Sujet Précédent Sujet Suivant

Help virus ddd.burimilol.com

Résolu/Fermé
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010 - 6 janv. 2009 à 18:00
 joy - 11 janv. 2009 à 15:08
Bonjour,
comme le titre l'indique j'ai depuis aujourdhui un logiciel malveillant qui essaye de se conecter a mon ordi.
Heuresement que avast le bloque, mais malheuresement il ne le supprimer pas
j'aimerais savoir comment je peut m'en debarasser
MERCI
J.T

21 réponses

  • 1
  • 2
Réponse 1 / 21
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
6 janv. 2009 à 19:20
Ok.

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
1
Réponse 2 / 21
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
6 janv. 2009 à 18:46
Salut,

- Télécharge HijackThis v2.0.2 sur ton Bureau.

- Double-clique sur HJTInstall afin de lancer l'installation.

- Clique sur Install ensuite sur I Accept.

- Clique sur Do a system scan and save a logfile.

- Le bloc-notes s'ouvrira, fais un copier/coller de tout son contenu ici dans ton prochain message.
0
Réponse 3 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
6 janv. 2009 à 18:58
voici mon rapport
merci de votre rapidité


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:56:51, on 06/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Labtec NumPad\Magickey.exe
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Users\DADA&J~1\AppData\Local\Temp\IXP001.TMP\image.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\dada&jojot\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Enable Labtec NumPad.lnk = C:\Program Files\Labtec NumPad\Magickey.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://files-mjf.jeuxvideo-flash.com/popcap/popcaploader_v10_fr.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
joy
11 janv. 2009 à 15:08
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:04:12, on 11/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\joelle\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\joelle\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Users\joelle\AppData\Local\Temp\IXP000.TMP\bur.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9e.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ww17.ads.eorezo.com/cgi-bin/advert/getads.cgi?x_format=redirect&x_dp_id=9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Smart-Shopper - {4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\joelle\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: SmartShopper - Compare product prices - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: SmartShopper - Compare travel rates - {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\Program Files\Smart-Shopper\Bin\2.5.1\Smrt-Shpr.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
0
Réponse 4 / 21
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
6 janv. 2009 à 18:59
Il y a un fichier bizarre.

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
6 janv. 2009 à 19:18
voici log.txt
Logfile of random's system information tool 1.05 (written by random/random)
Run by dada&jojot at 2009-01-06 19:16:46
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 42 GB (30%) free of 141 GB
Total RAM: 2037 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:16:59, on 06/01/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Labtec NumPad\Magickey.exe
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Live Search\Mise-a-jour-LiveSearch.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\conime.exe
C:\Users\DADA&J~1\AppData\Local\Temp\IXP001.TMP\image.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\dada&jojot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5TY8MDG8\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\dada&jojot.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=compaq-notebook.msn.com&ocid=HPDHP&pc=CPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Outil de notification Live Search.lnk = C:\Users\dada&jojot\AppData\Roaming\Microsoft\Live Search\Notification-LiveSearch.exe
O4 - Global Startup: Enable Labtec NumPad.lnk = C:\Program Files\Labtec NumPad\Magickey.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 5.0\resources\fr-fr\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-fr.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://files-mjf.jeuxvideo-flash.com/popcap/popcaploader_v10_fr.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 6 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
6 janv. 2009 à 19:19
et voici info.txt
info.txt logfile of random's system information tool 1.05 2009-01-06 19:08:15

