je peux pas ouvrir les disque locauxRésolu/Fermé

Question

Bonjour,
slt a tous cette fois le probleme sur mes disk dur je peux pas ouvrir les disque locaux il s'affiche  sur le mode  ce msg "l'application c/:ne peut étre exécuter sur le mode win32 "
je pense que g infecter avec un virus mé mon antivirus ne peut pa le detecté chaque fois me demande de faire un redemarage du systeme pour suprimmer le virus mé le probleme réste le méme
et g l'avast comme un anti virus
s'il te plais aide moi pliiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiize i need your help:(:(

Utilisateur anonyme · Answer

Salut,


Telecharge UsbFix sur ton bureau

--> Lance l installation avec les parametres par default

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

--> Double clic sur le raccourci UsbFix sur ton bureau

--> Le pc va redémarer

-->Apres redémarrage post le rapport UsbFix.txt 

Note : le rapport UsbFix.txt est sauvegardé a la racine du disque

helen19 · Answer

le probleme n'est pas sur les disque dur externe et les clés USB mmais dans les disque local c/: D/: et le E/:

Utilisateur anonyme · Answer

ok

branche tout le monde quand meme et passe usbfix

helen19 · Answer

comment branché le c/: et D/:E/:

Utilisateur anonyme · Answer

branche tes clé usb et disque externes c d et e sont deja branché .. et passe usbfix

helen19 · Answer

c ok
voici le repport
 

-------------- UsbFix V2.395 ---------------

* User : Administrateur - ORDINATEUR
* Outils mis a jours le 20/10/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 19:40:05 le Fri 10/24/2008
* Windows Xp - Internet Explorer 7.0.5730.13 
  
  
--------------- [ Processus actifs ] ----------------   
  
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp\1.tmp\b2e.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
  
--------------- [ Informations lecteurs ] ----------------   
  
C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

F: - Lecteur de CD-ROM

 
+- Contenu de l'autorun : C:\autorun.inf  

;LSLr9o35Ado8ropkHkk5DdwO3ZlAid3lAwswoiapd0rjDald0n3Dlja1Kw3iD2k1DKKjeL20kwAeawqwaslkia4q
[AutoRun]
;so34fsAs55A04O744LwaLKdL12qaoAwsDaK4ek
open=xih9.cmd
;i831AA5XorkjDoipwfKSCkaa04qAlZ083eiwoKwDe3SAaDikF1rlIkafJLD79JKJed3ida3ka1jw3cwscw45rl4
shell\open\Command=xih9.cmd
;eLC8aw4cIaSwkiei1ww7sXdwq2sqnLJfojAf4kdd220dSLAiis0q0r4lkOa
shell\open\Default=1
;dKaAlsw2awoCDke5l2DaLeko9Z57drlwk3Kjs09li1jLeki1Lfla7sj
shell\explore\Command=xih9.cmd
;
 
+- Contenu de l'autorun : D:\autorun.inf  

;LSLr9o35Ado8ropkHkk5DdwO3ZlAid3lAwswoiapd0rjDald0n3Dlja1Kw3iD2k1DKKjeL20kwAeawqwaslkia4q
[AutoRun]
;so34fsAs55A04O744LwaLKdL12qaoAwsDaK4ek
open=xih9.cmd
;i831AA5XorkjDoipwfKSCkaa04qAlZ083eiwoKwDe3SAaDikF1rlIkafJLD79JKJed3ida3ka1jw3cwscw45rl4
shell\open\Command=xih9.cmd
;eLC8aw4cIaSwkiei1ww7sXdwq2sqnLJfojAf4kdd220dSLAiis0q0r4lkOa
shell\open\Default=1
;dKaAlsw2awoCDke5l2DaLeko9Z57drlwk3Kjs09li1jLeki1Lfla7sj
shell\explore\Command=xih9.cmd
;
 
+- Contenu de l'autorun : E:\autorun.inf  

;LSLr9o35Ado8ropkHkk5DdwO3ZlAid3lAwswoiapd0rjDald0n3Dlja1Kw3iD2k1DKKjeL20kwAeawqwaslkia4q
[AutoRun]
;so34fsAs55A04O744LwaLKdL12qaoAwsDaK4ek
open=xih9.cmd
;i831AA5XorkjDoipwfKSCkaa04qAlZ083eiwoKwDe3SAaDikF1rlIkafJLD79JKJed3ida3ka1jw3cwscw45rl4
shell\open\Command=xih9.cmd
;eLC8aw4cIaSwkiei1ww7sXdwq2sqnLJfojAf4kdd220dSLAiis0q0r4lkOa
shell\open\Default=1
;dKaAlsw2awoCDke5l2DaLeko9Z57drlwk3Kjs09li1jLeki1Lfla7sj
shell\explore\Command=xih9.cmd
;
  
--------------- [ Registre / Startup ] ----------------   
 

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    RemoteControl	REG_SZ	"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    LanguageShortcut	REG_SZ	"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    VTTimer	REG_SZ	VTTimer.exe
    VTTrayp	REG_SZ	VTtrayp.exe
    SoundMan	REG_SZ	SOUNDMAN.EXE
    avgnt	REG_SZ	"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    fssui	REG_SZ	"C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
    avast!	REG_SZ	C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    SunJavaUpdateSched	REG_SZ	"C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    NeroFilterCheck	REG_SZ	C:\WINDOWS\system32\NeroCheck.exe
    MyWebSearch Plugin	REG_SZ	rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
    My Web Search Bar Search Scope Monitor	REG_SZ	"C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
    Part browse safe hold	REG_SZ	C:\Documents and Settings\All Users\Application Data\Audio 4 part browse\Once Hope.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    RocketDock	REG_SZ	"C:\Program Files\RocketDock\RocketDock.exe"
    msnmsgr	REG_SZ	"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    ctfmon.exe	REG_SZ	C:\WINDOWS\system32\ctfmon.exe
    swg	REG_SZ	C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    Yahoo! Pager	REG_SZ	"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    view mode	REG_SZ	C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\JUNKGR~1\Meta Acid.exe
    WMPNSCFG	REG_SZ	C:\Program Files\Windows Media Player\WMPNSCFG.exe
  
