Sujet Précédent Sujet Suivant

Enorme probleme virus Win32 et z-connect !!!

Résolu/Fermé
Roxas02 Messages postés 10 Date d'inscription mercredi 19 mars 2008 Statut Membre Dernière intervention 3 novembre 2011 - 21 mai 2009 à 20:09
Roxas02 Messages postés 10 Date d'inscription mercredi 19 mars 2008 Statut Membre Dernière intervention 3 novembre 2011 - 26 mai 2009 à 15:54
Bonjour, j'ai besoin d'aide !!!! Depuis peu j'ai d'énormes problème avec mon pc, Avast détecte des fichiers infectés pas win32, j'essaye de les mettre en quarantaine et même d'en supprimer certains mais ils "reviennent" toujours.
De plus, ma connexion internet est fortement troublée : Je n'arrive pas toujours à me connecter et quand j'y arrive je vois que mes pages de démarrage ont été changée. Alors qu'elles s'ouvraient avec google, elles s'ouvrent désormais sur http://247livesearch.com...
Pour finir, désormais lorsque je regarde la liste de mes connexions, celle d'origine "orange" a laissé place a z-connect !!!!
D'après ce que j'ai pu lire ici, il s'agirait d'un virus, j'ai tenté les solutions conseillés sans grand succès
Est-ce que quelqu'un pourrait m'aidez, svp ????
A voir également:

13 réponses

Réponse 1 / 13
Utilisateur anonyme
22 mai 2009 à 20:31
Salut ,

tres infecté ...


on commence par l infection Bagle :

▶ Télécharge FindyKill ( de Chiquitine29) sur ton bureau :

http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

! Déconnecte toi et ferme toutes applications en cours !

• Double clique sur "FindyKill.exe" pour lancer l'installation et laisse les paramètres d'instalation par défaut .

• Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

• Double-clique sur le raccourci FindyKill qui est sur ton bureau pour lancer l'outil .

• Au menu principal choisis l'option " F " pour français et tape sur [entrée] .

• Au second menu Choisis l'option " 1 " (recherche) et tape sur [entrée]

▶ Laisse travailler l'outil et ne touche à rien ...

--> Poste le rapport qui apparait à la fin , sur le forum ...

( le rapport est sauvegardé aussi sous C:\FindyKill.txt )
( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.

▶ Aides en images : http://pagesperso-orange.fr/NosTools/findykill.html
2
Réponse 2 / 13
Utilisateur anonyme
22 mai 2009 à 20:46
! Déconnecte toi et ferme toutes application en cours ( navigateur compris ) .

• Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...)

• Relance "FindyKill" : au menu principal choisis l'option " F " pour français et tape sur [entrée] .

• Au second menu choisis l'option 2 (suppression) et tape sur [entrée]

• Le pc va redémarrer automatiquement ...

▶ le programme va travailler , ne touche à rien ... , ton bureau ne sera pas accessible c est normal !

--> Poste le rapport qui apparait à la fin ( le rapport est sauvegardé aussi sous C:\FindyKill.txt )

/!\ Si le Bureau ne réapparait pas, presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tape explorer.exe et valide

Aides en images ( Suppression ) : http://pagesperso-orange.fr/NosTools/findykill.html
2
Réponse 3 / 13
Utilisateur anonyme
21 mai 2009 à 20:14
Salut ,

Télécharge random's system information tool (RSIT) et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Lis le contenu de l'écran Disclaimer puis clique sur Continue (si tu acceptes les conditions).

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt
1
Réponse 4 / 13
Roxas02 Messages postés 10 Date d'inscription mercredi 19 mars 2008 Statut Membre Dernière intervention 3 novembre 2011
22 mai 2009 à 20:27
Merci de me répondre !!!
Voici le rapport log.txt

Logfile of random's system information tool 1.06 (written by random/random)
Run by Angélique at 2009-05-22 20:23:27
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 177 GB (58%) free of 305 GB
Total RAM: 511 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:25:25, on 22/05/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\msnmsgrss.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Documents and Settings\Angélique\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Angélique\Bureau\RSIT.exe
C:\Program Files\trend micro\Angélique.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://247livesearch.com/cat/5/0/Education.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: C:\WINDOWS\system32\tya7hfd873f.dll - {A6C7B2A1-00F3-42BD-F434-00AABA2C8953} - C:\WINDOWS\system32\tya7hfd873f.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [Windows UDP Control Center] msnmsgrss.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [WOOKIT] C:\Program Files\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [drvsyskit] C:\WINDOWS\system32\drivers\hldrrr.exe
O4 - HKCU\..\Run: [german.exe] C:\WINDOWS\system32\wintems.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [] C:\DOCUME~1\ANGLIQ~1\LOCALS~1\Temp\divna.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Angélique\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [uidenhiufgsduiazghs] C:\DOCUME~1\ANGLIQ~1\LOCALS~1\Temp\divna.exe
O4 - HKCU\..\Run: [esvkbsui] C:\WINDOWS\system32\cghcjc.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-746137067-1035525444-1801674531-1004\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'abdel')
O4 - HKUS\S-1-5-21-746137067-1035525444-1801674531-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'abdel')
O4 - HKUS\S-1-5-21-746137067-1035525444-1801674531-1004\..\Run: [esvkbsui] C:\WINDOWS\system32\cghcjc.exe (User 'abdel')
O4 - HKUS\S-1-5-21-746137067-1035525444-1801674531-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrateur')
O4 - HKUS\S-1-5-21-746137067-1035525444-1801674531-500\..\RunOnce: [^SetupICWDesktop] (User 'Administrateur')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: TrayMin210.exe.lnk = ?
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/...
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.vm-wl.com/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O22 - SharedTaskScheduler: hasf8h3rfijfn98gf9iar - {A6C7B2A1-00F3-42BD-F434-00AABA2C8953} - C:\WINDOWS\system32\tya7hfd873f.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MioNet Service (MioNet) - Unknown owner - C:\Program Files\MioNet\MioNetManager.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 13
Roxas02 Messages postés 10 Date d'inscription mercredi 19 mars 2008 Statut Membre Dernière intervention 3 novembre 2011
22 mai 2009 à 20:44
Voilà le rapport FindyKill


############################## [ FindyKill V4.729 ]

# User : Angélique (Administrateurs) # ABDEL-30F34AD24
# Update on 19/05/09 by Chiquitine29
# Start at: 20:41:38 | 22/05/2009
# Website : http://pagesperso-orange.fr/NosTools/findykill.html

# AMD Athlon(tm) XP 1700+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1296 [VPS 090521-0] 4.8.1296 [ Enabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 298,08 Go (172,78 Go free) [Windows XP] # NTFS
# D:\ # Disque fixe local # 19 Go (15,78 Go free) [HDD 20GO] # FAT32
# E:\ # Disque CD-ROM
# G:\ # Disque amovible

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\msnmsgrss.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Documents and Settings\Angélique\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Fichiers / Dossiers infectieux ]

Found ! C:\WINDOWS\Prefetch\1.EXE-08D52809.pf
Found ! C:\WINDOWS\Prefetch\438.EXE-2D3D15A0.pf
Found ! C:\WINDOWS\Prefetch\609.EXE-0A17A8B1.pf
Found ! C:\WINDOWS\Prefetch\834.EXE-011EA159.pf
Found ! C:\WINDOWS\Prefetch\980.EXE-0F45273A.pf
Found ! C:\WINDOWS\system32\ban_list.txt
Found ! C:\WINDOWS\system32\drivers\down

