TR/Downloader.Gen
Résolu
Light-Yagami
Messages postés
155
Statut
Membre
-
Light-Yagami Messages postés 155 Statut Membre -
Light-Yagami Messages postés 155 Statut Membre -
Bonjour, j'ai une saloprie qui revient tout le temps
TR/Downloader.Gen
j'ai avira antivir et à chaque demarrage de mon pc il me demande ce q'u il doit faire du trojan !! je dis acces denied et il revient
que faire svp ???????
Avira AntiVir Personal
Report file date: dimanche 16 novembre 2008 23:57
Scanning for 1036369 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (Service Pack 1) [6.0.6001]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC
Version information:
BUILD.DAT : 8.2.0.336 16933 Bytes 30/10/2008 11:40:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:45:20
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 9/11/2008 10:45:21
ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 20:26:33
ANTIVIR3.VDF : 7.1.0.90 2048 Bytes 16/11/2008 20:26:34
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 16/11/2008 10:45:30
AESCN.DLL : 8.1.1.5 123251 Bytes 16/11/2008 10:45:30
AERDL.DLL : 8.1.1.3 438645 Bytes 16/11/2008 10:45:29
AEPACK.DLL : 8.1.3.4 393591 Bytes 16/11/2008 10:45:28
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 16/11/2008 10:45:27
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 16/11/2008 10:45:26
AEHELP.DLL : 8.1.1.3 119157 Bytes 16/11/2008 10:45:25
AEGEN.DLL : 8.1.1.0 319859 Bytes 16/11/2008 10:45:24
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
AECORE.DLL : 8.1.4.1 172405 Bytes 16/11/2008 10:45:24
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 9/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 16/11/2008 10:45:23
AVREG.DLL : 8.0.0.1 33537 Bytes 9/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 16 novembre 2008 23:57
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'Azureus.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'nSvcIp.exe' - '1' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nTuneService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'VistaStartMenu.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'comrepl.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
53 processes with 53 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '35' files ).
Starting the file scan:
Begin scan in 'C:\' <HDD Western Digital>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Windows\System32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: lundi 17 novembre 2008 00:59
Used time: 1:02:15 Hour(s)
The scan has been done completely.
18125 Scanning directories
356005 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
356003 Files not concerned
1862 Archives were scanned
2 Warnings
0 Notes
TR/Downloader.Gen
j'ai avira antivir et à chaque demarrage de mon pc il me demande ce q'u il doit faire du trojan !! je dis acces denied et il revient
que faire svp ???????
Avira AntiVir Personal
Report file date: dimanche 16 novembre 2008 23:57
Scanning for 1036369 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (Service Pack 1) [6.0.6001]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC
Version information:
BUILD.DAT : 8.2.0.336 16933 Bytes 30/10/2008 11:40:00
AVSCAN.EXE : 8.1.4.7 315649 Bytes 26/06/2008 09:57:53
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 08:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 13:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 10:45:20
ANTIVIR1.VDF : 7.1.0.56 411136 Bytes 9/11/2008 10:45:21
ANTIVIR2.VDF : 7.1.0.89 221184 Bytes 16/11/2008 20:26:33
ANTIVIR3.VDF : 7.1.0.90 2048 Bytes 16/11/2008 20:26:34
Engineversion : 8.2.0.31
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 11:05:56
AESCRIPT.DLL : 8.1.1.15 332156 Bytes 16/11/2008 10:45:30
AESCN.DLL : 8.1.1.5 123251 Bytes 16/11/2008 10:45:30
AERDL.DLL : 8.1.1.3 438645 Bytes 16/11/2008 10:45:29
AEPACK.DLL : 8.1.3.4 393591 Bytes 16/11/2008 10:45:28
AEOFFICE.DLL : 8.1.0.30 196986 Bytes 16/11/2008 10:45:27
AEHEUR.DLL : 8.1.0.71 1487222 Bytes 16/11/2008 10:45:26
AEHELP.DLL : 8.1.1.3 119157 Bytes 16/11/2008 10:45:25
AEGEN.DLL : 8.1.1.0 319859 Bytes 16/11/2008 10:45:24
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 11:05:56
AECORE.DLL : 8.1.4.1 172405 Bytes 16/11/2008 10:45:24
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 11:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 9/07/2008 09:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 10:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 16/11/2008 10:45:23
AVREG.DLL : 8.0.0.1 33537 Bytes 9/05/2008 12:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 09:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 13:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 18:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 13:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 13:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 14:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 14:34:37
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 16 novembre 2008 23:57
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'Azureus.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'nSvcIp.exe' - '1' Module(s) have been scanned
Scan process 'nSvcAppFlt.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'nTuneService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'VistaStartMenu.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'comrepl.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
53 processes with 53 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '35' files ).
