Sujet Précédent Sujet Suivant

Trojan.zlob et hacktool bloqué et pc rame

Résolu/Fermé
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 - 23 déc. 2008 à 13:37
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 - 9 déc. 2009 à 18:15
Bonjour,mon pc sous vista rame et je vois hacktool et trojan.zlob sont bloqué dans norton anti virus que dois-je faire ? je ni connais rien en informatique merci pour votre aide j attend vos réponses !!!
A voir également:

91 réponses

Précédent
Réponse 61 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
29 déc. 2008 à 21:13
On avance.

---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Double-clique sur OTMoveIt3.exe afin de le lancer.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:files
C:\Program Files\Platrium
C:\ProgramData\Kiwee Toolbar
C:\Program Files\Kiwee Toolbar

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlatriumWeather]

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
29 déc. 2008 à 21:54
je pense que c pas bon ça Error: Unable to interpret <processes > in the current context!
Error: Unable to interpret <explorer.exe > in the current context!
========== FILES ==========
File/Folder C:\Program Files\Platrium not found.
Folder move failed. C:\ProgramData\Kiwee Toolbar\images scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar scheduled to be moved on reboot.
File/Folder C:\Program Files\Kiwee Toolbar not found.
========== REGISTRY ==========
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}\\ .
Unable to delete registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlatriumWeather\\ .
========== COMMANDS ==========
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DF2DD9.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DF2DE3.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DF3BD4.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DF3BFF.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DF44D1.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DF9A39.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12292008_214403

Files moved on Reboot...
Folder move failed. C:\ProgramData\Kiwee Toolbar\images scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\images scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar scheduled to be moved on reboot.
File C:\Users\philippe\AppData\Local\Temp\~DF2DD9.tmp not found!
File C:\Users\philippe\AppData\Local\Temp\~DF2DE3.tmp not found!
File C:\Users\philippe\AppData\Local\Temp\~DF3BD4.tmp not found!
File C:\Users\philippe\AppData\Local\Temp\~DF3BFF.tmp not found!
C:\Users\philippe\AppData\Local\Temp\~DF44D1.tmp moved successfully.
File C:\Users\philippe\AppData\Local\Temp\~DF9A39.tmp not found!
comment doi-je faire pour trouver le dossier que tu m'as décris
0
Réponse 62 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
29 déc. 2008 à 21:57
Quel dossier ?
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
29 déc. 2008 à 21:59
comment je doi faire pour trouver ceci -------> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
Réponse 63 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
29 déc. 2008 à 22:02
Tu m'as donné le bon rapport, c'est ça qui compte.

Par contre, refais la manip' en mode sans échec.
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
29 déc. 2008 à 22:36
c fait mais quand je veux copier le rapport ça marche pas ou est-ce que je peut le trouver !!!
0
Réponse 64 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
29 déc. 2008 à 22:38
Je vais juste vérifier si je n'ai pas oublié un truc.

---> Supprime le dossier RSIT situé dans C:\

- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
29 déc. 2008 à 22:43
l ecran n est plus comme avant tous a l'air decaller !!! Flux rss High-Tech Droit/Finances Santé/Médecine
Version anglaiseVersion espagnoleVersion françaiseLundi 29 décembre 2008 - 22:36:32inscrits : 1139202connectés : 63752membres : 544questions/jour : 6384Taux de réponse : 74.15%Tout le site Astuces Guide d'achat Forum Téléchargements Actualités Articles chlaimer
0 nouveau(x) message(s)

