× Aidez la recherche contre le COVID-19 avec votre ordi ! Rejoignez l'équipe PC Astuces Folding@home
 > Tous les forums > Forum Sécurité
 Virus TR/crypt.xpack.gen2 détecté par Avira
Ajouter un message à la discussion
Pages : [1] 2 3 ... Fin
Page 1 sur 3 [Fin]
iPau
  Posté le 22/11/2010 @ 13:41 
Aller en bas de la page 
Petite astucienne

Bonjour

Je poste ici mon tout premier post pour un problème de virus. En effet, Avira a détecté le virus TR/crypt.XPACK.gen2 mais, bien que je le supprime, il revient tout le temps.

Je suis novice en la matière, est-ce que quelqu'un pourrait m'aider ? (avec des termes simples si possible^^).

Merci à vous !

Publicité
francol79
 Posté le 22/11/2010 à 13:51  

Message supprimé par la modération

Motif : Nous avons tout çà sur PCA

Anonyme
 Posté le 22/11/2010 à 13:53 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Nouvel astucien

ipau et bienvenue sur PCastuces

je te donne 2 liens à suivre et en images, tu fais ça dans le calme et sans panique et tu postes les 3 rapports.

https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm

https://forum.pcastuces.com/malwarebytes_antimalwares___tutoriel-f31s3.htm

Et dans ton 1er message tu cliques sur le triangle jaune et dans la fenetre que s'ouvre tu demandes le transfer vers le Forum "Sécurité".Pas besoin de refaire un nouveau poste, le tout se passe ici à la suite.

pcastuces
 Posté le 22/11/2010 à 14:00 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Equipe PC Astuces
Bonjour,

Le sujet a été déplacé par la modération dans un forum plus adéquat.

Vous pouvez continuer la discussion à la suite.

A bientôt.
iPau
 Posté le 22/11/2010 à 14:18 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Merci pour votre rapidité !

Je n'arrive pas à vous envoyer le rapport, quand je publie le message une page "500 - erreur interne au serveur" s'ouvre.



Modifié par iPau le 22/11/2010 14:22
Fill
 Posté le 22/11/2010 à 14:26 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour,

  • Télécharge DDS de sUBs sur ton Bureau,
  • L'outil ne nécessite pas d'installation,
  • Lance l'outil en double-cliquant sur dds.scr (Si tu utilises Vista, fais un clic dorit, et choisis d'exécuter en tant qu'administrateur) :

  • Cette fenêtre DOS va apparaître ;:

  • L'analyse ne devrait pas dépasser 3 minutes,
  • Un premier rapport va s'ouvrir que tu enregistreras sous DDS.txt par défaut sur le bureau,
  • Il te sera demandé si tu veux faire le scan optionnel,
  • Accepte par Oui,
  • Un nouveau rapport s'ouvre que tu enregistres sous Attach.txt sur le bureau,
  • Poste les rapports DDS.txt et attach.txt

Fill

Evasion60
 Posté le 22/11/2010 à 14:28 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Bonjour et bienvenue sur PCA Sécurité

... Les rapports sont certainement trop long
Donc trois rapports à publier/Héberger :
- Log.txt
- Info.txt
- MBAM

Héberge les ici :

Si les rapports passes pas sur la discussion car trop long ;

envoie-le sur : http://www.cijoint.fr/index.php ,

fais parcourir recherche le rapport

puis sélectionne le rapport en double cliquand dessus

et puis sur " cliquer ici pour déposer le fichier "

un lien bleu de cette forme va apparaitre :

Veuillez noter le lien ci-dessous qui vous permettra d'accéder à ce fichier.
C'est ce même lien que vous devrez transmettre à vos correspondants
http://www.cijoint.fr/cjlink.php?file=cjge368/cijSKAP5fU.txt


renvoie les trois liens tout frais dans ta prochaine reponse .

Bonne réception, et en attente des rapports

Edit => Fill



Modifié par Evasion60 le 22/11/2010 14:30
iPau
 Posté le 22/11/2010 à 14:57 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Merci !

1er rapport : http://www.cijoint.fr/cjlink.php?file=cj201011/cijPub42sk.txt

2eme rapport : http://www.cijoint.fr/cjlink.php?file=cj201011/cijqHGIcCL.txt

3eme rapport : (recherche en cours, ca dure longtemps?)

Fill
 Posté le 22/11/2010 à 15:05 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Salut,

Ta machine est rès infectée. On va procéder autrement.

  • Télécharge OTL (de Old_Timer) sur ton bureau,
  • Double-clique sur son icône pour le démarrer. Si tu es sous Vista ou 7, démarre par clic droit, exécuter en tant qu'administrateur. Assure toi d'avoir fermé le maximum de fenêtres ouvertes, avant ce qui suit.
  • Coche la case "Tous les utilisateurs",
  • Sous l'emplacement "Personnalisation", copie colle le contenu ce qui suit :

netsvcs
drivers32
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
wininit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles

  • Clique ensuite sur le bouton "Analyse" puis patiente pour que l'outil analyse le pc. Cela peut durer quelques minutes, selon l'état du système.
  • A la fin de l'analyse, la fenêtre du bloc-note s'ouvre. Elle s'appelle OTL.txt
  • Copie-colle ce texte dans ta prochaine réponse. Si un message d'erreur apparait, c'est parce que le rapport est trop long. Il faut alors l'éditer en plusieurs messages sans rien oublier.
  • Pour sélectionner le texte : CTRL+A
  • Pour copier le texte sélectionné : CTRL+C,
  • Pour coller le texte dans ta prochaine réponse : CRTL+V

Fill

Publicité
iPau
 Posté le 22/11/2010 à 15:11 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Oki c'est en route. Qu'est-ce que tu appelles "quelques minutes" ? ^^

Fill
 Posté le 22/11/2010 à 15:16 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

iPau a écrit :

Oki c'est en route. Qu'est-ce que tu appelles "quelques minutes" ? ^^

Re,

Plus de 1 s mais moins de 1 h

iPau
 Posté le 22/11/2010 à 15:44 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Fill
 Posté le 22/11/2010 à 16:03 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Salut,

1/ Supprime ceci via ajout/suppression des programmes :

  • Ad-aware,
  • Avast,
  • Limewire.