Starting the file scan:
Begin scan in 'C:\' <HDD Western Digital>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Windows\System32\drivers\sptd.sys
[WARNING] The file could not be opened!
End of the scan: lundi 17 novembre 2008 00:59
Used time: 1:02:15 Hour(s)
The scan has been done completely.
18125 Scanning directories
356005 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
356003 Files not concerned
1862 Archives were scanned
2 Warnings
0 Notes
97 réponses
Je sais maintenant l'infection que tu as.
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
C:\Users\Kira\AppData\Roaming\Microsoft\Windows\Cookies\Low\kira@metriweb[1].txt
C:\Users\Kira\AppData\Local\cisvc.exe
C:\Users\Kira\AppData\Local\dllhst3g.exe
C:\Users\Kira\AppData\Local\Microsoft\clipsrv.exe
C:\Users\Kira\AppData\Local\Microsoft\comrepl.exe
C:\Users\Kira\AppData\Local\Microsoft\comrepl.exe.vir
C:\Users\Kira\AppData\Local\Microsoft\mstinit.exe
C:\Users\Kira\AppData\Local\Microsoft\sessmgr.exe
C:\Users\Kira\AppData\Local\Microsoft\spoolsv.exe
C:\Users\Kira\AppData\Local\mstsc.exe
C:\Users\Kira\AppData\Local\spoolsv.exe
C:\Users\Kira\AppData\Roaming\cisvc.exe
C:\Users\Kira\AppData\Roaming\clipsrv.exe
C:\Users\Kira\AppData\Roaming\esentutl.exe
C:\Users\Kira\AppData\Roaming\ieudinit.exe.vir
C:\Users\Kira\AppData\Roaming\logman.exe
C:\Users\Kira\AppData\Roaming\Microsoft\cisvc.exe
C:\Users\Kira\AppData\Roaming\Microsoft\cmstp.exe
C:\Users\Kira\AppData\Roaming\Microsoft\ieudinit.exe
C:\Users\Kira\AppData\Roaming\Microsoft\mqtgsvc.exe
C:\Users\Kira\AppData\Roaming\Microsoft\spoolsv.exe
C:\Users\Kira\AppData\Roaming\mstsc.exe
C:\Users\Kira\AppData\Roaming\rsvp.exe
C:\Users\Kira\AppData\Roaming\rsvp.exe.vir
C:\Users\Kira\AppData\Roaming\sessmgr.exe
C:\Users\Kira\AppData\Roaming\sessmgr.exe.vir
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:files
C:\Users\Kira\AppData\Roaming\Microsoft\Windows\Cookies\Low\kira@metriweb[1].txt
C:\Users\Kira\AppData\Local\cisvc.exe
C:\Users\Kira\AppData\Local\dllhst3g.exe
C:\Users\Kira\AppData\Local\Microsoft\clipsrv.exe
C:\Users\Kira\AppData\Local\Microsoft\comrepl.exe
C:\Users\Kira\AppData\Local\Microsoft\comrepl.exe.vir
C:\Users\Kira\AppData\Local\Microsoft\mstinit.exe
C:\Users\Kira\AppData\Local\Microsoft\sessmgr.exe
C:\Users\Kira\AppData\Local\Microsoft\spoolsv.exe
C:\Users\Kira\AppData\Local\mstsc.exe
C:\Users\Kira\AppData\Local\spoolsv.exe
C:\Users\Kira\AppData\Roaming\cisvc.exe
C:\Users\Kira\AppData\Roaming\clipsrv.exe
C:\Users\Kira\AppData\Roaming\esentutl.exe
C:\Users\Kira\AppData\Roaming\ieudinit.exe.vir
C:\Users\Kira\AppData\Roaming\logman.exe
C:\Users\Kira\AppData\Roaming\Microsoft\cisvc.exe
C:\Users\Kira\AppData\Roaming\Microsoft\cmstp.exe
C:\Users\Kira\AppData\Roaming\Microsoft\ieudinit.exe
C:\Users\Kira\AppData\Roaming\Microsoft\mqtgsvc.exe
C:\Users\Kira\AppData\Roaming\Microsoft\spoolsv.exe
C:\Users\Kira\AppData\Roaming\mstsc.exe
C:\Users\Kira\AppData\Roaming\rsvp.exe
C:\Users\Kira\AppData\Roaming\rsvp.exe.vir
C:\Users\Kira\AppData\Roaming\sessmgr.exe
C:\Users\Kira\AppData\Roaming\sessmgr.exe.vir
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\Users\Kira\AppData\Roaming\Microsoft\Windows\Cookies\Low\kira@metriweb[1].txt not found.