AccueilForumAstucesTéléchargerActualitésDossiersGuide d'achatEmploiDécideursE-business
Gestion de projet
Infrastructures
Qualité
Sécurité informatique
Logiciels professionnels
Sur CommentCaMarche.net Sur le web avec Exalead Dans le forum Dans les astuces Dans les téléchargements Dans les actualités Dans les livres Dans le guide d'achatPosez votre question Format imprimable Liste des forums Aidez-les Statistiques Rechercher CharteForum Virus-SécuritéMes interventionsRSS Options22:36 trojan.zlob et hacktool bloqué et pc... (chlaimer)31/10 mise a jours (chlaimer)Voir mes interventionsA voir également Anti virus trojan zlob.g Bloquiage pc avez vista et office 2007 Fifa 09 sur pc rame Gta 4 pc rame Jai avaste et mon pc rame Jai avaste et mon pc rame te jai des pub qui sorte Logiciel analyse pc ram Mon pc ram Mon pc rame Mon pc rame comment savoir quels programmes supprimés Mon pc rame es qu il existe un logiciel pour faire avancer un peut l ordinateur Mon pc rame que faire Mon pc rame sur internet Pourquoi mon pc rame Probleme pc rame Supprimer trojan zlob Tmb raider bloqué pc Trojan zlob Trojan zlob.gen Trojan.zlob removal Trojan.zlob!ik Trojan.zlob.9156 Trojan.zlob.g Virus pc ramPlus
Ils ont besoin de votre aideRSSOptions22:35 Perte du bureau/menu demarrer (Windows)22:35 raccirder un DVD recorder Sony RDR... (Vidéo numérique)22:35 AC Adapter PS2 (Jeux vidéos)22:35 Comment intégrer une photo dans un décor (Logiciels/Pilotes)22:34 le compte de msn (Messagerie/Chat)Tous les messages sans réponsePlateformes d'assistance
Windows
Linux/Unix
MacOS
Matériel/Hardware
Logiciels/Pilotes
Bureautique
Jeux vidéos
Audio numérique
Infographie/Photo
Vidéo numérique
Gravure
Téléphonie/PDA/GPS
Programmation
Webmastering
Réseaux
Internet
Messagerie/Chat
Virus/Sécurité


Discussions & Opinions des Communautés
Actualités
Etudes/Formation
Droit/Libertés
Cinéma/Télé
Musique/Radio
Loisirs/Divertissement
Suggestions
Café des membres
Café noir
Bureau CCMiste
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 65 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
29 déc. 2008 à 22:43
Pourquoi tu me postes ça ?
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
29 déc. 2008 à 22:45
mon pc vient de s eteindre tous seul et sur le site tout est decaller !!!
0
Réponse 66 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
29 déc. 2008 à 22:45
Redémarre.
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
29 déc. 2008 à 23:01
en mode sans echec c pareille qu'avant !!!
0
Réponse 67 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
29 déc. 2008 à 23:02
Dis-moi clairement ce qui se passe.
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
29 déc. 2008 à 23:05
tout est bon mais quand je veux copier le rapport ça marche pas a moins que je le copie à la main et je te l' envoie ça prendra un peu de temps !!!!
0
Réponse 68 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
29 déc. 2008 à 23:07
Un rapport RSIT à la main MDRR

Tu peux me l'envoyer sur destrio5@free.fr
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
29 déc. 2008 à 23:08
ok
0
Réponse 69 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 04:51
J'ai bien reçu le rapport d'OTMoveIt.

Je voudrais le rapport RSIT :
http://www.commentcamarche.net/forum/affich 10055785 trojan zlob et hacktool bloque et pc rame?page=4#159
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 09:09
Logfile of random's system information tool 1.05 (written by random/random)
Run by philippe at 2008-12-30 09:08:31
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 24 GB (45%) free of 52 GB
Total RAM: 2037 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:08:46, on 30/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\p2phost.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\philippe\Desktop\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\philippe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\Program Files\AGI\common\agcutils.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [CollaborationHost] C:\Windows\system32\p2phost.exe -s
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: Download Video on This Page - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html
O8 - Extra context menu item: Download Video This Links To - C:\Program Files\Tomato\YouTube Video Downloader\IELink.html
O9 - Extra button: Download Video - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html
O9 - Extra 'Tools' menuitem: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} - C:\Program Files\Tomato\YouTube Video Downloader\IEPage.html
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL eNetHook.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\Program Files\AGI\common\win32\PythonService.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
0
Réponse 70 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 14:25
Tu as réinstallé Kiwee Toolbar ?
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 17:52
non j ai r ien réinstaller !
0
Réponse 71 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 17:53
AGI ---> Ça te dit quelque chose ?
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 17:54
non carrement pas !
0
Réponse 72 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 17:59
Bon, bah, on va encore faire du tri.

---> Désactive ton antivirus le temps de la manipulation car OTMoveIt3 est détecté comme une infection à tort.

---> Télécharge OTMoveIt3 (OldTimer) sur ton Bureau :
http://oldtimer.geekstogo.com/OTMoveIt3.exe

---> Clique droit sur OTMoveIt3.exe et choisis Exécuter en tant qu'administrateur.