--------------- [ Registre / Mountpoint2 ] ----------------   
  
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4a75976-445c-11dd-8e6b-00142ac49b6d}\Shell\AutoRun\command  
Supprimé ! - HKEY_USERS\S-1-5-21-1844237615-839522115-906573251-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4a75976-445c-11dd-8e6b-00142ac49b6d}\Shell\AutoRun\command  
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4a75977-445c-11dd-8e6b-00142ac49b6d}\Shell\AutoRun\command  
Supprimé ! - HKEY_USERS\S-1-5-21-1844237615-839522115-906573251-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4a75977-445c-11dd-8e6b-00142ac49b6d}\Shell\AutoRun\command  
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4a75977-445c-11dd-8e6b-00142ac49b6d}\Shell\explore\Command  
Supprimé ! - HKEY_USERS\S-1-5-21-1844237615-839522115-906573251-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4a75977-445c-11dd-8e6b-00142ac49b6d}\Shell\explore\Command  
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4a75977-445c-11dd-8e6b-00142ac49b6d}\Shell\open\Command  
Supprimé ! - HKEY_USERS\S-1-5-21-1844237615-839522115-906573251-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4a75977-445c-11dd-8e6b-00142ac49b6d}\Shell\open\Command  
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7cee940-27d6-11dd-8df4-00142ac49b6d}\Shell\AutoRun\command  
Supprimé ! - HKEY_USERS\S-1-5-21-1844237615-839522115-906573251-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7cee940-27d6-11dd-8df4-00142ac49b6d}\Shell\AutoRun\command  
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7cee940-27d6-11dd-8df4-00142ac49b6d}\Shell\explore\Command  
Supprimé ! - HKEY_USERS\S-1-5-21-1844237615-839522115-906573251-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7cee940-27d6-11dd-8df4-00142ac49b6d}\Shell\explore\Command  
Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7cee940-27d6-11dd-8df4-00142ac49b6d}\Shell\open\Command  
Supprimé ! - HKEY_USERS\S-1-5-21-1844237615-839522115-906573251-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f7cee940-27d6-11dd-8df4-00142ac49b6d}\Shell\open\Command  
  
--------------- [ Nettoyage des disques ] ----------------   
   
Supprimé ! - C:\autorun.inf    
Supprimé ! - D:\autorun.inf    
Supprimé ! - E:\autorun.inf    
 
--------------- ! Fin du rapport ! ----------------

Utilisateur anonyme · Answer

Telecharge malwarebytes 

Tu l´instale; le programme va se mettre automatiquement a jour. 

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression". 

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet". 

Puis click sur "rechercher". 

Laisse le scanner le pc... 

Si des elements on ete trouvés > click sur supprimer la selection. 

si il t´es demandé de redemarrer > click sur "yes". 

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum. 

Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log

helen19 · Answer

le voila
Malwarebytes' Anti-Malware 1.20
Version de la base de données: 947
Windows 5.1.2600 Service Pack 2

20:57:03 24-10-2008
mbam-log-10-24-2008 (20-57-03).txt

Type de recherche: Examen complet (A:\|C:\|D:\|E:\|)
Eléments examinés: 86995
Temps écoulé: 37 minute(s), 12 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 19
Fichier(s) infecté(s): 82

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messengeriched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\001112C9 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00114469 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00114822.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00115764.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0011602E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00116DDA.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00117B47 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0013F3F8.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0013F669.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0014052E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0014079F.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\ask_logo.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\center.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\index.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\mid_dots.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\mws_logo.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\protect.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\shocked.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\stop.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\systray.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\systrayp.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON	p_grad.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON\warn.gif (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\WebfettiBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\xih9.cmd (Trojan.Agent) -> Quarantined and deleted successfully.

Utilisateur anonyme · Answer

réouvre malewarebyte
va sur quarantaine
supprime tout


ensuite tes disques dont encore infecté 

usbfix a été mis a jours

désinstal le depuis le panneau de configuration / ajout et suppresseion de programmes


ensuite réinstal le et refais le scan :


Telecharge UsbFix sur ton bureau

--> Lance l installation avec les parametres par default

Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir

--> Double clic sur le raccourci UsbFix sur ton bureau

--> Le pc va redémarer

-->Apres redémarrage post le rapport UsbFix.txt 

Note : le rapport UsbFix.txt est sauvegardé a la racine du disque

helen19 · Answer

-------------- UsbFix V2.395 ---------------

* User : Administrateur - ORDINATEUR
* Outils mis a jours le 20/10/2008 par Chiquitine29 et Chimay8
* Recherche effectuée à 21:36:38 le Fri 10/24/2008
* Windows Xp - Internet Explorer 7.0.5730.13 
  
  
--------------- [ Processus actifs ] ----------------   
  
 
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Windows Live\Contrôle parental\fsssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp\1.tmp\b2e.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
  