C:\Users\Kira\AppData\Local\cisvc.exe moved successfully.
C:\Users\Kira\AppData\Local\dllhst3g.exe moved successfully.
C:\Users\Kira\AppData\Local\Microsoft\clipsrv.exe moved successfully.
C:\Users\Kira\AppData\Local\Microsoft\comrepl.exe moved successfully.
C:\Users\Kira\AppData\Local\Microsoft\comrepl.exe.vir moved successfully.
C:\Users\Kira\AppData\Local\Microsoft\mstinit.exe moved successfully.
File/Folder C:\Users\Kira\AppData\Local\Microsoft\sessmgr.exe not found.
File/Folder C:\Users\Kira\AppData\Local\Microsoft\spoolsv.exe not found.
C:\Users\Kira\AppData\Local\mstsc.exe moved successfully.
File/Folder C:\Users\Kira\AppData\Local\spoolsv.exe not found.
C:\Users\Kira\AppData\Roaming\cisvc.exe moved successfully.
C:\Users\Kira\AppData\Roaming\clipsrv.exe moved successfully.
C:\Users\Kira\AppData\Roaming\esentutl.exe moved successfully.
C:\Users\Kira\AppData\Roaming\ieudinit.exe.vir moved successfully.
C:\Users\Kira\AppData\Roaming\logman.exe moved successfully.
C:\Users\Kira\AppData\Roaming\Microsoft\cisvc.exe moved successfully.
C:\Users\Kira\AppData\Roaming\Microsoft\cmstp.exe moved successfully.
C:\Users\Kira\AppData\Roaming\Microsoft\ieudinit.exe moved successfully.
C:\Users\Kira\AppData\Roaming\Microsoft\mqtgsvc.exe moved successfully.
File/Folder C:\Users\Kira\AppData\Roaming\Microsoft\spoolsv.exe not found.
C:\Users\Kira\AppData\Roaming\mstsc.exe moved successfully.
C:\Users\Kira\AppData\Roaming\rsvp.exe moved successfully.
C:\Users\Kira\AppData\Roaming\rsvp.exe.vir moved successfully.
C:\Users\Kira\AppData\Roaming\sessmgr.exe moved successfully.
C:\Users\Kira\AppData\Roaming\sessmgr.exe.vir moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11282008_213812
Process explorer.exe killed successfully.
========== FILES ==========
File/Folder C:\Users\Kira\AppData\Roaming\Microsoft\Windows\Cookies\Low\kira@metriweb[1].txt not found.
C:\Users\Kira\AppData\Local\cisvc.exe moved successfully.
C:\Users\Kira\AppData\Local\dllhst3g.exe moved successfully.
C:\Users\Kira\AppData\Local\Microsoft\clipsrv.exe moved successfully.
C:\Users\Kira\AppData\Local\Microsoft\comrepl.exe moved successfully.
C:\Users\Kira\AppData\Local\Microsoft\comrepl.exe.vir moved successfully.
C:\Users\Kira\AppData\Local\Microsoft\mstinit.exe moved successfully.
File/Folder C:\Users\Kira\AppData\Local\Microsoft\sessmgr.exe not found.
File/Folder C:\Users\Kira\AppData\Local\Microsoft\spoolsv.exe not found.
C:\Users\Kira\AppData\Local\mstsc.exe moved successfully.
File/Folder C:\Users\Kira\AppData\Local\spoolsv.exe not found.