---> Copie (Ctrl+C) le texte suivant ci-dessous :





:processes
explorer.exe

:services
AGWinService
Planificateur LiveUpdate automatique

:files
C:\Users\philippe\AppData\Roaming\agi
C:\ProgramData\agi
C:\Program Files\AGI
C:\ProgramData\Kiwee Toolbar

:commands
[purity]
[emptytemp]
[start explorer]
[reboot]





---> Colle (Ctrl+V) le texte précédemment copié dans le cadre Paste Instructions for Items to be Moved.

---> Clique maintenant sur le bouton MoveIt! puis ferme OTMoveIt3.

Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.

---> Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 18:14
je voulais aussi te remercier pour ton aide et ta générosité ( Grand Merci a toi ) Philippe
0
Réponse 73 / 91
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 18:11
je vois le rapport mais quand je veux le copier ça s'enlève j'essaye en mode sens échec ? c le meme problème que hier quand je l'ai copier par écrit !!! mais celui la est long !!!
0
Réponse 74 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 18:12
Tu peux le faire en mode sans échec.
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 18:16
J'ai eu ça : a l instant ========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
Unable to stop service AGWinService .
Unable to stop service Planificateur LiveUpdate automatique .
========== FILES ==========
C:\Users\philippe\AppData\Roaming\agi\logs moved successfully.
C:\Users\philippe\AppData\Roaming\agi\KiweeToolbar\config moved successfully.
C:\Users\philippe\AppData\Roaming\agi\KiweeToolbar moved successfully.
C:\Users\philippe\AppData\Roaming\agi\config moved successfully.
C:\Users\philippe\AppData\Roaming\agi moved successfully.
Folder move failed. C:\ProgramData\agi\KiweeToolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi\KiweeToolbar scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\tmp scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\sax scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\parsers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\etree scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\dom scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\logging scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\hotshot scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\encodings scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email\mime scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\ctypes scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\compiler scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\DLLs scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\shell scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\axcontrol scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\authorization scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\adsi scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\provider scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\algorithm scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\protection scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\process scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\lilw scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\installers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\dependency scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\dateutil\zoneinfo scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\dateutil scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\tools scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\gen scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\images scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar scheduled to be moved on reboot.
========== COMMANDS ==========
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DF7922.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DF7964.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DF8CB0.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DFD7FA.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DFE077.tmp scheduled to be deleted on reboot.
File delete failed. C:\Users\philippe\AppData\Local\Temp\~DFE783.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.2 log created on 12302008_180607