======Uninstall list======

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Bricks of Egypt\Uninstall.exe"
-->"C:\Program Files\HP Games\Chicken Invaders 3 - Revenge of the Yolk\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Fish Tycoon\Uninstall.exe"
-->"C:\Program Files\HP Games\Gem Shop\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Magic Academy\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Ocean Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Puzzle Express\Uninstall.exe"
-->"C:\Program Files\HP Games\Shooting Stars Pool\Uninstall.exe"
-->"C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Sudoku Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Virtual Villagers - A New Home\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
-->C:\WINDOWS\ISUN040C.EXE -f"C:\Program Files\Labtec NumPad\Uninst.isu" -c"C:\Program Files\Labtec NumPad\UnInst.dll"
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {5A2F65A4-808F-4A1E-973E-92E17824982D}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-040C-0000-0000000FF1CE} /uninstall {A0353900-21A2-42CF-B973-883500A027F7}
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
AIM 6-->C:\Program Files\AIM6\uninst.exe
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x40c -removeonly
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
AVI DivX to DVD SVCD VCD Converter 3.7.1104-->"C:\Program Files\AVI DivX to DVD SVCD VCD Converter\unins000.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -ILEOHERza.INF
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
eDrawings 2005-->MsiExec.exe /I{071D088C-6DF6-4F1B-B024-DA10896AF66D}
ESU for Microsoft Vista-->MsiExec.exe /I{AD3FDC40-BCF4-476D-A2D6-C4B154DD9DF5}
Galerie de photos Windows Live-->MsiExec.exe /X{43563ACB-371B-4C58-8979-B192B390424C}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf
Hewlett-Packard Active Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent for Health Check-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD0E2B92-3814-46F0-893B-4612EA010C7E}\setup.exe" -l0x9 -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP DVD Play 3.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /I{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}
HP Quick Launch Buttons 6.30 E2-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x040c uninst
HP Total Care Advisor-->MsiExec.exe /X{b02df929-29a7-4fd2-9a70-81a644b635f7}
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
HP User Guides 0093-->MsiExec.exe /I{D7358B07-4F10-4014-9869-7999578BE8ED}
HP Wireless Assistant-->MsiExec.exe /I{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
Intel(R) TV Wizard-->C:\Windows\system32\TVWizudlg.exe -uninstall
Java(TM) 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
Labtec USB NumPad for Notebook-->C:\Windows\IsUn040c.exe -f"C:\Program Files\Labtec NumPad\Uninst.isu"
Les Sims™ Histoires de vie-->MsiExec.exe /I{2284D904-C138-4B58-93EC-5C362AB5130A}
LG PC Suite-->C:\Program Files\InstallShield Installation Information\{993960EE-CA4D-443F-8F88-E24260DD5FD2}\setup.exe -runfromtemp -l0x040c -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {EC50B538-CBE1-42E6-B7FE-87AA540AADFB}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{3B160861-7250-451E-B5EE-8B92BF30A710}
MSCU for Microsoft Vista-->MsiExec.exe /I{E87F5651-CE15-493F-AE99-3B670E25A54E}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 6.1-->C:\Program Files\InstallShield Installation Information\{250E9609-E830-43EB-B379-DAB7546A2422}\muveesetup.exe -removeonly -runfromtemp
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly
Norton Security Scan-->MsiExec.exe /I{230C4A45-2586-4161-84EF-5C0D75D5B270}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
QuickPlay SlingPlayer 0.4.4-->"C:\Program Files\HP\QuickPlay\unins000.exe"
Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}\setup.exe -runfromtemp -l0x040c -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Shockwave-->C:\Windows\System32\Macromed\SHOCKW~2\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~2\Install.log
SolidWorks 2005 SP03.1-->MsiExec.exe /I{820AD75D-C3A5-49EF-9E8B-8A957371FC0D}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {49E314EE-81FA-4007-8F1A-8D39BDBB4498}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {80E46078-C1C5-4AE8-8744-3EAFC812E118}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Votre Budget-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{642DDC79-6847-454B-B10C-F69F621397AE}\SETUP.EXE" -l0x40c
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Movie Maker Bêta-->MsiExec.exe /X{5ED7F74A-B4AB-4209-B99C-B88012C712F2}
Windows Live Sync-->MsiExec.exe /X{67D0313C-4F15-437D-9A2D-C1564088A26A}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: avast! antivirus 4.8.1229 [VPS 081118-0]
AS: Windows Defender (disabled)
AS: avast! antivirus 4.8.1229 [VPS 081118-0]

System event log

Computer Name: PC-de-dadajojo
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté.
Record Number: 85973
Source Name: Service Control Manager
Time Written: 20090106154140.000000-000
Event Type: Information
User:

Computer Name: PC-de-dadajojo
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : en cours d'exécution.
Record Number: 85974
Source Name: Service Control Manager
Time Written: 20090106154408.000000-000
Event Type: Information
User:

Computer Name: PC-de-dadajojo
Event Code: 1000
Message: L’analyse Windows Defender a démarré.
ID de l’analyse : {4BFE0763-6E6F-4746-8050-A5441978CDC0}
Type de l’analyse : Logiciel anti-espion
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Record Number: 85975
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090106154419.000000-000
Event Type: Information
User:

Computer Name: PC-de-dadajojo
Event Code: 1001
Message: L’analyse Windows Defender a terminé.
ID de l’analyse : {4BFE0763-6E6F-4746-8050-A5441978CDC0}
Type de l’analyse : Logiciel anti-espion
Paramètres de l’analyse : Analyse rapide
Utilisateur : AUTORITE NT\SERVICE RÉSEAU
Heure de l’analyse : 0:05:14
Record Number: 85976
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090106154933.000000-000
Event Type: Information
User:

Computer Name: PC-de-dadajojo
Event Code: 7036
Message: Le service Service de découverte automatique de Proxy Web pour les services HTTP Windows est entré dans l'état : arrêté.
Record Number: 85977
Source Name: Service Control Manager
Time Written: 20090106160038.000000-000
Event Type: Information
User:

Application event log

Computer Name: PC-de-dadajojo
Event Code: 1
Message: Le service Centre de sécurité Windows a démarré.
Record Number: 22033
Source Name: SecurityCenter
Time Written: 20090106152617.000000-000
Event Type: Information
User:

Computer Name: PC-de-dadajojo
Event Code: 1000
Message: Application défaillante Apoint.exe, version 7.0.202.267, horodatage 0x47201f35, module défaillant unknown, version 0.0.0.0, horodatage 0x00000000, code d’exception 0xc0000005, décalage d’erreur 0x00380000, ID du processus 0xc30, heure de début de l’application 0x01c97012df6410d5.
Record Number: 22034
Source Name: Application Error
Time Written: 20090106153629.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-dadajojo
Event Code: 1001
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été supprimés. Les données d'enregistrement contiennent les nouvelles valeurs du dernier compteur système et les dernières entrées du registre d'aide.
Record Number: 22035
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090106164417.000000-000
Event Type: Information
User:

Computer Name: PC-de-dadajojo
Event Code: 1000
Message: Les compteurs de performances pour le service WmiApRpl (WmiApRpl) ont été chargés. Les données d'enregistrement dans la section des données contiennent les nouvelles valeurs d'index assignées à ce service.
Record Number: 22036
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20090106164418.000000-000
Event Type: Information
User:

Computer Name: PC-de-dadajojo
Event Code: 1002
Message: Le programme HPSI.exe version 2.3.0.2 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans l’application Rapports et solutions aux problèmes du Panneau de configuration. ID de processus : 1348 Heure de début : 01c9701f33e49c45 Heure de fin : 33
Record Number: 22037
Source Name: Application Hang
Time Written: 20090106165346.000000-000
Event Type: Erreur
User:

Security event log

Computer Name: PC-de-dadajojo
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-DADAJOJO$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : dada&jojot
Domaine du compte : PC-de-dadajojo
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x2e0
Nom du processus : C:\Windows\System32\winlogon.exe

Informations sur le réseau :
Adresse du réseau : 127.0.0.1
Port : 0

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 22576
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081117163517.141706-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-dadajojo
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-DADAJOJO$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 2

Nouvelle ouverture de session :
ID de sécurité : S-1-5-21-4273180909-4162161235-1671306896-1000
Nom du compte : dada&jojot
Domaine du compte : PC-de-dadajojo
ID d’ouverture de session : 0x32072
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x2e0
Nom du processus : C:\Windows\System32\winlogon.exe

Informations sur le réseau :
Nom de la station de travail : PC-DE-DADAJOJO
Adresse du réseau source : 127.0.0.1
Port source : 0

Informations détaillées sur l’authentification :
Processus d’ouverture de session : User32
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 22577
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081117163517.141706-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-dadajojo
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-DADAJOJO$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 2

Nouvelle ouverture de session :
ID de sécurité : S-1-5-21-4273180909-4162161235-1671306896-1000
Nom du compte : dada&jojot
Domaine du compte : PC-de-dadajojo
ID d’ouverture de session : 0x3209e
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x2e0
Nom du processus : C:\Windows\System32\winlogon.exe