################## [ Infected Temp Files ]


################## [ Registre / Clés infectieuses ]

Found ! HKEY_USERS\S-1-5-21-746137067-1035525444-1801674531-1005\Software\Local AppWizard-Generated Applications\uiytuhjy
Found ! HKEY_USERS\S-1-5-21-746137067-1035525444-1801674531-1005\Software\FirstRRRun
Found ! HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\uiytuhjy
Found ! HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA
Found ! HKEY_CURRENT_USER\Software\FirstRRRun
Found ! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! HKEY_USERS\S-1-5-21-746137067-1035525444-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! HKEY_USERS\S-1-5-21-746137067-1035525444-1801674531-1005\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"


################## [ Recherche dans supports amovibles]

Found ! C:\InfoSat.txt

################## [ Registre / Mountpoints2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.729 ! ]
0
Réponse 6 / 13
Roxas02 Messages postés 10 Date d'inscription mercredi 19 mars 2008 Statut Membre Dernière intervention 3 novembre 2011
23 mai 2009 à 18:05
Salut (desolé pour l'absence)

Voici le rapport (j'ai du recommencer l'étape 2 fois, à cause d'une mauvaise manip)


############################## [ FindyKill V4.729 ]

# User : Angélique (Administrateurs) # ABDEL-30F34AD24
# Update on 19/05/09 by Chiquitine29
# Start at: 16:33:01 | 23/05/2009
# Website : http://pagesperso-orange.fr/NosTools/findykill.html

# AMD Athlon(tm) XP 1700+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1296 [VPS 090523-0] 4.8.1296 [ Enabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 298,08 Go (174,14 Go free) [Windows XP] # NTFS
# D:\ # Disque fixe local # 19 Go (15,78 Go free) [HDD 20GO] # FAT32
# E:\ # Disque CD-ROM

############################## [ Active Processes ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dwwin.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe

################## [ Infected Files \ Folders ]

Deleted ! C:\WINDOWS\Prefetch\000.EXE-0F771E41.pf
Deleted ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-17681AA8.pf

################## [ Infected Temp Files ]


################## [ Registry / Infected keys ]


################## [ Cleaning Removable drives ]


################## [ Registry / Mountpoint2 ]

# -> Not found !

################## [ States / Restarting of services ]

# Services : [ Auto=2 / Request=3 / Disable=4 ]

# Ndisuio -> # Type of startup =3
# EapHost -> # Type of startup =2
# Ip6Fw -> # Type of startup =2
# SharedAccess -> # Type of startup =2
# wuauserv -> # Type of startup =2
# wscsvc -> # Type of startup =2

################## [ Searching Other Infections ]

# Références de comparaison Bagle MD5 :

File ... : C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir
CRC32 .. : 966018bf
MD5 .... : 6baa51be51e1035a6c39970a4d58e72a

# -> Nothing found.

################## [ Corrupted files # Re-Installation required ]

C:\WINDOWS\system32\dllcache\register.exe

################################### [ Cracks / Keygens / Serials ]

# -> Nothing found !

################## [ ! End of Report # FindyKill V4.729 ! ]
0
Réponse 7 / 13
Utilisateur anonyme
23 mai 2009 à 18:15
• Télécharge et install UsbFix

(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d'avoir été infectées sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur ton bureau .

• Choisis l'option 1 ( Recherche )

• Laisse travailler l'outil.

• Ensuite post le rapport UsbFix.txt qui apparaitra.

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque. ( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

• Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.


• Tuto : http://pagesperso-orange.fr/NosTools/usbfix.html
0
Réponse 8 / 13
Roxas02 Messages postés 10 Date d'inscription mercredi 19 mars 2008 Statut Membre Dernière intervention 3 novembre 2011
23 mai 2009 à 18:21
Rapport UsbFix


############################## [ UsbFix V3.025 | Scan ]

# User : Angélique (Administrateurs) # ABDEL-30F34AD24
# Update on 22/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 18:19:14 | 23/05/2009

# AMD Athlon(tm) XP 1700+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1296 [VPS 090523-0] 4.8.1296 [ Enabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 298,08 Go (174,1 Go free) [Windows XP] # NTFS
# D:\ # Disque fixe local # 19 Go (15,78 Go free) [HDD 20GO] # FAT32
# E:\ # Disque CD-ROM

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Angélique\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows NT\Accessoires\wordpad.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## [ Registre Startup ]