Files moved on Reboot...
Folder move failed. C:\ProgramData\agi\KiweeToolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi\KiweeToolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi\KiweeToolbar scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi\KiweeToolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi\KiweeToolbar scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\agi scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\tmp scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\sax scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\parsers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\etree scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\dom scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\sax scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\parsers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\etree scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\dom scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\logging scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\hotshot scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\encodings scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email\mime scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email\mime scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\ctypes scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\compiler scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\sax scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\parsers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\etree scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\dom scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\logging scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\hotshot scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\encodings scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email\mime scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\ctypes scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\compiler scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\DLLs scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\sax scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\parsers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\etree scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\dom scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\logging scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\hotshot scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\encodings scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email\mime scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\ctypes scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\compiler scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\DLLs scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\shell scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\axcontrol scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\authorization scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\adsi scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\shell scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\axcontrol scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\authorization scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\adsi scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\provider scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\algorithm scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\provider scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\algorithm scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\protection scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\process scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\lilw scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\installers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\dependency scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\installers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\dependency scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\provider scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\algorithm scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\protection scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\process scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\lilw scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\installers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\dependency scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\dateutil\zoneinfo scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\dateutil\zoneinfo scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\dateutil scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\tools scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\gen scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\tools scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\gen scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\shell scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\axcontrol scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\authorization scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\adsi scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\provider scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\algorithm scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\protection scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\process scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\lilw scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\installers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\dependency scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\dateutil\zoneinfo scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\dateutil scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\tools scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\gen scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\tmp scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\sax scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\parsers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\etree scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml\dom scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\xml scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\logging scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\hotshot scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\encodings scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email\mime scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\email scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\ctypes scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib\compiler scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\Lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25\DLLs scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\Python25 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\shell scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\axcontrol scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\authorization scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext\adsi scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32comext scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32com scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\scripts scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32\lib scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\win32 scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\provider scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search\algorithm scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\search scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\protection scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\process scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\lilw scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\installers scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install\dependency scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\install scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore\config scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\pyagcore scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\dateutil\zoneinfo scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\dateutil scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\tools scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\server scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\gen scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes\client scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common\comtypes scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI\common scheduled to be moved on reboot.
Folder move failed. C:\Program Files\AGI scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\images scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\images scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar\config scheduled to be moved on reboot.
Folder move failed. C:\ProgramData\Kiwee Toolbar scheduled to be moved on reboot.
File C:\Users\philippe\AppData\Local\Temp\~DF7922.tmp not found!
File C:\Users\philippe\AppData\Local\Temp\~DF7964.tmp not found!
File C:\Users\philippe\AppData\Local\Temp\~DF8CB0.tmp not found!
File C:\Users\philippe\AppData\Local\Temp\~DFD7FA.tmp not found!
File C:\Users\philippe\AppData\Local\Temp\~DFE077.tmp not found!
C:\Users\philippe\AppData\Local\Temp\~DFE783.tmp moved successfully.
0
Réponse 75 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 18:14
Désolé qu'on arrive au 200ème message ^^
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 18:18
Pas grave ! peut etre qu'on va arriver a 400 (mdr)
0
Réponse 76 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 18:24
Tu as fait OTMoveIt en MSE ?
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 19:02
oui mais je peux toujours pas copier le rapport , que faire ??
0
Réponse 77 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 19:06
On va sortir ComboFix car sinon, on va jamais finir.

OTMoveIt n'arrive à supprimer ce que je veux.

---> Télécharge ComboFix.exe de sUBs sur ton Bureau :
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

/!\ Déconnecte-toi du net et ferme toutes les applications, antivirus et antispyware y compris /!\

---> Double-clique sur Combofix.exe
Un "pop-up" va apparaître qui dit que "ComboFix est utilisé à vos risques et avec aucune garantie...".
Accepte en cliquant sur "Oui"

---> Mets-le en langue française F
Tape sur la touche 1 (Yes) pour démarrer le scan.

/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\

En fin de scan, il est possible que ComboFix ait besoin de redémarrer le PC pour finaliser la désinfection, laisse-le faire.

Une fois le scan achevé, un rapport va s'afficher : Poste son contenu

/!\ Réactive la protection en temps réel de ton antivirus et de ton antispyware avant de te reconnecter à Internet. /!\

Note : Le rapport se trouve également là : C:\Combofix.txt

Tutoriel officiel :
https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 19:21
ok mais tu sais le quelle est mon anti-spyware j'en ai tellement installer que je sais pas le quel est activé ! et j attaque
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 19:35
anti-malwares et anti-spywares c'est pas la meme chose? car j'ai sur le bureau a squared free , Ccleaner , malwaresbytes je sais plus !!!
0
Réponse 78 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 19:22
Il me semble avoir vu a-squared Free.
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 19:37
Désolé mais si je les supprimes tous definitivement du programme c pas mieux ? pour etre sur !!!
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2 > chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010
30 déc. 2008 à 20:01
voila windows me dit : FIND STRING(QGREP) utility à cessé de fonctionné ------- le rapport : ComboFix 08-12-29.02 - philippe 2008-12-30 19:46:27.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.2037.1041 [GMT 1:00]
Lancé depuis: c:\users\philippe\Desktop\Downloads\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\x64

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-11-28 au 2008-12-30 ))))))))))))))))))))))))))))))))))))
.