C:\Users\Kira\AppData\Roaming\cisvc.exe moved successfully.
C:\Users\Kira\AppData\Roaming\clipsrv.exe moved successfully.
C:\Users\Kira\AppData\Roaming\esentutl.exe moved successfully.
C:\Users\Kira\AppData\Roaming\ieudinit.exe.vir moved successfully.
C:\Users\Kira\AppData\Roaming\logman.exe moved successfully.
C:\Users\Kira\AppData\Roaming\Microsoft\cisvc.exe moved successfully.
C:\Users\Kira\AppData\Roaming\Microsoft\cmstp.exe moved successfully.
C:\Users\Kira\AppData\Roaming\Microsoft\ieudinit.exe moved successfully.
C:\Users\Kira\AppData\Roaming\Microsoft\mqtgsvc.exe moved successfully.
File/Folder C:\Users\Kira\AppData\Roaming\Microsoft\spoolsv.exe not found.
C:\Users\Kira\AppData\Roaming\mstsc.exe moved successfully.
C:\Users\Kira\AppData\Roaming\rsvp.exe moved successfully.
C:\Users\Kira\AppData\Roaming\rsvp.exe.vir moved successfully.
C:\Users\Kira\AppData\Roaming\sessmgr.exe moved successfully.
C:\Users\Kira\AppData\Roaming\sessmgr.exe.vir moved successfully.
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully
OTMoveIt3 by OldTimer - Version 1.0.7.1 log created on 11282008_213812
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.
- Double-clique sur RSIT.exe afin de lancer le programme.
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
- Double-clique sur RSIT.exe afin de lancer le programme.
- Clique sur Continue à l'écran Disclaimer.
- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).
Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
info.txt logfile of random's system information tool 1.04 2008-11-17 20:13:11
======Uninstall list======
-->MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
3531-W-I32-D SATARAID5-->MsiExec.exe /X{1C1DF401-0A3E-49C8-85AD-EB3C9F82A275}
3DMark06-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly
Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
ALUpdate-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"
ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
Contacts-->MsiExec.exe /I{C6BDA6E5-B391-4CE5-8D86-B53AC96FFE03}
Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Fraps-->"C:\Fraps\uninstall.exe"
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Gears of War-->C:\Program Files\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\setup.exe -runfromtemp -l0x040c
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Glary Utilities Pro 2.8.0.366-->"C:\Program Files\Glary Utilities\unins000.exe"
Hamachi 1.0.1.5-->C:\Program Files\Hamachi\uninstall.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
K-Lite Codec Pack 4.1.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Magic ISO Maker v5.5 (build 0272)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x040c -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
NVIDIA nTune-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1036
NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 3.0-->MsiExec.exe /I{92B79901-C57D-409F-8D2F-4E5337383569}
PC Optimiseur-->"C:\Program Files\Micro Application\PC Optimiseur\unins000.exe"
Pro Cycling Manager - Season 2008 1.0.0.0-->"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2008\unins000.exe"
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Quantum of Solace(TM)-->C:\Program Files\InstallShield Installation Information\{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}\setup.exe -runfromtemp -l0x040c
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Revo Uninstaller 1.75-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
SAS Secure Tomorrow (1.0)-->"C:\Program Files\City Interactive\SAS Secure Tomorrow\unins000.exe"
Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Skype™ Beta 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SpeechRedist-->MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Tomb Raider: Underworld 1.0-->C:\Program Files\Eidos\Tomb Raider - Underworld\uninst.exe
Tomb Raider:-->C:\Program Files\Tomb Raider - Legend\uninsttrl.exe
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Unreal Tournament 2004-->C:\UT2004\System\Setup.exe uninstall "UT2004"
Vista Start Menu 3.02-->"C:\Program Files\Vista Start Menu\unins000.exe"
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live Bêta (tous les programmes)-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Bêta (tous les programmes)-->MsiExec.exe /I{9C4AB6FB-43CD-4ADF-8B59-6C52A6B74324}
Windows Live Call-->MsiExec.exe /I{868EC13B-52DA-43B9-8C05-50CD897674DF}
Windows Live Mail-->MsiExec.exe /I{DA0FC90D-5D87-445E-90B4-B938C57FE16F}
Windows Live Messenger-->MsiExec.exe /X{F72F8316-91E8-4C80-9E39-EBE933E1EDFB}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
======Security center information======
AS: Windows Defender
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem;C:\Program Files\ESTsoft\ALZip
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"tvdumpflags"=8
-----------------EOF-----------------
======Uninstall list======
-->MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