HKCU_Main: "Local Page"="C:\\WINDOWS\\system32\\blank.htm"
HKCU_Main: "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
HKCU_Main: "Start Page"="http://247livesearch.com/cat/5/0/Education.html"
HKCU_Main: "Window Title"="Orange"
HKLM_logon: "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
HKLM_logon: "DefaultUserName"="Ang‚lique"
HKLM_logon: "AltDefaultUserName"="Ang‚lique"
HKLM_logon: "LegalNoticeCaption"=""
HKLM_logon: "LegalNoticeText"=""
HKLM_Run: avast!=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
HKLM_Run: TkBellExe="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
HKLM_Run: HP Software Update=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
HKLM_Run: SoundMan=SOUNDMAN.EXE
HKLM_Run: QuickTime Task="C:\Program Files\QuickTime\QTTask.exe" -atboottime
HKLM_Run: iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
HKLM_Run: eTrustPPAP="C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
HKLM_Run: Windows UDP Control Center=msnmsgrss.exe
HKLM_Run: 6425=c:\rujpn.exe
HKLM_Run: 26581=c:\rujpn.exe
HKLM_Run: 16228=c:\rujpn.exe
HKLM_Run: 9353=c:\rujpn.exe
HKLM_Run: 1185=c:\rujpn.exe
HKLM_Run: 11121=c:\rujpn.exe
HKLM_Run: 12935=c:\rujpn.exe
HKLM_Run: 3414=c:\rujpn.exe
HKLM_Run: 9250=c:\rujpn.exe
HKLM_Run: 7633=c:\rujpn.exe
HKLM_Run: 27517=c:\rujpn.exe
HKLM_Run: 1266=c:\rujpn.exe
HKLM_Run: 15049=c:\rujpn.exe
HKLM_Run: 1647=c:\rujpn.exe
HKLM_Run: 8638=c:\rujpn.exe
HKLM_Run: 28048=c:\rujpn.exe
HKLM_Run: 2212=c:\rujpn.exe
HKLM_Run: 19233=c:\rujpn.exe
HKLM_Run: 16656=c:\rujpn.exe
HKLM_Run: 31169=c:\rujpn.exe
HKLM_Run: 26650=c:\rujpn.exe
HKLM_Run: 21289=c:\rujpn.exe
HKLM_Run: 19349=c:\rujpn.exe
HKLM_Run: 21116=c:\rujpn.exe
HKLM_Run: 15292=c:\rujpn.exe
HKLM_Run: 22929=c:\rujpn.exe
HKLM_Run: 21312=c:\rujpn.exe
HKLM_Run: 31492=c:\rujpn.exe
HKLM_Run: 17627=c:\rujpn.exe
HKLM_Run: 5852=c:\rujpn.exe
HKLM_Run: 6176=c:\rujpn.exe
HKLM_Run: 23288=c:\rujpn.exe
HKLM_Run: 32022=c:\rujpn.exe
HKLM_Run: 21035=c:\rujpn.exe
HKLM_Run: 21821=c:\rujpn.exe
HKLM_Run: 6258=c:\rujpn.exe
HKLM_Run: 15835=c:\rujpn.exe
HKLM_Run: 18608=c:\rujpn.exe
HKLM_Run: 31191=c:\rujpn.exe
HKLM_Run: 21531=c:\rujpn.exe
HKLM_Run: 24489=c:\rujpn.exe
HKLM_Run: 25286=c:\rujpn.exe
HKLM_Run: 98=c:\rujpn.exe
HKLM_Run: 22525=c:\rujpn.exe
HKLM_Run: 9492=c:\rujpn.exe
HKLM_Run: 16609=c:\rujpn.exe
HKLM_Run: 630=c:\rujpn.exe
HKLM_Run: 26384=c:\rujpn.exe
HKLM_Run: 14322=c:\rujpn.exe
HKLM_Run: 31468=c:\rujpn.exe
HKLM_Run: 14380=c:\rujpn.exe
HKLM_Run: 24316=c:\rujpn.exe
HKLM_Run: 25934=c:\rujpn.exe
HKLM_Run: 27748=c:\rujpn.exe
HKLM_Run: 26130=c:\rujpn.exe
HKLM_Run: 19025=c:\rujpn.exe
HKLM_Run: 3542=c:\rujpn.exe
HKLM_Run: 19347=c:\rujpn.exe
HKLM_Run: 31792=c:\rujpn.exe
HKLM_Run: 14968=c:\rujpn.exe
HKLM_Run: 17465=c:\rujpn.exe
HKLM_Run: 29955=c:\rujpn.exe
HKLM_Run: 14103=c:\rujpn.exe
HKLM_Run: 13928=c:\rujpn.exe
HKLM_Run: 13190=c:\rujpn.exe
HKLM_Run: 18227=c:\rujpn.exe
HKLM_Run: 15189=c:\rujpn.exe
HKLM_Run: 20272=c:\rujpn.exe
HKLM_Run: 31225=c:\rujpn.exe
HKLM_Run: 1982=c:\rujpn.exe
HKLM_Run: 4477=c:\rujpn.exe
HKLM_Run: 2780=c:\rujpn.exe
HKLM_Run: 9574=c:\rujpn.exe
HKLM_Run: 19833=c:\rujpn.exe
HKLM_Run: 8475=c:\rujpn.exe
HKLM_Run: 30105=c:\rujpn.exe
HKLM_Run: 27343=c:\rujpn.exe
HKLM_Run: 24108=c:\rujpn.exe
HKLM_Run: 5436=c:\rujpn.exe
HKLM_Run: 26245=c:\rujpn.exe
HKLM_Run: 8037=c:\rujpn.exe
HKLM_Run: 11872=c:\rujpn.exe
HKLM_Run: 6107=c:\rujpn.exe
HKLM_Run: 12993=c:\rujpn.exe
HKLM_Run: 25194=c:\rujpn.exe
HKLM_Run: 30382=c:\rujpn.exe
HKLM_Run: 30752=c:\rujpn.exe
HKLM_Run: 31642=c:\rujpn.exe
HKLM_Run: 4154=c:\rujpn.exe
HKLM_Run: 19545=c:\rujpn.exe
HKLM_Run: 827=c:\rujpn.exe
HKLM_Run: 26211=c:\rujpn.exe
HKLM_Run: 22098=c:\rujpn.exe
HKLM_Run: 24133=c:\rujpn.exe
HKLM_Run: 2513=c:\rujpn.exe
HKLM_Run: 5010=c:\rujpn.exe
HKLM_Run: 17499=c:\rujpn.exe
HKLM_Run: 25448=c:\rujpn.exe
HKLM_Run: 30671=c:\rujpn.exe
HKLM_Run: 735=c:\rujpn.exe
HKLM_Run: 8498=c:\rujpn.exe
HKLM_Run: 9099=c:\rujpn.exe
HKLM_Run: 20434=c:\rujpn.exe
HKLM_Run: 2734=c:\rujpn.exe
HKLM_Run: 7817=c:\rujpn.exe
HKLM_Run: 1496=c:\rujpn.exe
HKLM_Run: 29782=c:\rujpn.exe
HKLM_Run: 31596=c:\rujpn.exe
HKLM_Run: 10335=c:\rujpn.exe
HKLM_Run: 13293=c:\rujpn.exe
HKLM_Run: 17649=c:\rujpn.exe
HKLM_Run: 15616=c:\rujpn.exe
HKLM_Run: 5634=c:\rujpn.exe
HKLM_Run: 14887=c:\rujpn.exe
HKLM_Run: 237=c:\rujpn.exe
HKLM_Run: 18089=c:\rujpn.exe
HKLM_Run: 23958=c:\rujpn.exe
HKLM_Run: 1035=c:\rujpn.exe
HKLM_Run: 23831=c:\rujpn.exe
HKLM_Run: 24016=c:\rujpn.exe
HKLM_Run: 12473=c:\rujpn.exe
HKLM_Run: 5864=c:\rujpn.exe
HKLM_Run: 17187=c:\rujpn.exe
HKLM_Run: 23484=c:\rujpn.exe
HKLM_Run: 14657=c:\rujpn.exe
HKLM_Run: 26546=c:\rujpn.exe
HKLM_Run: 24466=c:\rujpn.exe
HKLM_Run: 22584=c:\rujpn.exe
HKLM_Run: 3865=c:\rujpn.exe
HKLM_Run: 307=c:\rujpn.exe
HKLM_Run: 31283=c:\rujpn.exe
HKLM_Run: 18851=c:\rujpn.exe
HKLM_Run: 11468=c:\rujpn.exe
HKLM_Run: 9896=c:\rujpn.exe
HKLM_Run: 18216=c:\rujpn.exe
HKLM_Run: 28811=c:\rujpn.exe
HKLM_Run: 3439=c:\rujpn.exe
HKLM_Run: 13016=c:\rujpn.exe
HKLM_Run: 21809=c:\rujpn.exe
HKLM_Run: 19869=c:\rujpn.exe
HKLM_Run: 27690=c:\rujpn.exe
HKLM_Run: 4396=c:\rujpn.exe
HKLM_Run: 3160=c:\rujpn.exe
HKLM_Run: 13790=c:\rujpn.exe
HKLM_Run: 12600=c:\rujpn.exe
HKLM_Run: 22167=c:\rujpn.exe
HKLM_Run: 21348=c:\rujpn.exe
HKLM_Run: 3935=c:\rujpn.exe
HKLM_Run: 145=c:\rujpn.exe
HKLM_Run: 15778=c:\rujpn.exe
HKLM_Run: 3576=c:\rujpn.exe
HKLM_Run: 9365=c:\rujpn.exe
HKLM_Run: 3079=c:\rujpn.exe
HKLM_Run: 28557=c:\rujpn.exe
HKLM_Run: 3738=c:\rujpn.exe
HKLM_Run: 30185=c:\rujpn.exe