2/

  • Relance OTL
  • Copie-colle ceci dans la fenêtre personnalisation :

Instructions :
:OTL
IE - HKU\S-1-5-21-261140895-3081981591-3109006844-1000\..\URLSearchHook: {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus Live France Toolbar) - {59994074-c06d-4a75-9768-49e5a8c21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000\..\Toolbar\WebBrowser: (Messenger Plus Live France Toolbar) - {59994074-C06D-4A75-9768-49E5A8C21264} - C:\Program Files\Messenger_Plus_Live_France\tbMess.dll (Conduit Ltd.)
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{0043CC3F-0E31-47EA-B7B2-A56402B9C1D0}] C:\Users\Poka\AppData\Local\Temp\{0043CC3F-0E31-47EA-B7B2-A56402B9C1D0}\7d23.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{0204DA63-675D-401E-B4AE-257BF95564B3}] C:\Users\Poka\AppData\Local\Temp\{0204DA63-675D-401E-B4AE-257BF95564B3}\6a8c.DLL ()
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{06402683-7470-4335-9CFA-2272BE0AA373}] C:\Users\Poka\AppData\Local\Temp\{06402683-7470-4335-9CFA-2272BE0AA373}\6735.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{0ADBAF6A-AA5E-48F4-9069-A694E4DABB91}] C:\Users\Poka\AppData\Local\Temp\{0ADBAF6A-AA5E-48F4-9069-A694E4DABB91}\7767.DLL ()
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{0BEF0B25-F19B-41D8-8670-F7E23D65C69E}] C:\Users\Poka\AppData\Local\Temp\{0BEF0B25-F19B-41D8-8670-F7E23D65C69E}\2a7a.DLL ()
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{0C9D9F21-BFB0-41D9-9B5E-7CDA9119429B}] C:\Users\Poka\AppData\Local\Temp\{0C9D9F21-BFB0-41D9-9B5E-7CDA9119429B}\5adf.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{11B68CED-85ED-4975-8762-EC4658C8F015}] C:\Users\Poka\AppData\Local\Temp\{11B68CED-85ED-4975-8762-EC4658C8F015}\7985.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{16B8FDC7-51FD-4669-A284-DD770FBB0A41}] C:\Users\Poka\AppData\Local\Temp\{16B8FDC7-51FD-4669-A284-DD770FBB0A41}\6bd4.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{1788D630-0DC1-4384-ADAC-0EC6D057C5E2}] C:\Users\Poka\AppData\Local\Temp\{1788D630-0DC1-4384-ADAC-0EC6D057C5E2}\103b.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{1A8AF163-C180-4598-8E88-58B6366AD43B}] C:\Users\Poka\AppData\Local\Temp\{1A8AF163-C180-4598-8E88-58B6366AD43B}\3f92.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{35A7C108-B188-491E-91AA-995E909CC233}] C:\Users\Poka\AppData\Local\Temp\{35A7C108-B188-491E-91AA-995E909CC233}\3025.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{3BC79837-AD93-47E1-B6E9-1CAF23D8EC6A}] C:\Users\Poka\AppData\Local\Temp\{3BC79837-AD93-47E1-B6E9-1CAF23D8EC6A}\4171.DLL ()
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{3C3ECEAF-C2F8-4C0B-943D-48848889822C}] C:\Users\Poka\AppData\Local\Temp\{3C3ECEAF-C2F8-4C0B-943D-48848889822C}\4a45.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{4228CB03-AF7C-419B-B325-38924E96E831}] C:\Users\Poka\AppData\Local\Temp\{4228CB03-AF7C-419B-B325-38924E96E831}\3cec.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{475604C7-21F0-4B5B-98AD-ADF700BC1E0F}] C:\Users\Poka\AppData\Local\Temp\{475604C7-21F0-4B5B-98AD-ADF700BC1E0F}\68f0.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{49091163-2C4B-4180-937A-470A8ECD6CDB}] C:\Users\Poka\AppData\Local\Temp\{49091163-2C4B-4180-937A-470A8ECD6CDB}\16d7.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{4A984027-E36F-43A0-A1CB-71F38A055EF8}] C:\Users\Poka\AppData\Local\Temp\{4A984027-E36F-43A0-A1CB-71F38A055EF8}\588d.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{50B5CD33-BBDA-4897-8F16-103AF7E0A330}] C:\Users\Poka\AppData\Local\Temp\{50B5CD33-BBDA-4897-8F16-103AF7E0A330}\19c2.DLL ()
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{66F6CEC3-6CA9-4A8B-B416-D430B4E16654}] C:\Users\Poka\AppData\Local\Temp\{66F6CEC3-6CA9-4A8B-B416-D430B4E16654}\72f4.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{6D20BCAB-60F0-49FB-96E7-AAFCDD7EE885}] C:\Users\Poka\AppData\Local\Temp\{6D20BCAB-60F0-49FB-96E7-AAFCDD7EE885}\1ed0.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{7BD72CF0-18A4-4316-ACB8-0456E2A71B23}] C:\Users\Poka\AppData\Local\Temp\{7BD72CF0-18A4-4316-ACB8-0456E2A71B23}\3d22.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{8CD925F2-8B9E-45E1-8A73-0C3D39CDD063}] C:\Users\Poka\AppData\Local\Temp\{8CD925F2-8B9E-45E1-8A73-0C3D39CDD063}\6073.DLL ()