--------------- [ Informations lecteurs ] ----------------   
  
C: - Lecteur fixe

D: - Lecteur fixe

E: - Lecteur fixe

F: - Lecteur de CD-ROM

  
--------------- [ Registre / Startup ] ----------------   
 

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    RemoteControl	REG_SZ	"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    LanguageShortcut	REG_SZ	"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    VTTimer	REG_SZ	VTTimer.exe
    VTTrayp	REG_SZ	VTtrayp.exe
    SoundMan	REG_SZ	SOUNDMAN.EXE
    avgnt	REG_SZ	"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    fssui	REG_SZ	"C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
    avast!	REG_SZ	C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    SunJavaUpdateSched	REG_SZ	"C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    NeroFilterCheck	REG_SZ	C:\WINDOWS\system32\NeroCheck.exe
    Part browse safe hold	REG_SZ	C:\Documents and Settings\All Users\Application Data\Audio 4 part browse\Once Hope.exe

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    RocketDock	REG_SZ	"C:\Program Files\RocketDock\RocketDock.exe"
    msnmsgr	REG_SZ	"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    ctfmon.exe	REG_SZ	C:\WINDOWS\system32\ctfmon.exe
    swg	REG_SZ	C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    Yahoo! Pager	REG_SZ	"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    view mode	REG_SZ	C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\JUNKGR~1\Meta Acid.exe
    WMPNSCFG	REG_SZ	C:\Program Files\Windows Media Player\WMPNSCFG.exe
  
--------------- [ Registre / Mountpoint2 ] ----------------   
  
 
 -> Recherche négative. 
  
--------------- [ Nettoyage des disques ] ----------------   
   
Supprimé ! - D:\xih9.cmd    
Supprimé ! - E:\xih9.cmd    
 
--------------- ! Fin du rapport ! ----------------

Utilisateur anonyme · Answer

Télécharge Toolbar-S&D (Team IDN) sur ton Bureau. 
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2 

* Lance l'installation du programme en exécutant le fichier téléchargé. 
* Double-clique maintenant sur le raccourci de Toolbar-S&D. 
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée. 
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche. 
* Poste le rapport généré. (C:\TB.txt)

helen19 · Answer

-----------\  ToolBar S&D 1.2.3   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free :               Intel(R) Pentium(R) 4 CPU 2.80GHz )
   BIOS : Default System BIOS
   USER : Administrateur ( Administrator )
   BOOT : Normal boot
   A:\ (USB)
   C:\ (Local Disk) - NTFS - Total : 29 Go Free : 15 Go
   D:\ (Local Disk) - NTFS - Total : 19 Go Free : 15 Go
   E:\ (Local Disk) - NTFS - Total : 25 Go Free : 17 Go
   F:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go

   "C:\ToolBar SD" ( MAJ : 23-10-2008|0:25 )
   Option : [1] ( Fri 10/24/2008|21:46 )

   -----------\  Recherche de Fichiers / Dossiers ...

   C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@alot[2].txt
   C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@h.alot[1].txt
   C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@search.alot[2].txt
   C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@try.alot[1].txt
   C:\Program Files\AskTBar
   C:\Program Files\AskTBar\bar
   C:\Program Files\AskTBar\PopSwatr
   C:\Program Files\AskTBar\SrchAstt
   C:\DOCUME~1\ADMINI~1\APPLIC~1\FunWebProducts
   C:\DOCUME~1\ADMINI~1\APPLIC~1\FunWebProducts\Data
   C:\Program Files\Fun Web Products
   C:\Program Files\Fun Web Products\MSNMessenger
   C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@myway[1].txt
   C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@mywebsearch[2].txt
   C:\Program Files\Internet Explorer\msimg32.dll
   C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp
smBC.tmp

   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Start Page"="https://home.sweetim.com/"
   "Local Page"="C:\WINDOWS\system32\blank.htm"
   "SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
   "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Start Page"="https://home.sweetim.com/"
   "Search Bar"="http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html"


   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !


   1 - "C:\ToolBar SD\TB_1.txt" - Fri 10/24/2008|21:47 - Option : [1]

   -----------\  Fin du rapport a 21:47:43.65

Utilisateur anonyme · Answer

Relance Toolbar-S&D en double-cliquant sur le raccourci. Tape sur "2" puis valide en appuyant sur "Entrée". 
! Ne ferme pas la fenêtre lors de la suppression ! 
Un rapport sera généré, poste son contenu ici. 

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches. 
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..." 
Tape explorer puis valide.

helen19 · Answer

pardon g pa compri

Utilisateur anonyme · Answer

réouvre toolbar S&D et choisi l option 2 puis post le rapport

helen19 · Answer

voici

   -----------\  ToolBar S&D 1.2.3   XP/Vista

   Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
   X86-based PC ( Uniprocessor Free :               Intel(R) Pentium(R) 4 CPU 2.80GHz )
   BIOS : Default System BIOS
   USER : Administrateur ( Administrator )
   BOOT : Normal boot
   A:\ (USB)
   C:\ (Local Disk) - NTFS - Total : 29 Go Free : 14 Go
   D:\ (Local Disk) - NTFS - Total : 19 Go Free : 15 Go
   E:\ (Local Disk) - NTFS - Total : 25 Go Free : 17 Go
   F:\ (CD or DVD) - CDFS - Total : 0 Go Free : 0 Go

   "C:\ToolBar SD" ( MAJ : 23-10-2008|0:25 )
   Option : [2] ( Sun 10/26/2008|13:32 )

   -----------\  Recherche de Fichiers / Dossiers ...


   -----------\  [..\Internet Explorer\Main]

   [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
   "Start Page"="http://home.sweetim.com"
   "Local Page"="C:\WINDOWS\system32\blank.htm"
   "SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

   [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
   "Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
   "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
   "Start Page"="https://www.msn.com/fr-fr/"
   "Search Bar"="http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html"


   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !


   1 - "C:\ToolBar SD\TB_1.txt" - Fri 10/24/2008|21:47 - Option : [1]
   2 - "C:\ToolBar SD\TB_2.txt" - Fri 10/24/2008|21:54 - Option : [2]
   3 - "C:\ToolBar SD\TB_3.txt" - Sun 10/26/2008|13:34 - Option : [2]

   -----------\  Fin du rapport a 13:34:23.90

Utilisateur anonyme · Answer

Télécharge HijackThis (outils de dignostic) ici : 

->  Fais un clic droit sur un des liens et choisi enregistrer la cible sous .... le bureau
->  http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe 
->  ftp://ftp.commentcamarche.com/download/HJTInstall.exe

-> Fais un double-clic sur HJTInstall.exe afin de lancer l'installation 

-> Clique sur Install ensuite sur I Accept 

-> Clique sur Do a scan system and save log file 

-> Le bloc-notes s'ouvrira, fais un copier-coller de tout son contenu ici dans ta prochaine réponse

helen19 · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:51:41, on 28-10-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Live\Contrôle parental\fssui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Contrôle parental\fssbho.dll
O2 - BHO: UrlHelper Class - {6D023EBF-70B8-45A6-9ED5-556515FA0FE4} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Contrôle parental\fssui.exe" -autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Part browse safe hold] C:\Documents and Settings\All Users\Application Data\Audio 4 part browse\hole eq.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [view mode] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\JUNKGR~1\Meta Acid.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide2] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,L,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RESEAU')
O4 - HKUS\S-1-5-18\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32
wprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8D09974-7E85-49A9-8F21-4206814B159A}: NameServer = 208.67.222.222 193.55.10.102
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

Utilisateur anonyme · Answer

de rien helene,

encore une infection visible:

télécharge Lop S&D.exe sur ton Bureau.https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 

* Double-clique dessus pour lancer l'installation 
* Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau 
* Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche) 
* Patiente jusqu'à la fin du scan 
* Poste le rapport généré (C:\lopR.txt)