HKLM_Run: 26488=c:\rujpn.exe
HKLM_Run: 23946=c:\rujpn.exe
HKLM_Run: 28764=c:\rujpn.exe
HKLM_Run: 8777=c:\rujpn.exe
HKLM_Run: 18169=c:\rujpn.exe
HKLM_Run: 21497=c:\rujpn.exe
HKLM_Run: 22560=c:\rujpn.exe
HKLM_Run: 27055=c:\rujpn.exe
HKLM_Run: 15870=c:\rujpn.exe
HKLM_Run: 8394=c:\rujpn.exe
HKLM_Run: 1786=c:\rujpn.exe
HKLM_Run: 27447=c:\rujpn.exe
HKLM_Run: 15662=c:\rujpn.exe
HKLM_Run: 26072=c:\rujpn.exe
HKLM_Run: 3011=c:\rujpn.exe
HKLM_Run: 16888=c:\rujpn.exe
HKLM_Run: 15281=c:\rujpn.exe
HKLM_Run: 2756=c:\rujpn.exe
HKLM_Run: 364=c:\rujpn.exe
HKLM_Run: 4200=c:\rujpn.exe
HKLM_Run: 15627=c:\rujpn.exe
HKLM_Run: 23392=c:\rujpn.exe
HKLM_Run: 4038=c:\rujpn.exe
HKLM_Run: 8615=c:\rujpn.exe
HKLM_Run: 21566=c:\rujpn.exe
HKLM_Run: 24293=c:\rujpn.exe
HKLM_Run: 29816=c:\rujpn.exe
HKLM_Run: 31065=c:\rujpn.exe
HKLM_Run: 17487=c:\rujpn.exe
HKLM_Run: 26823=c:\rujpn.exe
HKLM_Run: 28348=c:\rujpn.exe
HKLM_Run: 7516=c:\rujpn.exe
HKLM_Run: 32103=c:\rujpn.exe
HKLM_Run: 5541=c:\rujpn.exe
HKLM_Run: 23843=c:\rujpn.exe
HKLM_Run: 29943=c:\rujpn.exe
HKLM_Run: 17707=c:\rujpn.exe
HKLM_Run: 12068=c:\rujpn.exe
HKLM_Run: 2374=c:\rujpn.exe
HKLM_Run: 30984=c:\rujpn.exe
HKLM_Run: 14529=c:\rujpn.exe
HKLM_Run: 23046=c:\rujpn.exe
HKLM_Run: 8257=c:\rujpn.exe
HKLM_Run: 20376=c:\rujpn.exe
HKLM_Run: 13768=c:\rujpn.exe
HKLM_Run: 29862=c:\rujpn.exe
HKLM_Run: 13131=c:\rujpn.exe
HKLM_Run: 619=c:\rujpn.exe
HKLM_Run: 30151=c:\rujpn.exe
HKLM_Run: 15592=c:\rujpn.exe
HKLM_Run: 20920=c:\rujpn.exe
HKLM_Run: 31641=c:\rujpn.exe
HKLM_Run: 13074=c:\rujpn.exe
HKLM_Run: 3691=c:\rujpn.exe
HKLM_Run: 5136=c:\rujpn.exe
HKLM_Run: 1716=c:\rujpn.exe
HKLM_Run: 14714=c:\rujpn.exe
HKLM_Run: 6904=c:\rujpn.exe
HKLM_Run: 8810=c:\rujpn.exe
HKLM_Run: 21150=c:\rujpn.exe
HKLM_Run: 18019=c:\rujpn.exe
HKLM_Run: 30313=c:\rujpn.exe
HKLM_Run: 31423=c:\rujpn.exe
HKLM_Run: 32128=c:\rujpn.exe
HKLM_Run: 27737=c:\rujpn.exe
HKLM_Run: 23854=c:\rujpn.exe
HKLM_Run: 14806=c:\rujpn.exe
HKLM_Run: 18736=c:\rujpn.exe
HKLM_Run: 14448=c:\rujpn.exe
HKLM_Run: 4234=c:\rujpn.exe
HKLM_Run: 28822=c:\rujpn.exe
HKLM_Run: 20330=c:\rujpn.exe
HKLM_Run: 25599=c:\rujpn.exe
HKLM_Run: 21810=c:\rujpn.exe
HKLM_Run: 8279=c:\rujpn.exe
HKLM_Run: 1993=c:\rujpn.exe
HKLM_Run: 26177=c:\rujpn.exe
HKLM_Run: 16147=c:\rujpn.exe
HKLM_Run: 19671=c:\rujpn.exe
HKLM_Run: 26049=c:\rujpn.exe
HKLM_Run: 29007=c:\rujpn.exe
HKLM_Run: 7066=c:\rujpn.exe
HKLM_Run: 27540=c:\rujpn.exe
HKLM_Run: 12392=c:\rujpn.exe
HKLM_Run: 16968=c:\rujpn.exe
HKLM_Run: 26535=c:\rujpn.exe
HKLM_Run: 12080=c:\rujpn.exe
HKLM_Run: 11571=c:\rujpn.exe
HKLM_Run: 19625=c:\rujpn.exe
HKLM_Run: 4143=c:\rujpn.exe
HKLM_Run: 5957=c:\rujpn.exe
HKLM_Run: 10994=c:\rujpn.exe
HKLM_Run: 25011=c:\rujpn.exe
HKLM_Run: 746=c:\rujpn.exe
HKLM_Run: 22051=c:\rujpn.exe
HKLM_Run: 5933=c:\rujpn.exe
HKLM_Run: 3300=c:\rujpn.exe
HKLM_Run: 30117=c:\rujpn.exe
HKLM_Run: 19486=c:\rujpn.exe
HKLM_Run: 23832=c:\rujpn.exe
HKLM_Run: 14507=c:\rujpn.exe
HKLM_Run: 1705=c:\rujpn.exe
HKLM_Run: 13814=c:\rujpn.exe
HKLM_Run: 22190=c:\rujpn.exe
HKLM_Run: 30371=c:\rujpn.exe
HKLM_Run: 10508=c:\rujpn.exe
HKLM_Run: 15130=c:\rujpn.exe
HKLM_Run: 8232=c:\rujpn.exe
HKLM_Run: 8325=c:\rujpn.exe
HKLM_Run: 5332=c:\rujpn.exe
HKLM_Run: 19244=c:\rujpn.exe
HKLM_Run: 12692=c:\rujpn.exe
HKLM_Run: 7978=c:\rujpn.exe
HKLM_Run: 29111=c:\rujpn.exe
HKLM_Run: 25090=c:\rujpn.exe
HKLM_Run: 13547=c:\rujpn.exe
HKLM_Run: 3333=c:\rujpn.exe
HKLM_Run: 17395=c:\rujpn.exe
HKLM_Run: 29365=c:\rujpn.exe
HKLM_Run: 2606=c:\rujpn.exe
HKLM_Run: 10337=c:\rujpn.exe
HKLM_Run: 20273=c:\rujpn.exe
HKLM_Run: 22224=c:\rujpn.exe
HKLM_Run: 872=c:\rujpn.exe
HKLM_Run: 5830=c:\rujpn.exe
HKLM_Run: 14299=c:\rujpn.exe
HKLM_Run: 17118=c:\rujpn.exe
HKLM_Run: 6129=c:\rujpn.exe
HKLM_Run: 7389=c:\rujpn.exe
HKLM_Run: 5089=c:\rujpn.exe
HKLM_Run: 31999=c:\rujpn.exe
HKLM_Run: 32739=c:\rujpn.exe
HKLM_Run: 16204=c:\rujpn.exe
HKLM_Run: 24581=c:\rujpn.exe
HKLM_Run: 3229=c:\rujpn.exe
HKLM_Run: 21762=c:\rujpn.exe
HKLM_Run: 15904=c:\rujpn.exe
HKLM_Run: 27320=c:\rujpn.exe
HKLM_Run: 7227=c:\rujpn.exe
HKLM_Run: 109=c:\rujpn.exe
HKLM_Run: 30578=c:\rujpn.exe
HKLM_Run: 19902=c:\rujpn.exe
HKLM_Run: 28279=c:\rujpn.exe
HKLM_Run: 21901=c:\rujpn.exe
HKLM_Run: 14783=c:\rujpn.exe
HKLM_Run: 16043=c:\rujpn.exe
HKLM_Run: 5366=c:\rujpn.exe
HKLM_Run: 6626=c:\rujpn.exe
HKLM_Run: 28718=c:\rujpn.exe
HKLM_Run: 22860=c:\rujpn.exe
HKLM_Run: 2247=c:\rujpn.exe
HKLM_Run: 6545=c:\rujpn.exe
HKLM_Run: 1426=c:\rujpn.exe
HKLM_Run: 12842=c:\rujpn.exe
HKLM_Run: 14101=c:\rujpn.exe
HKLM_Run: 14841=c:\rujpn.exe
HKLM_Run: 4165=c:\rujpn.exe
HKLM_Run: 5424=c:\rujpn.exe
HKLM_Run: 27516=c:\rujpn.exe
HKLM_Run: 32334=c:\rujpn.exe
HKLM_Run: 21658=c:\rujpn.exe
HKLM_Run: 14540=c:\rujpn.exe
HKLM_Run: 15800=c:\rujpn.exe
HKLM_Run: 8682=c:\rujpn.exe
HKLM_Run: 27215=c:\rujpn.exe
HKLM_Run: 24916=c:\rujpn.exe
HKLM_Run: 525=c:\rujpn.exe
HKLM_Run: 11941=c:\rujpn.exe
HKLM_Run: 23356=c:\rujpn.exe
HKLM_Run: 24616=c:\rujpn.exe
HKLM_Run: 17498=c:\rujpn.exe
HKLM_Run: 10381=c:\rujpn.exe
HKLM_Run: 11640=c:\rujpn.exe
HKLM_Run: 4523=c:\rujpn.exe
HKLM_Run: 30173=c:\rujpn.exe
HKLM_Run: 31433=c:\rujpn.exe
HKLM_Run: 20197=c:\rujpn.exe
HKLM_Run: 24315=c:\rujpn.exe
HKLM_Run: 25575=c:\rujpn.exe
HKLM_Run: 18457=c:\rujpn.exe
HKLM_Run: 11340=c:\rujpn.exe
HKLM_Run: 9040=c:\rujpn.exe
HKLM_Run: 10300=c:\rujpn.exe
HKLM_Run: 32392=c:\rujpn.exe
HKLM_Run: 25274=c:\rujpn.exe
HKLM_Run: 26534=c:\rujpn.exe
HKLM_Run: 8740=c:\rujpn.exe
HKLM_Run: 28532=c:\rujpn.exe
HKCU_Run: ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe

################## [ Fichiers # Dossiers infectieux ]

Found ! C:\WINDOWS\msnmsgrss.exe
Found ! C:\WINDOWS\Temp\sig512.tmp
Found ! C:\WINDOWS\system32\tya7hfd873f.dll
Found ! C:\WINDOWS\system32\drivers\sysdrv32.sys
Found ! C:\dialer.exe
Found ! C:\lsass.exe
Found ! C:\klikertaar.exe
Found ! C:\lsass.exe
Found ! C:\ltin.exe
Found ! C:\rujpn.exe
Found ! D:\COMMAND.PIF

################## [ Registre # Clés Run infectieuses ]

Found ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "Windows UDP Control Center"
Found ! HKLM\SYSTEM\CurrentControlSet\Services\sysdrv32
Found ! HKLM\SYSTEM\ControlSet002\Services\sysdrv32
Found ! HKLM\SYSTEM\ControlSet004\Services\sysdrv32
Found ! HKLM\software\microsoft\windows nt\currentversion\winlogon\\ "Taskman"

################## [ Registre # Mountpoints2 ]

HKCU\...\Explorer\MountPoints2\{1caf4fad-4e8a-11dd-a31d-00f1e7031254}\Shell\AutoRun\Command

################## [ Informations # Fichier Suspect ]


################## [ Cracks # Keygens # Serials ]

# -> Nothing found !

################## [ ! Fin du rapport # UsbFix V3.025 ! ]
0
Réponse 9 / 13
Utilisateur anonyme
23 mai 2009 à 18:23
(!) Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) susceptible d avoir été infectés sans les ouvrir

• Double clic sur le raccourci UsbFix présent sur ton bureau

• choisis l'option 2 ( Suppression )

• Ton bureau disparaitra et le pc redémarrera .

• Au redémarrage , UsbFix scannera ton pc , laisse travailler l'outil.

• Ensuite post le rapport UsbFix.txt qui apparaitra avec le bureau .

• Note : Le rapport UsbFix.txt est sauvegardé a la racine du disque.( C:\UsbFix.txt )

( CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

0
Réponse 10 / 13
Roxas02 Messages postés 10 Date d'inscription mercredi 19 mars 2008 Statut Membre Dernière intervention 3 novembre 2011
23 mai 2009 à 18:34
############################## [ UsbFix V3.025 | Cleaning ]

# User : Angélique (Administrateurs) # ABDEL-30F34AD24
# Update on 22/05/09 by Chiquitine29, C_XX & Chimay8
# WebSite : http://pagesperso-orange.fr/NosTools/usbfix.html
# Start at: 18:29:05 | 23/05/2009

# AMD Athlon(tm) XP 1700+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.13
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1296 [VPS 090523-0] 4.8.1296 [ Enabled | Updated ]

# A:\ # Lecteur de disquettes 3 ½ pouces
# C:\ # Disque fixe local # 298,08 Go (174,09 Go free) [Windows XP] # NTFS
# D:\ # Disque fixe local # 19 Go (15,78 Go free) [HDD 20GO] # FAT32
# E:\ # Disque CD-ROM

############################## [ Processus actifs ]

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MioNet\MioNetManager.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\MioNet\jvm\bin\MioNet.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\dwwin.exe

################## [ Fichiers # Dossiers infectieux ]

Deleted ! C:\WINDOWS\msnmsgrss.exe
Deleted ! C:\WINDOWS\Temp\sig512.tmp
Deleted ! C:\WINDOWS\system32\tya7hfd873f.dll
Deleted ! C:\WINDOWS\system32\drivers\sysdrv32.sys
Deleted ! C:\dialer.exe
Deleted ! C:\klikertaar.exe
Deleted ! C:\ltin.exe
Deleted ! C:\rujpn.exe
Deleted ! D:\COMMAND.PIF