Informations sur le réseau :
Nom de la station de travail : PC-DE-DADAJOJO
Adresse du réseau source : 127.0.0.1
Port source : 0

Informations détaillées sur l’authentification :
Processus d’ouverture de session : User32
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 22578
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081117163517.141706-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-dadajojo
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-21-4273180909-4162161235-1671306896-1000
Nom du compte : dada&jojot
Domaine du compte : PC-de-dadajojo
ID d’ouverture de session : 0x32072

Privilèges : SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 22579
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081117163517.141706-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-dadajojo
Event Code: 5032
Message: Le Pare-feu Windows n’a pas pu notifier l’utilisateur qu’il a empêché une application d’accepter des connexions entrantes sur le réseau.

Code d’erreur : 2
Record Number: 22580
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081117163529.333306-000
Event Type: Échec de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\CyberLink\Power2Go\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PLATFORM"=MCD
"PCBRAND"=Presario
"OnlineServices"=Online Services
"USERPART"=E:

-----------------EOF-----------------
0
Réponse 7 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
6 janv. 2009 à 19:36
voici le rapport
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1625
Windows 6.0.6001 Service Pack 1

06/01/2009 19:35:22
mbam-log-2009-01-06 (19-35-22).txt

Type de recherche: Examen rapide
Eléments examinés: 50707
Temps écoulé: 8 minute(s), 33 second(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
C:\Users\dada&jojot\AppData\Local\Temp\IXP001.TMP\image.exe (Backdoor.Bot) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Windows\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\dada&jojot\AppData\Local\Temp\IXP001.TMP\image.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Windows\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
0
Réponse 8 / 21
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
6 janv. 2009 à 19:46
Fais un scan en ligne et poste le rapport :
https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
0
Réponse 9 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
6 janv. 2009 à 20:44
merci pour les conseils je suis en train de faire le scan mais il prend beaucoup de temps donc des que ces terminer je vous envois le rapport
merci
0
Réponse 10 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
6 janv. 2009 à 23:11
et voici le rapport active scan
;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-01-06 23:07:36
PROTECTIONS: 1
MALWARE: 29
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Windows Defender 1.1.4205.0 No No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@doubleclick[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@atdmt[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@tradedoubler[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@tradedoubler[1].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@247realmedia[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@fastclick[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@tribalfusion[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@mediaplex[2].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@mediaplex[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@com[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@xiti[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@statcounter[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@ad.yieldmanager[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@apmebf[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@serving-sys[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@bs.serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@bs.serving-sys[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@weborama[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@weborama[2].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@adtech[2].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@fl01.ct2.comclick[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@advertising[2].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@media.adrevolver[3].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@ads.pointroll[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@ads.pointroll[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@overture[1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@realmedia[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@bluestreak[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@adrevolver[2].txt
00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@adviva[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@smartadserver[2].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@smartadserver[1].txt
01588463 Generic Malware Virus/Trojan No 0 Yes No C:\Users\dada&jojot\AppData\Local\Temp\comver.dll
03009106 W32/Xor-encoded.A Virus No 0 No No C:\Users\dada&jojot\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0d804e14\Report.cab[fxstaller.exe.xor]
03074964 Trj/CI.A Virus/Trojan No 0 No No C:\Users\dada&jojot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5TY8MDG8\viewimage[1].com[C:\Users\dada&jojot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5TY8MDG8\viewimage[1].com][image.exe]
03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Users\dada&jojot\AppData\Local\Temp\IXP001.TMP\image.exe
03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Windows\fxstaller.exe
03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Windows\fxstaller.exe
;===================================================================================================================================================================================
SUSPECTS
Sent Location 4���`�$ C5
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description 4���`�$ C5
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0
Réponse 11 / 21
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
6 janv. 2009 à 23:15
---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:files
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@doubleclick[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@doubleclick[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@atdmt[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@atdmt[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@tradedoubler[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@tradedoubler[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@247realmedia[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@fastclick[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@tribalfusion[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@mediaplex[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@mediaplex[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@com[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@xiti[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@statcounter[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@ad.yieldmanager[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@apmebf[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@apmebf[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@serving-sys[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@serving-sys[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@bs.serving-sys[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@bs.serving-sys[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@weborama[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@weborama[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@adtech[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@fl01.ct2.comclick[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@advertising[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@media.adrevolver[3].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@ads.pointroll[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@ads.pointroll[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@overture[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@realmedia[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@bluestreak[1].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@adrevolver[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@adviva[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@smartadserver[2].txt
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@smartadserver[1].txt
C:\Users\dada&jojot\AppData\Local\Temp\comver.dll
C:\Users\dada&jojot\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0d804e14\Report.cab
C:\Users\dada&jojot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5TY8MDG8
C:\Users\dada&jojot\AppData\Local\Temp\IXP001.TMP\image.exe
C:\Windows\fxstaller.exe