helen19 · Answer

--------------------\ Lop S&D 4.2.4-8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz ) BIOS : Default System BIOS USER : Administrateur ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:29 Go (Free:14 Go) D:\ (Local Disk) - NTFS - Total:19 Go (Free:15 Go) E:\ (Local Disk) - NTFS - Total:25 Go (Free:17 Go) F:\ (CD or DVD) "C:\Lop SD" ( MAJ : 27-10-2008|09:15 ) Option : [1] ( Tue 10/28/2008|16:25 ) --------------------\ Listing des dossiers dans APPLIC~1 [07/22/2008|06:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Adobe [07/08/2008|01:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Ahead [06/17/2008|09:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Google [06/27/2008|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Identities [08/29/2008|08:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\ junkgramfour [09/03/2008|12:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\ LimeWire [06/08/2008|03:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Macromedia [07/12/2008|06:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Malwarebytes [05/20/2008|12:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Media Player Classic [07/05/2008|10:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Microsoft [07/12/2008|02:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Nero [06/20/2008|12:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Real [07/27/2008|03:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\ skypePM [06/09/2008|03:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Sun [06/20/2008|12:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Yahoo! [06/27/2008|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Zylom [09/17/2008|11:14] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Adobe [09/13/2008|11:09] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Ahead [09/27/2008|09:11] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ blg [09/27/2008|10:19] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Camfrog [10/03/2008|12:06] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Games [09/08/2008|12:57] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Google [09/08/2008|12:51] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Identities [10/26/2008|06:44] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ junkgramfour [10/28/2008|04:15] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ LimeWire [09/08/2008|02:01] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Macromedia [09/18/2008|10:32] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Malwarebytes [09/17/2008|09:12] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Media Player Classic [09/30/2008|12:04] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Meridian93 [10/23/2008|07:34] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Microsoft [10/03/2008|01:54] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ PlayFirst [09/14/2008|11:18] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Sun [10/10/2008|06:32] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ U3 [10/12/2008|03:13] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Yahoo! [07/12/2008|01:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Adobe [07/08/2008|01:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Ahead [10/26/2008|06:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Audio 4 part browse [05/23/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Avira [10/05/2008|08:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ BigFishGamesCache [09/27/2008|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ blg [05/26/2008|06:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ CyberLink [07/07/2008|03:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Downloaded Installations [09/23/2008|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ EscapeTheMuseum [06/17/2008|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Google [06/20/2008|03:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Grisoft [06/17/2008|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Kaspersky Lab Setup Files [07/12/2008|06:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Malwarebytes [07/22/2008|02:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Messenger Plus! [08/16/2008|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Microsoft [07/12/2008|07:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Nero [10/03/2008|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ PlayFirst [08/29/2008|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Skype [10/03/2008|03:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ TEMP [05/24/2008|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Windows Genuine Advantage [09/06/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ WLInstaller [06/20/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Yahoo! [07/19/2008|09:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Yahoo! Companion [06/27/2008|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Zylom [05/18/2008|04:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ Microsoft [05/18/2008|04:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\ Microsoft [06/12/2008|05:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\ Microsoft --------------------\ Tâches planifiées dans C:\WINDOWS asks [10/28/2008 04:00 PM][--ah-----] C:\WINDOWS asks\AA59150B918E8A83.job [10/28/2008 03:30 PM][--a------] C:\WINDOWS asks\V‚rifier les mises … jour de Windows Live Toolbar.job [04/13/2007 04:52 PM][-r-h-----] C:\WINDOWS asks\desktop.ini [10/28/2008 12:37 PM][--ah-----] C:\WINDOWS asks\SA.DAT ( AA59150B918E8A83.job )=( c:\docume~1\admini~1.ord\applic~1\junkgr~1\wmastupididol.exe ) --------------------\ Listing des dossiers dans C:\Program Files [07/12/2008|01:58] C:\Program Files\ Adobe [07/31/2008|03:49] C:\Program Files\ Ahead [07/22/2008|02:57] C:\Program Files\ Alwil Software [05/23/2008|08:19] C:\Program Files\ Avira [10/02/2008|04:06] C:\Program Files\ BearShare Applications [09/23/2008|10:59] C:\Program Files\ bfgclient [09/28/2008|08:51] C:\Program Files\ Camfrog [07/19/2008|08:55] C:\Program Files\ CCleaner [10/15/2008|04:43] C:\Program Files\ Circle Developement [05/18/2008|04:43] C:\Program Files\ ComPlus Applications [05/18/2008|04:55] C:\Program Files\ CyberLink [05/22/2008|09:28] C:\Program Files\ EasyPHP 2.0b1 [05/18/2008|04:56] C:\Program Files\ FairStars Audio Converter [09/10/2008|10:39] C:\Program Files\ Fichiers communs [06/17/2008|09:44] C:\Program Files\ Google [06/22/2008|08:01] C:\Program Files\ InstallShield Installation Information [10/24/2008|08:52] C:\Program Files\ Internet Explorer [10/20/2008|03:36] C:\Program Files\ iWin [07/15/2008|02:46] C:\Program Files\ Java [10/26/2008|06:40] C:\Program Files\ junkgramfour [05/18/2008|04:53] C:\Program Files\ K-Lite Codec Pack [09/26/2008|01:40] C:\Program Files\ LClock [09/26/2008|01:40] C:\Program Files\ LimeWire [07/13/2008|09:09] C:\Program Files\ Malwarebytes' Anti-Malware [10/15/2008|04:43] C:\Program Files\ Messenger Plus! Live [05/18/2008|04:56] C:\Program Files\ Microsoft Calculatrice Plus [05/18/2008|04:49] C:\Program Files\ microsoft frontpage [05/24/2008|05:13] C:\Program Files\ Microsoft Office [06/09/2008|01:18] C:\Program Files\ Microsoft SQL Server Compact Edition [05/18/2008|04:44] C:\Program Files\ Movie Maker [05/18/2008|04:43] C:\Program Files\ MSN Gaming Zone [05/18/2008|04:44] C:\Program Files\ NetMeeting [06/12/2008|09:35] C:\Program Files\ Outlook Express [05/18/2008|04:56] C:\Program Files\ PhotoFiltre [05/18/2008|04:54] C:\Program Files\ Real [05/18/2008|04:47] C:\Program Files\ RocketDock [06/22/2008|08:00] C:\Program Files\ Samsung [07/15/2008|02:48] C:\Program Files\ Sun [05/18/2008|04:57] C:\Program Files\ SuperTux [10/23/2008|07:28] C:\Program Files\ SweetIM [05/18/2008|04:56] C:\Program Files\ TaskSwitchXP [10/28/2008|01:51] C:\Program Files\ Trend Micro [05/18/2008|04:56] C:\Program Files\ UberIcon [05/18/2008|04:57] C:\Program Files\ Uninstall Information [10/24/2008|08:36] C:\Program Files\ UsbFix [06/16/2008|02:05] C:\Program Files\ Windows Live [06/12/2008|03:36] C:\Program Files\ Windows Live Favorites [06/12/2008|03:38] C:\Program Files\ Windows Live Toolbar [06/28/2008|03:36] C:\Program Files\ Windows Media Connect 2 [06/28/2008|03:37] C:\Program Files\ Windows Media Player [05/18/2008|04:42] C:\Program Files\ Windows NT [05/18/2008|04:45] C:\Program Files\ WindowsUpdate [05/18/2008|04:56] C:\Program Files\ WinRAR [07/19/2008|08:55] C:\Program Files\ Yahoo! [05/18/2008|04:57] C:\Program Files\ Zamaan's Software --------------------\ Listing des dossiers dans C:\Program Files\Fichiers communs [10/12/2008|06:02] C:\Program Files\Fichiers communs\ Adobe [07/12/2008|01:53] C:\Program Files\Fichiers communs\ Adobe Systems Shared [07/31/2008|03:44] C:\Program Files\Fichiers communs\ Ahead [05/24/2008|05:13] C:\Program Files\Fichiers communs\ DESIGNER [06/22/2008|07:59] C:\Program Files\Fichiers communs\ InstallShield [05/18/2008|04:54] C:\Program Files\Fichiers communs\ Java [08/16/2008|10:10] C:\Program Files\Fichiers communs\ Microsoft Shared [05/18/2008|04:44] C:\Program Files\Fichiers communs\ MSSoap [07/31/2008|03:48] C:\Program Files\Fichiers communs\ Nero [05/18/2008|06:39] C:\Program Files\Fichiers communs\ ODBC [06/20/2008|12:05] C:\Program Files\Fichiers communs\ Real [05/18/2008|04:44] C:\Program Files\Fichiers communs\ Services [05/18/2008|06:39] C:\Program Files\Fichiers communs\ SpeechEngines [06/12/2008|09:35] C:\Program Files\Fichiers communs\ System [06/09/2008|12:59] C:\Program Files\Fichiers communs\ WindowsLiveInstaller [09/10/2008|10:39] C:\Program Files\Fichiers communs\ Wise Installation Wizard --------------------\ Process ( 48 Processes ) IEXPLORE.EXE ~ [PID:2256] IEXPLORE.EXE ~ [PID:2636] IEXPLORE.EXE ~ [PID:2648] IEXPLORE.EXE ~ [PID:2156] --------------------\ Recherche avec S_Lop C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp\bis4.exe --------------------\ Recherche de Fichiers / Dossiers Lop C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse\hole eq.exe C:\DOCUME~1\ADMINI~1\APPLIC~1\junkgr~1 C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1 C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\asgislsj.exe C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\cpudpgha.exe C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\evehzmlt.exe C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\Meta Acid.exe C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\psorgswq.exe C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\up amen name obj.exe C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\wmastupididol.exe C:\Program Files\junkgr~1 C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp\msgpl_d93a.tmp C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp sb7.tmp C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp sg1D.tmp C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp sh21.tmp C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp si9.tmp C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp smBC.tmp.exe C:\Program Files\Circle Developement C:\Program Files\Circle Developement\Uninstall.exe C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@advertstream[1].txt C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@advertising[2].txt C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@adopt.euroclick[2].txt C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@www.lop[1].txt C:\WINDOWS\Tasks\AA59150B918E8A83.job --------------------\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "view mode"="C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\JUNKGR~1\Meta Acid.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Part browse safe hold"="C:\Documents and Settings\All Users\Application Data\Audio 4 part browse\hole eq.exe" --------------------\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-28 16:27:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\ Recherche d'autres infections Aucune autre infection trouvée ! [F:984][D:25]-> C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp [F:765][D:0]-> C:\DOCUME~1\ADMINI~1.ORD\Cookies [F:1229][D:161]-> C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - Tue 10/28/2008|16:30 - Option : [1] --------------------\ Fin du rapport a 16:30:50