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{8D4E9A5F-DACE-44A5-92F6-0691D725FE1F}] C:\Users\Poka\AppData\Local\Temp\{8D4E9A5F-DACE-44A5-92F6-0691D725FE1F}\f5c.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{8EE1B536-AA73-46F3-8E5C-ED426A0789A5}] C:\Users\Poka\AppData\Local\Temp\{8EE1B536-AA73-46F3-8E5C-ED426A0789A5}\3fe7.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{8F940ACE-2A4C-4720-B2A4-520F134BC360}] C:\Users\Poka\AppData\Local\Temp\{8F940ACE-2A4C-4720-B2A4-520F134BC360}\20ab.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{91E29144-3B58-4D70-8CCF-EC4B816BB667}] C:\Users\Poka\AppData\Local\Temp\{91E29144-3B58-4D70-8CCF-EC4B816BB667}\2cc5.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{967EA338-7038-47F0-95D0-AAFBF63AC1AB}] C:\Users\Poka\AppData\Local\Temp\{967EA338-7038-47F0-95D0-AAFBF63AC1AB}\593c.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{9C1C55CD-D752-455C-83DD-020364E5464A}] C:\Users\Poka\AppData\Local\Temp\{9C1C55CD-D752-455C-83DD-020364E5464A}\44a3.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{9E37F56C-6167-4DFA-AAA3-9C8A32F9C456}] C:\Users\Poka\AppData\Local\Temp\{9E37F56C-6167-4DFA-AAA3-9C8A32F9C456}\27b1.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{A5CEE02E-D329-4535-97EE-44394B891785}] C:\Users\Poka\AppData\Local\Temp\{A5CEE02E-D329-4535-97EE-44394B891785}\141b.DLL ()
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{AFB3A891-B97C-472B-8ADC-28839E7C6BE3}] C:\Users\Poka\AppData\Local\Temp\{AFB3A891-B97C-472B-8ADC-28839E7C6BE3}\6676.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{B0379ACD-2A6F-4656-B646-297A24913104}] C:\Users\Poka\AppData\Local\Temp\{B0379ACD-2A6F-4656-B646-297A24913104}\7f2.DLL ()
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{B7ABA468-924F-44C4-A325-F020D44CDB6D}] C:\Users\Poka\AppData\Local\Temp\{B7ABA468-924F-44C4-A325-F020D44CDB6D}\5788.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{B805514A-1B23-45E4-A83A-750B30A797A7}] C:\Users\Poka\AppData\Local\Temp\{B805514A-1B23-45E4-A83A-750B30A797A7}\480d.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{B9140985-0A0C-40F6-94DE-5D91F41D385F}] C:\Users\Poka\AppData\Local\Temp\{B9140985-0A0C-40F6-94DE-5D91F41D385F}\625a.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{BC3D651B-5182-4129-9168-752268871E40}] C:\Users\Poka\AppData\Local\Temp\{BC3D651B-5182-4129-9168-752268871E40}\218f.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{C5DD2D48-95B9-4413-86ED-DD5F60B203CC}] C:\Users\Poka\AppData\Local\Temp\{C5DD2D48-95B9-4413-86ED-DD5F60B203CC}\5ef0.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{C9CB4D79-4653-47E5-88CE-179925E5BAFD}] C:\Users\Poka\AppData\Local\Temp\{C9CB4D79-4653-47E5-88CE-179925E5BAFD}\36f6.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{D590BE94-A026-440D-9700-5D6D39FB5CD2}] C:\Users\Poka\AppData\Local\Temp\{D590BE94-A026-440D-9700-5D6D39FB5CD2}\4af1.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{D85893ED-8877-497A-ACFF-D5489FC8B11E}] C:\Users\Poka\AppData\Local\Temp\{D85893ED-8877-497A-ACFF-D5489FC8B11E}\4e16.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{DC5FA0F6-BF41-4491-B2E7-D180CEB87E90}] C:\Users\Poka\AppData\Local\Temp\{DC5FA0F6-BF41-4491-B2E7-D180CEB87E90}\375d.DLL ()
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{DE8D544D-9EFE-4150-8AD2-099A59B3B401}] C:\Users\Poka\AppData\Local\Temp\{DE8D544D-9EFE-4150-8AD2-099A59B3B401}\6e69.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{E399E7CE-F3D1-42F8-A959-F3344090AC8D}] C:\Users\Poka\AppData\Local\Temp\{E399E7CE-F3D1-42F8-A959-F3344090AC8D}\10bf.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{E4939E1C-3A6E-41C0-9E0C-0DA37B14C5EC}] C:\Users\Poka\AppData\Local\Temp\{E4939E1C-3A6E-41C0-9E0C-0DA37B14C5EC}\2dad.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{E5E42B9F-B8E3-4DE1-974A-36C22B4909D8}] C:\Users\Poka\AppData\Local\Temp\{E5E42B9F-B8E3-4DE1-974A-36C22B4909D8}\2931.DLL File not found
O4 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000..\Run: [{F0F552E4-D476-4363-80E2-85558B9A6937}] C:\Users\Poka\AppData\Local\Temp\{F0F552E4-D476-4363-80E2-85558B9A6937}\66d0.DLL File not found
O15 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000\..Trusted Domains: buy-security-essentials.com ([]http in Sites de confiance)
O15 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000\..Trusted Domains: download-soft-package.com ([]http in Sites de confiance)
O15 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000\..Trusted Domains: download-software-package.com ([]http in Sites de confiance)
O15 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000\..Trusted Domains: get-key-se10.com ([]http in Sites de confiance)
O15 - HKU\S-1-5-21-261140895-3081981591-3109006844-1000\..Trusted Domains: is-software-download.com ([]http in Sites de confiance)
O20 - AppInit_DLLs: (ienet32.dll) - C:\Windows\System32\ienet32.dll ()
O20 - AppInit_DLLs: (bootnet40.dll) - C:\Windows\System32\bootnet40.dll ()
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:2634FC95
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:F65733F1