################## [ Registre # Clés Run infectieuses ]

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run "Windows UDP Control Center"
Deleted ! HKLM\SYSTEM\CurrentControlSet\Services\sysdrv32
Deleted ! HKLM\SYSTEM\ControlSet004\Services\sysdrv32
Deleted ! HKLM\software\microsoft\windows nt\currentversion\winlogon\\ "Taskman"

################## [ Registre # Mountpoints2 ]

Deleted ! HKCU\...\Explorer\MountPoints2\{1caf4fad-4e8a-11dd-a31d-00f1e7031254}\Shell\AutoRun\Command

################## [ Listing des fichiers présent ]

[27/01/2008 22:21|--a------|0] - C:\AUTOEXEC.BAT
[27/01/2008 22:16|---hs----|216] - C:\boot.ini
[02/03/2006 14:00|-rahs----|4952] - C:\Bootfont.bin
[08/03/2009 19:24|--a------|7522] - C:\caisslog.txt
[27/01/2008 22:21|--a------|0] - C:\CONFIG.SYS
[19/02/2008 20:41|--a------|412] - C:\error.log
[23/05/2009 16:56|--a------|3276] - C:\FindyKill.txt
[?|?|?] - C:\hiberfil.sys
[27/01/2008 22:21|-rahs----|0] - C:\IO.SYS
[22/05/2009 20:02|--a------|94720] - C:\klikera.exe
[27/01/2008 22:21|-rahs----|0] - C:\MSDOS.SYS
[02/03/2006 14:00|-rahs----|47564] - C:\NTDETECT.COM
[30/09/2008 17:08|-rahs----|252240] - C:\ntldr
[?|?|?] - C:\pagefile.sys
[19/02/2008 22:53|--a------|90] - C:\Setup.log
[21/05/2009 19:30|--ah-----|268] - C:\sqmdata00.sqm
[21/05/2009 19:36|--ah-----|268] - C:\sqmdata01.sqm
[21/05/2009 21:36|--ah-----|268] - C:\sqmdata02.sqm
[22/05/2009 15:04|--ah-----|268] - C:\sqmdata03.sqm
[22/05/2009 19:29|--ah-----|268] - C:\sqmdata04.sqm
[22/05/2009 20:50|--ah-----|172] - C:\sqmdata05.sqm
[23/05/2009 16:27|--ah-----|232] - C:\sqmdata06.sqm
[23/05/2009 16:31|--ah-----|208] - C:\sqmdata07.sqm
[20/05/2009 20:50|--ah-----|172] - C:\sqmdata08.sqm
[20/05/2009 22:01|--ah-----|232] - C:\sqmdata09.sqm
[20/05/2009 22:05|--ah-----|208] - C:\sqmdata10.sqm
[20/05/2009 22:08|--ah-----|268] - C:\sqmdata11.sqm
[20/05/2009 22:20|--ah-----|232] - C:\sqmdata12.sqm
[20/05/2009 22:28|--ah-----|208] - C:\sqmdata13.sqm
[20/05/2009 23:45|--ah-----|268] - C:\sqmdata14.sqm
[21/05/2009 16:40|--ah-----|268] - C:\sqmdata15.sqm
[21/05/2009 16:49|--ah-----|172] - C:\sqmdata16.sqm
[21/05/2009 18:12|--ah-----|232] - C:\sqmdata17.sqm
[21/05/2009 19:13|--ah-----|268] - C:\sqmdata18.sqm
[21/05/2009 19:28|--ah-----|172] - C:\sqmdata19.sqm
[21/05/2009 19:30|--ah-----|244] - C:\sqmnoopt00.sqm
[21/05/2009 19:36|--ah-----|244] - C:\sqmnoopt01.sqm
[21/05/2009 21:36|--ah-----|244] - C:\sqmnoopt02.sqm
[22/05/2009 15:04|--ah-----|244] - C:\sqmnoopt03.sqm
[22/05/2009 19:29|--ah-----|244] - C:\sqmnoopt04.sqm
[22/05/2009 20:50|--ah-----|172] - C:\sqmnoopt05.sqm
[23/05/2009 16:27|--ah-----|244] - C:\sqmnoopt06.sqm
[23/05/2009 16:31|--ah-----|172] - C:\sqmnoopt07.sqm
[20/05/2009 20:50|--ah-----|172] - C:\sqmnoopt08.sqm
[20/05/2009 22:01|--ah-----|244] - C:\sqmnoopt09.sqm
[20/05/2009 22:05|--ah-----|172] - C:\sqmnoopt10.sqm
[20/05/2009 22:08|--ah-----|244] - C:\sqmnoopt11.sqm
[20/05/2009 22:20|--ah-----|244] - C:\sqmnoopt12.sqm
[20/05/2009 22:28|--ah-----|172] - C:\sqmnoopt13.sqm
[20/05/2009 23:45|--ah-----|244] - C:\sqmnoopt14.sqm
[21/05/2009 16:40|--ah-----|244] - C:\sqmnoopt15.sqm
[21/05/2009 16:49|--ah-----|172] - C:\sqmnoopt16.sqm
[21/05/2009 18:12|--ah-----|244] - C:\sqmnoopt17.sqm
[21/05/2009 19:13|--ah-----|244] - C:\sqmnoopt18.sqm
[21/05/2009 19:28|--ah-----|172] - C:\sqmnoopt19.sqm
[23/05/2009 18:30|--a------|5892] - C:\UsbFix.txt
[15/02/2008 18:44|--a------|521364] - C:\vcredist_x86.log
[28/09/2007 18:00|--ah-----|75203] - D:\BOOTLOG.PRV
[05/05/1999 22:22|--a------|95874] - D:\COMMAND.COM
[20/11/2005 16:35|--a------|175] - D:\AUTOEXEC.BAT
[01/07/2005 10:38|--a------|1015] - D:\FRUNLOG.TXT
[01/07/2005 10:27|---h-----|22] - D:\MSDOS.---
[01/07/2005 10:44|--ah-----|109241] - D:\SETUPLOG.TXT
[01/07/2005 10:44|--a------|5973] - D:\NETLOG.TXT
[11/11/2006 09:35|--a------|100] - D:\CONFIG.SYS
[05/10/2007 12:02|--ah-----|91684] - D:\BOOTLOG.TXT
[01/07/2005 10:35|-r-h-----|5166] - D:\SUHDLOG.DAT
[01/07/2005 10:40|-r-hs----|1676] - D:\MSDOS.SYS
[15/08/2007 15:24|--ahs----|77047] - D:\DETLOG.TXT
[01/07/2005 10:45|---hs----|49152] - D:\VIDEOROM.BIN
[01/07/2005 10:35|-r-h-----|540704] - D:\SYSTEM.1ST
[05/05/1999 22:22|-r-hs----|222390] - D:\IO.SYS
[26/11/2007 17:50|--ah-----|16596992] - D:\ffastun0.ffx
[26/11/2007 17:50|--ah-----|167936] - D:\ffastun.ffo
[26/11/2007 17:50|--ah-----|401408] - D:\ffastun.ffl
[26/11/2007 17:50|--ah-----|5408] - D:\ffastun.ffa
[26/11/2007 15:33|--a------|4461691] - D:\MEDIABAT-9.003.LAB
[17/05/2008 15:50|--a------|44567] - D:\SCANDISK.LOG
[19/12/2007 16:22|--a------|19456] - D:\Doc1.doc
[05/07/2005 12:04|--a------|860] - D:\hpzinstall.log
[12/12/2005 15:47|--a------|488] - D:\hpfr5550.xml
[21/07/2005 15:03|---------|2051841] - D:\AVG7QT.DAT
[28/10/2005 08:32|-r-hs----|2697870] - D:\AVG7DB_F.DAT
[20/11/2005 16:05|--a------|230432] - D:\stiimg.dat
[15/12/2005 16:09|--a------|214] - D:\CDFE.log
[15/12/2005 16:10|--a------|9078] - D:\setuphlp.txt
[15/12/2005 16:10|--a------|1625] - D:\veninst.txt
[15/12/2005 16:11|--a------|676] - D:\scaninst.ini
[28/09/2007 18:00|--a------|617] - D:\lxce.log
[21/11/2007 16:12|--a------|36352] - D:\DEVIS CHARPENTEET FACTURE 2005 2006.doc
[31/07/2007 17:50|--a------|182] - D:\Raccourci vers (C).lnk
[31/07/2007 17:51|--a------|182] - D:\Raccourci (2) vers (C).lnk
[01/07/2005 10:40|---hs----|73685] - D:\DETLOG.OLD