Utilisateur anonyme · Answer

Relance Lop S&D 


* Choisis cette fois ci l'Option 2 (Suppression) 
* Ne ferme pas la fenêtre lors de la suppression ! 
* Poste le rapport généré (C:\lopR.txt) 


et dis moi comment va le pc stp

helen19 · Answer

eske maitenent je peux effacé le hijaks et toolbar usbfix???

Utilisateur anonyme · Answer

attend t inquites pas tout sera supprimé

tu as fait lop s&d option 2 ? tu as la rapport ?

helen19 · Answer

--------------------\ Lop S&D 4.2.4-8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz ) BIOS : Default System BIOS USER : Administrateur ( Administrator ) BOOT : Normal boot A:\ (USB) C:\ (Local Disk) - NTFS - Total:29 Go (Free:14 Go) D:\ (Local Disk) - NTFS - Total:19 Go (Free:15 Go) E:\ (Local Disk) - NTFS - Total:25 Go (Free:17 Go) F:\ (CD or DVD) "C:\Lop SD" ( MAJ : 27-10-2008|09:15 ) Option : [2] ( Tue 10/28/2008|16:57 ) \\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse\hole eq.exe Supprime! - C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\asgislsj.exe Supprime! - C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\cpudpgha.exe Supprime! - C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\evehzmlt.exe Supprime! - C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\Meta Acid.exe Supprime! - C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\psorgswq.exe Supprime! - C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\up amen name obj.exe Supprime! - C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1\wmastupididol.exe Supprime! - C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp\msgpl_d93a.tmp Supprime! - C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp sb7.tmp Supprime! - C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp sg1D.tmp Supprime! - C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp sh21.tmp Supprime! - C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp si9.tmp Supprime! - C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp smBC.tmp.exe Supprime! - C:\Program Files\Circle Developement\Uninstall.exe Supprime! - C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@advertstream[1].txt Supprime! - C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@advertising[2].txt Supprime! - C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@adopt.euroclick[2].txt Supprime! - C:\DOCUME~1\ADMINI~1.ORD\Cookies\administrateur@www.lop[1].txt Supprime! - C:\WINDOWS\Tasks\AA59150B918E8A83.job Supprime! - C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp\bis4.exe Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Audio 4 part browse Supprime! - C:\DOCUME~1\ADMINI~1\APPLIC~1\junkgr~1 Supprime! - C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\junkgr~1 Supprime! - C:\Program Files\junkgr~1 Supprime! - C:\Program Files\Circle Developement \\\\\\\\\\\\\\\ --------------------\ Listing des dossiers dans APPLIC~1 [07/22/2008|06:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Adobe [07/08/2008|01:29] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Ahead [06/17/2008|09:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Google [06/27/2008|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Identities [09/03/2008|12:13] C:\DOCUME~1\ADMINI~1\APPLIC~1\ LimeWire [06/08/2008|03:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Macromedia [07/12/2008|06:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Malwarebytes [05/20/2008|12:19] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Media Player Classic [07/05/2008|10:51] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Microsoft [07/12/2008|02:35] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Nero [06/20/2008|12:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Real [07/27/2008|03:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\ skypePM [06/09/2008|03:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Sun [06/20/2008|12:40] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Yahoo! [06/27/2008|09:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\ Zylom [09/17/2008|11:14] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Adobe [09/13/2008|11:09] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Ahead [09/27/2008|09:11] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ blg [09/27/2008|10:19] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Camfrog [10/03/2008|12:06] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Games [09/08/2008|12:57] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Google [09/08/2008|12:51] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Identities [10/28/2008|04:15] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ LimeWire [09/08/2008|02:01] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Macromedia [09/18/2008|10:32] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Malwarebytes [09/17/2008|09:12] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Media Player Classic [09/30/2008|12:04] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Meridian93 [10/23/2008|07:34] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Microsoft [10/03/2008|01:54] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ PlayFirst [09/14/2008|11:18] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Sun [10/10/2008|06:32] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ U3 [10/12/2008|03:13] C:\DOCUME~1\ADMINI~1.ORD\APPLIC~1\ Yahoo! [07/12/2008|01:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Adobe [07/08/2008|01:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Ahead [05/23/2008|08:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Avira [10/05/2008|08:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ BigFishGamesCache [09/27/2008|09:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ blg [05/26/2008|06:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ CyberLink [07/07/2008|03:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Downloaded Installations [09/23/2008|08:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ EscapeTheMuseum [06/17/2008|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Google [06/20/2008|03:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Grisoft [06/17/2008|08:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Kaspersky Lab Setup