:files
C:\Windows\System32\syncnet.dll

:commands
[EmptyTemp]
[EmptyFlash]

  • Clique ensuite sur Correction et laisse l'outil travailler.
  • Poste le contenu du nouveau rapport (il s'agit d'un fichier "LOG" contenant les dates et heures du pc, sauvegardé dans le dossier %racine%\_OTL\MovedFiles) qui doit s'ouvrir avec le bloc-notes. Comme précédemment, tu peux utiliser les raccourcis clavier (CTRL+A, CTRL+C et CTRL+V)

3/

  • Peux-tu tester ceci : C:\Windows\System32\msutil.dll
  • Clique sur ce lien.
  • Clique sur parcourir et indique le chemin du fichier que j’ai désigné.
  • Clique sur send. Au bout de quelques minutes, un rapport est généré. Poste-le dans ta prochaine réponse.
  • Tu peux t'aider de ce tuto pour cela.

Fill

iPau
 Posté le 22/11/2010 à 16:40 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Voici le fichier "log" que j'ai trouvé, je ne suis pas sûre ce soit bien cela que tu veux : http://www.cijoint.fr/cjlink.php?file=cj201011/cijBFOeLnQ.txt

Sinon, j'ai du redemarrer mon ordi et voici le rapport qui s'est ouvert tout seul au démarrage :

All processes killed
Error: Unable to interpret <Instructions :> in the current context!
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
C:\Program Files\Messenger_Plus_Live_France\tbMess.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.
File C:\Program Files\Messenger_Plus_Live_France\tbMess.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{59994074-C06D-4A75-9768-49E5A8C21264} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-C06D-4A75-9768-49E5A8C21264}\ not found.
File C:\Program Files\Messenger_Plus_Live_France\tbMess.dll not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0043CC3F-0E31-47EA-B7B2-A56402B9C1D0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0043CC3F-0E31-47EA-B7B2-A56402B9C1D0}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0204DA63-675D-401E-B4AE-257BF95564B3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0204DA63-675D-401E-B4AE-257BF95564B3}\ not found.
C:\Users\Poka\AppData\Local\Temp\{0204DA63-675D-401E-B4AE-257BF95564B3}\6a8c.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{06402683-7470-4335-9CFA-2272BE0AA373} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06402683-7470-4335-9CFA-2272BE0AA373}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0ADBAF6A-AA5E-48F4-9069-A694E4DABB91} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ADBAF6A-AA5E-48F4-9069-A694E4DABB91}\ not found.
C:\Users\Poka\AppData\Local\Temp\{0ADBAF6A-AA5E-48F4-9069-A694E4DABB91}\7767.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0BEF0B25-F19B-41D8-8670-F7E23D65C69E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BEF0B25-F19B-41D8-8670-F7E23D65C69E}\ not found.
C:\Users\Poka\AppData\Local\Temp\{0BEF0B25-F19B-41D8-8670-F7E23D65C69E}\2a7a.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0C9D9F21-BFB0-41D9-9B5E-7CDA9119429B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C9D9F21-BFB0-41D9-9B5E-7CDA9119429B}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{11B68CED-85ED-4975-8762-EC4658C8F015} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11B68CED-85ED-4975-8762-EC4658C8F015}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{16B8FDC7-51FD-4669-A284-DD770FBB0A41} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16B8FDC7-51FD-4669-A284-DD770FBB0A41}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{1788D630-0DC1-4384-ADAC-0EC6D057C5E2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1788D630-0DC1-4384-ADAC-0EC6D057C5E2}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{1A8AF163-C180-4598-8E88-58B6366AD43B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A8AF163-C180-4598-8E88-58B6366AD43B}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{35A7C108-B188-491E-91AA-995E909CC233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35A7C108-B188-491E-91AA-995E909CC233}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{3BC79837-AD93-47E1-B6E9-1CAF23D8EC6A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BC79837-AD93-47E1-B6E9-1CAF23D8EC6A}\ not found.
C:\Users\Poka\AppData\Local\Temp\{3BC79837-AD93-47E1-B6E9-1CAF23D8EC6A}\4171.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{3C3ECEAF-C2F8-4C0B-943D-48848889822C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C3ECEAF-C2F8-4C0B-943D-48848889822C}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{4228CB03-AF7C-419B-B325-38924E96E831} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4228CB03-AF7C-419B-B325-38924E96E831}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{475604C7-21F0-4B5B-98AD-ADF700BC1E0F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{475604C7-21F0-4B5B-98AD-ADF700BC1E0F}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{49091163-2C4B-4180-937A-470A8ECD6CDB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49091163-2C4B-4180-937A-470A8ECD6CDB}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{4A984027-E36F-43A0-A1CB-71F38A055EF8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A984027-E36F-43A0-A1CB-71F38A055EF8}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{50B5CD33-BBDA-4897-8F16-103AF7E0A330} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50B5CD33-BBDA-4897-8F16-103AF7E0A330}\ not found.
C:\Users\Poka\AppData\Local\Temp\{50B5CD33-BBDA-4897-8F16-103AF7E0A330}\19c2.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{66F6CEC3-6CA9-4A8B-B416-D430B4E16654} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66F6CEC3-6CA9-4A8B-B416-D430B4E16654}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{6D20BCAB-60F0-49FB-96E7-AAFCDD7EE885} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D20BCAB-60F0-49FB-96E7-AAFCDD7EE885}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{7BD72CF0-18A4-4316-ACB8-0456E2A71B23} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7BD72CF0-18A4-4316-ACB8-0456E2A71B23}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{8CD925F2-8B9E-45E1-8A73-0C3D39CDD063} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8CD925F2-8B9E-45E1-8A73-0C3D39CDD063}\ not found.
C:\Users\Poka\AppData\Local\Temp\{8CD925F2-8B9E-45E1-8A73-0C3D39CDD063}\6073.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{8D4E9A5F-DACE-44A5-92F6-0691D725FE1F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D4E9A5F-DACE-44A5-92F6-0691D725FE1F}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{8EE1B536-AA73-46F3-8E5C-ED426A0789A5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EE1B536-AA73-46F3-8E5C-ED426A0789A5}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{8F940ACE-2A4C-4720-B2A4-520F134BC360} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8F940ACE-2A4C-4720-B2A4-520F134BC360}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{91E29144-3B58-4D70-8CCF-EC4B816BB667} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91E29144-3B58-4D70-8CCF-EC4B816BB667}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{967EA338-7038-47F0-95D0-AAFBF63AC1AB} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{967EA338-7038-47F0-95D0-AAFBF63AC1AB}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{9C1C55CD-D752-455C-83DD-020364E5464A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C1C55CD-D752-455C-83DD-020364E5464A}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{9E37F56C-6167-4DFA-AAA3-9C8A32F9C456} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E37F56C-6167-4DFA-AAA3-9C8A32F9C456}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{A5CEE02E-D329-4535-97EE-44394B891785} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5CEE02E-D329-4535-97EE-44394B891785}\ not found.
C:\Users\Poka\AppData\Local\Temp\{A5CEE02E-D329-4535-97EE-44394B891785}\141b.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{AFB3A891-B97C-472B-8ADC-28839E7C6BE3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFB3A891-B97C-472B-8ADC-28839E7C6BE3}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{B0379ACD-2A6F-4656-B646-297A24913104} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B0379ACD-2A6F-4656-B646-297A24913104}\ not found.
C:\Users\Poka\AppData\Local\Temp\{B0379ACD-2A6F-4656-B646-297A24913104}\7f2.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{B7ABA468-924F-44C4-A325-F020D44CDB6D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7ABA468-924F-44C4-A325-F020D44CDB6D}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{B805514A-1B23-45E4-A83A-750B30A797A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B805514A-1B23-45E4-A83A-750B30A797A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{B9140985-0A0C-40F6-94DE-5D91F41D385F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9140985-0A0C-40F6-94DE-5D91F41D385F}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{BC3D651B-5182-4129-9168-752268871E40} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC3D651B-5182-4129-9168-752268871E40}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{C5DD2D48-95B9-4413-86ED-DD5F60B203CC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5DD2D48-95B9-4413-86ED-DD5F60B203CC}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{C9CB4D79-4653-47E5-88CE-179925E5BAFD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9CB4D79-4653-47E5-88CE-179925E5BAFD}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{D590BE94-A026-440D-9700-5D6D39FB5CD2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D590BE94-A026-440D-9700-5D6D39FB5CD2}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{D85893ED-8877-497A-ACFF-D5489FC8B11E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D85893ED-8877-497A-ACFF-D5489FC8B11E}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{DC5FA0F6-BF41-4491-B2E7-D180CEB87E90} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC5FA0F6-BF41-4491-B2E7-D180CEB87E90}\ not found.
C:\Users\Poka\AppData\Local\Temp\{DC5FA0F6-BF41-4491-B2E7-D180CEB87E90}\375d.DLL moved successfully.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{DE8D544D-9EFE-4150-8AD2-099A59B3B401} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE8D544D-9EFE-4150-8AD2-099A59B3B401}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{E399E7CE-F3D1-42F8-A959-F3344090AC8D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E399E7CE-F3D1-42F8-A959-F3344090AC8D}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{E4939E1C-3A6E-41C0-9E0C-0DA37B14C5EC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4939E1C-3A6E-41C0-9E0C-0DA37B14C5EC}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{E5E42B9F-B8E3-4DE1-974A-36C22B4909D8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5E42B9F-B8E3-4DE1-974A-36C22B4909D8}\ not found.
Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{F0F552E4-D476-4363-80E2-85558B9A6937} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0F552E4-D476-4363-80E2-85558B9A6937}\ not found.
Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buy-security-essentials.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-soft-package.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-software-package.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\get-key-se10.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-software-download.com\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:ienet32.dll deleted successfully.
File move failed. C:\Windows\System32\ienet32.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:bootnet40.dll deleted successfully.
File move failed. C:\Windows\System32\bootnet40.dll scheduled to be moved on reboot.
ADS C:\ProgramData\Temp:2634FC95 deleted successfully.
ADS C:\ProgramData\Temp:F65733F1 deleted successfully.
========== FILES ==========
File\Folder C:\Windows\System32\syncnet.dll not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Poka
->Temp folder emptied: 2104951369 bytes
->Temporary Internet Files folder emptied: 369823057 bytes
->Java cache emptied: 51052066 bytes
->Google Chrome cache emptied: 396677798 bytes
->Flash cache emptied: 194373 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1743719 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 51406247 bytes
Total Files Cleaned = 2 838,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Poka
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 11222010_161343
Files\Folders moved on Reboot...
File\Folder C:\Windows\System32\ienet32.dll not found!
File\Folder C:\Windows\System32\bootnet40.dll not found!
Registry entries deleted on Reboot...