3531-W-I32-D SATARAID5-->MsiExec.exe /X{1C1DF401-0A3E-49C8-85AD-EB3C9F82A275}
3DMark06-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}\setup.exe" -l0x9 -removeonly
Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
ALUpdate-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"
ALZip-->"C:\Program Files\ESTsoft\ALZip\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Assistant de connexion Windows Live-->MsiExec.exe /I{8984E374-6C93-427C-A3B9-AD92472FDCA0}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Call of Duty(R) - World at War(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{AFAE2B15-89A0-4215-A030-F7B5B478886B}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch-->C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x040c
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{EBD5E7A9-DBB8-4E24-AE3A-CF9390AF1CCB}
Contacts-->MsiExec.exe /I{C6BDA6E5-B391-4CE5-8D86-B53AC96FFE03}
Crysis WARHEAD(R)-->"C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R)-->C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
Dead Space™-->MsiExec.exe /X{4D87DC92-C328-46EC-A7B4-9C88129DC696}
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Far Cry 2-->"C:\Program Files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe" -runfromtemp -l0x040c -removeonly
Fraps-->"C:\Fraps\uninstall.exe"
GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Gears of War-->C:\Program Files\InstallShield Installation Information\{1170D24F-42B7-40CF-AA1B-6395CE562354}\setup.exe -runfromtemp -l0x040c
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Glary Utilities Pro 2.8.0.366-->"C:\Program Files\Glary Utilities\unins000.exe"
Hamachi 1.0.1.5-->C:\Program Files\Hamachi\uninstall.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
K-Lite Codec Pack 4.1.4 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Magic ISO Maker v5.5 (build 0272)-->C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Microsoft .NET Framework 1.1 Hotfix (KB929729)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
NVIDIA ForceWare Network Access Manager-->"C:\Program Files\InstallShield Installation Information\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}\setup.exe" -runfromtemp -l0x040c -removeonly
NVIDIA ForceWare Network Access Manager-->MsiExec.exe /I{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}
NVIDIA nTune-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF} /l1036
NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 3.0-->MsiExec.exe /I{92B79901-C57D-409F-8D2F-4E5337383569}
PC Optimiseur-->"C:\Program Files\Micro Application\PC Optimiseur\unins000.exe"
Pro Cycling Manager - Season 2008 1.0.0.0-->"C:\Program Files\Cyanide\Pro Cycling Manager - Season 2008\unins000.exe"
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Quantum of Solace(TM)-->C:\Program Files\InstallShield Installation Information\{CDF29D6C-AA05-49F9-A55A-89C2F8F4F46E}\setup.exe -runfromtemp -l0x040c
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Revo Uninstaller 1.75-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
SAS Secure Tomorrow (1.0)-->"C:\Program Files\City Interactive\SAS Secure Tomorrow\unins000.exe"
Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Skype™ Beta 4.0-->MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SpeechRedist-->MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Tomb Raider: Underworld 1.0-->C:\Program Files\Eidos\Tomb Raider - Underworld\uninst.exe
Tomb Raider:-->C:\Program Files\Tomb Raider - Legend\uninsttrl.exe
TuneUp Utilities 2008-->MsiExec.exe /I{5888428E-699C-4E71-BF71-94EE06B497DA}
Unreal Tournament 2004-->C:\UT2004\System\Setup.exe uninstall "UT2004"
Vista Start Menu 3.02-->"C:\Program Files\Vista Start Menu\unins000.exe"
VLC media player 0.9.6-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live Bêta (tous les programmes)-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Bêta (tous les programmes)-->MsiExec.exe /I{9C4AB6FB-43CD-4ADF-8B59-6C52A6B74324}
Windows Live Call-->MsiExec.exe /I{868EC13B-52DA-43B9-8C05-50CD897674DF}
Windows Live Mail-->MsiExec.exe /I{DA0FC90D-5D87-445E-90B4-B938C57FE16F}
Windows Live Messenger-->MsiExec.exe /X{F72F8316-91E8-4C80-9E39-EBE933E1EDFB}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
======Hosts File======
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
======Security center information======
AS: Windows Defender
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Smart Projects\IsoBuster;C:\Program Files\QuickTime\QTSystem;C:\Program Files\ESTsoft\ALZip
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"tvdumpflags"=8
-----------------EOF-----------------
zut erreur !!! dsl et je sais pas si celui ci est le bon non plus :(
Logfile of random's system information tool 1.04 (written by random/random)
Run by Kira at 2008-11-28 21:47:37
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 173 GB (57%) free of 305 GB