2008-12-29 21:44 . 2008-12-29 21:44 <REP> d-------- C:\_OTMoveIt
2008-12-29 19:01 . 2008-12-29 19:01 410,984 --a------ c:\windows\System32\deploytk.dll
2008-12-29 18:54 . 2008-12-29 19:28 <REP> d-------- c:\users\All Users\NOS
2008-12-29 18:54 . 2008-12-29 19:28 <REP> d-------- c:\programdata\NOS
2008-12-29 18:54 . 2008-12-29 19:28 <REP> d-------- c:\program files\NOS
2008-12-29 18:03 . 2008-12-29 18:04 <REP> d-------- C:\rsit
2008-12-29 01:45 . 2008-12-29 01:45 <REP> d-------- c:\users\All Users\Avira
2008-12-29 01:45 . 2008-12-29 01:45 <REP> d-------- c:\programdata\Avira
2008-12-29 01:45 . 2008-12-29 01:45 <REP> d-------- c:\program files\Avira
2008-12-28 23:31 . 2008-12-28 23:31 <REP> d-------- c:\program files\Alwil Software
2008-12-28 23:31 . 2008-11-26 18:17 51,792 --a------ c:\windows\System32\drivers\aswMonFlt.sys
2008-12-27 18:18 . 2008-12-27 18:18 <REP> d-------- c:\users\Private\AppData\Roaming\Malwarebytes
2008-12-25 23:28 . 2008-12-26 17:00 225,827,023 --a------ c:\windows\MEMORY.DMP
2008-12-25 13:38 . 2008-12-25 13:38 <REP> d-------- c:\users\Private\AppData\Roaming\Yahoo!
2008-12-25 13:29 . 2008-12-25 13:29 <REP> d-------- c:\users\Private\AppData\Roaming\agi
2008-12-25 13:22 . 2008-12-25 13:22 <REP> dr------- c:\users\Private\Searches
2008-12-25 13:22 . 2008-12-26 00:56 <REP> dr------- c:\users\Private\Contacts
2008-12-25 13:21 . 2008-12-25 13:22 <REP> dr------- c:\users\Private\Videos
2008-12-25 13:21 . 2008-12-25 13:22 <REP> dr------- c:\users\Private\Saved Games
2008-12-25 13:21 . 2008-12-27 19:12 <REP> dr------- c:\users\Private\Pictures
2008-12-25 13:21 . 2008-12-25 13:22 <REP> dr------- c:\users\Private\Music
2008-12-25 13:21 . 2008-12-25 13:22 <REP> dr------- c:\users\Private\Links
2008-12-25 13:21 . 2008-12-25 13:22 <REP> dr------- c:\users\Private\Downloads
2008-12-25 13:21 . 2008-12-26 00:57 <REP> dr------- c:\users\Private\Documents
2008-12-25 13:21 . 2006-11-02 13:37 <REP> d-------- c:\users\Private\AppData\Roaming\Media Center Programs
2008-12-25 13:21 . 2008-12-25 13:22 <REP> d--h----- c:\users\Private\AppData
2008-12-25 13:21 . 2008-12-25 13:22 <REP> d-------- c:\users\Private
2008-12-24 20:29 . 2008-12-24 20:29 <REP> d-------- c:\users\All Users\NortonInstaller
2008-12-24 20:29 . 2008-12-24 20:29 <REP> d-------- c:\programdata\NortonInstaller
2008-12-24 17:41 . 2008-12-24 17:41 <REP> d-------- c:\users\philippe\AppData\Roaming\Malwarebytes
2008-12-24 17:41 . 2008-12-24 17:41 <REP> d-------- c:\users\All Users\Malwarebytes
2008-12-24 17:41 . 2008-12-24 17:41 <REP> d-------- c:\programdata\Malwarebytes
2008-12-24 17:41 . 2008-12-24 17:41 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-24 17:41 . 2008-12-03 19:52 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys
2008-12-24 17:41 . 2008-12-03 19:52 15,504 --a------ c:\windows\System32\drivers\mbam.sys
2008-12-24 15:24 . 2008-12-29 19:37 <REP> d-------- C:\ToolBar SD
2008-12-24 10:23 . 2008-12-24 10:23 <REP> d-------- c:\windows\E80F62FF5D3C4A1984099721F2928206.TMP
2008-12-24 05:33 . 2008-12-24 05:33 <REP> d-------- c:\program files\7-Zip
2008-12-23 21:55 . 2008-12-24 19:40 <REP> d-------- c:\program files\Navilog1
2008-12-23 20:12 . 2008-12-23 20:12 <REP> d-------- c:\program files\CCleaner
2008-12-23 19:28 . 2008-12-29 17:54 <REP> d-------- c:\program files\Ad-remover
2008-12-23 13:49 . 2008-12-23 13:49 <REP> d-------- c:\program files\Trend Micro
2008-12-20 11:03 . 2008-12-30 19:42 <REP> d-------- c:\program files\a-squared Free
2008-12-10 06:33 . 2008-10-22 02:22 2,048 --a------ c:\windows\System32\tzres.dll
2008-12-10 05:56 . 2008-11-01 02:21 4,240,384 --a------ c:\windows\System32\GameUXLegacyGDFs.dll
2008-12-10 05:56 . 2008-10-29 07:29 2,927,104 --a------ c:\windows\explorer.exe
2008-12-10 05:56 . 2008-10-16 05:47 827,392 --a------ c:\windows\System32\wininet.dll
2008-12-10 05:56 . 2008-10-21 06:25 296,960 --a------ c:\windows\System32\gdi32.dll
2008-12-10 05:56 . 2008-11-01 04:44 28,672 --a------ c:\windows\System32\Apphlpdm.dll