Files [07/12/2008|06:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Malwarebytes [07/22/2008|02:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Messenger Plus! [08/16/2008|10:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Microsoft [07/12/2008|07:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Nero [10/03/2008|01:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ PlayFirst [08/29/2008|11:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Skype [10/03/2008|03:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ TEMP [05/24/2008|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Windows Genuine Advantage [09/06/2008|09:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ WLInstaller [06/20/2008|12:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Yahoo! [07/19/2008|09:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Yahoo! Companion [06/27/2008|09:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ Zylom [05/18/2008|04:46] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ Microsoft [05/18/2008|04:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\ Microsoft [06/12/2008|05:49] C:\DOCUME~1\NETWOR~1\APPLIC~1\ Microsoft --------------------\ Tâches planifiées dans C:\WINDOWS asks [10/28/2008 04:30 PM][--a------] C:\WINDOWS asks\V‚rifier les mises … jour de Windows Live Toolbar.job [04/13/2007 04:52 PM][-r-h-----] C:\WINDOWS asks\desktop.ini [10/28/2008 12:37 PM][--ah-----] C:\WINDOWS asks\SA.DAT --------------------\ Listing des dossiers dans C:\Program Files [07/12/2008|01:58] C:\Program Files\ Adobe [07/31/2008|03:49] C:\Program Files\ Ahead [07/22/2008|02:57] C:\Program Files\ Alwil Software [05/23/2008|08:19] C:\Program Files\ Avira [10/02/2008|04:06] C:\Program Files\ BearShare Applications [09/23/2008|10:59] C:\Program Files\ bfgclient [09/28/2008|08:51] C:\Program Files\ Camfrog [07/19/2008|08:55] C:\Program Files\ CCleaner [05/18/2008|04:43] C:\Program Files\ ComPlus Applications [05/18/2008|04:55] C:\Program Files\ CyberLink [05/22/2008|09:28] C:\Program Files\ EasyPHP 2.0b1 [05/18/2008|04:56] C:\Program Files\ FairStars Audio Converter [09/10/2008|10:39] C:\Program Files\ Fichiers communs [06/17/2008|09:44] C:\Program Files\ Google [06/22/2008|08:01] C:\Program Files\ InstallShield Installation Information [10/24/2008|08:52] C:\Program Files\ Internet Explorer [10/20/2008|03:36] C:\Program Files\ iWin [07/15/2008|02:46] C:\Program Files\ Java [05/18/2008|04:53] C:\Program Files\ K-Lite Codec Pack [09/26/2008|01:40] C:\Program Files\ LClock [09/26/2008|01:40] C:\Program Files\ LimeWire [07/13/2008|09:09] C:\Program Files\ Malwarebytes' Anti-Malware [10/15/2008|04:43] C:\Program Files\ Messenger Plus! Live [05/18/2008|04:56] C:\Program Files\ Microsoft Calculatrice Plus [05/18/2008|04:49] C:\Program Files\ microsoft frontpage [05/24/2008|05:13] C:\Program Files\ Microsoft Office [06/09/2008|01:18] C:\Program Files\ Microsoft SQL Server Compact Edition [05/18/2008|04:44] C:\Program Files\ Movie Maker [05/18/2008|04:43] C:\Program Files\ MSN Gaming Zone [05/18/2008|04:44] C:\Program Files\ NetMeeting [06/12/2008|09:35] C:\Program Files\ Outlook Express [05/18/2008|04:56] C:\Program Files\ PhotoFiltre [05/18/2008|04:54] C:\Program Files\ Real [05/18/2008|04:47] C:\Program Files\ RocketDock [06/22/2008|08:00] C:\Program Files\ Samsung [07/15/2008|02:48] C:\Program Files\ Sun [05/18/2008|04:57] C:\Program Files\ SuperTux [10/23/2008|07:28] C:\Program Files\ SweetIM [05/18/2008|04:56] C:\Program Files\ TaskSwitchXP [10/28/2008|01:51] C:\Program Files\ Trend Micro [05/18/2008|04:56] C:\Program Files\ UberIcon [05/18/2008|04:57] C:\Program Files\ Uninstall Information [10/24/2008|08:36] C:\Program Files\ UsbFix [06/16/2008|02:05] C:\Program Files\ Windows Live [06/12/2008|03:36] C:\Program Files\ Windows Live Favorites [06/12/2008|03:38] C:\Program Files\ Windows Live Toolbar [06/28/2008|03:36] C:\Program Files\ Windows Media Connect 2 [06/28/2008|03:37] C:\Program Files\ Windows Media Player [05/18/2008|04:42] C:\Program Files\ Windows NT [05/18/2008|04:45] C:\Program Files\ WindowsUpdate [05/18/2008|04:56] C:\Program Files\ WinRAR [07/19/2008|08:55] C:\Program Files\ Yahoo! [05/18/2008|04:57] C:\Program Files\ Zamaan's Software --------------------\ Listing des dossiers dans C:\Program Files\Fichiers communs [10/12/2008|06:02] C:\Program Files\Fichiers communs\ Adobe [07/12/2008|01:53] C:\Program Files\Fichiers communs\ Adobe Systems Shared [07/31/2008|03:44] C:\Program Files\Fichiers communs\ Ahead [05/24/2008|05:13] C:\Program Files\Fichiers communs\ DESIGNER [06/22/2008|07:59] C:\Program Files\Fichiers communs\ InstallShield [05/18/2008|04:54] C:\Program Files\Fichiers communs\ Java [08/16/2008|10:10] C:\Program Files\Fichiers communs\ Microsoft Shared [05/18/2008|04:44] C:\Program Files\Fichiers communs\ MSSoap [07/31/2008|03:48] C:\Program Files\Fichiers communs\ Nero [05/18/2008|06:39] C:\Program Files\Fichiers communs\ ODBC [06/20/2008|12:05] C:\Program Files\Fichiers communs\ Real [05/18/2008|04:44] C:\Program Files\Fichiers communs\ Services [05/18/2008|06:39] C:\Program Files\Fichiers communs\ SpeechEngines [06/12/2008|09:35] C:\Program Files\Fichiers communs\ System [06/09/2008|12:59] C:\Program Files\Fichiers communs\ WindowsLiveInstaller [09/10/2008|10:39] C:\Program Files\Fichiers communs\ Wise Installation Wizard --------------------\ Process ( 43 Processes ) ... OK ! --------------------\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\ Verification du Registre ..... OK ! --------------------\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\ Recherche de fichiers avec Catchme catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-28 16:59:42 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden files: 0 --------------------\ Recherche d'autres infections Aucune autre infection trouvée ! [F:975][D:20]-> C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\Temp [F:761][D:0]-> C:\DOCUME~1\ADMINI~1.ORD\Cookies [F:369][D:161]-> C:\DOCUME~1\ADMINI~1.ORD\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - Tue 10/28/2008|16:30 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - Tue 10/28/2008|17:01 - Option : [2] --------------------\ Fin du rapport a 17:01:12