Total RAM: 3070 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:47:54, on 28/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Kira\Program Files\DNA\btdna.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kira\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Kira.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Kira\Program Files\DNA\btdna.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SuperRam Service Mémoire (SuperRam) - PGWARE LLC - C:\Program Files\PGWARE\SuperRam\SuperRamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
Logfile of random's system information tool 1.04 (written by random/random)
Run by Kira at 2008-11-28 21:47:37
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 173 GB (57%) free of 305 GB
Total RAM: 3070 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:47:54, on 28/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Kira\Program Files\DNA\btdna.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Kira\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Kira.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Kira\Program Files\DNA\btdna.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SuperRam Service Mémoire (SuperRam) - PGWARE LLC - C:\Program Files\PGWARE\SuperRam\SuperRamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
un dossier fix it avec un dossior "plugin" et ceci dedans :
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\CmdLine\Src\CmdLine.cpp Line=250 Tue Mar 27 17:03:46 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\CmdLine\Src\CmdLine.cpp Line=625 Tue Mar 27 17:03:46 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1094 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1113 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1017 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1025 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=498 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item d:\work\avanquest\startupcommander2005v3\startupcommander\../PDXSDK/Core/MM/Inc/MMWrap.h Line=418 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item d:\work\avanquest\startupcommander2005v3\startupcommander\../PDXSDK/Core/CmdLine/Inc/CLWrap.h Line=191 Thu Nov 30 15:36:44 2006
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\CmdLine\Src\CmdLine.cpp Line=250 Tue Mar 27 17:03:46 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\CmdLine\Src\CmdLine.cpp Line=625 Tue Mar 27 17:03:46 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1094 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1113 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1017 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1025 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=498 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item d:\work\avanquest\startupcommander2005v3\startupcommander\../PDXSDK/Core/MM/Inc/MMWrap.h Line=418 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item d:\work\avanquest\startupcommander2005v3\startupcommander\../PDXSDK/Core/CmdLine/Inc/CLWrap.h Line=191 Thu Nov 30 15:36:44 2006
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\CmdLine\Src\CmdLine.cpp Line=250 Tue Mar 27 17:03:46 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\CmdLine\Src\CmdLine.cpp Line=625 Tue Mar 27 17:03:46 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1094 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1113 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1017 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1025 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=498 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item d:\work\avanquest\startupcommander2005v3\startupcommander\../PDXSDK/Core/MM/Inc/MMWrap.h Line=418 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:41 -1 0x00000754 1 200 Unable to find an item d:\work\avanquest\startupcommander2005v3\startupcommander\../PDXSDK/Core/CmdLine/Inc/CLWrap.h Line=191 Thu Nov 30 15:36:44 2006
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\CmdLine\Src\CmdLine.cpp Line=250 Tue Mar 27 17:03:46 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\CmdLine\Src\CmdLine.cpp Line=625 Tue Mar 27 17:03:46 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1094 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1113 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1017 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=1025 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item ..\Core\MM\Src\MM.cpp Line=498 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item d:\work\avanquest\startupcommander2005v3\startupcommander\../PDXSDK/Core/MM/Inc/MMWrap.h Line=418 Tue Mar 27 17:03:44 2007
08.11.2008 Sat 15:30:58 -1 0x000005E8 1 200 Unable to find an item d:\work\avanquest\startupcommander2005v3\startupcommander\../PDXSDK/Core/CmdLine/Inc/CLWrap.h Line=191 Thu Nov 30 15:36:44 2006
2008-11-12 08:38:24 ----D---- C:\Users\Kira\AppData\Roaming\vghd
2008-11-06 07:45:21 ----HDC---- C:\ProgramData\~0
C'est quoi ces dossiers ?