################## [ Vaccination ]

# C:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.
# D:\autorun.inf ( # Not infected ) -> Folder created by UsbFix.

################## [ Informations # Fichier Suspect ]


################## [ Cracks # Keygens # Serials ]

# -> Nothing found !

################## [ ! Fin du rapport # UsbFix V3.025 ! ]
0
Réponse 11 / 13
Utilisateur anonyme
23 mai 2009 à 18:40
---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :


:processes
explorer.exe

:files
C:\sqmnoopt*.sqm
C:\klikera.exe

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"6425"=-
"26581"=-
"16228"=-
"9353"=-
"1185"=-
"11121"=-
"12935"=-
"3414"=-
"9250"=-
"7633"=-
"27517"=-
"1266"=-
"15049"=-
"1647"=-
"8638"=-
"28048"=-
"2212"=-
"19233"=-
"16656"=-
"31169"=-
"26650"=-
"21289"=-
"19349"=-
"21116"=-
"15292"=-
"22929"=-
"21312"=-
"31492"=-
"17627"=-
"5852"=-
"6176"=-
"23288"=-
"32022"=-
"21035"=-
"21821"=-
"6258"=-
"15835"=-
"18608"=-
"31191"=-
"21531"=-
"24489"=-
"25286"=-
"98"=-
"22525"=-
"9492"=-
"16609"=-
"630"=-
"26384"=-
"14322"=-
"31468"=-
"14380"=-
"24316"=-
"25934"=-
"27748"=-
"26130"=-
"19025"=-
"3542"=-
"19347"=-
"31792"=-
"14968"=-
"17465"=-
"29955"=-
"14103"=-
"13928"=-
"13190"=-
"18227"=-
"15189"=-
"20272"=-
"31225"=-
"1982"=-
"4477"=-
"2780"=-
"9574"=-
"19833"=-
"8475"=-
"30105"=-
"27343"=-
"24108"=-
"5436"=-
"26245"=-
"8037"=-
"11872"=-
"6107"=-
"12993"=-
"25194"=-
"30382"=-
"30752"=-
"31642"=-
"4154"=-
"19545"=-
"827"=-
"26211"=-
"22098"=-
"24133"=-
"2513"=-
"5010"=-
"17499"=-
"25448"=-
"30671"=-
"735"=-
"8498"=-
"9099"=-
"20434"=-
"2734"=-
"7817"=-
"1496"=-
"29782"=-
"31596"=-
"10335"=-
"13293"=-
"17649"=-
"15616"=-
"5634"=-
"14887"=-
"237"=-
"18089"=-
"23958"=-
"1035"=-
"23831"=-
"24016"=-
"12473"=-
"5864"=-
"17187"=-
"23484"=-
"14657"=-
"26546"=-
"24466"=-
"22584"=-
"3865"=-
"307"=-
"31283"=-
"18851"=-
"11468"=-
"9896"=-
"18216"=-
"28811"=-
"3439"=-
"13016"=-
"21809"=-
"19869"=-
"27690"=-
"4396"=-
"3160"=-
"13790"=-
"12600"=-
"22167"=-
"21348"=-
"3935"=-
"145"=-
"15778"=-
"3576"=-
"9365"=-
"3079"=-
"28557"=-
"3738"=-
"30185"=-
"26488"=-
"23946"=-
"28764"=-
"8777"=-
"18169"=-
"21497"=-
"22560"=-
"27055"=-
"15870"=-
"8394"=-
"1786"=-
"27447"=-
"15662"=-
"26072"=-
"3011"=-
"16888"=-
"15281"=-
"2756"=-
"364"=-
"4200"=-
"15627"=-
"23392"=-
"4038"=-
"8615"=-
"21566"=-
"24293"=-
"29816"=-
"31065"=-
"17487"=-
"26823"=-
"28348"=-
"7516"=-
"32103"=-
"5541"=-
"23843"=-
"29943"=-
"17707"=-
"12068"=-
"2374"=-
"30984"=-
"14529"=-
"23046"=-
"8257"=-
"20376"=-
"13768"=-
"29862"=-
"13131"=-
"619"=-
"30151"=-
"15592"=-
"20920"=-
"31641"=-
"13074"=-
"3691"=-
"5136"=-
"1716"=-
"14714"=-
"6904"=-
"8810"=-
"21150"=-
"18019"=-
"30313"=-
"31423"=-
"32128"=-
"27737"=-
"23854"=-
"14806"=-
"18736"=-
"14448"=-
"4234"=-
"28822"=-
"20330"=-
"25599"=-
"21810"=-
"8279"=-
"1993"=-
"26177"=-
"16147"=-
"19671"=-
"26049"=-
"29007"=-
"7066"=-
"27540"=-
"12392"=-
"16968"=-
"26535"=-
"12080"=-
"11571"=-
"19625"=-
"4143"=-
"5957"=-
"10994"=-
"25011"=-
"746"=-
"22051"=-
"5933"=-
"3300"=-
"30117"=-
"19486"=-
"23832"=-
"14507"=-
"1705"=-
"13814"=-
"22190"=-
"30371"=-
"10508"=-
"15130"=-
"8232"=-
"8325"=-
"5332"=-
"19244"=-
"12692"=-
"7978"=-
"29111"=-
"25090"=-
"13547"=-
"3333"=-
"17395"=-
"29365"=-
"2606"=-
"10337"=-
"20273"=-
"22224"=-
"872"=-
"5830"=-
"14299"=-
"17118"=-
"6129"=-
"7389"=-
"5089"=-
"31999"=-
"32739"=-
"16204"=-
"24581"=-
"3229"=-
"21762"=-
"15904"=-
"27320"=-
"7227"=-
"109"=-
"30578"=-
"19902"=-
"28279"=-
"21901"=-
"14783"=-
"16043"=-
"5366"=-
"6626"=-
"28718"=-
"22860"=-
"2247"=-
"6545"=-
"1426"=-
"12842"=-
"14101"=-
"14841"=-
"4165"=-
"5424"=-
"27516"=-
"32334"=-
"21658"=-
"14540"=-
"15800"=-
"8682"=-
"27215"=-
"24916"=-
"525"=-
"11941"=-
"23356"=-
"24616"=-
"17498"=-
"10381"=-
"11640"=-
"4523"=-
"30173"=-
"31433"=-
"20197"=-
"24315"=-
"25575"=-
"18457"=-
"11340"=-
"9040"=-
"10300"=-
"32392"=-
"25274"=-
"26534"=-
"8740"=-
"28532"=-

