder C:\Users\Eric\Downloads\eMule\Incoming\Jeux Vid‚os\rld-trl\Crack\trl.exe not found.

Created on 11/16/2008 14:41:49
0
Réponse 8 / 14
Utilisateur anonyme
16 nov. 2008 à 14:45
Refait un hijack
0
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 14:48
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48:17, on 16/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\kbd.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\vVX3000.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Eric\AppData\Local\Temp\cisvc.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-desktop.msn.com&ocid=HPDHP&pc=HPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\Eric\AppData\Local\Temp\cisvc.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1100458 -Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SIMBAR={1707BC50-53F8-11DC-8666-001A920FDAA1}; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.2; .NET CLR 1.1.4322)
O4 - HKLM\..\Policies\Explorer\Run: [Spool] C:\Users\Eric\AppData\Roaming\MICROS~1\spoolsv.exe /waitservice
O4 - HKCU\..\Policies\Explorer\Run: [Spool] C:\Users\Eric\AppData\Roaming\MICROS~1\spoolsv.exe /waitservice
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Policies\Explorer\Run: [ClipSrv] C:\Windows\System\clipsrv.exe /waitservice (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Policies\Explorer\Run: [ClipSrv] C:\Windows\System\clipsrv.exe /waitservice (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JR1916~1.0_0\bin\ssv.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
0
Réponse 9 / 14
Utilisateur anonyme
16 nov. 2008 à 14:51
Fais ce qui suit :
//!!\\ Le scan peut durer longtemps //!!\\


* Télécharge MalwareByte's Anti-Malware (by RubbeR DuckY) :
*https://www.commentcamarche.net/telecharger/ 34055379 malwarebyte s anti malware
* Installe le programme sur le bureau :
S'il te manque "COMCTL32.OCX" lors de l'installation, alors télécharges le ici : https://www.malekal.com/tutorial-aboutbuster/

* Fais les mises à jour (clic sur Mises à jour puis Recherche de mises à jour)

* Démarre en mode sans échec
Comment faire >> https://www.micro-astuce.com/depannage/demarrer-mode-sans-echec.php
Redémarres l’ordinateur
Dès le chargement du BIOS, commences à appuyer sur la touche F8 de ton clavier,i jusqu'au ou le menu des options avancées de Windows apparait.
Sélectionne "Mode sans échec" dans le menu puis appuyez sur Entrée.


* Lance MalwareByte's Anti-Malware, clique sur Exécuter un examen complet puis Rechercher et sélectionnez tous tes disques durs

* // !! \\ Une fois le scan terminé, Si des elements on ete trouvés > cliques sur supprimer la selection. (si un message te demande de redémarrer le PC, accepte.)

* Un rapport sera généré, poste le ici.

@++

* Lance MalwareByte's Anti-Malware, clique sur Exécuter un examen complet puis Rechercher et sélectionnez tous tes disques durs

* // !! \\ Une fois le scan terminé, Si des elements on ete trouvés > cliques sur supprimer la selection. (si un message te demande de redémarrer le PC, accepte.)

* Un rapport sera généré, poste le ici.

@++

* Lance MalwareByte's Anti-Malware, clique sur Exécuter un examen complet puis Rechercher et sélectionnez tous tes disques durs

* // !! \\ Une fois le scan terminé, Si des elements on ete trouvés > cliques sur supprimer la selection. (si un message te demande de redémarrer le PC, accepte.)

* Un rapport sera généré, poste le ici.

@++
0
Réponse 10 / 14
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 16:00
Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1401
Windows 6.0.6001 Service Pack 1

16/11/2008 15:51:37
mbam-log-2008-11-16 (15-51-37).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 229422
Temps écoulé: 42 minute(s), 54 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 8
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 10

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\spool (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\spool (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\RADIO_USA (Adware.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\RADIO_USA\INSTALL.LOG (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\Microsoft\mstsc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Eric\Local Settings\Application Data\comrepl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Eric\Local Settings\Application Data\Microsoft\sessmgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Eric\Local Settings\Application Data\Microsoft\spoolsv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\Microsoft\rsvp.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Eric\Local Settings\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\Users\Eric\Local Settings\Application Data\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
C:\Users\Eric\AppData\Roaming\Microsoft\spoolsv.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.
0
Réponse 11 / 14
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 16:10
up !
0
Réponse 12 / 14
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 19:14
Re-Up !!
0
Réponse 13 / 14
Black-Fish Messages postés 34 Date d'inscription lundi 6 octobre 2008 Statut Membre Dernière intervention 4 septembre 2009
16 nov. 2008 à 20:32
Re-Re Up !!!
0
Réponse 14 / 14
Utilisateur anonyme
18 nov. 2008 à 19:04
Re,
Vas dans la quarantaine de Malwarebyte's anti-malware et supprime tout
Refait un hijack ensuite !
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
Probleme bogue
Ines -
Pimmer -

1 réponse