All processes killed

Error: Unable to interpret <Instructions :> in the current context!

========== OTL ==========

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{59994074-c06d-4a75-9768-49e5a8c21264} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.

C:\Program Files\Messenger_Plus_Live_France\tbMess.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59994074-c06d-4a75-9768-49e5a8c21264}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-c06d-4a75-9768-49e5a8c21264}\ not found.

File C:\Program Files\Messenger_Plus_Live_France\tbMess.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{59994074-C06D-4A75-9768-49E5A8C21264} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59994074-C06D-4A75-9768-49E5A8C21264}\ not found.

File C:\Program Files\Messenger_Plus_Live_France\tbMess.dll not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0043CC3F-0E31-47EA-B7B2-A56402B9C1D0} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0043CC3F-0E31-47EA-B7B2-A56402B9C1D0}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0204DA63-675D-401E-B4AE-257BF95564B3} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0204DA63-675D-401E-B4AE-257BF95564B3}\ not found.

C:\Users\Poka\AppData\Local\Temp\{0204DA63-675D-401E-B4AE-257BF95564B3}\6a8c.DLL moved successfully.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{06402683-7470-4335-9CFA-2272BE0AA373} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06402683-7470-4335-9CFA-2272BE0AA373}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0ADBAF6A-AA5E-48F4-9069-A694E4DABB91} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ADBAF6A-AA5E-48F4-9069-A694E4DABB91}\ not found.

C:\Users\Poka\AppData\Local\Temp\{0ADBAF6A-AA5E-48F4-9069-A694E4DABB91}\7767.DLL moved successfully.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0BEF0B25-F19B-41D8-8670-F7E23D65C69E} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0BEF0B25-F19B-41D8-8670-F7E23D65C69E}\ not found.

C:\Users\Poka\AppData\Local\Temp\{0BEF0B25-F19B-41D8-8670-F7E23D65C69E}\2a7a.DLL moved successfully.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{0C9D9F21-BFB0-41D9-9B5E-7CDA9119429B} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C9D9F21-BFB0-41D9-9B5E-7CDA9119429B}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{11B68CED-85ED-4975-8762-EC4658C8F015} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11B68CED-85ED-4975-8762-EC4658C8F015}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{16B8FDC7-51FD-4669-A284-DD770FBB0A41} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16B8FDC7-51FD-4669-A284-DD770FBB0A41}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{1788D630-0DC1-4384-ADAC-0EC6D057C5E2} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1788D630-0DC1-4384-ADAC-0EC6D057C5E2}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{1A8AF163-C180-4598-8E88-58B6366AD43B} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A8AF163-C180-4598-8E88-58B6366AD43B}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{35A7C108-B188-491E-91AA-995E909CC233} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35A7C108-B188-491E-91AA-995E909CC233}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{3BC79837-AD93-47E1-B6E9-1CAF23D8EC6A} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BC79837-AD93-47E1-B6E9-1CAF23D8EC6A}\ not found.