2008-12-10 05:55 . 2008-06-23 02:59 2,868,736 --a------ c:\windows\System32\mf.dll
2008-12-10 05:55 . 2008-06-23 02:59 996,352 --a------ c:\windows\System32\WMNetMgr.dll
2008-12-10 05:55 . 2008-06-23 02:58 94,720 --a------ c:\windows\System32\logagent.exe
2008-12-08 15:36 . 2008-12-08 15:36 <REP> d-------- c:\users\philippe\AppData\Roaming\vlc
2008-12-08 15:09 . 2008-12-08 15:09 <REP> d-------- c:\program files\Tomato
2008-12-04 17:00 . 2008-12-04 17:00 <REP> d-------- c:\users\philippe\AppData\Roaming\Download Manager
2008-12-03 19:53 . 2008-12-03 19:54 <REP> d-------- c:\program files\Recuva
2008-12-03 09:37 . 2008-12-03 09:37 <REP> d-------- c:\program files\VideoLAN
2008-11-28 12:19 . 2008-12-20 14:17 <REP> d-------- C:\kkrieger
2008-11-28 01:32 . 2008-11-28 01:41 <REP> d-------- c:\program files\YesMessenger
2008-11-28 01:17 . 2008-11-28 01:17 <REP> d-------- c:\users\All Users\WindowsSearch
2008-11-28 01:17 . 2008-11-28 01:17 <REP> d-------- c:\programdata\WindowsSearch
2008-11-27 12:35 . 2008-11-27 12:35 <REP> d-------- c:\program files\Common Files\Screaming Bee
2008-11-27 12:34 . 2008-11-27 12:35 <REP> d-------- c:\users\All Users\Screaming Bee
2008-11-27 12:34 . 2008-11-27 12:35 <REP> d-------- c:\programdata\Screaming Bee
2008-11-27 09:05 . 2008-11-27 12:35 <REP> d-------- c:\users\philippe\AppData\Roaming\Screaming Bee
2008-11-27 09:02 . 2008-11-27 09:02 <REP> d-------- C:\videoroll
2008-11-27 09:02 . 2008-11-27 09:02 <REP> d-------- c:\program files\ATP
2008-11-27 08:34 . 2008-12-04 17:19 <REP> d-------- c:\program files\Screaming Bee
2008-11-27 00:30 . 2008-11-27 00:30 <REP> d-------- c:\program files\UltraPlayer
2008-11-27 00:24 . 2008-11-27 00:24 <REP> d-------- c:\program files\Illustrate
2008-11-27 00:24 . 2008-11-27 00:24 167,424 --a------ c:\windows\System32\SpoonUninstall.exe
2008-11-27 00:22 . 2008-11-27 00:22 <REP> d-------- C:\BassBox
2008-11-26 14:55 . 2008-11-26 15:13 <REP> d-------- c:\program files\Quintessential Player
2008-11-26 14:46 . 2008-11-26 14:46 <REP> d-------- C:\CD
2008-11-26 10:50 . 2008-10-21 06:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-11-26 10:50 . 2008-08-28 04:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-11-26 10:50 . 2008-08-28 04:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-11-26 10:50 . 2008-08-28 04:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-11-26 10:50 . 2008-10-22 04:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-11-22 01:18 . 2008-11-22 01:25 <REP> d-------- c:\users\philippe\AppData\Roaming\IcoFX
2008-11-22 01:18 . 2008-11-22 01:18 <REP> d-------- c:\program files\IcoFX 1.6 icone a modifié
2008-11-13 02:43 . 2008-09-10 04:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-13 02:43 . 2008-09-05 06:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-13 02:43 . 2008-08-27 02:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-08 08:42 . 2008-11-08 13:45 <REP> d-------- c:\users\philippe\AppData\Roaming\IconTweaker
2008-11-08 08:42 . 2008-11-08 13:45 <REP> d-------- c:\users\All Users\IconTweaker
2008-11-08 08:42 . 2008-11-08 13:45 <REP> d-------- c:\programdata\IconTweaker
2008-11-07 22:25 . 2008-10-16 22:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-07 22:25 . 2008-10-16 21:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-07 22:25 . 2008-10-16 22:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-07 22:25 . 2008-10-16 21:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-07 22:25 . 2008-10-16 22:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-07 22:25 . 2008-10-16 22:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-07 22:25 . 2008-10-16 22:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-07 22:24 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-07 22:24 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe
2008-11-07 20:14 . 2008-11-07 20:14 <REP> d-------- c:\program files\Windows Live SkyDrive
2008-11-03 03:19 . 2008-11-03 03:19 <REP> d-------- c:\windows\CheckSur