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 12 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
7 janv. 2009 à 21:54
Bonjour dsl de mon absence mais avc le froid g eu d ptit souci de voiture
mais voici le rapport mieux vaut tard que jamais LOL
merci

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@doubleclick[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@doubleclick[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@atdmt[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@atdmt[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@tradedoubler[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@tradedoubler[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@247realmedia[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@fastclick[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@tribalfusion[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@mediaplex[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@mediaplex[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@com[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@xiti[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@statcounter[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@ad.yieldmanager[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@apmebf[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@apmebf[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@serving-sys[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@serving-sys[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@bs.serving-sys[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@bs.serving-sys[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@weborama[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@weborama[2].txt moved successfully.
File/Folder C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@adtech[2].txt not found.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@fl01.ct2.comclick[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@advertising[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@media.adrevolver[3].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@ads.pointroll[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@ads.pointroll[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@overture[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@realmedia[2].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@bluestreak[1].txt moved successfully.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@adrevolver[2].txt moved successfully.
File/Folder C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@adviva[2].txt not found.
File/Folder C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\Low\dada&jojot@smartadserver[2].txt not found.
C:\Users\dada&jojot\AppData\Roaming\Microsoft\Windows\Cookies\dada&jojot@smartadserver[1].txt moved successfully.
DllUnregisterServer procedure not found in C:\Users\dada&jojot\AppData\Local\Temp\comver.dll
C:\Users\dada&jojot\AppData\Local\Temp\comver.dll NOT unregistered.
C:\Users\dada&jojot\AppData\Local\Temp\comver.dll moved successfully.
C:\Users\dada&jojot\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report0d804e14\Report.cab moved successfully.
C:\Users\dada&jojot\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5TY8MDG8 moved successfully.
C:\Users\dada&jojot\AppData\Local\Temp\IXP001.TMP\image.exe moved successfully.
File/Folder C:\Windows\fxstaller.exe not found.
========== COMMANDS ==========
File delete failed. C:\Users\DADA&J~1\AppData\Local\Temp\ehmsas.txt scheduled to be deleted on reboot.
File delete failed. C:\Users\DADA&J~1\AppData\Local\Temp\JET781B.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\DADA&J~1\AppData\Local\Temp\MainFrame.Log.txt scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\Windows\temp\{4d36e96d-e325-11ce-bfc1-08002be10318}0000\INWPS2.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96d-e325-11ce-bfc1-08002be10318}0000\IPathViS.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0001\IPathViS.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0001\IPVENHER.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0001\ISACS.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\{4d36e96c-e325-11ce-bfc1-08002be10318}0001\LEOHERA.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SETUP47D55B9A11F\InstApp.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SETUP47D55B8C3D4\InstApp.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SETUP47D55AE82A0\InstApp.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MYDEFAULT\SMAUDIO.INI scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MPTelemetrySubmit\client_manifest.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MPTelemetrySubmit\watson_manifest.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\IntelIMSM\IMSMins.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\zh-tw\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\zh-cn\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\tr\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\th\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\sv\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\ru\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\pt-br\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\pl\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\no\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\nl\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\ko\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\ja\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\it\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\32x32_ale.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\32x32_upd.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\confirm.htm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\desktop.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\earth.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\history.htm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\installer.htm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\lm.htm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\maintainer.htm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\minus.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\msg_error.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\pack.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\pack_large.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\picasa.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\plus.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\preferences.htm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\progress.htm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\proxy.htm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\roundl_g.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\roundr_g.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\shield.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\sort_down.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\sort_up.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\talk.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\toolbar.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\ui.css scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\ui.js scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\ul.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\updates.htm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\ur.