C:\Users\Poka\AppData\Local\Temp\{3BC79837-AD93-47E1-B6E9-1CAF23D8EC6A}\4171.DLL moved successfully.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{3C3ECEAF-C2F8-4C0B-943D-48848889822C} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3C3ECEAF-C2F8-4C0B-943D-48848889822C}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{4228CB03-AF7C-419B-B325-38924E96E831} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4228CB03-AF7C-419B-B325-38924E96E831}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{475604C7-21F0-4B5B-98AD-ADF700BC1E0F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{475604C7-21F0-4B5B-98AD-ADF700BC1E0F}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{49091163-2C4B-4180-937A-470A8ECD6CDB} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49091163-2C4B-4180-937A-470A8ECD6CDB}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{4A984027-E36F-43A0-A1CB-71F38A055EF8} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A984027-E36F-43A0-A1CB-71F38A055EF8}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{50B5CD33-BBDA-4897-8F16-103AF7E0A330} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50B5CD33-BBDA-4897-8F16-103AF7E0A330}\ not found.

C:\Users\Poka\AppData\Local\Temp\{50B5CD33-BBDA-4897-8F16-103AF7E0A330}\19c2.DLL moved successfully.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{66F6CEC3-6CA9-4A8B-B416-D430B4E16654} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66F6CEC3-6CA9-4A8B-B416-D430B4E16654}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{6D20BCAB-60F0-49FB-96E7-AAFCDD7EE885} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D20BCAB-60F0-49FB-96E7-AAFCDD7EE885}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{7BD72CF0-18A4-4316-ACB8-0456E2A71B23} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7BD72CF0-18A4-4316-ACB8-0456E2A71B23}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{8CD925F2-8B9E-45E1-8A73-0C3D39CDD063} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8CD925F2-8B9E-45E1-8A73-0C3D39CDD063}\ not found.

C:\Users\Poka\AppData\Local\Temp\{8CD925F2-8B9E-45E1-8A73-0C3D39CDD063}\6073.DLL moved successfully.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{8D4E9A5F-DACE-44A5-92F6-0691D725FE1F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D4E9A5F-DACE-44A5-92F6-0691D725FE1F}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{8EE1B536-AA73-46F3-8E5C-ED426A0789A5} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EE1B536-AA73-46F3-8E5C-ED426A0789A5}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{8F940ACE-2A4C-4720-B2A4-520F134BC360} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8F940ACE-2A4C-4720-B2A4-520F134BC360}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{91E29144-3B58-4D70-8CCF-EC4B816BB667} deleted successfully.

iPau
 Posté le 22/11/2010 à 16:40 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

(suite)

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91E29144-3B58-4D70-8CCF-EC4B816BB667}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{967EA338-7038-47F0-95D0-AAFBF63AC1AB} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{967EA338-7038-47F0-95D0-AAFBF63AC1AB}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{9C1C55CD-D752-455C-83DD-020364E5464A} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C1C55CD-D752-455C-83DD-020364E5464A}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{9E37F56C-6167-4DFA-AAA3-9C8A32F9C456} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E37F56C-6167-4DFA-AAA3-9C8A32F9C456}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{A5CEE02E-D329-4535-97EE-44394B891785} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A5CEE02E-D329-4535-97EE-44394B891785}\ not found.

C:\Users\Poka\AppData\Local\Temp\{A5CEE02E-D329-4535-97EE-44394B891785}\141b.DLL moved successfully.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{AFB3A891-B97C-472B-8ADC-28839E7C6BE3} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFB3A891-B97C-472B-8ADC-28839E7C6BE3}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{B0379ACD-2A6F-4656-B646-297A24913104} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B0379ACD-2A6F-4656-B646-297A24913104}\ not found.

C:\Users\Poka\AppData\Local\Temp\{B0379ACD-2A6F-4656-B646-297A24913104}\7f2.DLL moved successfully.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{B7ABA468-924F-44C4-A325-F020D44CDB6D} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7ABA468-924F-44C4-A325-F020D44CDB6D}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{B805514A-1B23-45E4-A83A-750B30A797A7} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B805514A-1B23-45E4-A83A-750B30A797A7}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{B9140985-0A0C-40F6-94DE-5D91F41D385F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9140985-0A0C-40F6-94DE-5D91F41D385F}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{BC3D651B-5182-4129-9168-752268871E40} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC3D651B-5182-4129-9168-752268871E40}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{C5DD2D48-95B9-4413-86ED-DD5F60B203CC} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5DD2D48-95B9-4413-86ED-DD5F60B203CC}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{C9CB4D79-4653-47E5-88CE-179925E5BAFD} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9CB4D79-4653-47E5-88CE-179925E5BAFD}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{D590BE94-A026-440D-9700-5D6D39FB5CD2} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D590BE94-A026-440D-9700-5D6D39FB5CD2}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{D85893ED-8877-497A-ACFF-D5489FC8B11E} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D85893ED-8877-497A-ACFF-D5489FC8B11E}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{DC5FA0F6-BF41-4491-B2E7-D180CEB87E90} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DC5FA0F6-BF41-4491-B2E7-D180CEB87E90}\ not found.

C:\Users\Poka\AppData\Local\Temp\{DC5FA0F6-BF41-4491-B2E7-D180CEB87E90}\375d.DLL moved successfully.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{DE8D544D-9EFE-4150-8AD2-099A59B3B401} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE8D544D-9EFE-4150-8AD2-099A59B3B401}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{E399E7CE-F3D1-42F8-A959-F3344090AC8D} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E399E7CE-F3D1-42F8-A959-F3344090AC8D}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{E4939E1C-3A6E-41C0-9E0C-0DA37B14C5EC} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4939E1C-3A6E-41C0-9E0C-0DA37B14C5EC}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{E5E42B9F-B8E3-4DE1-974A-36C22B4909D8} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5E42B9F-B8E3-4DE1-974A-36C22B4909D8}\ not found.

Registry value HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{F0F552E4-D476-4363-80E2-85558B9A6937} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0F552E4-D476-4363-80E2-85558B9A6937}\ not found.

Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buy-security-essentials.com\ deleted successfully.

Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-soft-package.com\ deleted successfully.

Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\download-software-package.com\ deleted successfully.

Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\get-key-se10.com\ deleted successfully.

Registry key HKEY_USERS\S-1-5-21-261140895-3081981591-3109006844-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\is-software-download.com\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:ienet32.dll deleted successfully.

File move failed. C:\Windows\System32\ienet32.dll scheduled to be moved on reboot.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:bootnet40.dll deleted successfully.

File move failed. C:\Windows\System32\bootnet40.dll scheduled to be moved on reboot.

ADS C:\ProgramData\Temp:2634FC95 deleted successfully.

ADS C:\ProgramData\Temp:F65733F1 deleted successfully.

========== FILES ==========

File\Folder C:\Windows\System32\syncnet.dll not found.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Poka

->Temp folder emptied: 2104951369 bytes

->Temporary Internet Files folder emptied: 369823057 bytes

->Java cache emptied: 51052066 bytes

->Google Chrome cache emptied: 396677798 bytes

->Flash cache emptied: 194373 bytes

User: Public

->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 1743719 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 51406247 bytes

Total Files Cleaned = 2 838,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Poka

->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.17.3 log created on 11222010_161343

Files\Folders moved on Reboot...

File\Folder C:\Windows\System32\ienet32.dll not found!

File\Folder C:\Windows\System32\bootnet40.dll not found!

Registry entries deleted on Reboot...

iPau
 Posté le 22/11/2010 à 16:45 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

PS: je n'ai pas "msutil.dll" dans mon pc :s

Fill
 Posté le 22/11/2010 à 17:09 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

1/

  • Télécharge gmer sur le bureau et dézippe-le (clic droit et extraire ici).
  • Double-clique sur gmer.exe sur le bureau. Si ton antivirus réagit, ne t'inquiète et ignore l'alerte.
  • Clique sur l'onglet "rootkit", puis vérifie que toutes les cases sont bien cochées,
  • Clique sur scan.
  • A la fin du scan, clique sur le bouton copy.
  • Dans démarrer>programmes>accessoires : ouvre le bloc-note et clique sur CTRL+V afin de copier le rapport dans ce même bloc-note.
  • Edite ce rapport dans ta prochaine réponse.

2/ Fais une analyse avec malwarebyte's en suivant ce tuto et édite le rapport.

Fill

Publicité
iPau
 Posté le 22/11/2010 à 19:59 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-22 19:58:53
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\00000063 ST950032 rev.0001
Running: gmer.exe; Driver: C:\Users\Poka\AppData\Local\Temp\kwryikob.sys
---- Kernel code sections - GMER 1.0.15 ----
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8FC06000, 0x23100A, 0xE8000020]
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x4C 0xF3 0x23 0x80 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xF8 0xE6 0x70 0x42 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xCC 0x5C 0x55 0x3D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x4C 0xF3 0x23 0x80 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xF8 0xE6 0x70 0x42 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xCC 0x5C 0x55 0x3D ...
---- EOF - GMER 1.0.15 ----

GMER 1.0.15.15530 - http://www.gmer.net

Rootkit scan 2010-11-22 19:58:53

Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\00000063 ST950032 rev.0001

Running: gmer.exe; Driver: C:\Users\Poka\AppData\Local\Temp\kwryikob.sys

---- Kernel code sections - GMER 1.0.15 ----

.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8FC06000, 0x23100A, 0xE8000020]

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x4C 0xF3 0x23 0x80 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xF8 0xE6 0x70 0x42 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xCC 0x5C 0x55 0x3D ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x4C 0xF3 0x23 0x80 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xF8 0xE6 0x70 0x42 ...

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xCC 0x5C 0x55 0x3D ...

---- EOF - GMER 1.0.15 ----

iPau
 Posté le 22/11/2010 à 20:13 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Malwarebytes' Anti-Malware 1.46
Version de la base de données: 5172
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975
22/11/2010 20:13:08
mbam-log-2010-11-22 (20-13-08).txt
Type d'examen: Examen rapide
Elément(s) analysé(s): 150132
Temps écoulé: 8 minute(s), 59 seconde(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} (PUP.OfferBox) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} (PUP.OfferBox) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Users\Poka\AppData\Roaming\OfferBox (PUP.OfferBox) -> No action taken.
Fichier(s) infecté(s):
C:\Users\Poka\AppData\Roaming\OfferBox\config.xml (PUP.OfferBox) -> No action taken.

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Version de la base de données: 5172

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18975

22/11/2010 20:13:08

mbam-log-2010-11-22 (20-13-08).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 150132

Temps écoulé: 8 minute(s), 59 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 2

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 1

Fichier(s) infecté(s): 1

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} (PUP.OfferBox) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c} (PUP.OfferBox) -> No action taken.

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

C:\Users\Poka\AppData\Roaming\OfferBox (PUP.OfferBox) -> No action taken.

Fichier(s) infecté(s):

C:\Users\Poka\AppData\Roaming\OfferBox\config.xml (PUP.OfferBox) -> No action taken.

Fill
 Posté le 22/11/2010 à 20:21 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

1/

  • Relance OTL
  • Copie-colle ceci dans la fenêtre personnalisation :

Instructions :
:files
C:\Users\Poka\AppData\Roaming\OfferBox
C:\Windows\System32\ienet32.dll
C:\Windows\System32\bootnet40.dll
C:\Windows\System32\msutil.dll

:reg
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}]


:commands
[ClearAllRestorePoints]
[EmptyFlash]
[EmptyTemp]
[Start Explorer]

  • Clique ensuite sur Correction et laisse l'outil travailler.
  • Poste le contenu du nouveau rapport (il s'agit d'un fichier "LOG" contenant les dates et heures du pc, sauvegardé dans le dossier %racine%\_OTL\MovedFiles) qui doit s'ouvrir avec le bloc-notes. Comme précédemment, tu peux utiliser les raccourcis clavier (CTRL+A, CTRL+C et CTRL+V)

2/ Utilise Sysprot comme indiqué ici et édite le rapport.