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-30 00:10 --------- d-----w c:\programdata\Google Updater
2008-12-29 18:28 --------- d-----w c:\program files\Yahoo!
2008-12-29 18:01 --------- d-----w c:\program files\Java
2008-12-29 17:57 --------- d-----w c:\program files\Common Files\Adobe
2008-12-27 11:49 --------- d-----w c:\program files\Google
2008-12-24 19:31 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-23 20:34 --------- d-----w c:\program files\Norton Security Scan
2008-12-14 16:07 348,160 ----a-w c:\windows\System32\msvcr71.dll
2008-12-14 16:07 339,968 ----a-w c:\windows\System32\pythoncom25.dll
2008-12-14 16:07 2,117,632 ----a-w c:\windows\System32\python25.dll
2008-12-14 16:07 114,688 ----a-w c:\windows\System32\pywintypes25.dll
2008-12-10 05:46 --------- d-----w c:\program files\Windows Mail
2008-11-26 23:30 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-22 00:18 --------- d-----w c:\program files\IcoFX 1.6 icone a modifié
2008-11-08 13:03 --------- d-----w c:\program files\Unity
2008-11-07 00:26 --------- d-----w c:\program files\Realore
2008-11-07 00:14 --------- d-----w c:\program files\The Bitmap Brothers
2008-11-04 00:03 --------- d-----w c:\programdata\Microsoft Help
2008-11-04 00:00 --------- d-----w c:\program files\Microsoft Works
2008-11-03 23:34 --------- d-----w c:\program files\AstroRaid
2008-11-03 23:33 --------- d-----w c:\program files\GameTop.com
2008-11-03 23:16 --------- d-----w c:\program files\Windows Live
2008-11-01 03:44 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-11-01 03:44 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-11-01 03:44 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-11-01 03:44 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-11-01 03:44 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-10-16 19:16 796,672 ----a-w c:\windows\GPInstall.exe
2008-09-30 15:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-26 10:31 0 ----a-w c:\users\philippe\AppData\Roaming\wklnhst.dat
2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll
2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll
2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-09-16 16:26 1,332,197 ----a-w c:\windows\System32\pythondll.zip
2008-09-12 16:07 192,512 ----a-w c:\windows\off-road-uninst.exe
2008-05-22 12:27 174 --sha-w c:\program files\desktop.ini
2008-05-21 18:46 173 ----a-w c:\users\philippe\BackupResult.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-19 49664]
"CollaborationHost"="c:\windows\system32\p2phost.exe" [2008-01-19 192000]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-08 68856]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 c:\windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-15 29744]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-29 136600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="c:\acer\AcerTour\Reminder.exe" [2007-05-22 151552]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2007-07-31 535336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GOEC62~1.DLL eNetHook.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Users^philippe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MorphVOXJr.lnk]
path=c:\users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MorphVOXJr.lnk
backup=c:\windows\pss\MorphVOXJr.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^philippe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MorphVOXPro.lnk]
path=c:\users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MorphVOXPro.lnk
backup=c:\windows\pss\MorphVOXPro.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2606745893-197517921-552777776-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A9191AA0-F975-422A-A045-8BE6C6A94DD2}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{C8A951A8-BB7D-44C5-B947-EB3AB29A846B}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
"{585C86AC-AE4D-4313-81DF-771121FEAA30}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
"{ABEFDFC7-B36D-4F11-BB03-0E2865E19AEA}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
"{7B0EF77A-F01E-45A5-BDCF-73E3FA39F9C5}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{F463B540-F154-44DA-99DB-6DAC6F85E813}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
"{1FEC2FF0-2674-4C83-8CD3-9258F59DF564}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
"{9DB02D1D-FD80-411D-8FBA-89D86868823A}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B25C3DDC-0084-4127-963D-D99762FC74D8}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{CD815638-6A92-4C06-8C8A-91CFE24B66F1}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{B2382129-6027-42D7-AE25-CD7475629CE4}"= UDP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{609687EC-B609-4DFD-9444-321122F4B54F}"= TCP:c:\program files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{99179F52-2FD6-4CC8-A5F7-12F972B46178}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{7A42FDDB-BCED-4184-8155-DCD489100435}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{596BC37F-4C8A-47CC-B891-999674D50FDE}"= UDP:c:\users\philippe\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{F05D8FE4-B5DA-43B1-B049-FEC2753EB3B7}"= TCP:c:\users\philippe\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= c:\acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"c:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= c:\acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"c:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= c:\acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};\??\c:\program files\Acer Arcade Deluxe\Play Movie\[u]0/u00.fcl [2008-03-24 20:20:27 13560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2008-12-28 51792]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2007-07-31 179712]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbdriver.sys [2006-03-27 13824]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;"c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-08 29744]