Utilisateur anonyme · Answer

désinstal java car pas a jours et telecharge et instal cette version :

https://www.java.com/fr/download/manual.jsp


-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo): 


http://download.piriform.com/ccsetup210.exe

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

-> Tuto : https://www.malekal.com/tutoriel-ccleaner/


* pour supprimer les outils/fix utilisés : 

Télécharge ToolsCleaner sur ton bureau. 
--> 
http://pc-system.fr/ 
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner

# Clique sur Recherche et laisse le scan agir ... 
# Clique sur Suppression pour finaliser. 
# Tu peux, si tu le souhaites, te servir des Options facultatives. 
# Clique sur Quitter pour obtenir le rapport. 
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\). 


Désactive et réactive ta restauration system :

(1) Désactiver la Restauration du système 

cliques sur Démarrer 
Cliques droit sur Poste de travail 
cliques sur Propriétés 
Cliques sur l'onglet Restauration du système 
Coches Désactiver la Restauration du système sur tous les lecteurs 
Cliques sur Appliquer, Lorsque le message de confirmation apparaît, 
cliques sur Oui. 
Cliques sur OK. 


(2) Activer la Restauration du système 


cliques sur Démarrer 
Cliques droit sur Poste de travail 
cliques sur Propriétés 
Cliques sur l'onglet Restauration du système 
Décoches Désactiver la Restauration du système sur tous les lecteurs 
Cliques sur Appliquer, Lorsque le message de confirmation apparaît, 
cliques sur Oui. 
Cliques sur OK. 


Tuto xp : http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924

helen19 · Answer

voici le raport 
[ Rapport ToolsCleaner version 2.2.4 (par A.Rothstein & dj QUIOU) ]

-->- Recherche: 

C:\lopR.txt: trouvé !
C:\TB.txt: trouvé !
C:\UsbFix.txt: trouvé !
C:\Lop SD: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\LopSD.exe: trouvé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\HJTInstall.exe: trouvé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\ToolBarSD.exe: trouvé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\UsbFix.exe: trouvé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\UsbFix.lnk: trouvé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Menu Démarrer\Programmes\UsbFix: trouvé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Program Files\UsbFix: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !
C:\Program Files\UsbFix\UsbFix.exe: trouvé !

---------------------------------
-->- Suppression: 

C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\LopSD.exe: supprimé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\HJTInstall.exe: supprimé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\ToolBarSD.exe: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\lopR.txt: supprimé !
C:\TB.txt: supprimé !
C:\UsbFix.txt: supprimé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\UsbFix.exe: supprimé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Bureau\UsbFix.lnk: supprimé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Menu Démarrer\Programmes\UsbFix\UsbFix.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Program Files\UsbFix\UsbFix.exe: supprimé !
C:\Lop SD: supprimé !
C:\Toolbar SD: supprimé !
C:\Documents and Settings\Administrateur.ORDINATEUR\Menu Démarrer\Programmes\UsbFix: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\UsbFix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Utilisateur anonyme · Answer

si tu n as pas d autres soucis change le statut du sujet en resolu stp

http://www.commentcamarche.net/faq/sujet 11365 marquer un fil de discussion comme etant resolu

helen19 · Answer

merci bcq chiquitin29 pour votr aide
pour la restauration esk'il reste désactivé ou non?

Utilisateur anonyme · Answer

non tu dois la reactiver 

bonne soirée

Je peux pas ouvrir les disque locaux

29 réponses

Discussions similaires

Newsletters