Fill

iPau
 Posté le 22/11/2010 à 20:34 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

All processes killed
Error: Unable to interpret <Instructions :> in the current context!
========== FILES ==========
C:\Users\Poka\AppData\Roaming\OfferBox folder moved successfully.
File\Folder C:\Windows\System32\ienet32.dll not found.
File\Folder C:\Windows\System32\bootnet40.dll not found.
File\Folder C:\Windows\System32\msutil.dll not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}\ not found.
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Poka
->Flash cache emptied: 1347 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Poka
->Temp folder emptied: 582119 bytes
->Temporary Internet Files folder emptied: 298225 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 80524071 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 78,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 11222010_202426
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...

All processes killed

Error: Unable to interpret <Instructions :> in the current context!

========== FILES ==========

C:\Users\Poka\AppData\Roaming\OfferBox folder moved successfully.

File\Folder C:\Windows\System32\ienet32.dll not found.

File\Folder C:\Windows\System32\bootnet40.dll not found.

File\Folder C:\Windows\System32\msutil.dll not found.

========== REGISTRY ==========

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fc0d62c2-9640-4aeb-a5d5-cf25df11fa8c}\ not found.

========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Poka

->Flash cache emptied: 1347 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Poka

->Temp folder emptied: 582119 bytes

->Temporary Internet Files folder emptied: 298225 bytes

->Java cache emptied: 0 bytes

->Google Chrome cache emptied: 80524071 bytes

->Flash cache emptied: 0 bytes

User: Public

->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 78,00 mb

OTL by OldTimer - Version 3.2.17.3 log created on 11222010_202426

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

iPau
 Posté le 22/11/2010 à 21:01 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Problème avec Sysprot. Message d'erreur:

"Failed to start service. SysProt AntiRootkit need to be run with Admin privileges!"

Fill
 Posté le 22/11/2010 à 21:17 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

iPau a écrit :

Problème avec Sysprot. Message d'erreur:

"Failed to start service. SysProt AntiRootkit need to be run with Admin privileges!"

Re,

As-tu fait un clic droit pour l'exécuter en mode administrateur ?

Fill

iPau
 Posté le 22/11/2010 à 21:20 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne

Hum non, c'est réglé. {#}

iPau
 Posté le 22/11/2010 à 21:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petite astucienne
Fill
 Posté le 22/11/2010 à 21:38 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Groupe Sécurité

Re,

1/

  • Zippe le contenu de ce dossier : C:\_OTL en ajoutant ce mot de passe à l'archive : infecte
  • Pour cela, ouvre le poste de travail>C:
  • Fais un clic droit sur _OTL puis choisis ton archiveur habituel en utilisant les options avancées afin d'ajouter un mot de passe à l'archive (7zip, winrar, winzip par exemple...).
  • Crée une archive protégée par mot de passe du dossier C:\_OTL,
  • Désactive temporairement ton antivirus,
  • Fais-moi parvenir l'archive C:\_OTL.zip à cette adresse Email : inemmuhe_888@yopmail.com
  • Supprime l'archive créée et vide ta corbeille,
  • Réactive ton antivirus.

2/ Fais une analyse en ligne en suivant ce tuto et édite le rapport.

3/ Comment se comporte la machine ?

Fill

Publicité
Pages : [1] 2 3 ... Fin
Page 1 sur 3 [Fin]

Vous devez être connecté pour poster des messages. Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !


Les bons plans du moment PC Astuces

Tous les Bons Plans
26,71 €Carte mémoire SDXC UHS-I U3 SanDisk Extreme Plus 128 Go (jusqu'à 170 Mo/s) à 26,71 € livrée
Valable jusqu'au 01 Juin

Amazon Allemagne fait une promotion sur la carte mémoire SDXC UHS-I U3 SanDisk Extreme Plus d'une capacité de 128 Go qui passe à 22,19 € (avec la TVA ajustée). Comptez 4,52 € pour la livraison en France soit un total de 26,71 € livrée alors qu'on trouve la carte ailleurs à partir de 60 €. Cette carte mémoire offre des vitesses jusqu'à 170 Mo/s en lecture et 90 Mo/s en écriture et intègre des mécanismes afin de gérer l'usure des cellules de la carte et augmenter ainsi sa durée de vie. Une valeur sûre pour les plus exigeants. Elle résiste aux températures extrêmes, à l'eau, aux chocs et aux rayons X. La carte est fournie avec le logiciel de récupération de données RescuePRO Deluxe qui facilite la récupération des fichiers qui ont été effacés accidentellement.

Vous pouvez utiliser votre compte Amazon France sur Amazon Allemagne et il n'y a pas de douanes. Si vous êtes perdu en allemand, vous pouvez traduire le site en anglais.


> Voir l'offre
149 €Caméra sportive GoPro HERO7 White à 149 €
Valable jusqu'au 01 Juin

Leclerc fait une promotion sur la caméra sportive GoPro Hero 7 White qui passe à 149 € au lieu de 219 €. Cette caméra est étanche 10m sans boitier, peut filmer en 2K et en FullHD 1080p à 60 images/s et dispose d'un écran tactile 2 pouces. Elle intègre le WiFi et  les commandes vocales.


> Voir l'offre
259,90 €Kit d'évolution PC processeur AMD Ryzen 5 3600 + carte-mère Asus TUF B450 Plus Gaming à 259,90 €
Valable jusqu'au 01 Juin

RueDuCommerce fait une belle belle promotion sur le kit d'évolution PC processeur AMD Ryzen 5 3600 (avec son ventilateur Wraith Stealth) avec une carte-mère Asus TUF B450 Plus Gaming à 259,90 € alors qu'on trouve l'ensemble à partir de 325 €. 


> Voir l'offre

Sujets relatifs
Avira Antivir détecte un virus (faux positif ?) dans AdwCleaner
Virus detecte par Avira
Virus détecté par Avira
Virus BOO/tdss .m détecté par Avira
Encore "Troie TR/Crypt.XPACK.Gen2"
Infection TR/Crypt.XPACK.Gen2.
reboot intenpestif trojan TR/Crypt.Xpack.gen2
virus ou logiciel malveillant détecté par avira
virus TR/CRYPT.XPACK.GEN Comment s'en débarrasser?
Antivir m'a détecté ceci : Crypt.XPACK.Gen
Plus de sujets relatifs à Virus TR/crypt.xpack.gen2 détecté par Avira
 > Tous les forums > Forum Sécurité