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\waiting.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\HTML\waiting32.gif scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\fr\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\fi\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\es\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\en-gb\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\en\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\el\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\de\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\da\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\cs\cires.dll.mui scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\ci.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\cires.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\GoogleUpdaterAdminPrefs.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\GoogleUpdaterInstallMgr.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\GoogleUpdaterSetup.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\2.4.1368.5602\npCIDetect13.dll scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\GoogleUpdater.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\gisd756d\GoogleUpdaterService.exe scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\ASPNETSetup_00000.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\conexant.cer scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DIFXAPI.DLL scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI310E.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI33DB.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMI4B23.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIB817.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\DMIE09E.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\ehprivjob.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\ehprivjob1.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\ehprivjob2.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile00.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile01.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile02.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile03.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile04.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile05.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile06.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile07.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile08.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile09.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile10.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile11.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile12.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile13.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile14.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile15.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile16.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile17.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile18.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\fwtsqmfile19.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\IDSinst.LOG scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\IntelTVWizard.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\JET5907.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\JET60B5.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\JET643E.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\JET8DAE.tmp scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080706-151941-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080706-151955-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080707-103845-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080707-103911-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080707-131607-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080707-131622-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080708-190710-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080708-190726-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080709-133658-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080709-133712-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080709-165550-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080709-165603-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080709-193210-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080709-193235-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080710-121245-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080710-121259-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080711-115707-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080711-115720-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080711-194545-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080711-194610-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080712-001521-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080712-001534-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080712-170005-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080712-170018-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080712-214616-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\lpksetup-20080712-214629-0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MpCmdRun.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\MpSigStub.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\Norton_SPALOG_7_30_2008_1158869.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\Norton_SPALOG_7_6_2008_174830.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\RTWaveTempINI.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SETUP.LOG scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\Silverlight0.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SilverlightMSI.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SNDSetup8.0.2.6.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SNDunin.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SND_MSI_I_8.0.2.6.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SND_MSI_U_8.0.2.6_8.0.0.129.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SRTSP_MSI_I_10.2.2.6.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SRTSP_MSI_U_(1)10.2.0.57.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SRTSP_Setup_10.2.2.6.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\srtUnin.log scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\SYMEVENT.LOG scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\TempINI.ini scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\TMP0000000DA191F42382903516 scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\VistaSP1_InstallPerf_142855.sqm scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA0F1.tmp.version.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WERA101.tmp.appcompat.txt scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_DX.etl scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_KernelLog.etl scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\WinSAT_StorageAsmt.etl scheduled to be deleted on reboot.
File delete failed. C:\Windows\temp\wlumsp.log scheduled to be deleted on reboot.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01072009_214635
0
Réponse 13 / 21
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
7 janv. 2009 à 22:02
---> Relance MBAM, va dans Quarantaine et supprime tout.