*Newly Created Service* - PROCEXP90
.
Contenu du dossier 'Tâches planifiées'

2008-06-01 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-Acer Tour Reminder - (no file)



**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-30 19:49:37
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-12-30 19:57:41
ComboFix-quarantined-files.txt 2008-12-30 18:57:31

Avant-CF: 24 649 961 472 octets libres
Après-CF: 24,111,120,384 octets libres

249 --- E O F --- 2008-12-22 18:17:03
0
Réponse 79 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 20:45
/!\ Seul chlaimer peut suivre cette procédure /!\


1/

---> Clique sur Démarrer, Exécuter, tape notepad clique sur OK.

---> Copie le texte ci-dessous par sélection puis Ctrl+C :






KillAll::

Driver::
AGWinService
Planificateur LiveUpdate automatique

Folder::
C:\Users\philippe\AppData\Roaming\agi
C:\ProgramData\agi
C:\Program Files\AGI
C:\ProgramData\Kiwee Toolbar






---> Colle la sélection dans le bloc-notes

---> Enregistre ce fichier sur le bureau (Impératif)

---> Nom du fichier : CFScript
---> Type du fichier : tous les fichiers
---> Clique sur Enregistrer
---> Quitte le bloc-notes


2/

---> Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :
http://www.searchengines.pl/phpbb203/pliki/picasso/virus/programs/combofix/combofix_cfscript.gif

[*] Une fenêtre bleue va apparaître : au message qui apparaît, tu acceptes.

[*] Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
Ne touche à rien tant que le scan n'est pas terminé.

[*] Une fois le scan achevé, un rapport va s'afficher : poste-le

[*] Si le fichier ne s'ouvre pas, il se trouve ici C:\ComboFix\Combofix.txt
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 21:10
c ok mais quand je tape sur demarrer je trouve pas " executer " tu peux me préciser stp j'ai jamais vu executer quand je tape sur le bureau démarrer !!! pour le reste c ok !
0
Réponse 80 / 91
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
30 déc. 2008 à 21:19
"c ok mais quand je tape sur demarrer je trouve pas " executer " tu peux me préciser stp j'ai jamais vu executer quand je tape sur le bureau démarrer !!!"
---> Ah oui, tu as Vista. Ouvre le Bloc-notes tout simplement.
0
chlaimer Messages postés 537 Date d'inscription mardi 28 octobre 2008 Statut Membre Dernière intervention 2 avril 2010 2
30 déc. 2008 à 21:33
décidément je dois pas avoir les yeux en face des trous ;; quand j'ouvre le bloc-note c une page vide il y a aucun endroit ou je peux taper "executer"
0

Discussions similaires

Mon pc s'allume et s'éteint en boucle
Jack -
Daniel -

16 réponses