:commands
[emptytemp]
[reboot]


---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 12 / 13
Roxas02 Messages postés 10 Date d'inscription mercredi 19 mars 2008 Statut Membre Dernière intervention 3 novembre 2011
23 mai 2009 à 18:51
========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
C:\sqmnoopt00.sqm moved successfully.
C:\sqmnoopt01.sqm moved successfully.
C:\sqmnoopt02.sqm moved successfully.
C:\sqmnoopt03.sqm moved successfully.
C:\sqmnoopt04.sqm moved successfully.
C:\sqmnoopt05.sqm moved successfully.
C:\sqmnoopt06.sqm moved successfully.
C:\sqmnoopt07.sqm moved successfully.
C:\sqmnoopt08.sqm moved successfully.
C:\sqmnoopt09.sqm moved successfully.
C:\sqmnoopt10.sqm moved successfully.
C:\sqmnoopt11.sqm moved successfully.
C:\sqmnoopt12.sqm moved successfully.
C:\sqmnoopt13.sqm moved successfully.
C:\sqmnoopt14.sqm moved successfully.
C:\sqmnoopt15.sqm moved successfully.
C:\sqmnoopt16.sqm moved successfully.
C:\sqmnoopt17.sqm moved successfully.
C:\sqmnoopt18.sqm moved successfully.
C:\sqmnoopt19.sqm moved successfully.
C:\klikera.exe moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6425 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26581 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\16228 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9353 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1185 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\11121 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\12935 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3414 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9250 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7633 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27517 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1266 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15049 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1647 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8638 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\28048 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\2212 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19233 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\16656 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31169 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26650 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21289 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19349 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21116 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15292 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22929 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21312 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31492 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17627 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5852 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6176 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23288 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\32022 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21035 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21821 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6258 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15835 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18608 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31191 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21531 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24489 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\25286 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\98 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22525 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9492 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\16609 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\630 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26384 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14322 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31468 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14380 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24316 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\25934 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27748 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26130 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19025 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3542 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19347 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31792 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14968 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17465 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\29955 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14103 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13928 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13190 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18227 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15189 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\20272 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31225 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1982 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4477 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\2780 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9574 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19833 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8475 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30105 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27343 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24108 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5436 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26245 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8037 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\11872 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6107 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\12993 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\25194 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30382 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30752 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31642 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4154 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19545 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\827 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26211 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22098 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24133 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\2513 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5010 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17499 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\25448 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30671 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\735 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8498 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9099 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\20434 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\2734 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7817 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1496 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\29782 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31596 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\10335 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13293 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17649 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15616 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5634 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14887 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\237 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18089 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23958 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1035 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23831 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24016 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\12473 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5864 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17187 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23484 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14657 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26546 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24466 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22584 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3865 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\307 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31283 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18851 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\11468 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9896 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18216 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\28811 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3439 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13016 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21809 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19869 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27690 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4396 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3160 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13790 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\12600 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22167 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21348 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3935 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\145 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15778 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3576 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9365 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3079 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\28557 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3738 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30185 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26488 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23946 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\28764 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8777 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18169 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21497 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22560 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27055 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15870 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8394 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1786 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27447 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15662 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26072 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3011 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\16888 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15281 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\2756 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\364 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4200 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15627 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23392 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4038 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8615 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21566 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24293 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\29816 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31065 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17487 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26823 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\28348 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7516 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\32103 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5541 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23843 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\29943 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17707 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\12068 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\2374 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30984 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14529 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23046 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8257 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\20376 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13768 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\29862 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13131 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\619 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30151 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15592 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\20920 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31641 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13074 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3691 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5136 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1716 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14714 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6904 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8810 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21150 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18019 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30313 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31423 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\32128 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27737 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23854 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14806 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18736 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14448 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4234 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\28822 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\20330 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\25599 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21810 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8279 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1993 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26177 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\16147 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19671 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26049 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\29007 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7066 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27540 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\12392 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\16968 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26535 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\12080 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\11571 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19625 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4143 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5957 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\10994 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\25011 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\746 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22051 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5933 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3300 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30117 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19486 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23832 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14507 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1705 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13814 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22190 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30371 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\10508 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15130 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8232 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8325 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5332 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19244 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\12692 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7978 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\29111 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\25090 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\13547 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3333 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17395 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\29365 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\2606 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\10337 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\20273 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22224 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\872 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5830 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14299 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17118 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6129 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7389 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5089 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31999 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\32739 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\16204 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24581 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3229 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21762 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15904 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27320 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7227 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\109 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30578 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\19902 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\28279 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21901 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14783 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\16043 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5366 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6626 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\28718 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\22860 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\2247 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6545 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1426 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\12842 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14101 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14841 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4165 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5424 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27516 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\32334 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\21658 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\14540 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\15800 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8682 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\27215 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24916 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\525 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\11941 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\23356 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24616 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\17498 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\10381 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\11640 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4523 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\30173 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\31433 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\20197 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\24315 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\25575 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\18457 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\11340 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9040 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\10300 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\32392 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\25274 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\26534 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8740 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\28532 deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\ANGLIQ~1\LOCALS~1\Temp\etilqs_SUYzXaddhoEOVRH2dXYW scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\Angélique\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
User's Temporary Internet Files folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Network Service Temp folder emptied.
Network Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\hsperfdata_SYSTEM\1424 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_3c0.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_4a0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 05232009_184537

Files moved on Reboot...
File C:\DOCUME~1\ANGLIQ~1\LOCALS~1\Temp\etilqs_SUYzXaddhoEOVRH2dXYW not found!
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\hsperfdata_SYSTEM\1424 not found!
File C:\WINDOWS\temp\Perflib_Perfdata_3c0.dat not found!
File C:\WINDOWS\temp\Perflib_Perfdata_4a0.dat not found!
C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Angélique\Local Settings\Application Data\Mozilla\Firefox\Profiles\d71be3x4.default\XUL.mfl moved successfully.
0
Réponse 13 / 13
Roxas02 Messages postés 10 Date d'inscription mercredi 19 mars 2008 Statut Membre Dernière intervention 3 novembre 2011
26 mai 2009 à 15:54
Est-ce que le rapport indique que mon PC n'est plus infecté ?
Comme puis-je faire pour retirer ce "z-connect" de ma connexion ???
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
A quoi sert CPU-Z ?
mathilde15 -
fabul -

1 réponse
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
infecté par HackTool:Win32/AutoKMS
fredo1968 -
fredo1968 -

5 réponses