---> Télécharge JavaRa.zip (de Paul 'Prm753' McLain et Fred de Vries) sur ton Bureau.
* Décompresse le fichier sur le Bureau (Clic droit > Extraire tout).
* Double-clique sur le répertoire JavaRa.
* Clique droit sur le fichier JavaRa.exe (le exe peut ne pas s'afficher) et choisis Exécuter en tant qu'administrateur.
* Choisis Français puis clique sur Select.
* Clique sur Recherche de mises à jour.
* Sélectionne Mettre à jour via jucheck.exe puis clique sur Rechercher.
* Autorise le processus à se connecter s'il le demande, clique sur Installer et suis les instructions d'installation qui prennent quelques minutes.
* L'installation est terminée, reviens à l'écran de JavaRa et clique sur Effacer les anciennes versions.
* Clique sur Oui pour confirmer. Laisse travailler et clique ensuite sur OK, puis une deuxième fois sur OK.
* Un rapport va s'ouvrir. Poste-le dans ta prochaine réponse.
* Ferme l'application.

Note : le rapport se trouve aussi dans C:\ sous le nom JavaRa.log.
0
Réponse 14 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
7 janv. 2009 à 22:20
voici le rapport

JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Jan 07 22:18:30 2009

Found and removed: C:\Program Files\Java\jre1.6.0_02

There was an error removing C:\Program Files\Java\jre1.6.0_07. The error returned was 32.

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\JavaPlugin.160_02

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

Found and removed: Software\JavaSoft\Java2D\1.6.0_02

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\bin\

------------------------------------

Finished reporting.
0
Réponse 15 / 21
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
7 janv. 2009 à 22:24
---> Supprime JavaRa.

---> Cherche ce fichier : C:\Program Files\Trend Micro\HijackThis\dada&jojot.exe

---> Clique droit sur ce fichier et choisis Exécuter en tant qu'administrateur.

---> Choisis Do a system scan only.

---> Coche les cases qui sont devant les lignes suivantes :

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://files-mjf.jeuxvideo-flash.com/popcap/popcaploader_v10_fr.cab

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Ferme HijackThis.


Ton PC va comment ?
0
Réponse 16 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
7 janv. 2009 à 22:42
en faite je n'ai pas trouver la ligne 016 avc la description (O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://files-mjf.jeuxvideo-flash.com/popcap/popcaploader_v10_fr.cab )
a part sa depuis que j'ai rlallumer mon pc je n'ai aucun message de tentative d'intrusion de logiciels malveillant.


en tout cas je vous remercie et heuresement qu'il ya d gens comme vous pour passer du temp a nous aidez
MERCI ENCORE
J.T
0
Réponse 17 / 21
yoyo555 Messages postés 20 Date d'inscription samedi 16 février 2008 Statut Membre Dernière intervention 7 janvier 2009 3
7 janv. 2009 à 22:43
achete Avast , c'est le meilleur :)
0
Réponse 18 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
7 janv. 2009 à 22:45
c'est celui que j'ai pris mais en version essaie LOL
je pense que je changer si je peut etre tranquille apres
0
Réponse 19 / 21
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
7 janv. 2009 à 23:10
1/

---> Désinstalle HijackThis.

---> Télécharge OTCleanIt sur ton Bureau :
* Clique droit sur OTCleanIt et choisis Exécuter en tant qu'administrateur.
* Clique sur CleanUp! puis clique sur Yes à la fenêtre Confirm.
* Redémarre ton PC comme demandé.


2/

---> Télécharge et installe CCleaner (N'installe pas la Yahoo Toolbar) :
* Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
* Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.
* Ensuite, choisis Registre, puis Chercher des erreurs. Une fois terminé, répare toutes les erreurs (Sauvegarde la base de registre).


3/

---> Il est nécessaire de désactiver puis réactiver la restauration système pour la purger :
http://www.commentcamarche.net/faq/sujet 13214 desactiver reactiver la restauration systeme de vista

---> Je te conseille de créer un point de restauration que tu pourras utiliser plus tard si tu as un problème :
https://forums.cnetfrance.fr


4/

Je te conseille de remplacer Avast par Antivir :
http://www.commentcamarche.net/telecharger/telecharger 55 antivir

Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

Comme navigateur, utilise plutôt Mozilla Firefox qu'Internet Explorer. Tu peux utiliser l'extension Noscript pour plus de sécurité.

Tu peux aussi modifier le fichier Hosts pour améliorer la sécurité de ton PC :
http://www.commentcamarche.net/faq/sujet 5993 modifier son fichier hosts
https://blog.sosordi.net/category/articles

Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) :
https://www.malekal.com/fichiers/projetantimalwares/prevention-protection.pdf


Sois plus vigilant sur Internet ;)
0
Réponse 20 / 21
jojot2411 Messages postés 33 Date d'inscription mardi 6 janvier 2009 Statut Membre Dernière intervention 15 juin 2010
8 janv. 2009 à 21:55
bonjour
c'est bon j'ai fait quasiment tout ce que vous m'avez dit mai j'ai 2questions
-dois-je supprimer avast
-dois-je supprimer internet explorer
merci c:
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses
Comment savoir si j'ai attrapé un virus sur mon téléphone ?
Infolock -
bell -

66 réponses
Virus Altruistic
Mael03250 -
MisteryBean -

11 réponses
Supprimer notifications myavids.com sous Android.
Guy72 -
Liline -

7 réponses