2008-11-06 07:45:21 ----HDC---- C:\ProgramData\~0
C'est quoi ces dossiers ?
LE FICHIER VHDH C'ETAIT LE PROGRAMME VIRTUAL GIRL ET L'AUTRE NE ME DIT RIEN :(
JE N'EN AI PAS BESOIN ....
JE N'EN AI PAS BESOIN ....
vghd pardon c virtual girl , un truc de pin up qui dans sur le pc ... lol mais il n'est plus installé ...
ha pour moi aussi !!!!! je n'ai plus de detections !! les logiciels de detections sont cleans , je crois qu'on peux le dire !!!
je remercie pour ta disponiblité !! presque du 24/24 ! :) pour ta précieuse aide !!! sans toi , je ne sais pas vraiment ce que j'aurai fais !!?? :(
( jai meme pensé jeter mon dd de 320gb lol) et refaire toute une instal sur un nouveau dd ^^, les novices , on a pas bcp de choix avec une infection pareil lol
bref , je me sent redevable ... :(
je te remercie de la maniere la plus sincere qui soit !!!!
merci !!!! :) :) :):)
et bonne continuation à toi
PS: je conclu , en mettant RESOLU
je remercie pour ta disponiblité !! presque du 24/24 ! :) pour ta précieuse aide !!! sans toi , je ne sais pas vraiment ce que j'aurai fais !!?? :(
( jai meme pensé jeter mon dd de 320gb lol) et refaire toute une instal sur un nouveau dd ^^, les novices , on a pas bcp de choix avec une infection pareil lol
bref , je me sent redevable ... :(
je te remercie de la maniere la plus sincere qui soit !!!!
merci !!!! :) :) :):)
et bonne continuation à toi
PS: je conclu , en mettant RESOLU
1/
---> Désinstalle HijackThis 2.0.2 et Search Settings 1.2.
---> Clique sur le logo Vista (Rond bleu), tape Exécuter dans la barre Rechercher et valide avec Entrée.
---> Dans la fenêtre Exécuter, tape combofix /u et valide avec Entrée.
2/
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:services
a7qclvy1
:files
c:\windows\is-UMHNL.exe
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
3/
---> Télécharge OTCleanIt sur ton Bureau :
* Clique droit sur OTCleanIt et choisis Exécuter en tant qu'administrateur.
* Clique sur CleanUp! puis clique sur Yes à la fenêtre Confirm.
* Redémarre ton PC comme demandé.
4/
---> Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).
5/
---> Il est nécessaire de désactiver puis réactiver la restauration système pour la purger :
http://www.commentcamarche.net/faq/sujet 13214 desactiver reactiver la restauration systeme de vista
---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://forums.cnetfrance.fr
6/
---> Par rapport au P2P :
http://www.libellules.ch/...
---> Tiens à jour Windows et tes logiciels.
Sois plus vigilant sur Internet ;)
---> Désinstalle HijackThis 2.0.2 et Search Settings 1.2.
---> Clique sur le logo Vista (Rond bleu), tape Exécuter dans la barre Rechercher et valide avec Entrée.
---> Dans la fenêtre Exécuter, tape combofix /u et valide avec Entrée.
2/
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe
---> Double-clique sur OTMoveIt3.exe afin de le lancer.
---> Copie (Ctrl+C) le texte suivant ci-dessous :
:processes
explorer.exe
:services
a7qclvy1
:files
c:\windows\is-UMHNL.exe
:commands
[purity]
[emptytemp]
[start explorer]
[reboot]
---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.
---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.
Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.
---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
3/
---> Télécharge OTCleanIt sur ton Bureau :
* Clique droit sur OTCleanIt et choisis Exécuter en tant qu'administrateur.
* Clique sur CleanUp! puis clique sur Yes à la fenêtre Confirm.
* Redémarre ton PC comme demandé.
4/
---> Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).
5/
---> Il est nécessaire de désactiver puis réactiver la restauration système pour la purger :
http://www.commentcamarche.net/faq/sujet 13214 desactiver reactiver la restauration systeme de vista
---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://forums.cnetfrance.fr
6/
---> Par rapport au P2P :
http://www.libellules.ch/...
---> Tiens à jour Windows et tes logiciels.
Sois plus vigilant sur Internet ;)
